primary-region-alarms.yml

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31

Parameters:
  DeploymentBucket:
    Type: String
  PrimaryHealthCheckId:
    Type: String
  CloudFrontDistributionDomainName:
    Type: String
  HostedZoneName:
    Type: String
  PrimaryUrl:
    Type: String
  StandbyUrl:
    Type: String
  MyInfraStackName:
    Type: String
  MyInfraStackRegion:
    Type: String
  OtherInfraStackName:
    Type: String
  OtherInfraStackRegion:
    Type: String
  AdminContactEmail:
    Type: String

Outputs:
  PrimaryHealthCheckSNSArn:
    Description: SNS Arn
    Value: !Ref PrimaryHealthCheckSNS

Resources:
  PrimaryHealthCheckSNS:
    Type: AWS::SNS::Topic
    Properties:
      Subscription:
        - Endpoint: !Ref AdminContactEmail
          Protocol: email

# NOTE: The alarm MUST be in us-east-1
  PrimaryHealthCheckFailedAlarm:
    Type: AWS::CloudWatch::Alarm
    Properties:
      ActionsEnabled: 'true'
      AlarmActions: [ !Ref PrimaryHealthCheckSNS ]
      AlarmDescription: !Ref CloudFrontDistributionDomainName
      ComparisonOperator: LessThanThreshold
      EvaluationPeriods: '1'
      MetricName: HealthCheckStatus
      Namespace: AWS/Route53
      Period: '60'
      Statistic: Minimum
      Threshold: '1.0'
      Dimensions:
      - Name: HealthCheckId
        Value: !Ref PrimaryHealthCheckId

  PrimaryHealthCheckFunction:
    Type: "AWS::Serverless::Function"
    Properties:
      Handler: main.lambda_handler
      Runtime: python2.7
      CodeUri:
        Bucket: !Ref DeploymentBucket
        Key: deployment.zip
      Description: Updates CF distro and Route53
      MemorySize: 128
      Timeout: 60
      Policies:
        - Statement:
            Effect: Allow
            Action:
                - 'route53:ListHostedZonesByName'
                - 'route53:ListResourceRecordSets'
            Resource: '*'
        - Statement:
            Effect: Allow
            Action:
                - 'cloudfront:GetDistributionConfig'
                - 'cloudfront:UpdateDistribution'
            Resource: '*'
        - Statement:
            Effect: Allow
            Action:
                - 'cloudformation:DescribeStacks'
                - 'cloudformation:GetTemplate'
                - 'cloudformation:UpdateStack'
            Resource: '*'
        # Needed for the lambda to update cloudformation
        - Statement:
            Effect: Allow
            Action:
                - 'cloudfront:GetDistribution'
                - 'route53:ListHostedZones'
                - 'route53:ChangeResourceRecordSets'
                - 'route53:GetChange'
            Resource: '*'
      Environment:
        Variables:
          HostedZoneName: !Ref HostedZoneName
          PrimaryUrl: !Ref PrimaryUrl
          StandbyUrl: !Ref StandbyUrl
          MyInfraStackName: !Ref MyInfraStackName
          MyInfraStackRegion: !Ref MyInfraStackRegion
          OtherInfraStackName: !Ref OtherInfraStackName
          OtherInfraStackRegion: !Ref OtherInfraStackRegion
      Events:
        SNS:
          Type: SNS
          Properties:
            Topic: !Ref PrimaryHealthCheckSNS