Skip to content

Commit

Permalink
feat(sfn): update state machine
Browse files Browse the repository at this point in the history
  • Loading branch information
@shibataka000
shibataka000 committed Dec 16, 2023
1 parent 3299f4a commit c7a5fb1
Show file tree
Hide file tree
Showing 4 changed files with 122 additions and 52 deletions.
12 changes: 12 additions & 0 deletions aws/step_functions/step_functions/cloudwatch.tf
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,15 @@
resource "aws_cloudwatch_log_group" "sfn_my_state_machine" {
name = "sfn-my-state-machine"
}

resource "aws_cloudwatch_event_connection" "zipcloud" {
name = "zipcloud"
authorization_type = "API_KEY"

auth_parameters {
api_key {
key = "api_key"
value = "value"
}
}
}
30 changes: 30 additions & 0 deletions aws/step_functions/step_functions/iam.tf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ resource "aws_iam_policy" "sfn_my_state_machine" {
}

data "aws_iam_policy_document" "sfn_my_state_machine_policy" {
# Logging
statement {
actions = [
"logs:CreateLogDelivery",
Expand All @@ -34,6 +35,35 @@ data "aws_iam_policy_document" "sfn_my_state_machine_policy" {
]
resources = ["*"]
}

# Call third-party API
statement {
actions = ["states:InvokeHTTPEndpoint"]
resources = [aws_sfn_state_machine.my_state_machine.arn]
condition {
test = "StringEquals"
variable = "states:HTTPMethod"
values = ["GET"]
}
condition {
test = "StringLike"
variable = "states:HTTPEndpoint"
values = ["https://zipcloud.ibsnet.co.jp/api/search"]
}
}

statement {
actions = ["events:RetrieveConnectionCredentials"]
resources = [aws_cloudwatch_event_connection.zipcloud.arn]
}

statement {
actions = [
"secretsmanager:GetSecretValue",
"secretsmanager:DescribeSecret",
]
resources = ["arn:aws:secretsmanager:*:*:secret:events!connection/*"]
}
}

resource "aws_iam_role_policy_attachment" "sfn_my_state_machine" {
Expand Down
8 changes: 5 additions & 3 deletions aws/step_functions/step_functions/sfn.tf
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
resource "aws_sfn_state_machine" "my_state_machine" {
name = "my-state-machine"
role_arn = aws_iam_role.sfn_my_state_machine.arn
definition = file("./sfn_state_machine_definition.json")
name = "my-state-machine"
role_arn = aws_iam_role.sfn_my_state_machine.arn
definition = templatefile("./sfn_state_machine_definition.json", {
connection_arn = aws_cloudwatch_event_connection.zipcloud.arn
})

logging_configuration {
log_destination = "${aws_cloudwatch_log_group.sfn_my_state_machine.arn}:*"
Expand Down
124 changes: 75 additions & 49 deletions aws/step_functions/step_functions/sfn_state_machine_definition.json
View file
Original file line number Diff line number Diff line change
@@ -1,72 +1,98 @@
{
"Comment": "A Hello World example demonstrating various state types of the Amazon States Language. It is composed of flow control states only, so it does not need resources to run.",
"StartAt": "Pass",
"StartAt": "Start",
"States": {
"Pass": {
"Comment": "A Pass state passes its input to its output, without performing work. They can also generate static JSON output, or transform JSON input using filters and pass the transformed data to the next state. Pass states are useful when constructing and debugging state machines.",
"Start": {
"Type": "Pass",
"Result": {
"IsHelloWorldExample": true
},
"Next": "Hello World example?"
"Next": "Parallel"
},
"Hello World example?": {
"Comment": "A Choice state adds branching logic to a state machine. Choice rules can implement many different comparison operators, and rules can be combined using And, Or, and Not",
"Type": "Choice",
"Choices": [
{
"Variable": "$.IsHelloWorldExample",
"BooleanEquals": true,
"Next": "Yes"
},
{
"Variable": "$.IsHelloWorldExample",
"BooleanEquals": false,
"Next": "No"
}
],
"Default": "Yes"
},
"Yes": {
"Type": "Pass",
"Next": "Wait 3 sec"
},
"No": {
"Type": "Fail",
"Cause": "Not Hello World"
},
"Wait 3 sec": {
"Comment": "A Wait state delays the state machine from continuing for a specified time.",
"Type": "Wait",
"Seconds": 3,
"Next": "Parallel State"
},
"Parallel State": {
"Comment": "A Parallel state can be used to create parallel branches of execution in your state machine.",
"Parallel": {
"Type": "Parallel",
"Next": "Hello World",
"Branches": [
{
"StartAt": "Hello",
"StartAt": "HTTPInvoke",
"States": {
"Hello": {
"Type": "Pass",
"HTTPInvoke": {
"Type": "Task",
"Resource": "arn:aws:states:::http:invoke",
"Parameters": {
"ApiEndpoint": "https://zipcloud.ibsnet.co.jp/api/search",
"Method": "GET",
"Authentication": {
"ConnectionArn": "${connection_arn}"
},
"QueryParameters": {
"zipcode": "1050003"
}
},
"End": true
}
}
},
{
"StartAt": "World",
"StartAt": "Choice",
"States": {
"World": {
"Choice": {
"Type": "Choice",
"Choices": [
{
"And": [
{
"Variable": "$.Comment",
"IsPresent": true
},
{
"Variable": "$.Comment",
"StringEquals": "Insert your JSON here"
}
],
"Next": "Yes"
},
{
"And": [
{
"Variable": "$.Comment",
"IsPresent": true
},
{
"Not": {
"Variable": "$.Comment",
"StringEquals": "Insert your JSON here"
}
}
],
"Next": "No"
},
{
"Variable": "$.Comment",
"IsPresent": false,
"Next": "No"
}
]
},
"Yes": {
"Type": "Pass",
"End": true
},
"No": {
"Type": "Pass",
"End": true
}
}
},
{
"StartAt": "Wait",
"States": {
"Wait": {
"Type": "Wait",
"Seconds": 3,
"End": true
}
}
}
]
],
"Next": "End"
},
"Hello World": {
"End": {
"Type": "Pass",
"End": true
}
Expand Down

0 comments on commit c7a5fb1

Please sign in to comment.