Normalize EventBridge rule names and general clean up of templates based

brtrvn · brtrvn · commit 86e26b2175b5 · 2021-11-15T18:30:10.000-08:00
on cfn-lint suggestions
diff --git a/resources/saas-boost-core.yaml b/resources/saas-boost-core.yaml
@@ -420,14 +420,14 @@ Resources:
   SaaSBoostPublicApi:
     Type: AWS::ApiGateway::RestApi
     Properties:
-      Name: !Sub sb-public-api-${Environment}
+      Name: !Sub sb-${Environment}-public-api
       EndpointConfiguration:
         Types:
           - REGIONAL
   SaaSBoostPrivateApi:
     Type: AWS::ApiGateway::RestApi
     Properties:
-      Name: !Sub sb-private-api-${Environment}
+      Name: !Sub sb-${Environment}-private-api
       EndpointConfiguration:
         Types:
           - REGIONAL
@@ -529,7 +529,7 @@ Resources:
     Type: AWS::Events::Rule
     Properties:
       EventBusName: !Ref SaaSBoostEventBus
-      Name: !Sub sb-system-api-call-${Environment}
+      Name: !Sub sb-${Environment}-system-api-call
       State: ENABLED
       EventPattern:
         source: ['saas-boost']
diff --git a/resources/saas-boost-svc-metrics.yaml b/resources/saas-boost-svc-metrics.yaml
@@ -339,6 +339,7 @@ Resources:
   PublishRequestCountMetricsEvent:
     Type: AWS::Events::Rule
     Properties:
+      Name: !Sub sb-${Environment}-metrics-count
       Description: A scheduled task to publish access log metrics to s3 web bucket
       # Run this every 30 minutes
       ScheduleExpression: "cron(0/30 * * * ? *)"
@@ -410,7 +411,7 @@ Resources:
   PublishResponseTimeMetricsEvent:
     Type: AWS::Events::Rule
     Properties:
-      Name: !Sub sb-publish-access-log-metrics-${Environment}
+      Name: !Sub sb-${Environment}-metrics-latency
       Description: A scheduled task to publish access log metrics to s3 web bucket
       # Run this every 30 minutes
       ScheduleExpression: "cron(0/30 * * * ? *)"
@@ -484,6 +485,7 @@ Resources:
   AddAthenaPartitionEvent:
     Type: AWS::Events::Rule
     Properties:
+      Name: !Sub sb-${Environment}-metrics-athena-partition
       Description: A scheduled task to add partition for access logs daily
       # Run at 00:01 every day
       ScheduleExpression: "cron(15 0 * * ? *)"
diff --git a/resources/saas-boost-svc-onboarding.yaml b/resources/saas-boost-svc-onboarding.yaml
@@ -1086,7 +1086,7 @@ Resources:
   OnboardingServiceDeleteTenantEventRule:
     Type: AWS::Events::Rule
     Properties:
-      Name: !Sub sb-${Environment}-onboarding-delete-rule
+      Name: !Sub sb-${Environment}-onboarding-delete
       Description: Delete provisioned tenant
       EventBusName: !Ref SaaSBoostEventBus
       EventPattern:
@@ -1141,7 +1141,7 @@ Resources:
   CodePipelineExecutionStateChangeEvent:
     Type: AWS::Events::Rule
     Properties:
-      Name: !Sub sb-${Environment}-tenant-pipeline
+      Name: !Sub sb-${Environment}-codepipeline-state
       EventPattern:
         source: ['aws.codepipeline']
         detail-type: ['CodePipeline Pipeline Execution State Change']
diff --git a/resources/saas-boost-svc-tenant.yaml b/resources/saas-boost-svc-tenant.yaml
@@ -407,7 +407,7 @@ Resources:
   TenantServiceUpdateResourcesEventRule:
     Type: AWS::Events::Rule
     Properties:
-      Name: !Sub sb-${Environment}-tenants-update-resources
+      Name: !Sub sb-${Environment}-tenant-update-resources
       Description: Update list of resources after a tenant is provisioned
       EventBusName: !Ref SaaSBoostEventBus
       EventPattern:
diff --git a/resources/saas-boost.yaml b/resources/saas-boost.yaml
@@ -79,8 +79,6 @@ Resources:
       Value: !Ref LambdaSourceFolder
   # Create all the S3 buckets SaaS Boost needs up front so we can create
   # a single Lambda IAM policy to clean up the buckets on stack delete
-  #
-
   LoggingBucket:
     Type: AWS::S3::Bucket
     Properties:
@@ -118,7 +116,6 @@ Resources:
               - !Sub arn:aws:s3:::${LoggingBucket}
             Condition:
               Bool: { 'aws:SecureTransport': false }
-
   # Bucket needed for CodePipeline to drive tenant deployment workflow
   CodePipelineBucket:
     Type: AWS::S3::Bucket
@@ -155,7 +152,6 @@ Resources:
               - !Sub arn:aws:s3:::${CodePipelineBucket}
             Condition:
               Bool: { 'aws:SecureTransport': false }
-
   # Bucket for Access Logs for ALBs for Tenants
   ALBAccessLogs:
     Type: AWS::S3::Bucket
@@ -175,13 +171,9 @@ Resources:
         ServerSideEncryptionConfiguration:
           - ServerSideEncryptionByDefault:
               SSEAlgorithm: AES256
-      # LoggingConfiguration:
-      #   DestinationBucketName: !Ref LoggingBucket
-      #   LogFilePrefix: ALBaccess-logs
       Tags:
         - Key: SaaS Boost
           Value: !Ref Environment
-
   # Bucket for Athena output for access log queries
   AthenaOutput:
     Type: AWS::S3::Bucket
@@ -201,9 +193,6 @@ Resources:
         ServerSideEncryptionConfiguration:
           - ServerSideEncryptionByDefault:
               SSEAlgorithm: AES256
-      # LoggingConfiguration:
-      #   DestinationBucketName: !Ref LoggingBucket
-      #   LogFilePrefix: athena-logs
       CorsConfiguration:
         CorsRules:
           - AllowedMethods:
@@ -228,6 +217,7 @@ Resources:
             Condition:
               Bool: { 'aws:SecureTransport': false }
   # Bucket to host the admin console web application
+  # NOTE: The deny non-secure policy is in the web template.
   WebS3Bucket:
     Type: AWS::S3::Bucket
     Properties:
@@ -247,8 +237,6 @@ Resources:
       Tags:
         - Key: SaaS Boost
           Value: !Ref Environment
-  ##NOTE: The deny non-secure policy is in the web template.
-
   SaaSBoostUtilsLayer:
     Type: AWS::Lambda::LayerVersion
     Properties:
@@ -268,6 +256,7 @@ Resources:
   ClearBucketExecutionRole:
     Type: AWS::IAM::Role
     DependsOn:
+      - LoggingBucket
       - WebS3Bucket
       - CodePipelineBucket
       - AthenaOutput
@@ -349,49 +338,40 @@ Resources:
           Value: !Ref Environment
         - Key: "BoostService"
           Value: "Logs"
-
   InvokeClearCodePipelineBucket:
     Type: Custom::CustomResource
     DependsOn:
-      - ClearBucket
       - InvokeClearLoggingBucket
     Properties:
       ServiceToken: !GetAtt ClearBucket.Arn
       Bucket: !Ref CodePipelineBucket
   InvokeClearAthenaBucket:
     Type: Custom::CustomResource
     DependsOn:
-      - ClearBucket
       - InvokeClearLoggingBucket
     Properties:
       ServiceToken: !GetAtt ClearBucket.Arn
       Bucket: !Ref AthenaOutput
   InvokeClearAccessLogsBucket:
     Type: Custom::CustomResource
     DependsOn:
-      - ClearBucket
       - InvokeClearLoggingBucket
     Properties:
       ServiceToken: !GetAtt ClearBucket.Arn
       Bucket: !Ref ALBAccessLogs
   InvokeClearWebsiteBucket:
     Type: Custom::CustomResource
     DependsOn:
-      - ClearBucket
       - InvokeClearLoggingBucket
     Properties:
       ServiceToken: !GetAtt ClearBucket.Arn
       Bucket: !Ref WebS3Bucket
-  ##TODO: Do we want to clear the access logs bucket
+  # TODO: Do we want to clear the access logs bucket?
   InvokeClearLoggingBucket:
     Type: Custom::CustomResource
-    DependsOn:
-      - ClearBucket
     Properties:
       ServiceToken: !GetAtt ClearBucket.Arn
       Bucket: !Ref LoggingBucket
-
-##nested stacks
   network:
     Type: AWS::CloudFormation::Stack
     Properties:
@@ -454,7 +434,6 @@ Resources:
   # To Do - merge this stuff into the billing template
   metering:
     Type: AWS::CloudFormation::Stack
-    DependsOn: core
     Properties:
       TemplateURL: !Sub https://${SaaSBoostBucket}.s3.amazonaws.com/saas-boost-metering-billing.yaml
       Parameters:
@@ -468,7 +447,6 @@ Resources:
         PrivateApiStage: !Ref PrivateApiStage
   metrics:
     Type: AWS::CloudFormation::Stack
-    DependsOn: core
     Properties:
       TemplateURL: !Sub https://${SaaSBoostBucket}.s3.amazonaws.com/saas-boost-svc-metrics.yaml
       Parameters:
@@ -483,9 +461,6 @@ Resources:
         PrivateApiStage: !Ref PrivateApiStage
   onboarding:
     Type: AWS::CloudFormation::Stack
-    DependsOn:
-      - core
-      - tenant
     Properties:
       TemplateURL: !Sub https://${SaaSBoostBucket}.s3.amazonaws.com/saas-boost-svc-onboarding.yaml
       Parameters:
@@ -512,9 +487,6 @@ Resources:
         ApiGatewayHelperLayer: !Ref ApiGatewayHelperLayer
   settings:
     Type: AWS::CloudFormation::Stack
-    DependsOn:
-      - core
-      - web
     Properties:
       TemplateURL: !Sub https://${SaaSBoostBucket}.s3.amazonaws.com/saas-boost-svc-settings.yaml
       Parameters:
@@ -529,7 +501,6 @@ Resources:
         CloudFrontDistribution: !GetAtt web.Outputs.CloudFrontDistributionUrl
   tenant:
     Type: AWS::CloudFormation::Stack
-    DependsOn: core
     Properties:
       TemplateURL: !Sub https://${SaaSBoostBucket}.s3.amazonaws.com/saas-boost-svc-tenant.yaml
       Parameters:
@@ -543,7 +514,6 @@ Resources:
     Type: AWS::CloudFormation::Stack
     DependsOn:
       - core
-      - web
     Properties:
       TemplateURL: !Sub https://${SaaSBoostBucket}.s3.amazonaws.com/saas-boost-svc-user.yaml
       Parameters:
@@ -554,15 +524,6 @@ Resources:
         CognitoUserPoolId: !GetAtt web.Outputs.SBUserPool
   publicapi:
     Type: AWS::CloudFormation::Stack
-    DependsOn:
-      - core
-      - web
-      - billing
-      - metrics
-      - onboarding
-      - settings
-      - tenant
-      - user
     Properties:
       TemplateURL: !Sub https://${SaaSBoostBucket}.s3.amazonaws.com/saas-boost-public-api.yaml
       Parameters:
@@ -604,12 +565,6 @@ Resources:
         UserServiceToken: !GetAtt user.Outputs.UserServiceTokenArn
   privateapi:
     Type: AWS::CloudFormation::Stack
-    DependsOn:
-      - core
-      - onboarding
-      - quota
-      - settings
-      - tenant
     Properties:
       TemplateURL: !Sub https://${SaaSBoostBucket}.s3.amazonaws.com/saas-boost-private-api.yaml
       Parameters:
diff --git a/resources/tenant-onboarding-fsx.yaml b/resources/tenant-onboarding-fsx.yaml
@@ -311,7 +311,6 @@ Resources:
           DeploymentType: MULTI_AZ_1
           PreferredSubnetId: !Ref 'PrivateSubnet1ID'
           ThroughputCapacity: !Ref 'ThroughputCapacity'
-
 # need to get the DNSName for FSX for output
   FsxDnsNameRole:
     Type: AWS::IAM::Role
@@ -400,16 +399,14 @@ Resources:
     Properties:
       ServiceToken: !GetAtt FsxDnsNameFunction.Arn
       FsxFileSystemId: !Ref WindowsFSx
-
   SSMParamFilesystem:
     Type: AWS::SSM::Parameter
     Properties:
       Name: !Sub /saas-boost/${Environment}/tenant/${TenantId}/WINDOWS_FSX_DNS_NAME
       Type: String
       Value: !GetAtt InvokeGetFsxDnsName.DnsName
-
 Outputs:
-  FSxFileSystemID:
+  FileSystemId:
     Description: File System ID for FSx for Windows File Server
     Value: !Ref WindowsFSx
   WindowsFSxSGID:
diff --git a/resources/tenant-onboarding.yaml b/resources/tenant-onboarding.yaml
@@ -606,7 +606,7 @@ Resources:
               - !If
                 - ProvisionFsx
                 - - ContainerPath: !Ref MountPoint
-                    SourceVolume: !GetAtt fsx.Outputs.FSxFileSystemID
+                    SourceVolume: !GetAtt fsx.Outputs.FileSystemId
                 - !Ref 'AWS::NoValue'
           LinuxParameters:
             Fn::If:
@@ -631,7 +631,7 @@ Resources:
                 FileSystemId: !GetAtt efs.Outputs.FileSystemId
           - !If
             - ProvisionFsx
-            - - Name: !GetAtt fsx.Outputs.FSxFileSystemID
+            - - Name: !GetAtt fsx.Outputs.FileSystemId
                 Host:
                   SourcePath: !Sub ${FSxWindowsMountDrive}\
             - !Ref 'AWS::NoValue'
