Skip to content
This repository was archived by the owner on Apr 14, 2026. It is now read-only.

Commit 5a836f2

Browse files
Sandeep KumarSandeep Kumar
Sandeep Kumar
authored and
Sandeep Kumar
committed
init push
1 parent ac36863 commit 5a836f2

47 files changed

Lines changed: 15551 additions & 0 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

backend/.DS_Store

6 KB
Binary file not shown.

backend/CF.json

Lines changed: 113 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,113 @@
1+
{
2+
"AWSTemplateFormatVersion": "2010-09-09",
3+
"Description": "This template creates a role which only Lumigo can use.",
4+
"Outputs": {
5+
"RoleARN": {
6+
"Description": "The ARN of the role that can be assumed by Lumigo's account.",
7+
"Value": {
8+
"Fn::GetAtt": [
9+
"LumigoIntegrationRole",
10+
"Arn"
11+
]
12+
}
13+
}
14+
},
15+
"Resources": {
16+
"LumigoIntegrationRole": {
17+
"Properties": {
18+
"AssumeRolePolicyDocument": {
19+
"Statement": [
20+
{
21+
"Action": "sts:AssumeRole",
22+
"Effect": "Allow",
23+
"Principal": {
24+
"AWS": "599735196807"
25+
},
26+
"Sid": ""
27+
},
28+
{
29+
"Action": "sts:AssumeRole",
30+
"Effect": "Allow",
31+
"Principal": {
32+
"AWS": "114300393969"
33+
},
34+
"Sid": ""
35+
}
36+
],
37+
"Version": "2012-10-17"
38+
},
39+
"ManagedPolicyArns": [
40+
"arn:aws:iam::aws:policy/ReadOnlyAccess"
41+
],
42+
"Path": "/"
43+
},
44+
"Type": "AWS::IAM::Role"
45+
},
46+
"LumigoIntegrationPolicies": {
47+
"Type": "AWS::IAM::Policy",
48+
"Properties": {
49+
"PolicyName": "LumigoIntegration",
50+
"PolicyDocument": {
51+
"Statement": [
52+
{
53+
"Effect": "Allow",
54+
"Action": [
55+
"lambda:UpdateFunctionConfiguration"
56+
],
57+
"Resource": "arn:aws:lambda:*:*:function:*"
58+
},
59+
{
60+
"Effect": "Allow",
61+
"Action": [
62+
"logs:PutSubscriptionFilter",
63+
"logs:DeleteSubscriptionFilter",
64+
"logs:DescribeSubscriptionFilters",
65+
"cloudwatch:PutMetricAlarm",
66+
"cloudwatch:DeleteAlarm"
67+
],
68+
"Resource": "*"
69+
}
70+
71+
]
72+
},
73+
"Roles": [
74+
{
75+
"Ref": "LumigoIntegrationRole"
76+
}
77+
]
78+
}
79+
},
80+
"LumigoReporter": {
81+
"Type": "AWS::CloudFormation::CustomResource",
82+
"Properties": {
83+
"ServiceToken": {
84+
"Fn::Join": [
85+
":",
86+
[
87+
"arn:aws:sns",
88+
{
89+
Ref: "AWS::Region"
90+
},
91+
"114300393969:prod_sns-edge-stfl_incoming-topic"
92+
]
93+
]
94+
},
95+
"RoleArn": {
96+
"Fn::GetAtt": [
97+
"LumigoIntegrationRole",
98+
"Arn"
99+
]
100+
},
101+
"ExternalId": {
102+
Ref: "ExternalId"
103+
}
104+
}
105+
}
106+
},
107+
"Parameters": {
108+
"ExternalId": {
109+
"Description": "External ID for securing the role - Do not change",
110+
"Type": "String"
111+
}
112+
}
113+
}

backend/lambda/app.js

Lines changed: 81 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,81 @@
1+
const AWSXRay = require("aws-xray-sdk-core");
2+
const AWS = AWSXRay.captureAWS(require("aws-sdk"));
3+
const sts = new AWS.STS();
4+
5+
exports.lambdaHandler = async (event) => {
6+
console.log(JSON.stringify(event));
7+
8+
// assume role from client account
9+
const assumeRole = await sts
10+
.assumeRole({
11+
RoleArn: `arn:aws:iam::${event.queryStringParameters.accountId}:role/${event.queryStringParameters.roleName}`,
12+
RoleSessionName: Math.round(Math.random() * 1000000000).toString(),
13+
})
14+
.promise();
15+
16+
// update the assumed credentials to AWS SDK
17+
AWS.config.accessKeyId = assumeRole.Credentials.AccessKeyId;
18+
AWS.config.secretAccessKey = assumeRole.Credentials.SecretAccessKey;
19+
AWS.config.region = event.queryStringParameters.region;
20+
21+
// create new connectors for step function and cloudwatch operations
22+
const cloudwatchlogs = new AWS.CloudWatchLogs();
23+
const stepfunctions = new AWS.StepFunctions();
24+
25+
// query1 - get all the step functions in the account
26+
if (event.queryStringParameters.type === "all") {
27+
// get list of step functions
28+
const listStateMachines = await stepfunctions.listStateMachines().promise();
29+
30+
// describe each step function to get more information
31+
const describeStateMachines = listStateMachines.stateMachines.map((e) => {
32+
return stepfunctions
33+
.describeStateMachine({ stateMachineArn: e.stateMachineArn })
34+
.promise();
35+
});
36+
37+
// return all the step function data
38+
return Promise.all(describeStateMachines);
39+
}
40+
41+
// query2 - get all logs for the selected step function
42+
else {
43+
const { logGroupName } = event.queryStringParameters;
44+
45+
// describe the log stream to get the complete log info
46+
let logStreamInfo = await cloudwatchlogs
47+
.describeLogStreams({ logGroupName: logGroupName })
48+
.promise();
49+
50+
// get the logs in the log streams
51+
const logStreamsDataLoop = logStreamInfo.logStreams.map((e) => {
52+
return cloudwatchlogs
53+
.filterLogEvents({
54+
logGroupName: logGroupName,
55+
logStreamNames: [e.logStreamName],
56+
})
57+
.promise();
58+
});
59+
60+
// wait for logs
61+
const logStreamsData = await Promise.all(logStreamsDataLoop);
62+
63+
// add the logs to the log stream info
64+
logStreamInfo.logStreams.map((e, i) => {
65+
e.logs = logStreamsData[i].events;
66+
return e;
67+
});
68+
69+
// return complete log stream info and logs within that stream
70+
return { logs: logStreamInfo };
71+
72+
// The below code is for a future use case
73+
// let sendLogStreamData = await Promise.all(getLogStreamData)
74+
// sendLogStreamData = sendLogStreamData.map(e=> {
75+
// if (e.searchedLogStreams[0].searchedCompletely)
76+
// return e.events
77+
// else
78+
// if the condition is false, the log stream has more logs that needs to be quereied again
79+
// })
80+
}
81+
};

0 commit comments

Comments
 (0)