serverless.yml

service:
  name: codepipeline-datadog-events

# Add the serverless-webpack plugin
plugins:
  - serverless-webpack

provider:
  name: aws
  runtime: nodejs12.x
  memorySize: 128
  timeout: 10
  logRetentionInDays: 7
  versionFunctions: false
  environment:
    DD_API_KEY: ${ssm:/datadog/DD_API_KEY~true}
    SLACK_WEBHOOK_URL: ${ssm:/slack/SLACK_WEBHOOK_URL~true}
  variableSyntax: "\\$\\{(?!AWS)([ \":~a-zA-Z0-9._,\\-\\/\\(\\)]+?)}"
  iamRoleStatements:
    - Effect: "Allow"
      Action:
        - "sqs:SendMessage"
        - "sqs:GetQueueUrl"
      Resource:
        Fn::GetAtt:
          - EventQueue
          - Arn
    - Effect: "Allow"
      Action:
        - "sqs:ListQueues"
      Resource: !Sub "arn:aws:${AWS::AccountId}:....."
    - Effect: "Allow"
      Action: 
        - "cloudwatch:PutMetricData"
        - "codepipeline:List*"
        - "codepipeline:Get*"
        - "ec2:DescribeRegions"
      Resource: "*"

functions:
  main:
    handler: handler.main
    events:
      - sqs:
          arn:
            Fn::GetAtt:
              - EventQueue
              - Arn
  cloudwatch:
    handler: handler.scheduledMetrics
    events:
      - schedule: rate(1 minute)

resources:
  Resources:
    EventQueue:
      Type: AWS::SQS::Queue

    QueuePolicy:
      Type: AWS::SQS::QueuePolicy
      Properties:
        PolicyDocument:
          Version: "2012-10-17"
          Id: "QueuePolicy1"
          Statement:
            - Effect: "Allow"
              Action: "sqs:SendMessage"
              Action: 
                - "sqs:SendMessage"
              Resource: "*"
              Principal: "*"
              Condition:
                ArnLike:
                  "AWS:SourceArn": !Sub "arn:aws:sns:*:${AWS::AccountId}:*"
        Queues:
          - !Ref EventQueue