updating node JS version to 14.x from 10.x

Author: sourabh

loggroup-lambda-connector/sam/packaged.yaml

@@ -21,17 +21,27 @@ Metadata:
     - serverless
     - loggroups
     - cloudwatch
-    LicenseUrl: s3://appdevstore/LoggroupConnector/v1.0.4/5122657d5b9a0d3713e24d3a33eae431
+    LicenseUrl: s3://cf-templates-1qpf3unpuo1hw-us-east-1/test-log-group-lambda-connector/6092dd6c323e33634657102f570628e0
     Name: sumologic-loggroup-connector
-    ReadmeUrl: s3://appdevstore/LoggroupConnector/v1.0.4/c98f2c0d986a3f55fbea539688ee6a2e
-    SemanticVersion: 1.0.4
+    ReadmeUrl: s3://cf-templates-1qpf3unpuo1hw-us-east-1/test-log-group-lambda-connector/946832fcaabeea8d4fa5580eb13fd90c
+    SemanticVersion: 1.0.5
     SourceCodeUrl: https://github.com/SumoLogic/sumologic-aws-lambda/loggroup-lambda-connector
     SpdxLicenseId: Apache-2.0
 Parameters:
-  LambdaARN:
+  DestinationArnType:
+    Type: String
+    Description: Lambda - When the destination ARN for subscription filter is an AWS
+      Lambda Function. Kinesis - When the destination ARN for subscription filter
+      is an Kinesis or Amazon Kinesis data firehose stream.
+    Default: Lambda
+    AllowedValues:
+    - Lambda
+    - Kinesis
+  DestinationArnValue:
     Type: String
     Default: arn:aws:lambda:us-east-1:123456789000:function:TestLambda
-    Description: Enter ARN for target lambda function
+    Description: Enter Destination ARN like Lambda function, Kinesis stream. For more
+      information, visit - https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/SubscriptionFilters.html
   LogGroupPattern:
     Type: String
     Default: Test
@@ -49,17 +59,57 @@ Parameters:
     Description: Enter comma separated keyvalue pairs for filtering logGroups using
       tags. Ex KeyName1=string,KeyName2=string. This is optional leave it blank if
       tag based filtering is not needed.
+  RoleArn:
+    Type: String
+    Default: ''
+    Description: Enter AWS IAM Role arn in case the destination is Kinesis Firehose
+      stream.
+Conditions:
+  create_invoke_permission:
+    Fn::Equals:
+    - Ref: DestinationArnType
+    - Lambda
+  create_pass_role:
+    Fn::Equals:
+    - Ref: DestinationArnType
+    - Kinesis
+Rules:
+  testRoleArnWithLambda:
+    RuleCondition:
+      Fn::Equals:
+      - Ref: DestinationArnType
+      - Lambda
+    Assertions:
+    - Assert:
+        Fn::Equals:
+        - Ref: RoleArn
+        - ''
+      AssertDescription: If Destination Type is Lambda, than the role ARN should be
+        empty.
+  testRoleArnWithKinesis:
+    RuleCondition:
+      Fn::Equals:
+      - Ref: DestinationArnType
+      - Kinesis
+    Assertions:
+    - Assert:
+        Fn::Not:
+        - Fn::Equals:
+          - Ref: RoleArn
+          - ''
+      AssertDescription: If Destination Type is Kinesis, than the role ARN can not
+        be kept empty.
 Resources:
   SumoLogGroupLambdaConnector:
     Type: AWS::Serverless::Function
     Properties:
-      CodeUri: s3://appdevstore/LoggroupConnector/v1.0.4/8822c7aea452b5df042a0d22e4ecd99d
+      CodeUri: s3://cf-templates-1qpf3unpuo1hw-us-east-1/test-log-group-lambda-connector/44a32060109e4c7efa4feed59007b04f
       Handler: loggroup-lambda-connector.handler
-      Runtime: nodejs10.x
+      Runtime: nodejs14.x
       Environment:
         Variables:
-          LAMBDA_ARN:
-            Ref: LambdaARN
+          DESTINATION_ARN:
+            Ref: DestinationArnValue
           LOG_GROUP_PATTERN:
             Ref: LogGroupPattern
           USE_EXISTING_LOG_GROUPS:
@@ -68,6 +118,8 @@ Resources:
             Fn::Join:
             - ','
             - Ref: LogGroupTags
+          ROLE_ARN:
+            Ref: RoleArn
       Policies:
       - Statement:
         - Sid: ReadWriteFilterPolicy
@@ -90,12 +142,28 @@ Resources:
                 - logs.amazonaws.com
                 eventName:
                 - CreateLogGroup
+  sumoIAMPassRolePolicy:
+    Type: AWS::IAM::Policy
+    Condition: create_pass_role
+    Properties:
+      PolicyName: KinesisFirehoseLogsPolicy
+      PolicyDocument:
+        Version: '2012-10-17'
+        Statement:
+        - Effect: Allow
+          Action:
+          - iam:PassRole
+          Resource:
+            Ref: RoleArn
+      Roles:
+      - Ref: SumoLogGroupLambdaConnectorRole
   SumoCWLambdaInvokePermission:
     Type: AWS::Lambda::Permission
+    Condition: create_invoke_permission
     Properties:
       Action: lambda:InvokeFunction
       FunctionName:
-        Ref: LambdaARN
+        Ref: DestinationArnValue
       Principal:
         Fn::Sub: logs.${AWS::Region}.amazonaws.com
       SourceAccount:

loggroup-lambda-connector/sam/template.yaml

@@ -97,7 +97,7 @@ Resources:
     Properties:
       CodeUri: ../src/
       Handler: "loggroup-lambda-connector.handler"
-      Runtime: nodejs10.x
+      Runtime: nodejs14.x
       Environment:
         Variables:
           DESTINATION_ARN: !Ref "DestinationArnValue"