AWSTemplateFormatVersion: 2010-09-09 Transform: AWS::Serverless-2016-10-31 Parameters: BucketName: Type: String Default: saladeaula.digital UserTable: Type: String Default: betaeducacao-prod-users_d2o3r5gmm4it7j EnrollmentTable: Type: String Default: betaeducacao-prod-enrollments OrderTable: Type: String Default: betaeducacao-prod-orders CourseTable: Type: String Default: saladeaula_courses Globals: Function: CodeUri: app/ Runtime: python3.14 Tracing: Active Architectures: - x86_64 Layers: - !Sub arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:layer:layercake:106 Environment: Variables: TZ: America/Sao_Paulo LOG_LEVEL: DEBUG DYNAMODB_PARTITION_KEY: id POWERTOOLS_LOGGER_SAMPLE_RATE: 0.1 POWERTOOLS_LOGGER_LOG_EVENT: true USER_TABLE: !Ref UserTable ORDER_TABLE: !Ref OrderTable ENROLLMENT_TABLE: !Ref EnrollmentTable COURSE_TABLE: !Ref CourseTable BUCKET_NAME: !Ref BucketName IUGU_API_TOKEN: '{{resolve:ssm:/saladeaula/iugu_api_token}}' Resources: EventLog: Type: AWS::Logs::LogGroup Properties: RetentionInDays: 90 HttpLog: Type: AWS::Logs::LogGroup Properties: RetentionInDays: 90 HttpApi: Type: AWS::Serverless::HttpApi Properties: CorsConfiguration: AllowOrigins: ['*'] AllowMethods: [POST, OPTIONS] AllowHeaders: [Content-Type, X-Requested-With] HttpApiFunction: Type: AWS::Serverless::Function Properties: Handler: app.lambda_handler LoggingConfig: LogGroup: !Ref HttpLog Policies: - DynamoDBWritePolicy: TableName: !Ref OrderTable Events: Post: Type: HttpApi Properties: Path: /{id}/postback Method: POST ApiId: !Ref HttpApi EventPaymentsCreateInvoiceFunction: Type: AWS::Serverless::Function Properties: Handler: events.payments.create_invoice.lambda_handler LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBCrudPolicy: TableName: !Ref OrderTable Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [INSERT] detail: new_image: sk: ['0'] payment_method: - anything-but: [MANUAL] EventPaymentsChargeCreditCardFunction: Type: AWS::Serverless::Function Properties: Handler: events.payments.charge_credit_card.lambda_handler Timeout: 12 LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBCrudPolicy: TableName: !Ref OrderTable Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [INSERT] detail: new_image: sk: ['TRANSACTION'] invoice_id: - exists: true credit_card: holder_name: - exists: true number: - exists: true exp_month: - exists: true exp_year: - exists: true cvv: - exists: true EventBillingAppendEnrollmentFunction: Type: AWS::Serverless::Function Properties: Handler: events.billing.append_enrollment.lambda_handler LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBCrudPolicy: TableName: !Ref OrderTable - DynamoDBCrudPolicy: TableName: !Ref EnrollmentTable - DynamoDBReadPolicy: TableName: !Ref CourseTable Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref EnrollmentTable] detail-type: [INSERT] detail: new_image: sk: ['METADATA#SUBSCRIPTION_COVERED'] billing_period: - exists: false EventBillingCancelEnrollmentFunction: Type: AWS::Serverless::Function Properties: Handler: events.billing.cancel_enrollment.lambda_handler LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBCrudPolicy: TableName: !Ref OrderTable - DynamoDBReadPolicy: TableName: !Ref EnrollmentTable Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref EnrollmentTable] detail-type: [MODIFY] detail: new_image: sk: ['0'] status: [CANCELED] subscription_covered: [true] old_image: status: [PENDING] EventBillingCloseWindowFunction: Type: AWS::Serverless::Function Properties: Handler: events.billing.close_window.lambda_handler Timeout: 30 LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBCrudPolicy: TableName: !Ref OrderTable - S3WritePolicy: BucketName: !Ref BucketName Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [EXPIRE] detail: keys: id: - prefix: BILLING sk: # Post-migration: uncomment the following line # - suffix: SCHEDULED#AUTO_CLOSE - suffix: SCHEDULE#AUTO_CLOSE EventBillingSendEmailOnClosingFunction: Type: AWS::Serverless::Function Properties: Handler: events.billing.send_email_on_closing.lambda_handler LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBReadPolicy: TableName: !Ref UserTable - S3ReadPolicy: BucketName: !Ref BucketName - Version: 2012-10-17 Statement: - Effect: Allow Action: - ses:SendRawEmail Resource: - !Sub arn:aws:ses:${AWS::Region}:${AWS::AccountId}:identity/eduseg.com.br - !Sub arn:aws:ses:${AWS::Region}:${AWS::AccountId}:configuration-set/tracking Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [MODIFY] detail: new_image: id: - prefix: BILLING s3_uri: - exists: true status: [CLOSED] old_image: status: [PENDING] EventStartFulfillmentFunction: Type: AWS::Serverless::Function Properties: Handler: events.start_fulfillment.lambda_handler Timeout: 30 LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBCrudPolicy: TableName: !Ref OrderTable - DynamoDBCrudPolicy: TableName: !Ref EnrollmentTable - DynamoDBReadPolicy: TableName: !Ref CourseTable Events: DynamoDBEvent: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [INSERT] detail: new_image: sk: [FULFILLMENT] status: [IN_PROGRESS] org_id: - exists: true EventRunSelfDestructionFunction: Type: AWS::Serverless::Function Properties: Handler: events.run_self_destruction.lambda_handler Timeout: 30 LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBCrudPolicy: TableName: !Ref OrderTable Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [EXPIRE] detail: keys: sk: ['SCHEDULED#SELF_DESTRUCTION'] # DEPRECATED EventAppendOrgIdFunction: Type: AWS::Serverless::Function Properties: Handler: events.append_org_id.lambda_handler LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBCrudPolicy: TableName: !Ref UserTable - DynamoDBCrudPolicy: TableName: !Ref OrderTable Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [INSERT] detail: new_image: sk: ['0'] cnpj: - exists: true # Post-migration: rename `tenant_id` to `org_id` tenant_id: - exists: false # DEPRECATED EventAppendUserIdFunction: Type: AWS::Serverless::Function Properties: Handler: events.append_user_id.lambda_handler LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBCrudPolicy: TableName: !Ref UserTable - DynamoDBCrudPolicy: TableName: !Ref OrderTable Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [INSERT] detail: new_image: sk: ['0'] cpf: - exists: true user_id: - exists: false # DEPRECATED EventRemoveSlotsIfCanceledFunction: Type: AWS::Serverless::Function Properties: Handler: events.remove_slots_if_canceled.lambda_handler LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBWritePolicy: TableName: !Ref OrderTable - DynamoDBCrudPolicy: TableName: !Ref EnrollmentTable Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [MODIFY] detail: new_image: sk: ['0'] cnpj: - exists: true status: [CANCELED, EXPIRED] EventStopgapSetAsPaidFunction: Type: AWS::Serverless::Function Properties: Handler: events.stopgap.set_as_paid.lambda_handler LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBWritePolicy: TableName: !Ref OrderTable Events: Event: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail-type: [INSERT] detail: new_image: sk: ['0'] cnpj: - exists: true total: [0] status: [CREATING, PENDING] payment_method: [MANUAL] EventStopgapRemoveSlotsFunction: Type: AWS::Serverless::Function Properties: Handler: events.stopgap.remove_slots.lambda_handler LoggingConfig: LogGroup: !Ref EventLog Policies: - DynamoDBReadPolicy: TableName: !Ref UserTable - DynamoDBReadPolicy: TableName: !Ref OrderTable - DynamoDBCrudPolicy: TableName: !Ref EnrollmentTable Events: DynamoDBEvent: Type: EventBridgeRule Properties: Pattern: resources: [!Ref OrderTable] detail: new_image: sk: [generated_items] status: [SUCCESS] Outputs: HttpApiUrl: Description: URL of your API endpoint Value: Fn::Sub: 'https://${HttpApi}.execute-api.${AWS::Region}.${AWS::URLSuffix}' HttpApiId: Description: Api ID of HttpApi Value: Ref: HttpApi