├── CODE_OF_CONDUCT.md ├── CONTRIBUTING.md ├── LICENSE ├── README.md ├── events ├── event.json └── response.json ├── guides ├── Guide_QuickSight_S3_Permissions.md ├── Quide_QuickSight_Visuals.md └── Quide_QuickSight_Visuals2.md ├── images ├── FindingCusustomEventBusName.png ├── NewS3DataSource.png ├── analysis1.png ├── analysis2.png ├── calculateFields.png ├── finalDash.png ├── piechart.png ├── s3Buckets.png ├── s3Permissions.png ├── screenshot.png ├── timebasedComparisons.png └── trends.png ├── manifest.json ├── src ├── package.json ├── saveAuth0EventToS3.js └── tests │ └── unit │ └── test-handler.js └── template.yaml /CODE_OF_CONDUCT.md: -------------------------------------------------------------------------------- 1 | ## Code of Conduct 2 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 3 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 4 | opensource-codeofconduct@amazon.com with any additional questions or comments. 5 | -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- 1 | # Contributing Guidelines 2 | 3 | Thank you for your interest in contributing to our project. Whether it's a bug report, new feature, correction, or additional 4 | documentation, we greatly value feedback and contributions from our community. 5 | 6 | Please read through this document before submitting any issues or pull requests to ensure we have all the necessary 7 | information to effectively respond to your bug report or contribution. 8 | 9 | 10 | ## Reporting Bugs/Feature Requests 11 | 12 | We welcome you to use the GitHub issue tracker to report bugs or suggest features. 13 | 14 | When filing an issue, please check existing open, or recently closed, issues to make sure somebody else hasn't already 15 | reported the issue. Please try to include as much information as you can. Details like these are incredibly useful: 16 | 17 | * A reproducible test case or series of steps 18 | * The version of our code being used 19 | * Any modifications you've made relevant to the bug 20 | * Anything unusual about your environment or deployment 21 | 22 | 23 | ## Contributing via Pull Requests 24 | Contributions via pull requests are much appreciated. Before sending us a pull request, please ensure that: 25 | 26 | 1. You are working against the latest source on the *master* branch. 27 | 2. You check existing open, and recently merged, pull requests to make sure someone else hasn't addressed the problem already. 28 | 3. You open an issue to discuss any significant work - we would hate for your time to be wasted. 29 | 30 | To send us a pull request, please: 31 | 32 | 1. Fork the repository. 33 | 2. Modify the source; please focus on the specific change you are contributing. If you also reformat all the code, it will be hard for us to focus on your change. 34 | 3. Ensure local tests pass. 35 | 4. Commit to your fork using clear commit messages. 36 | 5. Send us a pull request, answering any default questions in the pull request interface. 37 | 6. Pay attention to any automated CI failures reported in the pull request, and stay involved in the conversation. 38 | 39 | GitHub provides additional document on [forking a repository](https://help.github.com/articles/fork-a-repo/) and 40 | [creating a pull request](https://help.github.com/articles/creating-a-pull-request/). 41 | 42 | 43 | ## Finding contributions to work on 44 | Looking at the existing issues is a great way to find something to contribute on. As our projects, by default, use the default GitHub issue labels (enhancement/bug/duplicate/help wanted/invalid/question/wontfix), looking at any 'help wanted' issues is a great place to start. 45 | 46 | 47 | ## Code of Conduct 48 | This project has adopted the [Amazon Open Source Code of Conduct](https://aws.github.io/code-of-conduct). 49 | For more information see the [Code of Conduct FAQ](https://aws.github.io/code-of-conduct-faq) or contact 50 | opensource-codeofconduct@amazon.com with any additional questions or comments. 51 | 52 | 53 | ## Security issue notifications 54 | If you discover a potential security issue in this project we ask that you notify AWS/Amazon Security via our [vulnerability reporting page](http://aws.amazon.com/security/vulnerability-reporting/). Please do **not** create a public github issue. 55 | 56 | 57 | ## Licensing 58 | 59 | See the [LICENSE](LICENSE) file for our project's licensing. We will ask you to confirm the licensing of your contribution. 60 | 61 | We may ask you to sign a [Contributor License Agreement (CLA)](http://en.wikipedia.org/wiki/Contributor_License_Agreement) for larger changes. 62 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | 3 | Permission is hereby granted, free of charge, to any person obtaining a copy of this 4 | software and associated documentation files (the "Software"), to deal in the Software 5 | without restriction, including without limitation the rights to use, copy, modify, 6 | merge, publish, distribute, sublicense, and/or sell copies of the Software, and to 7 | permit persons to whom the Software is furnished to do so. 8 | 9 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 10 | INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 11 | PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 12 | HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION 13 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 14 | SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 15 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 2 | 3 | # Build an Amazon QuickSight dashboard with Auth0 events 4 | 5 | ![QuickSight Dashboard](/images/screenshot.png "QuickSight Dashboard") 6 | 7 | 8 | # amazon-eventbridge-integration-with-auth0 9 | 10 | This project contains source code and supporting files for a serverless application that you can deploy with the SAM CLI. It includes the following files and folders. 11 | 12 | ## Requirements 13 | 14 | * AWS CLI already configured with Administrator permission 15 | * [NodeJS 12.x installed](https://nodejs.org/en/download/) 16 | * An Auth0 Account with Amazon EVentBridge integration configured [Instructions](https://auth0.com/docs/logs/streams/aws-eventbridge#set-up-auth0-for-use-as-the-event-source) 17 | * A front end application Auth0 [Quick Start](https://auth0.com/docs/quickstart/spa) 18 | 19 | ## Installation Instructions 20 | 21 | 1. [Create an AWS account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) if you do not already have one and login. 22 | 23 | 1. Clone the repo onto your local development machine using `git clone`. 24 | 25 | 1. From the command line, change directory into the root, then run: 26 | ``` 27 | sam build 28 | sam deploy --guided 29 | ``` 30 | ## How it works 31 | 32 | 1. Events are emitted from Auth0 when a user interacts with the login service on the front-end application. 33 | 1. These events are streamed into a custom SaaS event bus. 34 | 1. Event rules match events and send them downstream to a Lambda function target. 35 | 1. The receiving Lambda function performs some data housekeeping before writing an object to S3. 36 | 1. These objects are captured by a QuickSight data source manifest file and used as datapoints on a QuickSight dashboard. 37 | 38 | Follow the prompts in the deploy process to set the stack name, AWS Region and other parameters. 39 | 40 | ## Auth0EventBusName 41 | 42 | * Auth0EventBusName: A valid custom Event Bus for Auth0 Events (custom event bus names are genrated by the event source). 43 | 44 | ## Amazon QuickSight manifest file 45 | 46 | * {your-s3-bucket-name}: in manifest.JSON, replace this token with your S3 bucket name 47 | 48 | ## Building the QuickSight dashboard 49 | 50 | Before building your first visual you must: 51 | 52 | :white_check_mark: Ensure that QuickSight has permission to access your S3 bucket. [Show me how](https://github.com/aws-samples/amazon-eventbridge-integration-with-auth0/blob/master/guides/Guide_QuickSight_S3_Permissions.md#granting-quicksight-permission-to-access-your-s3-bucket "QuickSight has permission to access your S3 bucket"). 53 | 54 | :white_check_mark: Create a new Data source. [Show me how](https://github.com/aws-samples/amazon-eventbridge-integration-with-auth0/blob/master/guides/Guide_QuickSight_S3_Permissions.md#creting-a-new-data-source "QuickSight has permission to access your S3 bucket"). 55 | 56 | 57 | ## Creating visuals 58 | 59 | ### Example 1 – Connection channels 60 | 61 | This visual enables you to understand your users’ preferred mechanism to log into your application. 62 | 63 | ![Pie Chart visual with multiple data points](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/piechart.png "S3 Permissions Dashboard") 64 | [Show me how to build this](https://github.com/aws-samples/amazon-eventbridge-integration-with-auth0/blob/master/guides/Guide_QuickSight_Visuals#Example-1 "QuickSight Visuals"). 65 | 66 | :white_check_mark: Tip: Use calculated fields to build more complex visuals [Show me how](https://github.com/aws-samples/amazon-eventbridge-integration-with-auth0/blob/master/guides/Guide_QuickSight_Visuals#Calculated-Fields "QuickSight Visuals"). 67 | 68 | 69 | ### Example 2 - trends 70 | You can use this type of visual to show the trend in unsuccessful sign-ins, which could signify a problem with a recent UX release or user database connect. 71 | 72 | ![Trends with conditional formatting](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/trends.png "Trends with conditional formatting") 73 | 74 | [Show me how to build this](https://github.com/aws-samples/amazon-eventbridge-integration-with-auth0/blob/master/guides/Guide_QuickSight_Visuals#Example-2 "QuickSight Visuals"). 75 | 76 | 77 | ### Example 3 – comparisons over time 78 | This third example shows registrations versus sign-ins over time: 79 | ![Time based comparrisons](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/timebasedComparisons.png "Time based comparrisons") 80 | 81 | [Show me how to build this](https://github.com/aws-samples/amazon-eventbridge-integration-with-auth0/blob/master/guides/Guide_QuickSight_Visuals#Example-3 "QuickSight Visuals"). 82 | -------------------------------------------------------------------------------- /events/event.json: -------------------------------------------------------------------------------- 1 | { 2 | "version": "0", 3 | "id": "f8543f69-c985-332b-6b62-12345678", 4 | "detail-type": "Auth0 log", 5 | "source": "aws.partner/auth0.com/exampleAuth0Domain-e5d2-4514-84f2-97dd4ff8aad0/auth0.logs", 6 | "account": "1234567890", 7 | "time": "2020-04-01T17:04:29Z", 8 | "region": "eu-west-1", 9 | "resources": [], 10 | "detail": { 11 | "log_id": "90020200401170424660003667785898636249884327152806002802", 12 | "data": { 13 | "date": "2020-04-01T17:04:18.860Z", 14 | "type": "s", 15 | "connection": "github", 16 | "connection_id": "con_qwertyuiopasdfghjk", 17 | "client_id": "QP19oglIMqRdfghjkrtyuio8", 18 | "client_name": "yourClientName", 19 | "ip": "111.111.111.111", 20 | "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:75.0) Gecko/20100101 Firefox/75.0", 21 | "details": {}, 22 | "hostname": "example.auth0.com", 23 | "user_id": "github|1234567", 24 | "user_name": "example@example.com", 25 | "strategy": "github", 26 | "strategy_type": "social", 27 | "log_id": "90020200401170424660003667785898636249884327152806002802" 28 | } 29 | } 30 | } 31 | 32 | -------------------------------------------------------------------------------- /events/response.json: -------------------------------------------------------------------------------- 1 | {"ETag":"\"e94fcd32631e707b5c3dc2878095b733\""} -------------------------------------------------------------------------------- /guides/Guide_QuickSight_S3_Permissions.md: -------------------------------------------------------------------------------- 1 | # Configure A new S3 datasource for QuickSights: 2 | In this applicaition, you connect QuickSights to Amazon S3 and use the csv files as the data source. A manifest file named `manifest.json` has been provided for you in the GitHub repository. Open this file and replace `{your-S3-bucket-name}` with the name of the S3 bucket that was generated when you deployed the application, then save the file. 3 | 4 | ### Granting QuickSight permission to access your S3 bucket: 5 | 6 | 1. Choose the user profile icon in the top right of the menu bar, then choose Manage QuickSight. 7 | 2. Choose Security & permissions, then choose Add or remove. 8 | ![S3 Permissions](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/s3Permissions.png "S3 Permissions Dashboard") 9 | 10 | 3. Choose the checkbox next to Amazon S3, then select the application bucket, the name contains AuthZeroToEventBridgeActivityLogs. Choose Finish. 11 | ![S3 Buckets](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/s3Buckets.png "S3 Permissions Dashboard") 12 | 13 | 14 | ### Create a new Data source 15 | 16 | 1. Go to the QuickSight console and choose Manage data 17 | 1. Choose New data set, then choose S3 18 | 1. Enter auth0UserLogs in the Data source name field, then choose the Upload radio button. 19 | 1. Choose the Folder Icon in the Upload a JSON manifest file field, browse to the example manifest.json file you edited earlier and choose Open, then choose Connect. 20 | 1. Once the dataset has been created, choose Visualize. 21 | 22 | ![Configure A new S3 dataset for QuickSigts](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/NewS3DataSource.png "Configure A new S3 dataset for QuickSigts") 23 | 24 | -------------------------------------------------------------------------------- /guides/Quide_QuickSight_Visuals.md: -------------------------------------------------------------------------------- 1 | # Building QuickSignt visuals 2 | 3 | 4 | ### Example 1 5 | To build a visual that shows the different user registration channels, drag the connection field onto the visual. Then choose the Pie chart icon from the Visual types section. 6 | 7 | ![Building an analysis](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/analysis1.png "S3 Permissions Dashboard") 8 | 9 | Once there are registrations from multiple channels, your chart looks like this: 10 | ![Pie Chart visual with multiple data points](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/piechart.png "S3 Permissions Dashboard") 11 | 12 | ### Calculated Fields 13 | You can create additional calculated fields that use functions and operators to analyze or transform field data. 14 | Do this to create a separate field for each Auth0 event, e.g., successful signup and successful login. 15 | 16 | 17 | 1. Choose Add, in the top left-hand menu, then choose Add calculated field 18 | 2. Choose countIf from the Function list column, enter Registrations in the Calculated field name field. 19 | 3. Enter countIf(type,type='ss') in the Formula field. 20 | This formula calculates the number of values in the type dimension, where type is equal to ss (a successful sign-up). 21 | 22 | ![Creating calculated fields](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/alculatedFields.png "S3 Permissions Dashboard") 23 | 24 | You can repeat this process for each of the event types that an EventBridge rule was created for: 25 | 26 | | EventRType | Formla | 27 | | -------------------- |:-------------------------------------------------------| 28 | | Successful sign-in | countIf(type,type = 's') | 29 | | Successful sign-out | countIf(type,type = 'slo') | 30 | | Unsuccessful sign-out| countIf(type,type = 'f' OR type = 'fp' OR type = 'fu') | 31 | 32 | 33 | To create additional calculated fields, refer to this list for the full Function index. 34 | 35 | ### Example 2 36 | Now to add a new visual with these calculated fields, choose the Add button in the top menu, then choose Add visual. Drag the new Registrations field onto the new visual. This automatically shows the Registration trend. 37 | 38 | Add further clarity to this visual by applying some conditional formatting. Choose the drop-down arrow in the top right of the visual, then choose conditional formatting and set the following: 39 | 40 | 41 | 1. Format field based on: Difference 42 | 2. Condition: Less than 43 | 3. Value: 0 44 | 4. Color: Red 45 | 46 | ### Example 3 – comparisons over time 47 | This third example shows registrations versus sign-ins over time: 48 | ![Time based comparrisons](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/timebasedComparisons.png "Time based comparrisons") 49 | 50 | To build this, add a new visual and drag the date, Successful sign in and Registrations fields onto it. 51 | 52 | A complete analysis could look something like this, with multiple visuals, custom fields, conditional formatting, and events. This gives a snapshot of user interaction with the front-end application at any given time. -------------------------------------------------------------------------------- /guides/Quide_QuickSight_Visuals2.md: -------------------------------------------------------------------------------- 1 | # Building QuickSignt visuals 2 | 3 | 4 | ### Example 1 5 | To build a visual that shows the different user registration channels, drag the connection field onto the visual. Then choose the Pie chart icon from the Visual types section. 6 | 7 | ![Building an analysis](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/analysis1.png "S3 Permissions Dashboard") 8 | 9 | Once there are registrations from multiple channels, your chart looks like this: 10 | ![Pie Chart visual with multiple data points](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/piechart.png "S3 Permissions Dashboard") 11 | 12 | ### Calculated Fields 13 | You can create additional calculated fields that use functions and operators to analyze or transform field data. 14 | Do this to create a separate field for each Auth0 event, e.g., successful signup and successful login. 15 | 16 | 17 | 1. Choose Add, in the top left-hand menu, then choose Add calculated field 18 | 2. Choose countIf from the Function list column, enter Registrations in the Calculated field name field. 19 | 3. Enter countIf(type,type='ss') in the Formula field. 20 | This formula calculates the number of values in the type dimension, where type is equal to ss (a successful sign-up). 21 | 22 | ![Creating calculated fields](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/alculatedFields.png "S3 Permissions Dashboard") 23 | 24 | You can repeat this process for each of the event types that an EventBridge rule was created for: 25 | 26 | | EventRType | Formla | 27 | | -------------------- |:-------------------------------------------------------| 28 | | Successful sign-in | countIf(type,type = 's') | 29 | | Successful sign-out | countIf(type,type = 'slo') | 30 | | Unsuccessful sign-out| countIf(type,type = 'f' OR type = 'fp' OR type = 'fu') | 31 | 32 | 33 | To create additional calculated fields, refer to this list for the full Function index. 34 | 35 | ### Example 2 36 | Now to add a new visual with these calculated fields, choose the Add button in the top menu, then choose Add visual. Drag the new Registrations field onto the new visual. This automatically shows the Registration trend. 37 | 38 | Add further clarity to this visual by applying some conditional formatting. Choose the drop-down arrow in the top right of the visual, then choose conditional formatting and set the following: 39 | 40 | 41 | 1. Format field based on: Difference 42 | 2. Condition: Less than 43 | 3. Value: 0 44 | 4. Color: Red 45 | 46 | ### Example 3 – comparisons over time 47 | This third example shows registrations versus sign-ins over time: 48 | ![Time based comparrisons](https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/master/images/timebasedComparisons.png "Time based comparrisons") 49 | 50 | To build this, add a new visual and drag the date, Successful sign in and Registrations fields onto it. 51 | 52 | A complete analysis could look something like this, with multiple visuals, custom fields, conditional formatting, and events. This gives a snapshot of user interaction with the front-end application at any given time. -------------------------------------------------------------------------------- /images/FindingCusustomEventBusName.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/FindingCusustomEventBusName.png -------------------------------------------------------------------------------- /images/NewS3DataSource.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/NewS3DataSource.png -------------------------------------------------------------------------------- /images/analysis1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/analysis1.png -------------------------------------------------------------------------------- /images/analysis2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/analysis2.png -------------------------------------------------------------------------------- /images/calculateFields.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/calculateFields.png -------------------------------------------------------------------------------- /images/finalDash.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/finalDash.png -------------------------------------------------------------------------------- /images/piechart.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/piechart.png -------------------------------------------------------------------------------- /images/s3Buckets.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/s3Buckets.png -------------------------------------------------------------------------------- /images/s3Permissions.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/s3Permissions.png -------------------------------------------------------------------------------- /images/screenshot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/screenshot.png -------------------------------------------------------------------------------- /images/timebasedComparisons.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/timebasedComparisons.png -------------------------------------------------------------------------------- /images/trends.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/aws-samples/amazon-eventbridge-integration-with-auth0/d9f983a1aee80ac02973ac288336038d135dc8ed/images/trends.png -------------------------------------------------------------------------------- /manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "fileLocations": [ 3 | { 4 | "URIPrefixes": [ 5 | "s3://{your-s3-bucket-name}/auth0" 6 | ] 7 | } 8 | ], 9 | "globalUploadSettings": { 10 | "format": "CSV", 11 | "delimiter": ",", 12 | "textqualifier": "'" 13 | } 14 | } -------------------------------------------------------------------------------- /src/package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "Amazon-EventBridge-Integration-with-Auth0", 3 | "version": "1.0.0", 4 | "description": "Example Integration with Auh0 and Amazon EventBridge", 5 | "main": "app.js", 6 | "repository": "https://github.com/aws-samples/Amazon-EventBridge-Integration-with-Auth0", 7 | "author": "Ben smith @ Amazon.com, Inc. or its affiliates", 8 | "license": "MIT", 9 | "dependencies": { 10 | "axios": ">=0.21.1" 11 | }, 12 | "scripts": { 13 | "test": "mocha tests/unit/" 14 | }, 15 | "devDependencies": { 16 | "chai": "^4.2.0", 17 | "mocha": "^6.1.4" 18 | } 19 | } 20 | -------------------------------------------------------------------------------- /src/saveAuth0EventToS3.js: -------------------------------------------------------------------------------- 1 | // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. 2 | // SPDX-License-Identifier: MIT-0 3 | 4 | let AWS = require('aws-sdk') 5 | let s3bucket = new AWS.S3(); 6 | 7 | exports.handler = async(event, context) => { 8 | let date = new Date(); 9 | let timestamp = date.toISOString(); 10 | let header ='' 11 | let body='' 12 | let output=''; 13 | let file ='' 14 | 15 | header+="'date'," 16 | header+="'type'," 17 | header+="'connection'," 18 | header+="'connection_id'," 19 | header+="'client_id'," 20 | header+="'client_name'," 21 | header+="'user_agent'," 22 | header+="'hostname'," 23 | header+="'user_id'," 24 | header+= "'user_name'," 25 | header+="'log_id'" 26 | 27 | body += "'"+event.detail.data.date+"'," 28 | body += "'"+event.detail.data.type+"'," 29 | body += "'"+event.detail.data.connection+"'," 30 | body += "'"+event.detail.data.connection_id+"'," 31 | body += "'"+event.detail.data.client_id+"'," 32 | body += "'"+event.detail.data.client_name+"'," 33 | body += "'"+event.detail.data.user_agent+"'," 34 | body += "'"+event.detail.data.hostname+"'," 35 | body += "'"+event.detail.data.user_id+"'," 36 | body += "'"+event.detail.data.user_name+"'," 37 | body += "'"+event.detail.data.log_id+"'" 38 | 39 | output = header+"\r\n"+body; 40 | console.log(output) 41 | 42 | let myBody = Buffer.from(output); 43 | let param = { 44 | Bucket: process.env.AuthLogBucket, 45 | Key: 'auth0/'+event.detail.data.type+'/'+event.detail.data.user_id+'/'+timestamp.toString()+'.csv', 46 | Body: myBody 47 | }; 48 | 49 | try{ 50 | file = await s3bucket.putObject(param).promise() 51 | }catch(err){ 52 | console.log(err) 53 | } 54 | return file 55 | 56 | } -------------------------------------------------------------------------------- /src/tests/unit/test-handler.js: -------------------------------------------------------------------------------- 1 | 'use strict'; 2 | 3 | const app = require('../../app.js'); 4 | const chai = require('chai'); 5 | const expect = chai.expect; 6 | var event, context; 7 | 8 | describe('Tests index', function () { 9 | it('verifies successful response', async () => { 10 | const result = await app.lambdaHandler(event, context) 11 | 12 | expect(result).to.be.an('object'); 13 | expect(result.statusCode).to.equal(200); 14 | expect(result.body).to.be.an('string'); 15 | 16 | let response = JSON.parse(result.body); 17 | 18 | expect(response).to.be.an('object'); 19 | expect(response.message).to.be.equal("hello world"); 20 | // expect(response.location).to.be.an("string"); 21 | }); 22 | }); 23 | -------------------------------------------------------------------------------- /template.yaml: -------------------------------------------------------------------------------- 1 | AWSTemplateFormatVersion: '2010-09-09' 2 | Transform: AWS::Serverless-2016-10-31 3 | Description: > 4 | amazon-eventbridge-integration-with-auth0 5 | 6 | Sample SAM Template for amazon-eventbridge-integration-with-auth0 7 | 8 | # More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst 9 | Globals: 10 | Function: 11 | Timeout: 3 12 | 13 | Parameters: 14 | Auth0EventBusName: 15 | Type: String 16 | Description: A valid custom Event Bus for Auth0 Events. 17 | MaxLength: 150 18 | MinLength: 4 19 | AllowedPattern : ".+" 20 | 21 | Resources: 22 | ########################################################################## 23 | # S3 Bucket # 24 | ########################################################################## 25 | AuthZeroToEventBridgeUserActivitylogs: 26 | Type: AWS::S3::Bucket 27 | ########################################################################## 28 | # Lambda functions # 29 | ########################################################################## 30 | SaveAuth0EventToS3: 31 | Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction 32 | Properties: 33 | CodeUri: src/ 34 | Handler: saveAuth0EventToS3.handler 35 | Runtime: nodejs12.x 36 | MemorySize: 128 37 | Environment: 38 | Variables: 39 | AuthLogBucket: !Ref AuthZeroToEventBridgeUserActivitylogs 40 | Policies: 41 | - S3CrudPolicy: 42 | BucketName: !Ref AuthZeroToEventBridgeUserActivitylogs 43 | 44 | ######################################################################## 45 | # EventBridge Rules # 46 | ########################################################################## 47 | 48 | SuccessfullSignIn: 49 | Type: AWS::Events::Rule 50 | Properties: 51 | Description: "Auth0 User Successfully signed in" 52 | EventBusName: 53 | Ref: Auth0EventBusName 54 | EventPattern: 55 | account: 56 | - !Sub '${AWS::AccountId}' 57 | detail: 58 | data: 59 | type: 60 | - s 61 | Targets: 62 | - 63 | Arn: 64 | Fn::GetAtt: 65 | - "SaveAuth0EventToS3" 66 | - "Arn" 67 | Id: "SignInSuccessV1" 68 | SuccessfullSignUp: 69 | Type: AWS::Events::Rule 70 | Properties: 71 | Description: "Auth0 User Successfully signed up" 72 | EventBusName: 73 | Ref: Auth0EventBusName 74 | EventPattern: 75 | account: 76 | - !Sub '${AWS::AccountId}' 77 | detail: 78 | data: 79 | type: 80 | - ss 81 | Targets: 82 | - 83 | Arn: 84 | Fn::GetAtt: 85 | - "SaveAuth0EventToS3" 86 | - "Arn" 87 | Id: "SignInSuccessV1" 88 | SuccessfullSignOutSuccess: 89 | Type: AWS::Events::Rule 90 | Properties: 91 | Description: "Auth0 User Successfully signed out" 92 | EventBusName: 93 | Ref: Auth0EventBusName 94 | EventPattern: 95 | account: 96 | - !Sub '${AWS::AccountId}' 97 | detail: 98 | data: 99 | type: 100 | - slo 101 | Targets: 102 | - 103 | Arn: 104 | Fn::GetAtt: 105 | - "SaveAuth0EventToS3" 106 | - "Arn" 107 | Id: "SignInSuccessV1" 108 | SignInFail: 109 | Type: AWS::Events::Rule 110 | Properties: 111 | Description: "Auth0 User Signin failed" 112 | EventBusName: 113 | Ref: Auth0EventBusName 114 | EventPattern: 115 | account: 116 | - !Sub '${AWS::AccountId}' 117 | detail: 118 | data: 119 | type: 120 | - fp 121 | - f 122 | - fu 123 | Targets: 124 | - 125 | Arn: 126 | Fn::GetAtt: 127 | - "SaveAuth0EventToS3" 128 | - "Arn" 129 | Id: "SignInSuccessV1" 130 | 131 | ######################################################################## 132 | # Policies # 133 | ######################################################################## 134 | PermissionForEventsToInvokeLambda: 135 | Type: AWS::Lambda::Permission 136 | Properties: 137 | FunctionName: 138 | Ref: "SaveAuth0EventToS3" 139 | Action: "lambda:InvokeFunction" 140 | Principal: "events.amazonaws.com" 141 | SourceArn: 142 | Fn::GetAtt: 143 | - "SuccessfullSignIn" 144 | - "Arn" 145 | Outputs: 146 | # ServerlessRestApi is an implicit API created out of Events key under Serverless::Function 147 | # Find out more about other implicit resources you can reference within SAM 148 | # https://github.com/awslabs/serverless-application-model/blob/master/docs/internals/generated_resources.rst#api 149 | SaveAuth0EventToS3: 150 | Description: "Save Auth0 Event ToS3 Lambda Function ARN" 151 | Value: !GetAtt SaveAuth0EventToS3.Arn 152 | AuthZeroToEventBridgeUserActivitylogs: 153 | Description: "Auth0 event storage bucket" 154 | Value: !Ref AuthZeroToEventBridgeUserActivitylogs 155 | --------------------------------------------------------------------------------