def _construct_permission(self,
function,
source_arn=None,
source_account=None,
suffix=""):
"""Constructs the Lambda Permission resource allowing the source service to invoke the function this event
source triggers.
:returns: the permission resource
:rtype: model.lambda_.LambdaPermission
"""
lambda_permission = LambdaPermission(self.logical_id + 'Permission' +
suffix)
try:
# Name will not be available for Alias resources
function_name_or_arn = function.get_runtime_attr("name")
except NotImplementedError:
function_name_or_arn = function.get_runtime_attr("arn")
lambda_permission.Action = 'lambda:invokeFunction'
lambda_permission.FunctionName = function_name_or_arn
lambda_permission.Principal = self.principal
lambda_permission.SourceArn = source_arn
lambda_permission.SourceAccount = source_account
return lambda_permission
def _get_permission(self, authorizer_name, authorizer_lambda_function_arn):
"""Constructs and returns the Lambda Permission resource allowing the Authorizer to invoke the function.
:returns: the permission resource
:rtype: model.lambda_.LambdaPermission
"""
rest_api = ApiGatewayRestApi(self.logical_id, depends_on=self.depends_on)
api_id = rest_api.get_runtime_attr('rest_api_id')
partition = ArnGenerator.get_partition_name()
resource = '${__ApiId__}/authorizers/*'
source_arn = fnSub(ArnGenerator.generate_arn(partition=partition, service='execute-api', resource=resource),
{"__ApiId__": api_id})
lambda_permission = LambdaPermission(self.logical_id + authorizer_name + 'AuthorizerPermission')
lambda_permission.Action = 'lambda:invokeFunction'
lambda_permission.FunctionName = authorizer_lambda_function_arn
lambda_permission.Principal = 'apigateway.amazonaws.com'
lambda_permission.SourceArn = source_arn
return lambda_permission
def _construct_permission(self, function, source_arn=None, source_account=None, suffix="", event_source_token=None):
"""Constructs the Lambda Permission resource allowing the source service to invoke the function this event
source triggers.
:returns: the permission resource
:rtype: model.lambda_.LambdaPermission
"""
lambda_permission = LambdaPermission(self.logical_id + 'Permission' + suffix)
try:
# Name will not be available for Alias resources
function_name_or_arn = function.get_runtime_attr("name")
except NotImplementedError:
function_name_or_arn = function.get_runtime_attr("arn")
lambda_permission.Action = 'lambda:invokeFunction'
lambda_permission.FunctionName = function_name_or_arn
lambda_permission.Principal = self.principal
lambda_permission.SourceArn = source_arn
lambda_permission.SourceAccount = source_account
lambda_permission.EventSourceToken = event_source_token
return lambda_permission