def test(self):
lbd_permission = awslambda.Permission("LbdPermission",
Action="",
FunctionName="",
Principal="")
lbd_func = awslambda.Function(
"LbdFunc",
Code=awslambda.Code(
S3Bucket="my-bucket",
S3Key="0.0.1.zip",
),
Handler="my_func.handler",
Role="arn:aws:iam::111122223333:role/todo",
Runtime="python3.6")
api_method = apigateway.Method(
"ApiMethod",
Metadata={
TROPOSPHERE_METADATA_FIELD_NAME: {
ResourceLevelField.ApiResource.FULL_PATH: "users"
}
},
AuthorizationType="none",
HttpMethod="POST",
ResourceId="",
RestApiId="",
)
associate(lbd_permission, api_method, lbd_func)
assert lbd_permission.Action == "lambda:InvokeFunction"
assert isinstance(lbd_permission.FunctionName, GetAtt)
assert lbd_permission.Principal == "apigateway.amazonaws.com"
assert isinstance(lbd_permission.SourceArn, Sub)
assert len(lbd_permission.DependsOn) == 2
def apigw_authorizer_lbd_permission_aws_object(
self) -> awslambda.Permission:
if self._apigw_authorizer_lbd_permission_aws_object_cache is NOTHING:
apigw_authorizer_lbd_permission_logic_id = "LbdPermission{}".format(
self.apigw_authorizer_logic_id)
apigw_authorizer_lbd_permission = awslambda.Permission(
title=apigw_authorizer_lbd_permission_logic_id,
Action="lambda:InvokeFunction",
FunctionName=GetAtt(self.lbd_func_aws_object, "Arn"),
Principal="apigateway.amazonaws.com",
SourceArn=Sub(
"arn:aws:execute-api:${Region}:${AccountId}:${RestApiId}/authorizers/${AuthorizerId}",
{
"Region": {
"Ref": "AWS::Region"
},
"AccountId": {
"Ref": "AWS::AccountId"
},
"RestApiId": Ref(self.apigw_restapi),
"AuthorizerId": Ref(self.apigw_authorizer_aws_object),
}),
DependsOn=[
self.apigw_authorizer_aws_object,
self.lbd_func_aws_object,
])
self._apigw_authorizer_lbd_permission_aws_object_cache = apigw_authorizer_lbd_permission
return self._apigw_authorizer_lbd_permission_aws_object_cache
def test(self):
lbd_permission = awslambda.Permission("LbdPermission",
Action="",
FunctionName="",
Principal="")
lbd_func = awslambda.Function(
"LbdFunc",
Code=awslambda.Code(
S3Bucket="my-bucket",
S3Key="0.0.1.zip",
),
Handler="my_func.handler",
Role="arn:aws:iam::111122223333:role/todo",
Runtime="python3.6")
event_rule = events.Rule("EventRule")
associate(lbd_permission, event_rule, lbd_func)
assert lbd_permission.Action == "lambda:InvokeFunction"
assert isinstance(lbd_permission.FunctionName, GetAtt)
assert lbd_permission.Principal == "events.amazonaws.com"
assert isinstance(lbd_permission.SourceArn, GetAtt)
assert len(lbd_permission.DependsOn) == 2
assert len(event_rule.Targets) == 1
assert lbd_func.title in event_rule.Targets[0].Id
def s3_event_bucket_lbd_permission_aws_object(
self) -> awslambda.Permission:
if self._s3_event_bucket_lbd_permission_aws_object_cache is NOTHING:
s3_event_bucket_lbd_permission_logic_id = "LbdPermission{}".format(
self.s3_event_bucket_logic_id)
s3_event_bucket_lbd_permission = awslambda.Permission(
title=s3_event_bucket_lbd_permission_logic_id,
Action="lambda:InvokeFunction",
FunctionName=GetAtt(self.lbd_func_aws_object, "Arn"),
Principal="s3.amazonaws.com",
SourceArn=GetAtt(self.s3_event_bucket_aws_object, "Arn"),
DependsOn=[
self.s3_event_bucket_aws_object,
self.lbd_func_aws_object,
])
self._s3_event_bucket_lbd_permission_aws_object_cache = s3_event_bucket_lbd_permission
return self._s3_event_bucket_lbd_permission_aws_object_cache
def test(self):
lbd_permission = awslambda.Permission("LbdPermission",
Action="",
FunctionName="",
Principal="")
lbd_func = awslambda.Function(
"LbdFunc",
Code=awslambda.Code(
S3Bucket="my-bucket",
S3Key="0.0.1.zip",
),
Handler="my_func.handler",
Role="arn:aws:iam::111122223333:role/todo",
Runtime="python3.6")
authorizer = apigateway.Authorizer(
"Authorizer",
Name="MyAuthorizer",
Type="",
AuthorizerUri="",
IdentitySource="",
)
rest_api = apigateway.RestApi("RestApi", )
associate(rest_api,
authorizer,
lbd_func,
lbd_permission,
authorizer_type_is_token=True)
assert lbd_permission.Action == "lambda:InvokeFunction"
assert isinstance(lbd_permission.FunctionName, GetAtt)
assert lbd_permission.Principal == "apigateway.amazonaws.com"
assert isinstance(lbd_permission.SourceArn, Sub)
assert len(lbd_permission.DependsOn) == 3
assert authorizer.Type == "TOKEN"
assert authorizer.IdentitySource == "method.request.header.auth"
assert isinstance(authorizer.RestApiId, Ref)
assert isinstance(authorizer.AuthorizerUri, Sub)
assert len(authorizer.DependsOn) == 2
def scheduled_job_event_lbd_permission_aws_objects(
self) -> typing.Dict[str, awslambda.Permission]:
if self._scheduled_job_event_lbd_permission_aws_objects_cache is NOTHING:
dct = dict()
for expression in self.scheduled_job_expression_list:
event_rule_lambda_permission_logic_id = "LbdPermissionEventRule{}".format(
fingerprint.of_text(expression + self.lbd_func_name))
event_rule = self.scheduled_job_event_rule_aws_objects[
expression]
event_rule_lambda_permission = awslambda.Permission(
title=event_rule_lambda_permission_logic_id,
Action="lambda:InvokeFunction",
FunctionName=GetAtt(self.lbd_func_aws_object, "Arn"),
Principal="events.amazonaws.com",
SourceArn=GetAtt(event_rule, "Arn"),
DependsOn=[
event_rule,
self.lbd_func_aws_object,
])
dct[expression] = event_rule_lambda_permission
self._scheduled_job_event_lbd_permission_aws_objects_cache = dct
return self._scheduled_job_event_lbd_permission_aws_objects_cache
Targets=[
events.Target(
Id="EventRuleUpdateNewProject",
Arn=lbd_func_update_new_project.lbd_func_arn,
)
],
DependsOn=[
lbd_func_update_new_project,
])
lbd_permission_event_rule_update_new_project = awslambda.Permission(
"LbdPermissionEventRuleUpdateNewProject",
template=template,
Action="lambda:InvokeFunction",
FunctionName=lbd_func_update_new_project.lbd_func_arn,
Principal="events.amazonaws.com",
SourceArn=event_rule_update_new_project.event_rule_arn,
DependsOn=[
event_rule_update_new_project,
lbd_func_update_new_project,
])
lbd_func_start_crawler = awslambda.Function(
"LbdFuncStartCrawler",
template=template,
FunctionName=helper_fn_sub("{}-start-crawler", param_env_name),
Code=aws_lambda_func_code,
Layers=aws_lambda_layers,
Handler="seedinvest_monitor.handlers.start_crawler.handler",
MemorySize=128,
Timeout=120,