def add_processing_lambda_set_lambda_permission(self, lambda_arn):
statement_id = 'allow_firehose_to_invoke_lambda_function'
action = 'lambda:InvokeFunction'
principal = 'firehose.amazonaws.com'
aws_lambda = Lambda()
aws_lambda.permission_delete(lambda_arn, statement_id)
return aws_lambda.permission_add(lambda_arn, statement_id, action, principal, )
def bucket_notification_set_lambda_permission(self, s3_bucket, lambda_arn):
from osbot_aws.apis.Lambda import Lambda
statement_id = 'allow_s3_notifications_to_invoke_function'
action = 'lambda:InvokeFunction'
principal = 's3.amazonaws.com'
aws_lambda = Lambda()
aws_lambda.permission_delete(lambda_arn, statement_id)
return aws_lambda.permission_add(lambda_arn, statement_id, action, principal, )
def integration_add_permission_to_lambda(self,api_id, lambda_name):
# create permission to allow lambda function to be invoked by API Gateway
iam = IAM()
aws_acct_id = iam.account_id()
aws_region = iam.region()
aws_lambda = Lambda(lambda_name)
function_arn = aws_lambda.function_Arn()#'gw_bot.lambdas.dev.hello_world'
statement_id = 'allow-api-gateway-invoke'
action = 'lambda:InvokeFunction'
principal = 'apigateway.amazonaws.com'
source_arn = f'arn:aws:execute-api:{aws_region}:{aws_acct_id}:{api_id}/*/GET/'
aws_lambda.permission_delete(function_arn, statement_id) # remove in case there was already a permission with this name
return aws_lambda.permission_add(function_arn, statement_id, action, principal, source_arn)
