Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
plugin-framework
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
d
dry-journalist-60579
05/24/2023, 1:55 AMIs there an approach to automatically run a CloudFront cache invalidation after an S3 object in its origin changes via BucketObject?
ChatGPT suggests:
import pulumi
import pulumi_aws as aws
from pulumi_aws import s3, lambda_, iam, cloudfront
# Creating S3 Bucket
bucket = s3.Bucket("myBucket")
# Creating CloudFront Distribution
distribution = cloudfront.Distribution("myDistribution",
origins=[{
'originId': bucket.arn,
'domain_name': bucket.bucket_regional_domain_name,
's3OriginConfig': {
'originAccessIdentity': 'origin-access-identity/cloudfront/ABCDEFG1234567',
}
}],
)
# Creating IAM role for lambda function
role = iam.Role('lambdaRole',
assume_role_policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "<http://lambda.amazonaws.com|lambda.amazonaws.com>"
},
"Effect": "Allow",
"Sid": ""
}
]
}""")
# Attach the lambda execution role policy
attach_exec_role_policy = iam.RolePolicyAttachment('lambdaExecutionRolePolicy',
role=role.name,
policy_arn="arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole")
# Creating Lambda function
lambda_func = lambda_.Function('lambdaFunction',
code=pulumi.AssetArchive({
'.': pulumi.FileArchive('./app')
}),
role=role.arn,
handler='handler.main',
runtime="python3.7"
)
# Creating S3 Bucket Notification for object created events
bucket_notification = s3.BucketNotification("bucketNotification",
bucket=bucket.id,
lambda_functions=[s3.BucketNotificationLambdaFunctionArgs(
lambda_function_arn=lambda_func.arn,
events=["s3:ObjectCreated:*"]
)]
)
# Allow S3 bucket to invoke the Lambda function
lambda_permission = lambda_.Permission('lambdaPermission',
action='lambda:InvokeFunction',
function=lambda_func.name,
principal='<http://s3.amazonaws.com|s3.amazonaws.com>',
source_arn=bucket.arn
)import json
import boto3
def main(event, context):
# Get the CloudFront Distribution ID
distribution_id = 'YOUR_CF_DISTRIBUTION_ID'
# Create a new CloudFront client
client = boto3.client('cloudfront')
# Create an invalidation
invalidation = client.create_invalidation(
DistributionId=distribution_id,
InvalidationBatch={
'Paths': {
'Quantity': 1,
'Items': ['/*'],
},
'CallerReference': str(event['Records'][0]['s3']['object']['eTag'])
}
)
# Log the response from AWS
print(json.dumps(invalidation, indent=4, default=str))
return {
'statusCode': 200,
'body': json.dumps('Hello from Lambda!')
}