https://pulumi.com logo
Powered by
Title
b

boundless-farmer-38967

09/02/2022, 11:15 AM
Hey Pulumi! I have a problem with subscribing Lambda to a SNS topic. I think I have all the components for that to happen, in fact I also see the Lambda subscribed, but when I publish messages to the topic it won't trigger the Lambda. Here are the important bits: 
//lambda role
const lambdaHandlerRole = new paws.iam.Role(`${projectToken}-data-topic-lambda-role`, {
    assumeRolePolicy: {
        Version: "2012-10-17",
        Statement: [{
            Action: "sts:AssumeRole",
            Principal: {
                Service: "<http://lambda.amazonaws.com|lambda.amazonaws.com>",
            },
            Effect: "Allow",
            Sid: "",
        }],
    },
});
new paws.iam.RolePolicyAttachment(`${projectToken}-role-attach`, {
    role: lambdaHandlerRole,
    policyArn: paws.iam.ManagedPolicies.AWSLambdaExecute,
});

//SNS topic
const topic = new paws.sns.Topic(`${projectToken}-data-topic`);

//Lambda - code loaded from a sub-dir
const badgerFunc = new paws.lambda.Function(`${projectToken}-data-sender-badger`, {
    code: new pulumi.asset.AssetArchive({
        ".": new pulumi.asset.FileArchive("./lambda/badger"),
    }),
    runtime: "nodejs16.x",
    handler: "index.handler",
    role: lambdaHandlerRole.arn,
});

//Subscribe lambda to SNS
new paws.sns.TopicSubscription(`${projectToken}-badger`, {
    topic: topic.arn,
    protocol: "lambda",
    endpoint: badgerFunc.arn,
});
What I already checked: 1. Run lambda to ensure it's properly set up 2. Manually subscribe the deployed lambda and confirm it triggers on new message 3. Subscribed my email to the same topic to ensure it indeed publishes messages It has to be something in the above set up, but there's no document anywhere with a complete example for subscribing a lambda to a topic. Thanks!
See screenshot - here's the subscribed lambda, as it seems all looks good. But I have noticed that in the console in the Lambda page, there's no trigger for that Lambda. And when I manually subscribed the Lambda (in the SNS console) the result was an override of this subscription (not a new one) and that also added the trigger in the Lambda. And it all worked well then.
v

victorious-church-57397

09/02/2022, 1:20 PM
I think you need to add an event source trigger for the lambda from the sns topic, I don't think a subscription is enough
b

boundless-farmer-38967

09/02/2022, 3:26 PM
@victorious-church-57397 thanks for the tip. I was under the impression that event sources were not for SNS. How do I add SNS as an event source?
v

victorious-church-57397

09/02/2022, 3:27 PM
Ah, it might be a lambda permission maybe? I can't see anything there to say sns can invoke it
new aws.lambda.Permission('sns-event-trigger-permission', {
    action: 'lambda:InvokeFunction',
    principal: '<http://sns.amazonaws.com|sns.amazonaws.com>',
    function: badgerFunc.arn,
    sourceArn: topic.arn,
});
something like that ^ should solve it
b

boundless-farmer-38967

09/02/2022, 11:36 PM
@victorious-church-57397 you nailed it!! Man, thanks a lot! I spent on this a couple of hours! 🙂 Definitely earned your weekend!!
v

victorious-church-57397

09/03/2022, 9:53 AM
No probs mate! I was stuck on same thing a couple months ago! Glad I could help :)
🙏 1
2 Views
#awsJoin Slack
Powered by