Thread
#aws
    b

    boundless-farmer-38967

    3 weeks ago
    Hey Pulumi! I have a problem with subscribing Lambda to a SNS topic. I think I have all the components for that to happen, in fact I also see the Lambda subscribed, but when I publish messages to the topic it won't trigger the Lambda. Here are the important bits:
    //lambda role
    const lambdaHandlerRole = new paws.iam.Role(`${projectToken}-data-topic-lambda-role`, {
        assumeRolePolicy: {
            Version: "2012-10-17",
            Statement: [{
                Action: "sts:AssumeRole",
                Principal: {
                    Service: "<http://lambda.amazonaws.com|lambda.amazonaws.com>",
                },
                Effect: "Allow",
                Sid: "",
            }],
        },
    });
    new paws.iam.RolePolicyAttachment(`${projectToken}-role-attach`, {
        role: lambdaHandlerRole,
        policyArn: paws.iam.ManagedPolicies.AWSLambdaExecute,
    });
    
    //SNS topic
    const topic = new paws.sns.Topic(`${projectToken}-data-topic`);
    
    //Lambda - code loaded from a sub-dir
    const badgerFunc = new paws.lambda.Function(`${projectToken}-data-sender-badger`, {
        code: new pulumi.asset.AssetArchive({
            ".": new pulumi.asset.FileArchive("./lambda/badger"),
        }),
        runtime: "nodejs16.x",
        handler: "index.handler",
        role: lambdaHandlerRole.arn,
    });
    
    //Subscribe lambda to SNS
    new paws.sns.TopicSubscription(`${projectToken}-badger`, {
        topic: topic.arn,
        protocol: "lambda",
        endpoint: badgerFunc.arn,
    });
    What I already checked:1. Run lambda to ensure it's properly set up 2. Manually subscribe the deployed lambda and confirm it triggers on new message 3. Subscribed my email to the same topic to ensure it indeed publishes messages It has to be something in the above set up, but there's no document anywhere with a complete example for subscribing a lambda to a topic. Thanks!
    v

    victorious-church-57397

    3 weeks ago
    I think you need to add an event source trigger for the lambda from the sns topic, I don't think a subscription is enough
    b

    boundless-farmer-38967

    3 weeks ago
    @victorious-church-57397 thanks for the tip. I was under the impression that event sources were not for SNS. How do I add SNS as an event source?
    v

    victorious-church-57397

    3 weeks ago
    Ah, it might be a lambda permission maybe? I can't see anything there to say sns can invoke it
    new aws.lambda.Permission('sns-event-trigger-permission', {
        action: 'lambda:InvokeFunction',
        principal: '<http://sns.amazonaws.com|sns.amazonaws.com>',
        function: badgerFunc.arn,
        sourceArn: topic.arn,
    });
    something like that ^ should solve it
    b

    boundless-farmer-38967

    3 weeks ago
    @victorious-church-57397 you nailed it!! Man, thanks a lot! I spent on this a couple of hours! 🙂 Definitely earned your weekend!!
    v

    victorious-church-57397

    3 weeks ago
    No probs mate! I was stuck on same thing a couple months ago! Glad I could help 😃