https://pulumi.com logo
#general
Title
# general
f

full-dress-10026

12/05/2018, 12:31 AM
Turns out I needed to create a
aws.lambda.Permission
first. Is there a nice API to do both of these things?
b

big-piano-35669

12/05/2018, 2:25 AM
I'm surprised
TopicSubscription
doesn't create the requisite permissions. @lemon-spoon-91807 what do you think?
l

lemon-spoon-91807

12/05/2018, 3:45 AM
TopicSubscription is a raw aws resource. So it would be a bit interesting to make it automatically make a permission
note: we do have Pulumi's
TopicEventSubscription
which also make's this permission for you automatically:
Copy code
this.permission = new lambda.Permission(name, {
            action: "lambda:invokeFunction",
            function: this.func,
            principal: "<http://sns.amazonaws.com|sns.amazonaws.com>",
            sourceArn: topic.id,
}, parentOpts);
we also have added the extension method "Topic.onEvent(...)" which will do this for you
f

full-dress-10026

12/05/2018, 3:56 AM
Where is
TopicEventSubscription
located?
Ah https://pulumi.io/reference/pkg/nodejs/@pulumi/aws-serverless/#TopicEventSubscription. Seems weird to have to bring in another package to do this.
l

lemon-spoon-91807

12/05/2018, 3:57 AM
you don't have to
it's in aws now:
and:
f

full-dress-10026

12/05/2018, 3:58 AM
Oh cool that sounds like what I was after. Will take a look tomorrow.
l

lemon-spoon-91807

12/05/2018, 3:58 AM
FYI:
@pulumi/aws-serverless
has been deprecated
Sounds good 🙂
b

big-piano-35669

12/05/2018, 3:59 AM
Cyrus, instead of programming against TopicEventSubscription directly, is it better to use events like
onEvent
? E.g., for Kenny's example
Copy code
alertsSnsTopic.onEvent(..)
rather than
Copy code
new aws.sns.TopicSubscription(..., {
    topic: alertsSnsTopic,
    ...
);
l

lemon-spoon-91807

12/05/2018, 4:00 AM
they're functionally identical. So it depends in you prefer of thinking as events you connect by attaching to an instance. or if you think of an event as a first-class object in your system.
b

big-piano-35669

12/05/2018, 4:01 AM
Ah ok, I thought you were saying one would create the IAM resources and the other wouldn't. Good to know they are the same.
l

lemon-spoon-91807

12/05/2018, 4:01 AM
Some people prefer the former (it's very .net'y for example). Whereas it's very idiomatically AWS to think of them as nouns
gotcha! sorry if that was unclear!