This message was deleted.
# general
s
This message was deleted.
b
Copy code
const startScanContainer = new aws.lambda.CallbackFunction(`secrets-start-scan-container-${env}`, {
    role: lambdaRole,

    callback: async (event, context, callback) => {
        const AWS = require('aws-sdk');
        const Octokit = require('@octokit/rest');

        var ecs = new AWS.ECS();

        var params = {
            taskDefinition: scannerTask.taskDefinition.family,
            cluster: cluster.cluster.arn,
            launchType: 'FARGATE',
            networkConfiguration: {
                awsvpcConfiguration: {
                    subnets: [secretsVpc.privateSubnetIds],
                    assignPublicIp: 'DISABLED',
                    securityGroups: [secretsScannerSg.id],
                },
            },
        };

        await ecs.runTask(params).promise();

        console.log('Scanner task has been started.');

        callback(null, 'Hello');
    },
});
The cluster, and scanner task are all defined in the file further up. I downloaded the compiled lambda from AWS after pulumi uploaded it, which confirmed the lambda did have the values
Do I need to add
.get()
calls to the family and arn’s? Doesn’t seem that that would fix the issue with the
privateSubnetIds
field
Just dumped out the params variable at run-time, looks like the serialization did get the values in, but added them like this:
Copy code
{
  "taskDefinition": {
    "value": "secrets-scanner-dev-aece9bcd"
  },
  "cluster": {
    "value": "arn:aws:ecs:us-east-1:*****:cluster/secrets-scanner-dev"
  },
  "launchType": "FARGATE",
  "networkConfiguration": {
    "awsvpcConfiguration": {
      "subnets": [
        {
          "value": "subnet-010f54d482e6bbe5f"
        },
        {
          "value": "subnet-0b2de25c26fdb6329"
        }
      ],
      "assignPublicIp": "DISABLED",
      "securityGroups": [
        {
          "value": "sg-0a99aa39a8f32459f"
        }
      ]
    }
  }
}
So for subnets I’m going to have to map over it