happy-grass-868
03/09/2022, 9:02 PMDockerfile
is pulling in, the changes are not reflected in the Image in ECR.
2. The lambda does not seem to be getting created and it fails when my code tries to attach my permissions to the lambda, I get a Error adding new Lambda Permission for donor-score-lambda-dev: ResourceNotFoundException: Function not found
. The code is in the thread below.
Thank you!const aws = require('@pulumi/aws');
const awsx = require("@pulumi/awsx");
const { STACK, projectConfig, tags } = require('./../config');
// Create ECR cluster
const repo = new awsx.ecr.Repository(`scores-donor-cluster-${STACK}`);
// Build and publish the container image.
const image = repo.buildAndPushImage("./../app/score/");
const lambdaRole = new aws.iam.Role(`donor-model-score-donors-lambda-${STACK}`, {
assumeRolePolicy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "<http://lambda.amazonaws.com|lambda.amazonaws.com>"
},
"Effect": "Allow",
"Sid": ""
}
]
}
`,
tags
});
const scoreDonorsLambda = new aws.lambda.Function("score-donors-lambda", {
packageType: "Image",
imageUri: image.imageValue,
role: lambdaRole.arn,
timeout: 900,
name: `donor-score-lambda-${STACK}`
});
new aws.cloudwatch.LogGroup(`donor-model-score-donors-log-group-${STACK}`, {
retentionInDays: 30,
name: scoreDonorsLambda.name.apply(lambdaName => `/aws/lambda/${lambdaName}`),
tags
});
// CloudWatch IAM Policy for logging to Lambda
const lambdaLoggingPolicy = new aws.iam.Policy(`donors-api-identify-donor-scoring-log-policy-${STACK}`, {
description: "IAM policy for logging from Lambda",
path: "/",
policy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*",
"Effect": "Allow"
}
]
}
`
});
new aws.iam.RolePolicyAttachment(`attach-donors-api-donor-scores-logging`, {
policyArn: lambdaLoggingPolicy.arn,
role: lambdaRole.name
})
const { identifyDonorRole } = require('./identifyDonorsLambda')
// Grant Function:Invoke permissions to the identifyDonor lambda
new aws.lambda.Permission(`permission-for-iam-to-invoke-score-donors`, {
action: "lambda:InvokeFunction",
principal: identifyDonorRole.arn,
function: `donor-score-lambda-${STACK}`
})