sparse-intern-71089
03/09/2022, 9:02 PMhappy-grass-868
03/09/2022, 9:03 PMconst aws = require('@pulumi/aws');
const awsx = require("@pulumi/awsx");
const { STACK, projectConfig, tags } = require('./../config');
// Create ECR cluster
const repo = new awsx.ecr.Repository(`scores-donor-cluster-${STACK}`);
// Build and publish the container image.
const image = repo.buildAndPushImage("./../app/score/");
const lambdaRole = new aws.iam.Role(`donor-model-score-donors-lambda-${STACK}`, {
assumeRolePolicy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "<http://lambda.amazonaws.com|lambda.amazonaws.com>"
},
"Effect": "Allow",
"Sid": ""
}
]
}
`,
tags
});
const scoreDonorsLambda = new aws.lambda.Function("score-donors-lambda", {
packageType: "Image",
imageUri: image.imageValue,
role: lambdaRole.arn,
timeout: 900,
name: `donor-score-lambda-${STACK}`
});
new aws.cloudwatch.LogGroup(`donor-model-score-donors-log-group-${STACK}`, {
retentionInDays: 30,
name: scoreDonorsLambda.name.apply(lambdaName => `/aws/lambda/${lambdaName}`),
tags
});
// CloudWatch IAM Policy for logging to Lambda
const lambdaLoggingPolicy = new aws.iam.Policy(`donors-api-identify-donor-scoring-log-policy-${STACK}`, {
description: "IAM policy for logging from Lambda",
path: "/",
policy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*",
"Effect": "Allow"
}
]
}
`
});
new aws.iam.RolePolicyAttachment(`attach-donors-api-donor-scores-logging`, {
policyArn: lambdaLoggingPolicy.arn,
role: lambdaRole.name
})
const { identifyDonorRole } = require('./identifyDonorsLambda')
// Grant Function:Invoke permissions to the identifyDonor lambda
new aws.lambda.Permission(`permission-for-iam-to-invoke-score-donors`, {
action: "lambda:InvokeFunction",
principal: identifyDonorRole.arn,
function: `donor-score-lambda-${STACK}`
})