able-hair-32695
07/16/2022, 1:13 AMconst authBridge: aws.cloudwatch.EventRuleEventHandler = async (
event
) => {
.... your code here ...
}
const lambdaPolicy = aws.iam.getPolicyDocumentOutput({
statements: [
{
effect: "Allow",
actions: ["logs:CreateLogGroup"],
resources: [`arn:aws:logs:*:${awsAccountId}:*`],
},
{
effect: "Allow",
actions: [
"logs:CreateLogStream",
"logs:PutLogEvents",
],
resources: [`arn:aws:logs:*:${awsAccountId}:log-group:/aws/lambda/${LAMBDA_NAME}`],
}
]
})
const lambdaRole = new aws.iam.Role("lambdaRole", {
name: "1password-auth-bridge-lambda",
assumeRolePolicy: {
Version: "2012-10-17",
Statement: [
{
Effect: "Allow",
Principal: {
Service: "<http://lambda.amazonaws.com|lambda.amazonaws.com>"
},
Action: "sts:AssumeRole"
}
]
},
inlinePolicies: [
{
name: "lambdaPolicy",
policy: lambdaPolicy.json
}
]
})
const authBridgeCallback = new aws.lambda.CallbackFunction<aws.cloudwatch.EventRuleEvent, void>("authBridge", {
callback: authBridge,
role: lambdaRole,
name: LAMBDA_NAME,
})
const authBridgeRule: aws.cloudwatch.EventRuleEventSubscription = aws.cloudwatch.onSchedule("authBridge", "rate(5 minutes)", authBridgeCallback)