public async Task <String> SetPermission(AmazonLambdaClient lambda, String rulearn, String rulename)
{
//var RemovePermissionRequest = new RemovePermissionRequest
//{
// FunctionName = "Ec2StartStop",
// StatementId = rulename
//};
try
{
var AddPermissionRequest = new AddPermissionRequest
{
Action = "lambda:InvokeFunction",
FunctionName = "Ec2StartStop",
Principal = "events.amazonaws.com",
SourceArn = rulearn,
StatementId = rulename
};
var AddPermissionResponse = await lambda.AddPermissionAsync(AddPermissionRequest);
return("sucessfully created permission");
}
catch (Exception e)
{
return("permission already exists");
}
}
static async Task Main(string[] args)
{
// Create Eventbridge & Lambda Client
var EBclient = new AmazonEventBridgeClient(awsAccessKeyId: "Your-Access-Key", awsSecretAccessKey: "Your-Secret-Access-Key", region: Amazon.RegionEndpoint.APSoutheast1);
var lambdaClient = new AmazonLambdaClient(awsAccessKeyId: "Your-Access-Key", awsSecretAccessKey: "Your-Secret-Access-Key", region: Amazon.RegionEndpoint.APSoutheast1);
// Create a Scheduled Rule on EventBridge
var putRuleRequest = new PutRuleRequest();
putRuleRequest.Name = "Rule2";
putRuleRequest.ScheduleExpression = "cron(*/1 * * * ? *)"; // Cron Expression (UTC Time): Minute Hour (DayofMonth) Month (DayofWeek) Year
putRuleRequest.EventBusName = "default";
putRuleRequest.State = RuleState.ENABLED;
var putRuleResponse = await EBclient.PutRuleAsync(putRuleRequest);
Console.WriteLine(putRuleResponse.HttpStatusCode);
Console.WriteLine(putRuleResponse.RuleArn);
// Add Permission of the ScheduledRule to invoke function in Lambda
var addPermissionRequest = new Amazon.Lambda.Model.AddPermissionRequest();
addPermissionRequest.Action = "lambda:InvokeFunction";
addPermissionRequest.Principal = "events.amazonaws.com";
addPermissionRequest.StatementId = "lambda-rule-2";
addPermissionRequest.SourceArn = putRuleResponse.RuleArn;
addPermissionRequest.FunctionName = "TestEBSNS";
var addPermissionResponse = await lambdaClient.AddPermissionAsync(addPermissionRequest);
Console.WriteLine(addPermissionResponse.HttpStatusCode);
// Set Target of the Schedule Rule to Lambda Function
var putTargetRequest = new PutTargetsRequest();
putTargetRequest.Rule = "Rule2";
putTargetRequest.EventBusName = "default";
var eventTarget = new Target();
eventTarget.Arn = "arn:aws:lambda:your-region:your-account:function:TestEBSNS";
eventTarget.Input = "{ \"Key1\":\"Rule1\", \"Key2\":\"Rule2\" }";
eventTarget.Id = "1";
List <Target> eventTargets = new List <Target>();
eventTargets.Add(eventTarget);
putTargetRequest.Targets = eventTargets;
var putTargetResponse = await EBclient.PutTargetsAsync(putTargetRequest);
Console.WriteLine(putTargetResponse.HttpStatusCode);
}
public async Task AddPolicy(string account)
{
try
{
var request = new AddPermissionRequest()
{
Action = "lambda:InvokeFunction",
FunctionName = $"arn:aws:lambda:us-east-2:125237747044:function:SafeArrival-SIS-infra-green",
Principal = "s3.amazonaws.com",
SourceArn = $"arn:aws:s3:::safe-arrival-{region}-{environment}-sisbucket",
StatementId = "SIS_Lambda_Trigger_Permission",
SourceAccount = account
};
var response = await client.AddPermissionAsync(request);
}
catch (Amazon.Lambda.Model.ResourceConflictException)
{
//Policy created, skip.
;
}
}
internal static Task <AddPermissionResponse> AddExecuteApiPermissionAsync
(
this AmazonLambdaClient client,
ASPNetServerLessPublishAWSLambdaConfigSection lambdaConfig,
string restApiId,
string awsRegion,
string accountId
)
{
var permissionRequest = new AddPermissionRequest()
{
Action = lambdaConfig.PermissionAction,
FunctionName = lambdaConfig.FunctionName,
Principal = lambdaConfig.PermissionPrincipal,
StatementId = lambdaConfig.PermissionStatementId,
SourceArn = $"arn:aws:execute-api:{awsRegion}:{accountId}:{restApiId}/*/*/*"
};
return(client.AddPermissionAsync(permissionRequest));
}
public string Add(Notification input, ILambdaContext context)
{
if (input == null)
{
throw new ArgumentNullException("Input required");
}
//var topicId = Guid.NewGuid().ToString();
var region = RegionEndpoint.APSoutheast1;
//Create topic in SNS
var snsClient = new AmazonSimpleNotificationServiceClient(region);
var createTopicRequest = new CreateTopicRequest();
createTopicRequest.Name = input.TopicName;
var createTopicResponse = snsClient.CreateTopicAsync(createTopicRequest).Result;
if (createTopicResponse.HttpStatusCode != HttpStatusCode.OK)
{
throw new TestDonkeyException("Can't add topic");
}
//Create rule in CloudWatch Events
var cloudWatchEventClient = new AmazonCloudWatchEventsClient(region);
var putRuleRequest = new PutRuleRequest();
putRuleRequest.ScheduleExpression = input.Cron;
putRuleRequest.Name = $"testdonkey-rule-{ input.TopicId }";
putRuleRequest.State = RuleState.ENABLED;
var putRuleResponse = cloudWatchEventClient.PutRuleAsync(putRuleRequest).Result;
if (putRuleResponse.HttpStatusCode != HttpStatusCode.OK)
{
throw new TestDonkeyException("Can't add rule");
}
//Set target for CloudWatch Events
var putTargetsRequest = new PutTargetsRequest();
putTargetsRequest.Rule = putRuleRequest.Name;
putTargetsRequest.Targets = new List <Target> {
new Target()
{
Arn = "arn:aws:lambda:ap-southeast-1:404276529491:function:TestDonkeyLambda",
Id = $"testdonkey-target-{ input.TopicId }",
Input = $"{{\"TopicId\":\"{ input.TopicId }\"}}"
}
};
var putTargetsResponse = cloudWatchEventClient.PutTargetsAsync(putTargetsRequest).Result;
if (putTargetsResponse.HttpStatusCode != HttpStatusCode.OK)
{
var deleteRuleRequest = new DeleteRuleRequest();
deleteRuleRequest.Name = putRuleRequest.Name;
cloudWatchEventClient.DeleteRuleAsync(deleteRuleRequest);
throw new TestDonkeyException("Can't add target");
}
//Add permission to accept CloudWatch Events trigger for Lambda
var lambdaClient = new AmazonLambdaClient(region);
var addPermissionRequest = new Amazon.Lambda.Model.AddPermissionRequest();
addPermissionRequest.FunctionName = "TestDonkeyLambda";
addPermissionRequest.Action = "lambda:InvokeFunction";
addPermissionRequest.StatementId = $"testdonkey-lambda-{ input.TopicId }";
addPermissionRequest.Principal = "events.amazonaws.com";
addPermissionRequest.SourceArn = putRuleResponse.RuleArn;
var addPermissionResponse = lambdaClient.AddPermissionAsync(addPermissionRequest).Result;
if (addPermissionResponse.HttpStatusCode != HttpStatusCode.Created)
{
throw new TestDonkeyException("Can't add permission");
}
//Save notification to DynamoDB
var dynamoDBClient = new AmazonDynamoDBClient(region);
var item = new Dictionary <string, AttributeValue>();
item.Add("id", new AttributeValue()
{
S = input.TopicId
});
item.Add("name", new AttributeValue()
{
S = input.TopicName
});
item.Add("arn", new AttributeValue()
{
S = createTopicResponse.TopicArn
});
item.Add("cron", new AttributeValue()
{
S = input.Cron
});
var putItemResponse = dynamoDBClient.PutItemAsync("Topics", item).Result;
if (putItemResponse.HttpStatusCode != HttpStatusCode.OK)
{
throw new TestDonkeyException("Can't add item");
}
return("success");
}