Example #1
0
 public MyStack()
 {
     var exampleRecorder = new Aws.Cfg.Recorder("exampleRecorder", new Aws.Cfg.RecorderArgs
     {
     });
     var exampleFunction = new Aws.Lambda.Function("exampleFunction", new Aws.Lambda.FunctionArgs
     {
     });
     var examplePermission = new Aws.Lambda.Permission("examplePermission", new Aws.Lambda.PermissionArgs
     {
         Action    = "lambda:InvokeFunction",
         Function  = exampleFunction.Arn,
         Principal = "config.amazonaws.com",
     });
     var exampleRule = new Aws.Cfg.Rule("exampleRule", new Aws.Cfg.RuleArgs
     {
         Source = new Aws.Cfg.Inputs.RuleSourceArgs
         {
             Owner            = "CUSTOM_LAMBDA",
             SourceIdentifier = exampleFunction.Arn,
         },
     }, new CustomResourceOptions
     {
         DependsOn =
         {
             "aws_config_configuration_recorder.example",
             "aws_lambda_permission.example",
         },
     });
 }
Example #2
0
 public MyStack()
 {
     var exampleLayerVersion = new Aws.Lambda.LayerVersion("exampleLayerVersion", new Aws.Lambda.LayerVersionArgs
     {
     });
     var exampleFunction = new Aws.Lambda.Function("exampleFunction", new Aws.Lambda.FunctionArgs
     {
         Layers =
         {
             exampleLayerVersion.Arn,
         },
     });
 }
Example #3
0
    public MyStack()
    {
        var testLambda = new Aws.Lambda.Function("testLambda", new Aws.Lambda.FunctionArgs
        {
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                "aws_cloudwatch_log_group.example",
                "aws_iam_role_policy_attachment.lambda_logs",
            },
        });
        // This is to optionally manage the CloudWatch Log Group for the Lambda Function.
        // If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
        var example = new Aws.CloudWatch.LogGroup("example", new Aws.CloudWatch.LogGroupArgs
        {
            RetentionInDays = 14,
        });
        // See also the following AWS managed policy: AWSLambdaBasicExecutionRole
        var lambdaLogging = new Aws.Iam.Policy("lambdaLogging", new Aws.Iam.PolicyArgs
        {
            Description = "IAM policy for logging from a lambda",
            Path        = "/",
            Policy      = @"{
  ""Version"": ""2012-10-17"",
  ""Statement"": [
    {
      ""Action"": [
        ""logs:CreateLogGroup"",
        ""logs:CreateLogStream"",
        ""logs:PutLogEvents""
      ],
      ""Resource"": ""arn:aws:logs:*:*:*"",
      ""Effect"": ""Allow""
    }
  ]
}

",
        });
        var lambdaLogs = new Aws.Iam.RolePolicyAttachment("lambdaLogs", new Aws.Iam.RolePolicyAttachmentArgs
        {
            PolicyArn = lambdaLogging.Arn,
            Role      = aws_iam_role.Iam_for_lambda.Name,
        });
    }