/
main.go
94 lines (81 loc) · 2.79 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
package main
import (
"context"
"fmt"
awsLambdaEvents "github.com/aws/aws-lambda-go/events"
awsLambdaContext "github.com/aws/aws-lambda-go/lambdacontext"
sparta "github.com/mweagle/Sparta"
spartaCF "github.com/mweagle/Sparta/aws/cloudformation"
gocf "github.com/mweagle/go-cloudformation"
"github.com/sirupsen/logrus"
)
////////////////////////////////////////////////////////////////////////////////
// Bucket handler
//
func echoS3DynamicBucketEvent(ctx context.Context,
s3Event awsLambdaEvents.S3Event) (awsLambdaEvents.S3Event, error) {
logger, loggerOk := ctx.Value(sparta.ContextKeyLogger).(*logrus.Logger)
if loggerOk {
logger.Info("Access structured logger")
}
awsContext, _ := awsLambdaContext.FromContext(ctx)
config, _ := sparta.Discover()
logger.WithFields(logrus.Fields{
"RequestID": awsContext.AwsRequestID,
"Event": s3Event,
"Configuration": config,
}).Info("Request received")
return s3Event, nil
}
////////////////////////////////////////////////////////////////////////////////
// Handler registration
//
func appendDynamicS3BucketLambda(lambdaFunctions []*sparta.LambdaAWSInfo) []*sparta.LambdaAWSInfo {
s3BucketResourceName := sparta.CloudFormationResourceName("S3DynamicBucket")
lambdaFn := sparta.HandleAWSLambda("echo S3 event",
echoS3DynamicBucketEvent,
sparta.IAMRoleDefinition{})
lambdaFn.Permissions = append(lambdaFn.Permissions, sparta.S3Permission{
BasePermission: sparta.BasePermission{
SourceArn: gocf.Ref(s3BucketResourceName),
},
Events: []string{"s3:ObjectCreated:*", "s3:ObjectRemoved:*"},
})
lambdaFn.DependsOn = append(lambdaFn.DependsOn, s3BucketResourceName)
// Add permission s.t. the lambda function could read from the S3 bucket
lambdaFn.RoleDefinition.Privileges = append(lambdaFn.RoleDefinition.Privileges,
sparta.IAMRolePrivilege{
Actions: []string{"s3:GetObject", "s3:HeadObject"},
Resource: spartaCF.S3AllKeysArnForBucket(gocf.Ref(s3BucketResourceName)),
},
)
lambdaFn.Decorator = func(serviceName string,
lambdaResourceName string,
lambdaResource gocf.LambdaFunction,
resourceMetadata map[string]interface{},
S3Bucket string,
S3Key string,
buildID string,
template *gocf.Template,
context map[string]interface{},
logger *logrus.Logger) error {
cfResource := template.AddResource(s3BucketResourceName, &gocf.S3Bucket{
AccessControl: gocf.String("PublicRead"),
})
cfResource.DeletionPolicy = "Delete"
return nil
}
return append(lambdaFunctions, lambdaFn)
}
////////////////////////////////////////////////////////////////////////////////
// Main
func main() {
// Deploy it
var lambdaFunctions []*sparta.LambdaAWSInfo
lambdaFunctions = appendDynamicS3BucketLambda(lambdaFunctions)
sparta.Main("SpartaDiscovery",
fmt.Sprintf("Test sparta.Discover() function"),
lambdaFunctions,
nil,
nil)
}