Skip to content

Commit cce84a3

Browse files
niyatir2608niyatir2608
authored
Add cloudwatch scheduler permission (#3)
1 parent 685ca99 commit cce84a3

File tree

3 files changed

+20
-4
lines changed

3 files changed

+20
-4
lines changed

README.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,9 +27,10 @@ No modules.
2727
| [aws_lambda_function.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
2828
| [aws_lambda_function_url.function_url](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_url) | resource |
2929
| [aws_lambda_permission.api](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
30+
| [aws_lambda_permission.cloudwatch_scheduler](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
3031
| [aws_lambda_permission.cognito](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
3132
| [aws_lambda_permission.eventbridge](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
32-
| [aws_lambda_permission.permission](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
33+
| [aws_lambda_permission.sns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
3334
| [aws_lambda_permission.sqs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
3435
| [archive_file.lambda](https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/file) | data source |
3536
| [aws_iam_policy_document.lambda_service_trust_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
@@ -41,6 +42,7 @@ No modules.
4142
| Name | Description | Type | Default | Required |
4243
|------|-------------|------|---------|:--------:|
4344
| <a name="input_apigw_execution_arn"></a> [apigw\_execution\_arn](#input\_apigw\_execution\_arn) | Apigw execution arn | `list` | `[]` | no |
45+
| <a name="input_cloudwatch_scheduler_arn"></a> [cloudwatch\_scheduler\_arn](#input\_cloudwatch\_scheduler\_arn) | Cloudwatch scheduler arn | `string` | `""` | no |
4446
| <a name="input_cognito_pool_arn"></a> [cognito\_pool\_arn](#input\_cognito\_pool\_arn) | Cognito pool arn | `string` | `""` | no |
4547
| <a name="input_description"></a> [description](#input\_description) | Lambda function description | `any` | n/a | yes |
4648
| <a name="input_env_vars_from_parameter_store"></a> [env\_vars\_from\_parameter\_store](#input\_env\_vars\_from\_parameter\_store) | Lambda environment variables from SSM parameter store | `map(any)` | `{}` | no |

main.tf

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -65,9 +65,9 @@ resource "aws_lambda_function" "lambda" {
6565
}
6666
}
6767

68-
# ------------------------------------------------------------------------------
69-
# ASSIGN PERMISSION TO API GATEWAY, COGNITO, SQS, SNS AND EVENTBRIDGE
70-
# ------------------------------------------------------------------------------
68+
# ------------------------------------------------------------------------------------------
69+
# ASSIGN PERMISSION TO API GATEWAY, COGNITO, SQS, SNS, Cloudwatch Scheduler AND EVENTBRIDGE
70+
# ------------------------------------------------------------------------------------------
7171

7272
resource "aws_lambda_permission" "api" {
7373
count = length(var.apigw_execution_arn) > 0 ? 1 : 0
@@ -114,6 +114,15 @@ resource "aws_lambda_permission" "sns" {
114114
source_arn = var.sns_topic_arn
115115
}
116116

117+
resource "aws_lambda_permission" "cloudwatch_scheduler" {
118+
count = length(var.cloudwatch_scheduler_arn) > 0 ? 1 : 0
119+
statement_id = "AllowExecutionFromEventbridge"
120+
action = "lambda:InvokeFunction"
121+
function_name = aws_lambda_function.lambda.function_name
122+
principal = "scheduler.amazonaws.com"
123+
source_arn = var.cloudwatch_scheduler_arn
124+
}
125+
117126
# ------------------------------------------------------------------------------
118127
# LAMBDA LOG RETENTION
119128
# ------------------------------------------------------------------------------

variables.tf

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,4 +129,9 @@ variable "output_path" {
129129
variable "eventbridge_rule_arn" {
130130
description = "Eventbridge rule arn"
131131
default = ""
132+
}
133+
134+
variable "cloudwatch_scheduler_arn" {
135+
description = "Cloudwatch scheduler arn"
136+
default = ""
132137
}

0 commit comments

Comments
 (0)