aws · mergify · Feb 25, 2021 · Feb 24, 2021 · Feb 25, 2021 · Feb 25, 2021
diff --git a/packages/@aws-cdk/aws-events-targets/lib/util.ts b/packages/@aws-cdk/aws-events-targets/lib/util.ts
@@ -33,13 +33,14 @@ export function singletonEventRole(scope: IConstruct, policyStatements: iam.Poli
 export function addLambdaPermission(rule: events.IRule, handler: lambda.IFunction): void {
  let scope: Construct | undefined;
  let node: ConstructNode = handler.permissionsNode;
+ let permissionId = `AllowEventRule${Names.nodeUniqueId(rule.node)}`;
  if (rule instanceof Construct) {
  // Place the Permission resource in the same stack as Rule rather than the Function
  // This is to reduce circular dependency when the lambda handler and the rule are across stacks.
  scope = rule;
  node = rule.node;
+ permissionId = `AllowEventRule${Names.nodeUniqueId(handler.node)}`;
  }
- const permissionId = `AllowEventRule${Names.nodeUniqueId(rule.node)}`;
  if (!node.tryFindChild(permissionId)) {
  handler.addPermission(permissionId, {
  scope,

diff --git a/packages/@aws-cdk/aws-events-targets/test/aws-api/integ.aws-api.expected.json b/packages/@aws-cdk/aws-events-targets/test/aws-api/integ.aws-api.expected.json
@@ -29,7 +29,26 @@
  ]
  }
  },
- "ScheduleRuleAllowEventRuleawscdkawsapitargetintegScheduleRule51140722763E20C1": {
+ "ScheduleRuleAllowEventRuleawscdkawsapitargetintegScheduleRuleScheduleRuleTarget0HandlerF2C0C898874A4805": {
+ "Type": "AWS::Lambda::Permission",
+ "Properties": {
+ "Action": "lambda:InvokeFunction",
+ "FunctionName": {
+ "Fn::GetAtt": [
+ "AWSb4cf1abd4e4f4bc699441af7ccd9ec371511E620",
+ "Arn"
+ ]
+ },
+ "Principal": "events.amazonaws.com",
+ "SourceArn": {
+ "Fn::GetAtt": [
+ "ScheduleRuleDA5BD877",
+ "Arn"
+ ]
+ }
+ }
+ },
+ "ScheduleRuleAllowEventRuleawscdkawsapitargetintegScheduleRuleScheduleRuleTarget1Handler4688817C0179F894": {
  "Type": "AWS::Lambda::Permission",
  "Properties": {
  "Action": "lambda:InvokeFunction",
@@ -198,7 +217,7 @@
  ]
  }
  },
- "PatternRuleAllowEventRuleawscdkawsapitargetintegPatternRule3D388581AA4F776B": {
+ "PatternRuleAllowEventRuleawscdkawsapitargetintegPatternRulePatternRuleTarget0HandlerA0821464BB49C5D3": {
  "Type": "AWS::Lambda::Permission",
  "Properties": {
  "Action": "lambda:InvokeFunction",

diff --git a/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json b/packages/@aws-cdk/aws-events-targets/test/lambda/integ.events.expected.json
@@ -68,7 +68,7 @@
  ]
  }
  },
- "TimerAllowEventRulelambdaeventsTimer0E6AB6D890F582F4": {
+ "TimerAllowEventRulelambdaeventsMyFunc910E580F793D7BBB": {
  "Type": "AWS::Lambda::Permission",
  "Properties": {
  "Action": "lambda:InvokeFunction",
@@ -105,7 +105,7 @@
  ]
  }
  },
- "Timer2AllowEventRulelambdaeventsTimer27F866A1E50659689": {
+ "Timer2AllowEventRulelambdaeventsMyFunc910E580FCCD9CDCE": {
  "Type": "AWS::Lambda::Permission",
  "Properties": {
  "Action": "lambda:InvokeFunction",

diff --git a/packages/@aws-cdk/aws-events-targets/test/lambda/lambda.test.ts b/packages/@aws-cdk/aws-events-targets/test/lambda/lambda.test.ts
@@ -78,6 +78,27 @@ test('adding same lambda function as target mutiple times creates permission onl
  expect(stack).toCountResources('AWS::Lambda::Permission', 1);
 });
 
+test('adding different lambda functions as target mutiple times creates multiple permissions', () => {
+ // GIVEN
+ const stack = new cdk.Stack();
+ const fn1 = newTestLambda(stack);
+ const fn2 = newTestLambda(stack, '2');
+ const rule = new events.Rule(stack, 'Rule', {
+ schedule: events.Schedule.rate(cdk.Duration.minutes(1)),
+ });
+
+ // WHEN
+ rule.addTarget(new targets.LambdaFunction(fn1, {
+ event: events.RuleTargetInput.fromObject({ key: 'value1' }),
+ }));
+ rule.addTarget(new targets.LambdaFunction(fn2, {
+ event: events.RuleTargetInput.fromObject({ key: 'value2' }),
+ }));
+
+ // THEN
+ expect(stack).toCountResources('AWS::Lambda::Permission', 2);
+});
+
 test('adding same singleton lambda function as target mutiple times creates permission only once', () => {
  // GIVEN
  const stack = new cdk.Stack();
@@ -126,8 +147,8 @@ test('lambda handler and cloudwatch event across stacks', () => {
  expect(eventStack).toCountResources('AWS::Lambda::Permission', 1);
 });
 
-function newTestLambda(scope: constructs.Construct) {
- return new lambda.Function(scope, 'MyLambda', {
+function newTestLambda(scope: constructs.Construct, suffix = '') {
+ return new lambda.Function(scope, `MyLambda${suffix}`, {
  code: new lambda.InlineCode('foo'),
  handler: 'bar',
  runtime: lambda.Runtime.PYTHON_2_7,

diff --git a/packages/@aws-cdk/aws-lambda-destinations/test/integ.lambda-chain.expected.json b/packages/@aws-cdk/aws-lambda-destinations/test/integ.lambda-chain.expected.json
@@ -58,13 +58,13 @@
  "Code": {
  "ZipFile": "exports.handler = async (event) => {\n console.log('Event: %j', event);\n if (event === 'error') throw new Error('UnkownError');\n return event;\n };"
  },
- "Handler": "index.handler",
  "Role": {
  "Fn::GetAtt": [
  "FirstServiceRole097DB3A5",
  "Arn"
  ]
  },
+ "Handler": "index.handler",
  "Runtime": "nodejs10.x"
  },
  "DependsOn": [
@@ -114,7 +114,7 @@
  ]
  }
  },
- "FirstEventInvokeConfigFailureAllowEventRuleawscdklambdachainFirstEventInvokeConfigFailure7180F42FA8F1F1F0": {
+ "FirstEventInvokeConfigFailureAllowEventRuleawscdklambdachainErrorC073CD8DCAD68018": {
  "Type": "AWS::Lambda::Permission",
  "Properties": {
  "Action": "lambda:InvokeFunction",
@@ -175,7 +175,7 @@
  ]
  }
  },
- "FirstEventInvokeConfigSuccessAllowEventRuleawscdklambdachainFirstEventInvokeConfigSuccess2DCAE39FC2495AB7": {
+ "FirstEventInvokeConfigSuccessAllowEventRuleawscdklambdachainSecond178F48F8A8DE2790": {
  "Type": "AWS::Lambda::Permission",
  "Properties": {
  "Action": "lambda:InvokeFunction",
@@ -308,13 +308,13 @@
  "Code": {
  "ZipFile": "exports.handler = async (event) => {\n console.log('Event: %j', event);\n if (event === 'error') throw new Error('UnkownError');\n return event;\n };"
  },
- "Handler": "index.handler",
  "Role": {
  "Fn::GetAtt": [
  "SecondServiceRole55940A31",
  "Arn"
  ]
  },
+ "Handler": "index.handler",
  "Runtime": "nodejs10.x"
  },
  "DependsOn": [
@@ -364,7 +364,7 @@
  ]
  }
  },
- "SecondEventInvokeConfigSuccessAllowEventRuleawscdklambdachainSecondEventInvokeConfigSuccess2078CDC9C7FB9F61": {
+ "SecondEventInvokeConfigSuccessAllowEventRuleawscdklambdachainThird031C7FF6ABA1C15A": {
  "Type": "AWS::Lambda::Permission",
  "Properties": {
  "Action": "lambda:InvokeFunction",
@@ -453,13 +453,13 @@
  "Code": {
  "ZipFile": "exports.handler = async (event) => {\n console.log('Event: %j', event);\n if (event === 'error') throw new Error('UnkownError');\n return event;\n };"
  },
- "Handler": "index.handler",
  "Role": {
  "Fn::GetAtt": [
  "ThirdServiceRole42701801",
  "Arn"
  ]
  },
+ "Handler": "index.handler",
  "Runtime": "nodejs10.x"
  },
  "DependsOn": [
@@ -503,13 +503,13 @@
  "Code": {
  "ZipFile": "exports.handler = async (event) => {\n console.log('Event: %j', event);\n if (event === 'error') throw new Error('UnkownError');\n return event;\n };"
  },
- "Handler": "index.handler",
  "Role": {
  "Fn::GetAtt": [
  "ErrorServiceRoleCE484966",
  "Arn"
  ]
  },
+ "Handler": "index.handler",
  "Runtime": "nodejs10.x"
  },
  "DependsOn": [

diff --git a/packages/@aws-cdk/aws-rds/test/integ.instance.lit.expected.json b/packages/@aws-cdk/aws-rds/test/integ.instance.lit.expected.json
@@ -909,7 +909,7 @@
  ]
  }
  },
- "InstanceAvailabilityAllowEventRuleawscdkrdsinstanceInstanceAvailabilityCE39A6A7B066AA0D": {
+ "InstanceAvailabilityAllowEventRuleawscdkrdsinstanceFunctionD515EE1969208105": {
  "Type": "AWS::Lambda::Permission",
  "Properties": {
  "Action": "lambda:InvokeFunction",