Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dev #20

Merged
merged 3 commits into from
Apr 4, 2021
Merged

Dev #20

merged 3 commits into from
Apr 4, 2021

Conversation

thakurrishabh
Copy link
Owner

No description provided.

@thakurrishabh
Copy link
Owner Author 

  "Type": "AWS::SQS::Queue",
  "Type": "AWS::SQS::QueuePolicy",
  "Type": "AWS::IAM::Role",
  "Type": "AWS::IAM::Policy",
  "Type": "AWS::Lambda::Function",
  "Type": "AWS::IAM::Role",
  "Type": "AWS::Lambda::Function",
  "Type": "AWS::Events::Rule",
  "Type": "AWS::Lambda::Permission",
  "Type": "AWS::Events::Rule",
  "Type": "AWS::Lambda::Permission",
  "Type": "AWS::Logs::LogGroup",
  "Type": "AWS::IAM::Policy",
  "Type": "Custom::CloudwatchLogResourcePolicy",
  "Type": "AWS::IAM::Role",
  "Type": "AWS::Lambda::Function",
  "Type": "AWS::CDK::Metadata",
  "Type": "String",
  "Type": "String",
  "Type": "String",
  "Type": "String",
  "Type": "String",
  "Type": "String",
  "Type": "String",
  "Type": "String",
  "Type": "String",

@thakurrishabh
Copy link
Owner Author

Stack EventBridgeAwsCdkStack
IAM Statement Changes
┌───┬─────────────────────────────────────┬────────┬─────────────────────────────┬─────────────────────────────────┬──────────────────────────────────────┐
│ │ Resource │ Effect │ Action │ Principal │ Condition │
├───┼─────────────────────────────────────┼────────┼─────────────────────────────┼─────────────────────────────────┼──────────────────────────────────────┤
│ + │ ${DLQ_Process_func.Arn} │ Allow │ lambda:InvokeFunction │ Service:events.amazonaws.com │ "ArnLike": { │
│ │ │ │ │ │ "AWS:SourceArn": "${Rule_DLQ.Arn}" │
│ │ │ │ │ │ } │
├───┼─────────────────────────────────────┼────────┼─────────────────────────────┼─────────────────────────────────┼──────────────────────────────────────┤
│ + │ ${DLQ_Process_func/ServiceRole.Arn} │ Allow │ sts:AssumeRole │ Service:lambda.amazonaws.com │ │
├───┼─────────────────────────────────────┼────────┼─────────────────────────────┼─────────────────────────────────┼──────────────────────────────────────┤
│ - │ ${Queue.Arn} │ Allow │ sqs:ChangeMessageVisibility │ AWS:${ETL_job_func/ServiceRole} │ │
│ │ │ │ sqs:DeleteMessage │ │ │
│ │ │ │ sqs:GetQueueAttributes │ │ │
│ │ │ │ sqs:GetQueueUrl │ │ │
│ │ │ │ sqs:ReceiveMessage │ │ │
└───┴─────────────────────────────────────┴────────┴─────────────────────────────┴─────────────────────────────────┴──────────────────────────────────────┘
IAM Policy Changes
┌───┬─────────────────────────────────┬────────────────────────────────────────────────────────────────────────────────┐
│ │ Resource │ Managed Policy ARN │
├───┼─────────────────────────────────┼────────────────────────────────────────────────────────────────────────────────┤
│ + │ ${DLQ_Process_func/ServiceRole} │ arn:${AWS::Partition}:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole │
└───┴─────────────────────────────────┴────────────────────────────────────────────────────────────────────────────────┘
(NOTE: There may be security-related changes not in this list. See aws/aws-cdk#1299)

Parameters
[+] Parameter AssetParameters/57779c0861f185b5cf5ba1ca9ed115b62f92ce3260dd1d20d738dd4cf2c7d3d8/S3Bucket AssetParameters57779c0861f185b5cf5ba1ca9ed115b62f92ce3260dd1d20d738dd4cf2c7d3d8S3Bucket0F8D6355: {"Type":"String","Description":"S3 bucket for asset "57779c0861f185b5cf5ba1ca9ed115b62f92ce3260dd1d20d738dd4cf2c7d3d8""}
[+] Parameter AssetParameters/57779c0861f185b5cf5ba1ca9ed115b62f92ce3260dd1d20d738dd4cf2c7d3d8/S3VersionKey AssetParameters57779c0861f185b5cf5ba1ca9ed115b62f92ce3260dd1d20d738dd4cf2c7d3d8S3VersionKeyDA4101F1: {"Type":"String","Description":"S3 key for asset version "57779c0861f185b5cf5ba1ca9ed115b62f92ce3260dd1d20d738dd4cf2c7d3d8""}
[+] Parameter AssetParameters/57779c0861f185b5cf5ba1ca9ed115b62f92ce3260dd1d20d738dd4cf2c7d3d8/ArtifactHash AssetParameters57779c0861f185b5cf5ba1ca9ed115b62f92ce3260dd1d20d738dd4cf2c7d3d8ArtifactHashE8E90144: {"Type":"String","Description":"Artifact hash for asset "57779c0861f185b5cf5ba1ca9ed115b62f92ce3260dd1d20d738dd4cf2c7d3d8""}

Resources
[-] AWS::Lambda::EventSourceMapping ETLjobfuncSqsEventSourceEventBridgeAwsCdkStackQueue8F1E2D709310E1ED destroy
[+] AWS::IAM::Role DLQ_Process_func/ServiceRole DLQProcessfuncServiceRole9765FFA2
[+] AWS::Lambda::Function DLQ_Process_func DLQProcessfunc3F9F1438
[+] AWS::Events::Rule Rule_DLQ RuleDLQ1B41E37C
[+] AWS::Lambda::Permission Rule_DLQ/AllowEventRuleEventBridgeAwsCdkStackDLQProcessfunc8B832A5D RuleDLQAllowEventRuleEventBridgeAwsCdkStackDLQProcessfunc8B832A5D42DAD3A2
[] AWS::SQS::Queue Queue Queue4A7E3555 replace
└─ [+] QueueName (requires replacement)
└─ Events_DLQ
[] AWS::IAM::Policy ETL_job_func/ServiceRole/DefaultPolicy ETLjobfuncServiceRoleDefaultPolicyCE38A619
└─ [] PolicyDocument
└─ [] .Statement:
└─ @@ -8,21 +8,5 @@
[ ] "Arn"
[ ] ]
[ ] }
[-] },
[-] {
[-] "Action": [
[-] "sqs:ReceiveMessage",
[-] "sqs:ChangeMessageVisibility",
[-] "sqs:GetQueueUrl",
[-] "sqs:DeleteMessage",
[-] "sqs:GetQueueAttributes"
[-] ],
[-] "Effect": "Allow",
[-] "Resource": {
[-] "Fn::GetAtt": [
[-] "Queue4A7E3555",
[-] "Arn"
[-] ]
[-] }
[ ] }
[ ] ]

@thakurrishabh thakurrishabh merged commit cdbdb0c into master Apr 4, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@thakurrishabh