feat(iot): allow setting Actions of TopicRule #17110
Conversation
|
|
yamatatsu
force-pushed
the
aws-iot-rule-action
branch
from
7388b1c to
f68be0a
Compare
|
I met following error on And I confirmed this error was suppressed when using the Shall we implement using the |
Yes, we should implement using |
There was a problem hiding this comment.
Putting in "Request changes" to clear this one from my To-Do list. @yamatatsu please re-request my review when this is ready!
yamatatsu
force-pushed
the
aws-iot-rule-action
branch
from
f68be0a to
9fcb358
Compare
mergify
bot
dismissed
skinny85’s stale review
Pull request has been modified.
This change adds `IAction` to aws-iot for preparing to implemamt AWS IoT Rule actions.
yamatatsu
force-pushed
the
aws-iot-rule-action
branch
from
9fcb358 to
7a72b32
Compare
mergify
bot
dismissed
skinny85’s stale review
Pull request has been modified.
There was a problem hiding this comment.
Looks great @yamatatsu! Minor suggestions before we merge this in.
| constructor(private readonly lambdaFn: lambda.IFunction) {} | ||
|
|
||
| bind(rule: iot.ITopicRule): iot.ActionConfig { | ||
| this.lambdaFn.addPermission('invokedByAwsIotRule', { |
There was a problem hiding this comment.
Can you use function.grantInvoke() instead?
There was a problem hiding this comment.
@skinny85 Thank you for your review!
In my understanding, using addPermission() is better. Because a lambda resource policy created by using grantInvoke() is more lax than using addPermission().
As described in this document, lambda resource policy fields sourceAccount and sourceArn are required (or recommended?). But functions.grantInvoke() cannot add sourceAccount and sourceArn as this code.
For confirmation, I tried following code instead of this.func.addPermission():
this.func.grantInvoke({ grantPrincipal: new iam.ServicePrincipal('iot.amazonaws.com') });Then there is template difference as following:
packages/@aws-cdk/aws-iot-actions/test/lambda/integ.lambda-action.ts
Outdated
Show resolved
Hide resolved
mergify
bot
dismissed
skinny85’s stale review
Pull request has been modified.
There was a problem hiding this comment.
This is almost perfect @yamatatsu! Change the account in LambdaAction, and rename it to LambdaFunctionAction, and we'll merge this in!
| */ | ||
| constructor(private readonly func: lambda.IFunction) {} | ||
|
|
||
| bind(rule: iot.ITopicRule): iot.ActionConfig { |
There was a problem hiding this comment.
| bind(rule: iot.ITopicRule): iot.ActionConfig { | |
| bind(topicRule: iot.ITopicRule): iot.ActionConfig { |
| * | ||
| * @param rule The TopicRule that would trigger this action. | ||
| */ | ||
| bind(rule: ITopicRule): ActionConfig; |
There was a problem hiding this comment.
| bind(rule: ITopicRule): ActionConfig; | |
| bind(topicRule: ITopicRule): ActionConfig; |
| /** | ||
| * The action to invoke an AWS Lambda function, passing in an MQTT message. | ||
| */ | ||
| export class LambdaAction implements iot.IAction { |
There was a problem hiding this comment.
Let's rename this to LambdaFunctionAction.
Co-authored-by: Adam Ruka <[email protected]>
mergify
bot
dismissed
skinny85’s stale review
Pull request has been modified.
|
@skinny85 I've addressed the comments!👍 |
There was a problem hiding this comment.
Looks perfect @yamatatsu, thanks for incorporating all of my comments!
skinny85
changed the title
skinny85
changed the title
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
|
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
I'm trying to implement aws-iot L2 Constructs. This PR is the next step of aws#16681 refar: - aws#16681 (comment) ---- *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
I'm trying to implement aws-iot L2 Constructs.
This PR is the next step of #16681
refar:
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license