in cluster-bootstrap/ekslogs_custom_resource.py [0:0]
def __init__(self, scope: Construct, id: str, eks_name: str, eks_arn: str, log_retention=None) -> None:
super().__init__(scope, id)
on_create = self.get_on_create_update(eks_name=eks_name)
lambda_role = iam.Role(self, "LambdaRole",
assumed_by=iam.ServicePrincipal(
'lambda.amazonaws.com'),
managed_policies=[iam.ManagedPolicy.from_aws_managed_policy_name(
"service-role/AWSLambdaBasicExecutionRole")],
)
lambda_policy = custom_resources.AwsCustomResourcePolicy.from_statements([
iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=["eks:UpdateClusterConfig"],
resources=["*"]
)
])
custom_resources.AwsCustomResource(scope=scope,
id=f'{id}-AWSCustomResource',
log_retention=log_retention,
on_create=on_create,
resource_type='Custom::AWS-EKS-Logs-Object',
role=lambda_role,
policy=lambda_policy
)