in datasync_log_prep/lambda_function.py [0:0]
def datasynclogprep(event,context):
logger.info("Got Create/Update")
# Get TaskARN from Task ID
allTasks = ds.list_tasks()
for tasks in allTasks['Tasks']:
if re.search(r'.*\/(.*)',tasks['TaskArn']).group(1) == task_id:
taskARN = tasks['TaskArn']
# Check that target is S3, otherwise exit
taskInfo = ds.describe_task(TaskArn=taskARN)
destLocArn = taskInfo['DestinationLocationArn']
testLocation(destLocArn)
# Add permission for Cloudwatch Logs to call Lambda
lam.add_permission(FunctionName=lambdaFunction,StatementId='datasynccwlambda',Action='lambda:InvokeFunction',Principal=principal,SourceArn=log_grp,SourceAccount=account)
# Update the Task to add logging
log_group = log_grp.rstrip(r':*')
ds.update_task(TaskArn=taskARN,Options={'LogLevel':'TRANSFER'}, CloudWatchLogGroupArn=log_group)
logs.put_resource_policy(policyName='trustDataSyncEvents',policyDocument='{ "Statement": [ {"Sid": "DataSyncLogsToCloudWatchLogs", "Effect": "Allow", "Action": ["logs:PutLogEvents"], "Principal": { "Service": "datasync.amazonaws.com" }, "Resource": "'+log_grp+'" } ], "Version": "2012-10-17"}')
logs.put_resource_policy(policyName='trustDataSyncStream',policyDocument='{ "Statement": [ {"Sid": "DataSyncLogsToCloudWatchLogs", "Effect": "Allow", "Action": ["logs:CreateLogStream"], "Principal": { "Service": "datasync.amazonaws.com" }, "Resource": "'+log_group+'" } ], "Version": "2012-10-17"}')