in lib/qldb-tables-provisioning.ts [66:97]
constructor(scope: cdk.Construct, id: string) {
super(scope, id);
const providerLambdaFn = new lambda.Function(this, 'HandlerLambda', {
handler: 'index.onEvent',
runtime: lambda.Runtime.NODEJS_12_X,
code: lambda.Code.fromAsset(path.join(__dirname, './lambda/createQldbTables/output')),
timeout: cdk.Duration.minutes(5),
tracing: lambda.Tracing.ACTIVE
});
// Assign QLDB ledger access to custom resource provider Lambda so that it can create tables and populate initial data
// into tables.
const lambdaFunctionPolicyStmQldb = new iam.PolicyStatement();
lambdaFunctionPolicyStmQldb.addActions(
// Allows the Lambda function to access QLDB ledger
"qldb:UpdateLedger",
"qldb:List*",
"qldb:Describe*",
"qldb:Get*",
"qldb:TagResource",
"qldb:UntagResource",
"qldb:SendCommand"
);
lambdaFunctionPolicyStmQldb.addAllResources();
providerLambdaFn.addToRolePolicy(lambdaFunctionPolicyStmQldb);
this.provider = new cr.Provider(this, 'Provider', {
onEventHandler: providerLambdaFn
});
};