in dcv_session_manager_infrastructure/dcv_session_manager_infrastructure_stack.py [0:0]
def create_lambda(self, lb_enginframe):
# Lambda role
lambda_role = iam.Role(
self, id="LambdaRole", assumed_by=iam.ServicePrincipal("lambda.amazonaws.com"))
lambda_role.add_to_policy(
iam.PolicyStatement(
effect=iam.Effect.ALLOW,
actions=[
"acm:ImportCertificate",
"acm:ListCertificates",
"acm:DeleteCertificate",
"acm:DescribeCertificate",
"logs:CreateLogStream",
"logs:CreateLogGroup",
"logs:PutLogEvents"
],
resources=["*"],
)
)
# Lambda to create the ALB https certificate
lambda_cert = _lambda.Function(self, "lambda_create_cert",
runtime=_lambda.Runtime.PYTHON_3_7,
handler="cert.lambda_handler",
code=_lambda.Code.asset("./lambda"),
timeout=core.Duration.seconds(600),
role=lambda_role)
lambda_cs = CustomResource(
self, "Resource1",
service_token=lambda_cert.function_arn,
properties={
"LoadBalancerDNSName": lb_enginframe.load_balancer_dns_name
}
)
return lambda_cs