/
lambda_permissions.go
77 lines (70 loc) · 2.68 KB
/
lambda_permissions.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package aws_lambda
import (
"context"
"net/http"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/lambda"
"github.com/aws/aws-sdk-go-v2/service/lambda/types"
"github.com/rs/zerolog/log"
)
const zeusCloudOrigin = "https://cloud.zeus.fyi"
// MakeEthereumSignerFuncPublic uses the EthereumSignerFunctionName to make the function public
func (l *LambdaClientAWS) MakeEthereumSignerFuncPublic(ctx context.Context) (*lambda.AddPermissionOutput, error) {
input := &lambda.AddPermissionInput{
Action: aws.String("lambda:InvokeFunctionUrl"),
FunctionName: aws.String(EthereumSignerFunctionName),
Principal: aws.String("*"),
StatementId: aws.String("FunctionURLAllowPublicAccess"),
FunctionUrlAuthType: types.FunctionUrlAuthTypeNone,
}
resp, err := l.AddPermission(ctx, input)
if err != nil {
log.Ctx(ctx).Err(err).Msg("LambdaClientAWS: MakeFuncPublic: error making function public")
return resp, err
}
return resp, err
}
func (l *LambdaClientAWS) GetLambdaConfigURL(ctx context.Context, functionName string) (*lambda.GetFunctionUrlConfigOutput, error) {
input := &lambda.GetFunctionUrlConfigInput{
FunctionName: aws.String(functionName),
}
resp, err := l.GetFunctionUrlConfig(ctx, input)
if err != nil {
log.Ctx(ctx).Err(err).Msg("LambdaClientAWS: GetLambdaConfigURL: error getting function url config")
return resp, err
}
return resp, err
}
func (l *LambdaClientAWS) MakeLambdaURL(ctx context.Context, lambdaName string) (*lambda.CreateFunctionUrlConfigOutput, error) {
input := &lambda.CreateFunctionUrlConfigInput{
AuthType: types.FunctionUrlAuthTypeAwsIam,
FunctionName: aws.String(lambdaName),
Cors: &types.Cors{
AllowCredentials: aws.Bool(true),
AllowHeaders: []string{"*"},
AllowMethods: []string{http.MethodPost},
AllowOrigins: []string{zeusCloudOrigin},
},
}
resp, err := l.CreateFunctionUrlConfig(ctx, input)
if err != nil {
log.Ctx(ctx).Err(err).Msg("LambdaClientAWS: MakeLambdaURL: error making function public")
return resp, err
}
return resp, err
}
func (l *LambdaClientAWS) MakeLambdaFuncAuthIAM(ctx context.Context, lambdaName string) (*lambda.AddPermissionOutput, error) {
input := &lambda.AddPermissionInput{
Action: aws.String("lambda:InvokeFunctionUrl"),
FunctionName: aws.String(lambdaName),
Principal: aws.String("*"),
StatementId: aws.String("FunctionURLAllowAuthIAMAccess"),
FunctionUrlAuthType: types.FunctionUrlAuthTypeAwsIam,
}
resp, err := l.AddPermission(ctx, input)
if err != nil {
log.Ctx(ctx).Err(err).Msg("LambdaClientAWS: MakeLambdaFuncAuthIAM: error making function iam")
return resp, err
}
return resp, err
}