Skip to content

Commit

Permalink
fix(iam): add back some of the kinesis iam
Browse files Browse the repository at this point in the history
  • Loading branch information
bassrock committed Jan 2, 2025
1 parent e199c8a commit 5da5da9
Show file tree
Hide file tree
Showing 10 changed files with 62 additions and 573 deletions.
4 changes: 2 additions & 2 deletions infrastructure/notes-api/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,11 @@
"@cdktf/provider-aws": "19.43.0",
"@cdktf/provider-local": "10.1.1",
"@cdktf/provider-null": "10.0.1",
"@pocket-tools/event-bridge": "workspace:*",
"@pocket-tools/terraform-modules": "workspace:*",
"cdktf": "0.20.10",
"cdktf-cli": "0.20.10",
"constructs": "10.4.2",
"@pocket-tools/event-bridge": "workspace:*"
"constructs": "10.4.2"
},
"devDependencies": {
"@pocket-tools/eslint-config": "workspace:*",
Expand Down
41 changes: 41 additions & 0 deletions infrastructure/user-list-search/lambda_codedeploy.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
resource "aws_iam_role" "lambda_codedeploy_role" {
name = "${local.prefix}-LambdaCodeDeployRole"
assume_role_policy = data.aws_iam_policy_document.codedeploy_assume_role.json
}


resource "aws_iam_role_policy_attachment" "lambda_codedeploy_role" {
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSCodeDeployRoleForLambda"
#Depending on the service there are different types.
role = aws_iam_role.lambda_codedeploy_role.name
}

resource "aws_iam_role" "lambda_role" {
name = "${local.prefix}-LambdaExecutionRole"
tags = local.tags
assume_role_policy = data.aws_iam_policy_document.lambda_assume.json
}

resource "aws_iam_role_policy_attachment" "lambda_role_xray_write" {
role = aws_iam_role.lambda_role.name
policy_arn = data.aws_iam_policy.aws_xray_write_only_access.arn
}

data "aws_iam_policy_document" "lambda_assume" {
version = "2012-10-17"

statement {
effect = "Allow"
actions = [
"sts:AssumeRole"
]

principals {
identifiers = [
"lambda.amazonaws.com"
]

type = "Service"
}
}
}
19 changes: 0 additions & 19 deletions infrastructure/user-list-search/metrics.tf
Original file line number Diff line number Diff line change
Expand Up @@ -246,25 +246,6 @@ module "dashboard_alarm" {
merge(local.metrics.list_item_update_lambda.throttles, { metadata = { color = "#ff7f0e", yAxis = "right" } }),
]
},
{
x = 0.0
y = 24.0
width = 12.0
height = 6.0
properties = {
title = "Event Kinesis Consumer"
stacked = false
region = data.aws_region.current.name,
stat = "Average"
period = 60
}
metrics = [
local.metrics.event_consumer_lambda.duration,
local.metrics.event_consumer_lambda.errors,
merge(local.metrics.event_consumer_lambda.iterator_age, { metadata = { yAxis = "right" } })
]

},
{
x = 12.0
y = 24.0
Expand Down
21 changes: 0 additions & 21 deletions infrastructure/user-list-search/metrics_alarm_definitions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -118,27 +118,6 @@ locals {
ok_actions = []
alarm_actions = []
}

event_consumer_lambda_errors = {
name = "${local.prefix}-EventConsumerLambdaErrors"
description = "More than 1 error for 3 consecutive minutes"

metrics = [
local.metrics.event_consumer_lambda.duration,
local.metrics.event_consumer_lambda.iterator_age,
local.metrics.event_consumer_lambda.errors
]

threshold = 10
operator = ">"
return_data_on_id = local.metrics.event_consumer_lambda.errors.id
// The kinesis consumer lambda that we listen on for item updates has more then 10 errors for 10 consecutive minutes
period = 60
breaches = 10
tags = local.tags
ok_actions = []
alarm_actions = []
}
}

# TODO: EventHandler metrics
Expand Down
29 changes: 0 additions & 29 deletions infrastructure/user-list-search/metrics_metric_definitions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -70,35 +70,6 @@ locals {
expression = "IF(user_list_import_queue_messages_deleted, user_list_import_queue_messages_deleted, 1)/IF(user_list_import_queue_messages_sent, user_list_import_queue_messages_sent, 1)*100",
}
}
event_consumer_lambda = {
duration = {
id = "event_consumer_lambda_duration"
namespace = "AWS/Lambda"
metric = "Duration"
statistic = "Sum"
dimensions = {
FunctionName = aws_lambda_function.unified_events_consumer.function_name
}
},
errors = {
id = "event_consumer_lambda_errors"
namespace = "AWS/Lambda"
metric = "Errors"
statistic = "Sum"
dimensions = {
FunctionName = aws_lambda_function.unified_events_consumer.function_name
}
},
iterator_age = {
id = "event_consumer_lambda_iterator_age"
namespace = "AWS/Lambda"
metric = "IteratorAge"
statistic = "Sum"
dimensions = {
FunctionName = aws_lambda_function.unified_events_consumer.function_name
}
}
}

list_item_import_lambda = {
invocations = {
Expand Down
2 changes: 1 addition & 1 deletion lambdas/user-list-search-events/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@
"test": "jest \"\\.spec\\.ts\" --runInBand --forceExit"
},
"dependencies": {
"@aws-sdk/client-sqs": "3.679.0",
"@aws-sdk/client-sqs": "3.716.0",
"@pocket-tools/event-bridge": "workspace:*",
"@pocket-tools/ts-logger": "workspace:*",
"@pocket-tools/types": "workspace:*",
Expand Down
5 changes: 4 additions & 1 deletion lambdas/user-list-search-indexing/src/helper.spec.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,10 @@ import { config } from './config';
import nock from 'nock';
import { processUserImport, processUserItem } from './helper';

import { UserItemsSqsMessage, UserListImportSqsMessage } from './types';
import {
UserItemsSqsMessage,
UserListImportSqsMessage,
} from '@pocket-tools/types';

describe('Item functions', () => {
describe('itemDelete', () => {
Expand Down
4 changes: 1 addition & 3 deletions packages/types/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -22,9 +22,7 @@
"build": "tsup src/index.ts --format cjs,esm --dts",
"dev": "pnpm run build --watch",
"format": "eslint --fix",
"lint": "eslint --fix-dry-run",
"test": "jest",
"test:watch": "pnpm run test -- --watch"
"lint": "eslint --fix-dry-run"
},
"dependencies": {},
"devDependencies": {
Expand Down
Loading

0 comments on commit 5da5da9

Please sign in to comment.