Skip to content

Permission

Source: src/AWS/Lambda/Permission.ts

A Lambda permission that grants an AWS service or another account permission to invoke a function.

Granting Permissions

Section titled “Granting Permissions”

S3 Notification Permission

const perm = yield* Permission("S3Invoke", {
  action: "lambda:InvokeFunction",
  functionName: yield* fn.functionArn(),
  principal: "s3.amazonaws.com",
  sourceArn: yield* bucket.bucketArn,
  sourceAccount: (yield* AWSEnvironment).accountId,
});

Cross Account Invoke

const perm = yield* Permission("CrossAccount", {
  action: "lambda:InvokeFunction",
  functionName: yield* fn.functionArn(),
  principal: "123456789012",
});

Public Function URL

const perm = yield* Permission("PublicUrl", {
  action: "lambda:InvokeFunctionUrl",
  functionName: yield* fn.functionArn(),
  principal: "*",
  functionUrlAuthType: "NONE",
});