Updating s3 event sources to use new permissions feature rather than invocation role. Fixes #20.

Mitch Garnaat
Commit 0a3ec16f1c21c6d2336e6e3674b8ec51270ae8d6 0a3ec16f 1 parent 7af3b444
Showing 2 changed files with 9 additions and 2 deletions
kappa/event_source.py
samples/s3/config.yml
--- a/kappa/event_source.py
View file @0a3ec16
+++ b/kappa/event_source.py
View file @0a3ec16
@@ -135,8 +135,7 @@ class S3EventSource(EventSource):
             'CloudFunctionConfiguration': {
                 'Id': self._make_notification_id(function.name),
                 'Events': [e for e in self._config['events']],
-                 'CloudFunction': function.arn,
-                 'InvocationRole': self._context.invoke_role_arn}}
+                 'CloudFunction': function.arn}}
         try:
             response = self._s3.put_bucket_notification(
                 Bucket=self._get_bucket_name(),
@@ -154,6 +153,7 @@ class S3EventSource(EventSource):
             fn_arn = response['CloudFunctionConfiguration']['CloudFunction']
             if fn_arn == function.arn:
                 del response['CloudFunctionConfiguration']
+                 del response['ResponseMetadata']
                 response = self._s3.put_bucket_notification(
                     Bucket=self._get_bucket_name(),
                     NotificationConfiguration=response)
--- a/samples/s3/config.yml
View file @0a3ec16
+++ b/samples/s3/config.yml
View file @0a3ec16
@@ -22,6 +22,13 @@ lambda:
   timeout: 3
   mode: event
   test_data: input.json
+   permissions:
+     -
+       statement_id: s3_invoke
+       action: lambda:invokeFunction
+       principal: s3.amazonaws.com
+       # change this to refer to your own SNS topic
+       source_arn: arn:aws:s3:::test-1245812163
   event_sources:
     -
       arn: arn:aws:s3:::test-1245812163