diff --git a/aws-ts-lambda-efs/index.ts b/aws-ts-lambda-efs/index.ts index 2007175a5..ccf989619 100644 --- a/aws-ts-lambda-efs/index.ts +++ b/aws-ts-lambda-efs/index.ts @@ -38,17 +38,59 @@ export = async () => { rootDirectory: { path: "/www", creationInfo: { ownerGid: 1000, ownerUid: 1000, permissions: "755" } }, }, { dependsOn: targets }); + // Function to create a delay using setTimeout and a Promise + function delay(ms: number) { + return new Promise(resolve => setTimeout(resolve, ms)); + } + + // Create a Pulumi component resource that waits for 10 seconds + class WaitResource extends pulumi.ComponentResource { + constructor(name: string, args = {}, opts?: pulumi.ResourceOptions) { + super("custom:resource:WaitResource", name, args, opts); + + // Create a delay of 10 seconds + const wait = delay(60000).then(() => { + this.registerOutputs(); + }); + + // Register the wait promise as an output + this.registerOutputs({ wait }); + } + } + + // Instantiate the wait resource + const waitResource = new WaitResource("waitResource", {}, { dependsOn: targets }); + + const lambdaRole = new aws.iam.Role("lambda-role", { + assumeRolePolicy: JSON.stringify({ + Version: "2012-10-17", + Statement: [{ + Action: "sts:AssumeRole", + Principal: { + Service: "lambda.amazonaws.com", + }, + Effect: "Allow", + }], + }), + + managedPolicyArns: [ + aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole, + aws.iam.ManagedPolicy.LambdaFullAccess, + ], + }); + // Lambda function efsvpcCallback(name: string, f: aws.lambda.Callback) { return new aws.lambda.CallbackFunction(name, { - policies: [aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole, aws.iam.ManagedPolicy.LambdaFullAccess], + role: lambdaRole, + vpcConfig: { subnetIds: vpc.privateSubnetIds, securityGroupIds: [vpc.vpc.defaultSecurityGroupId], }, fileSystemConfig: { arn: ap.arn, localMountPath: "/mnt/storage" }, callback: f, - }, {dependsOn: targets}); + }, {dependsOn: [waitResource]}); } // API Gateway