add cloudwatch trigger to lambda

lbernhard95 · Oct 28, 2024 · df05be5 · df05be5
1 parent 2dc93dd
commit df05be5
Show file tree

Hide file tree

Showing 2 changed files with 53 additions and 0 deletions.
diff --git a/infrastructure/cloudwatch.tf b/infrastructure/cloudwatch.tf
@@ -2,3 +2,15 @@ resource "aws_cloudwatch_log_group" "tasks_service" {
   name              = "/aws/lambda/schafkopf_scheduler"
   retention_in_days = 30
 }
+
+
+resource "aws_cloudwatch_event_rule" "every_day_at_five" {
+  name                = "every_day_at_five"
+  schedule_expression = "cron(0 5 * * ? *)"  # This triggers at 5 AM UTC every day
+}
+
+resource "aws_cloudwatch_event_target" "lambda_target" {
+  rule      = aws_cloudwatch_event_rule.every_day_at_five.name
+  target_id = "MyLambdaFunction"
+  arn       = aws_lambda_function.schafkopf_scheduler.arn
+}
diff --git a/infrastructure/lambda.tf b/infrastructure/lambda.tf
@@ -33,3 +33,44 @@ resource "aws_iam_role" "schafkopf_scheduler" {
     ]
   })
 }
+
+
+resource "aws_iam_policy" "schafkopf_scheduler" {
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Effect = "Allow"
+        Action = "logs:CreateLogGroup"
+        Resource = "*"
+      },
+      {
+        Effect = "Allow"
+        Action = "logs:CreateLogStream"
+        Resource = "*"
+      },
+      {
+        Effect = "Allow"
+        Action = "logs:PutLogEvents"
+        Resource = "*"
+      },
+    ]
+  })
+}
+
+
+resource "aws_iam_role_policy_attachment" "schafkopf_scheduler" {
+  role       = aws_iam_role.schafkopf_scheduler.name
+  policy_arn = aws_iam_policy.schafkopf_scheduler.arn
+}
+
+
+resource "aws_lambda_permission" "allow_cloudwatch" {
+  statement_id  = "AllowExecutionFromCloudWatch"
+  action        = "lambda:InvokeFunction"
+  function_name = aws_lambda_function.schafkopf_scheduler.function_name
+  principal     = "events.amazonaws.com"
+
+  # Reference the ARN of the CloudWatch event rule
+  source_arn    = aws_cloudwatch_event_rule.every_day_at_five.arn
+}