Skip to content

Commit

Permalink
feat: Add AWS SAM Lambda function template for Hue API
Browse files Browse the repository at this point in the history
- Introduced `packaged-template.yml` with AWS SAM (Serverless Application Model) for deployment.
- Defined AWS IAM Role `HueLightingFunctionRole` for the Lambda function with `secretsmanager:GetSecretValue` and `logs:*` permissions.
- Specified resources for `hue-api/username` and `hue-api/bridge-ip` secrets within the policy document.
- Configured `HueLightingFunction` with a Python 3.12 runtime, 128 MB memory, 3-second timeout, and S3 code URI for Lambda function packaging.
- This template enables seamless deployment of the Hue API Lambda function with necessary permissions to access secrets and log actions.
  • Loading branch information
atxtechbro committed Sep 14, 2024
1 parent 088ccd7 commit c2f6c74
Showing 1 changed file with 40 additions and 0 deletions.
40 changes: 40 additions & 0 deletions packaged-template.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Hue API Lambda function template
Resources:
HueLightingFunctionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: HueLightingPolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- secretsmanager:GetSecretValue
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
Resource:
- arn:aws:secretsmanager:us-east-1:975049905873:secret:hue-api/username
- arn:aws:secretsmanager:us-east-1:975049905873:secret:hue-api/bridge-ip
HueLightingFunction:
Type: AWS::Serverless::Function
Properties:
Handler: lambda_function.lambda_handler
Runtime: python3.12
Role:
Fn::GetAtt:
- HueLightingFunctionRole
- Arn
CodeUri: s3://hue-api-lambda-deployment/408d4a86db54eb66a3e5cce6046f05d3
MemorySize: 128
Timeout: 3

0 comments on commit c2f6c74

Please sign in to comment.