diff --git a/lib/plugins/aws/lib/naming.js b/lib/plugins/aws/lib/naming.js index db263aae2..3b4f3cf4a 100644 --- a/lib/plugins/aws/lib/naming.js +++ b/lib/plugins/aws/lib/naming.js @@ -446,6 +446,9 @@ module.exports = { getLambdaAlbPermissionLogicalId(functionName) { return `${this.getNormalizedFunctionName(functionName)}LambdaPermissionAlb`; }, + getLambdaRegisterTargetPermissionLogicalId(functionName) { + return `${this.getNormalizedFunctionName(functionName)}LambdaPermissionRegisterTarget`; + }, // Custom Resources getCustomResourcesArtifactDirectoryName() { diff --git a/lib/plugins/aws/lib/naming.test.js b/lib/plugins/aws/lib/naming.test.js index 0d5521444..cedbb3d0d 100644 --- a/lib/plugins/aws/lib/naming.test.js +++ b/lib/plugins/aws/lib/naming.test.js @@ -662,6 +662,14 @@ describe('#naming()', () => { ); }); }); + + describe('#getLambdaRegisterTargetPermissionLogicalId()', () => { + it('should normalize the function name and add the correct suffix', () => { + expect(sdk.naming.getLambdaRegisterTargetPermissionLogicalId('functionName')).to.equal( + 'FunctionNameLambdaPermissionRegisterTarget' + ); + }); + }); }); describe('#getQueueLogicalId()', () => { diff --git a/lib/plugins/aws/package/compile/events/alb/lib/permissions.js b/lib/plugins/aws/package/compile/events/alb/lib/permissions.js index 80df61ba2..5f28a9791 100644 --- a/lib/plugins/aws/package/compile/events/alb/lib/permissions.js +++ b/lib/plugins/aws/package/compile/events/alb/lib/permissions.js @@ -1,27 +1,44 @@ 'use strict'; +const _ = require('lodash'); + module.exports = { compilePermissions() { this.validated.events.forEach(event => { - const { functionName } = event; + const { functionName, albId } = event; const lambdaLogicalId = this.provider.naming.getLambdaLogicalId(functionName); const albPermissionLogicalId = this.provider.naming.getLambdaAlbPermissionLogicalId( functionName ); + const registerTargetPermissionLogicalId = this.provider.naming.getLambdaRegisterTargetPermissionLogicalId( + functionName + ); + const targetGroupLogicalId = this.provider.naming.getAlbTargetGroupLogicalId( + functionName, + albId + ); - Object.assign(this.serverless.service.provider.compiledCloudFormationTemplate.Resources, { - [albPermissionLogicalId]: { - Type: 'AWS::Lambda::Permission', - Properties: { - FunctionName: { - 'Fn::GetAtt': [lambdaLogicalId, 'Arn'], - }, - Action: 'lambda:InvokeFunction', - Principal: 'elasticloadbalancing.amazonaws.com', + const albInvokePermission = { + Type: 'AWS::Lambda::Permission', + Properties: { + FunctionName: { + 'Fn::GetAtt': [lambdaLogicalId, 'Arn'], }, - DependsOn: [lambdaLogicalId], + Action: 'lambda:InvokeFunction', + Principal: 'elasticloadbalancing.amazonaws.com', }, + }; + + _.merge(this.serverless.service.provider.compiledCloudFormationTemplate.Resources, { + [albPermissionLogicalId]: _.merge({}, albInvokePermission, { + Properties: { + SourceArn: { + Ref: targetGroupLogicalId, + }, + }, + }), + [registerTargetPermissionLogicalId]: albInvokePermission, }); }); }, diff --git a/lib/plugins/aws/package/compile/events/alb/lib/permissions.test.js b/lib/plugins/aws/package/compile/events/alb/lib/permissions.test.js index 16473e379..6da84a44e 100644 --- a/lib/plugins/aws/package/compile/events/alb/lib/permissions.test.js +++ b/lib/plugins/aws/package/compile/events/alb/lib/permissions.test.js @@ -31,6 +31,7 @@ describe('#compilePermissions()', () => { host: 'example.com', path: '/hello', }, + albId: '50dc6c495c0c9188', }, { functionName: 'second', @@ -42,6 +43,7 @@ describe('#compilePermissions()', () => { conditions: { path: '/world', }, + albId: '50dc6c495c0c9188', }, ], }; @@ -52,6 +54,19 @@ describe('#compilePermissions()', () => { awsCompileAlbEvents.serverless.service.provider.compiledCloudFormationTemplate.Resources; expect(resources.FirstLambdaPermissionAlb).to.deep.equal({ + Type: 'AWS::Lambda::Permission', + Properties: { + Action: 'lambda:InvokeFunction', + FunctionName: { + 'Fn::GetAtt': ['FirstLambdaFunction', 'Arn'], + }, + Principal: 'elasticloadbalancing.amazonaws.com', + SourceArn: { + Ref: 'FirstAlbTargetGroup50dc6c495c0c9188', + }, + }, + }); + expect(resources.FirstLambdaPermissionRegisterTarget).to.deep.equal({ Type: 'AWS::Lambda::Permission', Properties: { Action: 'lambda:InvokeFunction', @@ -60,9 +75,22 @@ describe('#compilePermissions()', () => { }, Principal: 'elasticloadbalancing.amazonaws.com', }, - DependsOn: ['FirstLambdaFunction'], }); expect(resources.SecondLambdaPermissionAlb).to.deep.equal({ + Type: 'AWS::Lambda::Permission', + Properties: { + Action: 'lambda:InvokeFunction', + FunctionName: { + 'Fn::GetAtt': ['SecondLambdaFunction', 'Arn'], + }, + Principal: 'elasticloadbalancing.amazonaws.com', + SourceArn: { + Ref: 'SecondAlbTargetGroup50dc6c495c0c9188', + }, + }, + }); + + expect(resources.SecondLambdaPermissionRegisterTarget).to.deep.equal({ Type: 'AWS::Lambda::Permission', Properties: { Action: 'lambda:InvokeFunction', @@ -71,7 +99,6 @@ describe('#compilePermissions()', () => { }, Principal: 'elasticloadbalancing.amazonaws.com', }, - DependsOn: ['SecondLambdaFunction'], }); }); }); diff --git a/lib/plugins/aws/package/compile/events/alb/lib/targetGroups.js b/lib/plugins/aws/package/compile/events/alb/lib/targetGroups.js index 16ae779f4..e663caa75 100644 --- a/lib/plugins/aws/package/compile/events/alb/lib/targetGroups.js +++ b/lib/plugins/aws/package/compile/events/alb/lib/targetGroups.js @@ -10,7 +10,7 @@ module.exports = { albId ); const lambdaLogicalId = this.provider.naming.getLambdaLogicalId(functionName); - const lambdaPermissionLogicalId = this.provider.naming.getLambdaAlbPermissionLogicalId( + const registerTargetPermissionLogicalId = this.provider.naming.getLambdaRegisterTargetPermissionLogicalId( functionName ); @@ -34,7 +34,7 @@ module.exports = { }, ], }, - DependsOn: [lambdaPermissionLogicalId], + DependsOn: [registerTargetPermissionLogicalId], }, }); }); diff --git a/lib/plugins/aws/package/compile/events/alb/lib/targetGroups.test.js b/lib/plugins/aws/package/compile/events/alb/lib/targetGroups.test.js index 335aee1ee..afd9d3eed 100644 --- a/lib/plugins/aws/package/compile/events/alb/lib/targetGroups.test.js +++ b/lib/plugins/aws/package/compile/events/alb/lib/targetGroups.test.js @@ -85,7 +85,7 @@ describe('#compileTargetGroups()', () => { }, ], }, - DependsOn: ['FirstLambdaPermissionAlb'], + DependsOn: ['FirstLambdaPermissionRegisterTarget'], }); expect(resources.SecondAlbTargetGroup50dc6c495c0c9188).to.deep.equal({ Type: 'AWS::ElasticLoadBalancingV2::TargetGroup', @@ -106,7 +106,7 @@ describe('#compileTargetGroups()', () => { }, ], }, - DependsOn: ['SecondLambdaPermissionAlb'], + DependsOn: ['SecondLambdaPermissionRegisterTarget'], }); // Target groups are unique to functions/albs, so there should only be 2 target groups expect(Object.keys(resources).length).to.be.equal(2);