Skip to content

Commit 76fe6b9

Browse files
committed
Update policies
1 parent 4d38605 commit 76fe6b9

File tree

3 files changed

+47
-20
lines changed

3 files changed

+47
-20
lines changed

README.md

Lines changed: 29 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
## Overview
88

9-
This repository contains the infrastructure for the Serverless Workshop.
9+
This repository contains the infrastructure for the Serverless Workshop, which aims to provide a hands-on experience with serverless architecture using AWS services. The project utilizes AWS CDK (Cloud Development Kit) to define cloud infrastructure as code.
1010

1111
## Prerequisites
1212

@@ -20,38 +20,49 @@ Ensure that your development environment is set up with the following tools:
2020

2121
In addition to these, your system must be properly configured with AWS credentials, possessing necessary permissions to deploy the service. For a seamless AWS credential management experience, we recommend using [aws-vault](https://github.com/99designs/aws-vault).
2222

23-
### Setup the local development environment
23+
## Setting Up the Local Development Environment
2424

25-
Start by cloning this repository:
25+
1. Start by cloning this repository:
2626

27-
$ git clone git@github.com:56kcloud/serverless-workshop.git
27+
```bash
28+
git clone git@github.com:56kcloud/serverless-workshop.git
29+
```
2830

29-
Create a virtual Python envrionement and install dependencies:
31+
2. Create a virtual Python environment and install dependencies:
3032

31-
$ cd serverless-workshop
32-
$ python3.9 -m venv .venv
33-
$ source .venv/bin/activate
34-
$ pip install -r requirements-dev.txt
33+
```bash
34+
cd serverless-workshop
35+
python3.9 -m venv .venv
36+
source .venv/bin/activate
37+
pip install -r requirements-dev.txt
38+
```
3539

40+
## Testing
3641

37-
### Testing
38-
39-
Run Python tests:
40-
41-
$ python -m pytest -v test.py --cov=stacks --cov-report=html
42+
Run Python tests to ensure everything is functioning correctly:
4243

44+
```bash
45+
python -m pytest -v test.py --cov=stacks --cov-report=html
46+
```
4347

4448
## Deployment
4549

50+
### Bootstrapping
4651

47-
**Bootstrapping**
48-
49-
To deploy AWS CDK apps into an AWS [environment](https://docs.aws.amazon.com/cdk/v2/guide/bootstrapping.html), you will need to provision the necessary resources.
52+
To deploy AWS CDK apps into an AWS [environment](https://docs.aws.amazon.com/cdk/v2/guide/bootstrapping.html), you will need to provision the necessary resources. Run the following command:
5053

5154
```bash
5255
aws-vault exec shared-services-full-access -- cdk bootstrap
5356
```
5457

5558
### Live Infrastructure Deployment
5659

57-
Please note that the deployment process is automatically triggered via a Github action when `serverless-workshop` is pushed.
60+
Please note that the deployment process is automatically triggered via a GitHub action when changes are pushed to the `serverless-workshop` repository.
61+
62+
## Contributing
63+
64+
We welcome contributions to this project! Please fork the repository and submit a pull request for any changes or improvements.
65+
66+
## License
67+
68+
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.

lambdas/api/handler.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ def handle(event, context):
1616
return {
1717
'statusCode': 200,
1818
'headers': {'Content-Type': 'application/json'},
19-
'body': json.dumps({"message": f"hello {team} !"})
19+
'body': json.dumps({"message": f"Hello {team} !"})
2020
}
2121
else:
2222
return {

stacks/oidc_provider.py

Lines changed: 17 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,22 @@ def __init__(self, scope: Construct, id: str, **kwargs) -> None:
3131
),
3232
max_session_duration=Duration.hours(1),
3333
managed_policies=[
34-
iam.ManagedPolicy.from_aws_managed_policy_name("AdministratorAccess")
34+
iam.ManagedPolicy.from_aws_managed_policy_name("AWSCloudFormationFullAccess"),
35+
iam.ManagedPolicy.from_aws_managed_policy_name("AWSLambda_FullAccess"),
36+
iam.ManagedPolicy.from_aws_managed_policy_name("AmazonAPIGatewayAdministrator"),
37+
iam.ManagedPolicy.from_aws_managed_policy_name("AmazonSSMFullAccess"),
38+
iam.ManagedPolicy.from_aws_managed_policy_name("AmazonS3FullAccess"),
3539
]
3640
)
41+
42+
self.role.add_to_policy(iam.PolicyStatement(
43+
actions=[
44+
"cloudformation:*",
45+
"s3:*",
46+
"iam:*",
47+
"lambda:*",
48+
"logs:*"
49+
],
50+
resources="*"
51+
52+
))

0 commit comments

Comments
 (0)