Hey I have a remix app using architect <https arc codes> and Serverless Stack #help

Hey! I have a remix app using architect (<https://...

Tobias T

05/30/2022, 12:43 PM

Hey! I have a remix app using architect (https://arc.codes) and I want the catch-all lambda I get from architect that to have access to my SST backend. What's the best way to give the lambda permissions ?

Thomas Ankcorn

05/30/2022, 12:54 PM

Create a policy in your SST app to access the resources that you want your catch all lambda to access and then list that policy under the

@aws

pragma in your .arc file https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_iam.PolicyStatement.html https://arc.codes/docs/en/reference/project-manifest/aws#examples

Tobias T

05/30/2022, 12:55 PM

cool! I'll try that

Tobias T

05/30/2022, 1:21 PM

do not know if Im on the right track here..

Copy code

const policy = new iam.ManagedPolicy(this, "AuthPolicy", {
    statements: [
      new iam.PolicyStatement({
        effect: iam.Effect.ALLOW,
        actions: ["cognito-idp:AdminCreateUser"],
        resources: [auth.userPoolArn],
      }),
    ],
  });

Do I attach this policy to the

app

in my index.ts ?

Tobias T

05/30/2022, 2:44 PM

@Thomas Ankcorn can you point me in the right direction? 🙂

Thomas Ankcorn

05/30/2022, 3:31 PM

I think you would want to take a stack for it and pass in the resources you want to expose, how you do it depends on which SST version you are using

Thomas Ankcorn

05/30/2022, 3:31 PM

https://www.youtube.com/watch?v=cqzgAJvUQCg&t=390s▾

Thomas Ankcorn

05/30/2022, 3:32 PM

this video might help :_

Tobias T

05/30/2022, 3:39 PM

I have my stack already setup using the new v1 functional stacks, I just want to figure out how to create a new policy and attach it to my stacks. Something like this? Or should it be created on the "root stack" ?

Copy code

auth.cdk.unauthRole.addToPolicy(
    new iam.PolicyStatement({
            effect: iam.Effect.ALLOW,
            actions: ["cognito-idp:AdminCreateUser"],
            resources: [auth.userPoolArn],
          }),
  );

Tobias T

05/30/2022, 3:40 PM

Right now I have made a workaround where I create the policy in the AWS console and attach it to arc using the ARN, but I would ideally want to create the policy in code

justindra

05/30/2022, 4:01 PM

Hey @Tobias T, I was looking into using remix in SST too. Curious, are you just setting an API Gateway endpoint to Lambda for this or are you using Lambda@Edge/Cloudfront to cache the requests?

Tobias T

05/30/2022, 4:15 PM

@justindra we are using Architect for the remix parts and our backend is in SST.

Tobias T

05/30/2022, 4:19 PM

not ideal but we found remix / arc before we found SST 🙂

Thomas Ankcorn

05/30/2022, 4:30 PM

remix uses api gateway endpoint to lambda I believe you can enable cloudfront with 1 line of config with arc but can’t remember as it has been a while

justindra

05/30/2022, 5:05 PM

Cool thanks! Will probably try if it works this weekend

Klaus

05/30/2022, 7:04 PM

@Tobias T in case

fn

is a reference to your function, you could follow the examples above

6 Views

Open in Slack

Previous Next