diff --git a/tf-module/marketplace/s3_bucket_creation.tf b/tf-module/marketplace/s3_bucket_creation.tf index d2c7a932..258d7ed1 100644 --- a/tf-module/marketplace/s3_bucket_creation.tf +++ b/tf-module/marketplace/s3_bucket_creation.tf @@ -35,7 +35,8 @@ resource "aws_s3_bucket_policy" "market_bucket" { policy = templatefile("${path.module}/s3_bucket_policy.json", { udsAwsAccount: data.aws_ssm_parameter.uds_aws_account.value, s3BucketName: aws_s3_bucket.market_bucket.id, - cumulus_lambda_processing_role_name: "${data.aws_ssm_parameter.uds_prefix.value}-${var.cumulus_lambda_processing_role_name_postfix}" + cumulus_lambda_processing_role_name: "${data.aws_ssm_parameter.uds_prefix.value}-${var.cumulus_lambda_processing_role_name_postfix}", + cumulus_sf_lambda_role_name: "${data.aws_ssm_parameter.uds_prefix.value}${var.cumulus_sf_lambda_role_name_postfix}", }) } diff --git a/tf-module/marketplace/s3_bucket_policy.json b/tf-module/marketplace/s3_bucket_policy.json index fb8624af..320c4aed 100644 --- a/tf-module/marketplace/s3_bucket_policy.json +++ b/tf-module/marketplace/s3_bucket_policy.json @@ -7,7 +7,8 @@ "Principal": { "Service": "s3.amazonaws.com", "AWS": [ - "arn:aws:iam::${udsAwsAccount}:role/${cumulus_lambda_processing_role_name}" + "arn:aws:iam::${udsAwsAccount}:role/${cumulus_lambda_processing_role_name}", + "arn:aws:iam::${udsAwsAccount}:role/${cumulus_sf_lambda_role_name}" ] }, "Action": [ diff --git a/tf-module/marketplace/variables.tf b/tf-module/marketplace/variables.tf index b586c926..fc6218c4 100644 --- a/tf-module/marketplace/variables.tf +++ b/tf-module/marketplace/variables.tf @@ -53,3 +53,9 @@ variable "cumulus_lambda_processing_role_name_postfix" { description = "name of the Lambda Processing role by Cumulus after `prefix`" } +variable "cumulus_sf_lambda_role_name_postfix" { + type = string + default = "_sf_event_sqs_to_db_records_lambda_role" + description = "name of the Lambda role by Cumulus SF after `prefix`" +} +