Skip to content

Commit 3d949fd

Browse files
kris-szlapakris-szlapa
committed
Remove other policies
1 parent 78f138f commit 3d949fd

File tree

1 file changed

+9
-30
lines changed

1 file changed

+9
-30
lines changed

packages/cdk/stacks/EpsAssistMeStack.ts

Lines changed: 9 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -376,6 +376,14 @@ export class EpsAssistMeStack extends Stack {
376376
]
377377
})
378378

379+
// ==== Lambda self-invoke policy (needed for Slack Bolt lazy handlers) ====
380+
// const slackLambdaSelfInvokePolicy = new PolicyStatement({
381+
// actions: ["lambda:InvokeFunction"],
382+
// resources: [
383+
// slackBotLambda.function.functionArn
384+
// ]
385+
// })
386+
379387
// ==== Lambda environment variables ====
380388
const lambdaEnv: {[key: string]: string} = {
381389
RAG_MODEL_ID: "anthropic.claude-3-sonnet-20240229-v1:0",
@@ -405,38 +413,9 @@ export class EpsAssistMeStack extends Stack {
405413
additionalPolicies: []
406414
})
407415

408-
// ==== Lambda self-invoke policy (needed for Slack Bolt lazy handlers) ====
409-
const slackLambdaSelfInvokePolicy = new PolicyStatement({
410-
actions: ["lambda:InvokeFunction"],
411-
resources: [
412-
slackBotLambda.function.functionArn
413-
]
414-
})
415-
416-
// ==== Bedrock model invocation policy ====
417-
const slackLambdaBedrockModelPolicy = new PolicyStatement({
418-
actions: ["bedrock:InvokeModel"],
419-
resources: [`arn:aws:bedrock:${region}::foundation-model/${lambdaEnv.RAG_MODEL_ID}`]
420-
})
421-
422-
// ==== Bedrock KB retrieve and retrieveAndGenerate policy ====
423-
const slackLambdaBedrockKbPolicy = new PolicyStatement({
424-
actions: ["bedrock:Retrieve", "bedrock:RetrieveAndGenerate"],
425-
resources: [`arn:aws:bedrock:${region}:${account}:knowledge-base/${kb.attrKnowledgeBaseId}`]
426-
})
427-
428-
// ==== Guardrail policy ====
429-
const slackLambdaGuardrailPolicy = new PolicyStatement({
430-
actions: ["bedrock:ApplyGuardrail"],
431-
resources: [`arn:aws:bedrock:${region}:${account}:guardrail/*`]
432-
})
433-
434416
// ==== Attach all policies to SlackBot Lambda role ====
435417
slackBotLambda.function.addToRolePolicy(slackLambdaSSMPolicy)
436-
slackBotLambda.function.addToRolePolicy(slackLambdaSelfInvokePolicy)
437-
slackBotLambda.function.addToRolePolicy(slackLambdaBedrockModelPolicy)
438-
slackBotLambda.function.addToRolePolicy(slackLambdaBedrockKbPolicy)
439-
slackBotLambda.function.addToRolePolicy(slackLambdaGuardrailPolicy)
418+
// slackBotLambda.function.addToRolePolicy(slackLambdaSelfInvokePolicy)
440419

441420
// ==== API Gateway & Slack Route ====
442421
const apiGateway = new RestApiGateway(this, "EpsAssistApiGateway", {

0 commit comments

Comments
 (0)