Merge branch 'PRMT-574' of github.com:nhsconnect/national-document-repository-infrastructure into PRMT-575

Author: samfallowfield

infrastructure/iam.tf

@@ -196,6 +196,25 @@ resource "aws_iam_policy" "lambda_toggle_bulk_upload_policy" {
   policy = data.aws_iam_policy_document.lambda_toggle_bulk_upload_document.json
 }
 
+data "aws_iam_policy_document" "v2_lambda_toggle_bulk_upload_document" {
+  statement {
+    effect = "Allow"
+
+    actions = [
+      "lambda:UpdateEventSourceMapping",
+      "lambda:GetEventSourceMapping"
+    ]
+
+    resources = [
+      aws_lambda_event_source_mapping.v2_bulk_upload_lambda.arn
+    ]
+  }
+}
+
+resource "aws_iam_policy" "v2_lambda_toggle_bulk_upload_policy" {
+  name   = "${terraform.workspace}_v2_lambda_toggle_bulk_upload_policy"
+  policy = data.aws_iam_policy_document.v2_lambda_toggle_bulk_upload_document.json
+}
 
 data "aws_iam_policy_document" "assume_role_policy_for_ods_report_lambda" {
   statement {

infrastructure/lambda-v2-toggle-bulk-upload.tf

@@ -0,0 +1,19 @@
+module "v2-toggle-bulk-upload-lambda" {
+  source         = "./modules/lambda"
+  name           = "V2ToggleBulkUploadLambda"
+  handler        = "handlers.toggle_bulk_upload_handler.lambda_handler"
+  lambda_timeout = 60
+  memory_size    = 128
+
+  iam_role_policy_documents = [
+    data.aws_iam_policy_document.v2_lambda_toggle_bulk_upload_document.json
+  ]
+
+  lambda_environment_variables = {
+    ESM_UUID = aws_lambda_event_source_mapping.v2_bulk_upload_lambda.uuid
+  }
+
+  is_gateway_integration_needed = false
+  is_invoked_from_gateway       = false
+}
+

infrastructure/schedules.tf

@@ -225,3 +225,33 @@ resource "aws_lambda_permission" "toggle_bulk_upload_disable_permission" {
   principal     = "events.amazonaws.com"
   source_arn    = aws_cloudwatch_event_rule.bulk_upload_disable_rule.arn
 }
+
+resource "aws_cloudwatch_event_target" "v2_bulk_upload_enable_target" {
+  rule      = aws_cloudwatch_event_rule.bulk_upload_enable_rule.name
+  target_id = "v2-toggle-bulk-upload-enable"
+  arn       = module.v2-toggle-bulk-upload-lambda.lambda_arn
+  input     = jsonencode({ action = "enable" })
+}
+
+resource "aws_cloudwatch_event_target" "v2_bulk_upload_disable_target" {
+  rule      = aws_cloudwatch_event_rule.bulk_upload_disable_rule.name
+  target_id = "v2-toggle-bulk-upload-disable"
+  arn       = module.v2-toggle-bulk-upload-lambda.lambda_arn
+  input     = jsonencode({ action = "disable" })
+}
+
+resource "aws_lambda_permission" "v2_toggle_bulk_upload_enable_permission" {
+  statement_id  = "AllowExecutionFromCloudWatchEnable"
+  action        = "lambda:InvokeFunction"
+  function_name = module.v2-toggle-bulk-upload-lambda.function_name
+  principal     = "events.amazonaws.com"
+  source_arn    = aws_cloudwatch_event_rule.bulk_upload_enable_rule.arn
+}
+
+resource "aws_lambda_permission" "v2_toggle_bulk_upload_disable_permission" {
+  statement_id  = "AllowExecutionFromCloudWatchDisable"
+  action        = "lambda:InvokeFunction"
+  function_name = module.v2-toggle-bulk-upload-lambda.function_name
+  principal     = "events.amazonaws.com"
+  source_arn    = aws_cloudwatch_event_rule.bulk_upload_disable_rule.arn
+}