iam

Author: horike37

lib/index.js

@@ -31,6 +31,66 @@ class AwsStepFunctionsDeploy {
     this.hooks = {
       'deploy:stepf:deploy': this.action.bind(this),
     };
+
+    this.iamPolicyStatement = `{
+      "Version": "2012-10-17",
+      "Statement": [
+        {
+          "Effect": "Allow",
+          "Action": [
+            "lambda:InvokeFunction"
+          ],
+          "Resource": "*"
+        }
+      ]
+    }
+    `;
+    this.iamRoleName = 'serverless-step-functions-executerole';
+  }
+
+  action() {
+    this.serverless.cli.consoleLog('Start Deploy Step Functions');
+    BbPromise.bind(this)
+    .then(this.yamlParse)
+    .then(this.setStateMachineArn)
+    .then(this.compile)
+    .then(this.getIamRole)
+    .then(this.deleteStateMachine)
+    .then(this.createStateMachine);
+  }
+
+  getIamRole() {
+    return this.provider.request('IAM',
+      'getRole',
+      {
+        RoleName: 'StatesExecutionRole-us-east-1',
+      },
+      this.options.stage,
+      this.options.region)
+    .then((result) => {
+      this.iamRoleArn = result.Role.Arn;
+      return BbPromise.resolve();
+    }).catch((error) => {
+      if (error.statusCode === 404) {
+        return this.createIamRole();
+      }
+      return BbPromise.reject();
+    });
+  }
+
+  createIamRole() {
+    return this.provider.request('IAM',
+      'createRole',
+      {
+        AssumeRolePolicyDocument: this.iamPolicyStatement,
+        RoleName: this.iamRoleName,
+      },
+      this.options.stage,
+      this.options.region)
+    .then((result) => {
+      this.iamRoleArn = result.Role.Arn;
+      return BbPromise.resolve();
+    });
   }
 
   setStateMachineArn() {
@@ -47,16 +107,6 @@ class AwsStepFunctionsDeploy {
     });
   }
 
-  action() {
-    this.serverless.cli.consoleLog('Start Deploy Step Functions');
-    BbPromise.bind(this)
-    .then(this.yamlParse)
-    .then(this.setStateMachineArn)
-    .then(this.compile)
-    .then(this.deleteStateMachine)
-    .then(this.createStateMachine);
-  }
-
   yamlParse() {
     const servicePath = this.serverless.config.servicePath;
 
@@ -90,7 +140,6 @@ class AwsStepFunctionsDeploy {
       throw new this.serverless.classes.Error(errorMessage);
     }
 
-    // @todo get lambda arn from functionname
     this.awsStateLanguage[this.options.statemachine] =
       JSON.stringify(this.stepFunctions[this.options.statemachine]);
     return BbPromise.resolve();
@@ -113,7 +162,7 @@ class AwsStepFunctionsDeploy {
       {
         definition: this.awsStateLanguage[this.options.statemachine],
         name: this.options.statemachine,
-        roleArn: '',
+        roleArn: this.iamRoleArn,
       },
       this.options.stage,
       this.options.region)