giving lambda permissions to PREDICTIONS_BUCKET and DATA_BUCKET

2026-06-08 11:17:27 +00:00 · 2023-09-13 10:29:32 +01:00 · 2023-09-13 10:29:32 +01:00 · bc398489af
commit bc398489af
parent 57bc7ea4ed
4 changed files with 16 additions and 4 deletions
--- a/.github/workflows/deploy_fastapi_backend.yml
+++ b/.github/workflows/deploy_fastapi_backend.yml
@ -90,6 +90,7 @@ jobs:
          SECRET_KEY: ${{ secrets.NEXTAUTH_SECRET }}
          PLAN_TRIGGER_BUCKET: 'retrofit-plan-inputs-${{ github.ref_name }}'
          DATA_BUCKET: 'retrofit-data-${{ github.ref_name }}'
+          PREDICTIONS_BUCKET: 'retrofit-sap-predictions-${{ github.ref_name }}'
          DOMAIN_NAME: ${{ steps.set_domain.outputs.domain }}
          EPC_AUTH_TOKEN: ${{ steps.set_auth_token.outputs.auth_token }}
          DB_HOST: ${{ steps.set_db_credentials.outputs.db_host }}
--- a/backend/app/config.py
+++ b/backend/app/config.py
@ -7,6 +7,8 @@ class Settings(BaseSettings):
    API_KEY_NAME: str = "X-API-KEY"
    SECRET_KEY: str
    ENVIRONMENT: str
+    DATA_BUCKET: str
+    PREDICTIONS_BUCKET: str
    PLAN_TRIGGER_BUCKET: str
    EPC_AUTH_TOKEN: str
    DB_HOST: str
--- a/backend/app/plan/router.py
+++ b/backend/app/plan/router.py
@ -352,7 +352,7 @@ async def trigger_plan(body: PlanTriggerRequest):
        # Clean the data
        logger.info("Reading in cleaning dataset from s3")
        cleaning_data = read_parquet_from_s3(
-            bucket_name="retrofit-data-{environment}".format(environment=get_settings().ENVIRONMENT),
+            bucket_name=get_settings().DATA_BUCKET,
            file_key="sap_change_model/cleaning_dataset.parquet",
        )
        cleaning_data = cleaning_data.rename(columns={"local-authority": "LOCAL_AUTHORITY"})
@ -388,21 +388,21 @@ async def trigger_plan(body: PlanTriggerRequest):
        logger.info("Storing scoring data to s3")
        save_dataframe_to_s3_parquet(
            df=recommendations_scoring_data,
-            bucket_name="retrofit-data-{environment}".format(environment=get_settings().ENVIRONMENT),
+            bucket_name=get_settings().DATA_BUCKET,
            file_key=file_location
        )

        logger.info("Making request to sap change api")
        sap_change_model_api = SAPChangeModelAPI()
        response = sap_change_model_api.predict(
-            file_location="s3://retrofit-data-dev/" + file_location,
+            file_location="s3://{DATA_BUCKET}".format(DATA_BUCKET=get_settings().DATA_BUCKET) + file_location,
            created_at=created_at,
            portfolio_id=body.portfolio_id
        )

        # Retrieve the predictions
        predictions = pd.DataFrame(read_csv_from_s3(
-            bucket_name="retrofit-sap-predictions-{environment}".format(environment=get_settings().ENVIRONMENT),
+            bucket_name=get_settings().PREDICTIONS_BUCKET,
            filepath=response["storage_filepath"]
        ))

--- a/serverless.yml
+++ b/serverless.yml
@ -10,6 +10,7 @@ provider:
    SECRET_KEY: ${env:SECRET_KEY}
    PLAN_TRIGGER_BUCKET: ${env:PLAN_TRIGGER_BUCKET}
    DATA_BUCKET: ${env:DATA_BUCKET}
+    PREDICTIONS_BUCKET: ${env:PREDICTIONS_BUCKET}
    DOMAIN_NAME: ${env:DOMAIN_NAME}
    EPC_AUTH_TOKEN: ${env:EPC_AUTH_TOKEN}
    DB_HOST: ${env:DB_HOST}
@ -31,6 +32,14 @@ provider:
          Resource:
            - arn:aws:s3:::${env:PLAN_TRIGGER_BUCKET}
            - arn:aws:s3:::${env:PLAN_TRIGGER_BUCKET}/*
+        - Effect: Allow
+          Action:
+            - s3:*
+          Resource:
+            - arn:aws:s3:::${env:PREDICTIONS_BUCKET}
+            - arn:aws:s3:::${env:PREDICTIONS_BUCKET}/*
+            - arn:aws:s3:::${env:DATA_BUCKET}
+            - arn:aws:s3:::${env:DATA_BUCKET}/*


 plugins: