From bde86d2b235cd93824a80fe55032f379ccd748be Mon Sep 17 00:00:00 2001
From: Joel Balcaen <joelbalcaen@levio.ca>
Date: Fri, 5 Apr 2024 09:49:22 -0300
Subject: [PATCH] add allowed triggers

---
 lambdas/rich_pdf_ingestion/lambda.tf | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/lambdas/rich_pdf_ingestion/lambda.tf b/lambdas/rich_pdf_ingestion/lambda.tf
index f9db223..1cd1d06 100644
--- a/lambdas/rich_pdf_ingestion/lambda.tf
+++ b/lambdas/rich_pdf_ingestion/lambda.tf
@@ -48,7 +48,7 @@ module "lambda_function_container_image" {
         "logs:PutLogEvents",
       ]
     }
-    
+
     s3 = {
       effect = "Allow"
       actions = [
@@ -60,11 +60,20 @@ module "lambda_function_container_image" {
         "s3-object-lambda:List*",
         "s3-object-lambda:WriteGetObjectResponse"
       ]
-      
+
       resources = [
         var.ses_bucket_arn,
         "${var.ses_bucket_arn}/*"
       ]
     }
   }
+
+  create_current_version_allowed_triggers = false
+
+  allowed_triggers = {
+    s3 = {
+      principal  = "s3.amazonaws.com"
+      source_arn = var.ses_bucket_arn
+    }
+  }
 }