create a separate script for role creation

Author: sebsto

Examples/_MyFirstFunction/clean.sh

@@ -1,7 +1,5 @@
 #!/bin/sh
 
-alias aws="aws --profile seb"
-
 echo "This script deletes the Lambda function and the IAM role created in the previous step and deletes the project files."
 read -p "Are you you sure you want to delete everything that was created? [y/n] " continue
 if [[ ! $continue =~ ^[Yy]$ ]]; then

Examples/_MyFirstFunction/create_and_deploy_function.sh

@@ -3,14 +3,14 @@
 # Stop the script execution if an error occurs 
 set -e -o pipefail
 
-alias aws="aws --profile seb"
-
 # check if docker is installed
-which docker > /dev/null
-if [[ $? != 0 ]]; then
-    echo "Docker is not installed.  Please install Docker and try again."
-    exit 1
-fi
+which docker > /dev/null || (echo "Docker is not installed.  Please install Docker and try again." && exit 1)
+
+# check if aws cli is installed
+which aws > /dev/null || (echo "AWS CLI is not installed.  Please install AWS CLI and try again." && exit 1)
+
+# import code present in create_iam_role.sh
+source ./create_iam_role.sh
 
 # check if user has an access key and secret access key
 echo "This script creates and deploys a Lambda function on your AWS Account.
@@ -86,45 +86,6 @@ echo "🚀 Deploy to AWS Lambda"
 echo "🔑 Retrieve your AWS Account ID"
 export AWS_ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)
 
-#
-# Create an IAM role for the Lambda function
-#
-create_lambda_execution_role() {
-    role_name=$1
-
-    # Allow the Lambda service to assume the IAM role
-    cat <<EOF > trust-policy.json
-{
-    "Version": "2012-10-17",
-    "Statement": [
-        {
-            "Effect": "Allow",
-            "Principal": {
-                "Service": "lambda.amazonaws.com"
-            },
-            "Action": "sts:AssumeRole"
-        }
-    ]
-}
-EOF
-
-    # Create the IAM role
-    echo "🔐 Create the IAM role for the Lambda function"
-    aws iam create-role \
-    --role-name $role_name \
-    --assume-role-policy-document file://trust-policy.json > /dev/null 2>&1
-
-    # Attach basic permissions to the role
-    # The AWSLambdaBasicExecutionRole policy grants permissions to write logs to CloudWatch Logs
-    echo "🔒 Attach basic permissions to the role"
-    aws iam attach-role-policy \
-    --role-name $role_name \
-    --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole > /dev/null 2>&1
-
-    echo "⏰ Waiting 10 secs for IAM role to propagate..."
-    sleep 10
-}
-
 # Check if the role already exists
 echo "🔍 Check if a Lambda execution IAM role already exists"
 aws iam get-role --role-name lambda_basic_execution > /dev/null 2>&1 || create_lambda_execution_role lambda_basic_execution

Examples/_MyFirstFunction/create_iam_role.sh

@@ -0,0 +1,38 @@
+#
+# Create an IAM role for the Lambda function
+#
+create_lambda_execution_role() {
+    role_name=$1
+
+    # Allow the Lambda service to assume the IAM role
+    cat <<EOF > trust-policy.json
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Principal": {
+                "Service": "lambda.amazonaws.com"
+            },
+            "Action": "sts:AssumeRole"
+        }
+    ]
+}
+EOF
+
+    # Create the IAM role
+    echo "🔐 Create the IAM role for the Lambda function"
+    aws iam create-role \
+    --role-name $role_name \
+    --assume-role-policy-document file://trust-policy.json > /dev/null 2>&1
+
+    # Attach basic permissions to the role
+    # The AWSLambdaBasicExecutionRole policy grants permissions to write logs to CloudWatch Logs
+    echo "🔒 Attach basic permissions to the role"
+    aws iam attach-role-policy \
+    --role-name $role_name \
+    --policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole > /dev/null 2>&1
+
+    echo "⏰ Waiting 10 secs for IAM role to propagate..."
+    sleep 10
+}