Merge pull request #74 from ajschofield/alex/tf-lambda-changes

pr: fix extract_lambda execution & policy doc

2 files changed, 11 insertions, 5 deletions

diff --git a/src/extract_lambda.py b/src/extract_lambda.py
index e9f438b..24f0981 100644
--- a/src/extract_lambda.py
+++ b/src/extract_lambda.py
@@ -10,13 +10,16 @@ from botocore.exceptions import ClientError
 from pg8000.native import Connection, InterfaceError, identifier
 
 logger = logging.getLogger(__name__)
+
 logging.basicConfig(
     format="{asctime} - {levelname} - {message}",
     style="{",
     datefmt="%Y-%m-%d %H:%M",
-    level=logging.INFO,
+    level=logging.DEBUG,
 )
 
+logging.getLogger("botocore").setLevel(logging.WARNING)
+
 
 class DBConnectionException(Exception):
     """Wraps pg8000.native Error or DatabaseError."""
@@ -110,7 +113,7 @@ def list_existing_s3_files(bucket_name=extract_bucket(), client=boto3.client("s3
     results of listing the contents of the s3 bucket, then
     returns the populated dictionary
     """
-
+    logging.info("Listing existing S3 files")
     existing_files = {}
 
     try:
diff --git a/terraform/iam.tf b/terraform/iam.tf
index 3ac8c45..3d62b69 100644
--- a/terraform/iam.tf
+++ b/terraform/iam.tf
@@ -41,7 +41,8 @@ data "aws_iam_policy_document" "s3_data_policy_doc" {
       "s3:PutObjectTagging",
       "s3:PutObjectAcl",
       "s3:ListObjects",
-      "s3:ListObjectsV2"
+      "s3:ListObjectsV2",
+      "s3:GetObject"
     ]
     resources = [
       "${aws_s3_bucket.extract_bucket.arn}/*",
@@ -53,8 +54,10 @@ data "aws_iam_policy_document" "s3_data_policy_doc" {
   statement {
     effect = "Allow"
     actions = [
-      "s3:ListBuckets",
-      "s3:ListAllMyBuckets"
+      "s3:ListBucket",
+      "s3:ListAllMyBuckets",
+      "s3:ListObjectsV2",
+      "s3:ListObjects"
     ]
     resources = [
       "arn:aws:s3:::*",