lambda

package
v0.74.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Apr 29, 2024 License: Apache-2.0 Imports: 24 Imported by: 0

README

Lambda Service

This service is github.com/aws/aws-sdk-go/service/lambda.Lambda proxy

To check all supported method run

    endly -s="aws/lambda"

To check method contract run endly -s="aws/lambda" -a=methodName

    endly -s="aws/lambda" -a=deployFunction

On top of that service implements the following helper methods:

  • deployFunction: creates or modifies function with specified policies
  • recreateFunction: drop if exists and create new function
  • dropFunction: drop function with dependencies
  • setupPermission: add permission if it does not exists

Usage

Prerequisites:

AWS credentials

Deployment
Basic

endly deploy

@deploy.yaml

init:
  functionRole: lambda-helloworld-executor
  functionName: HelloWorld
  codeZip: /tmp/hello/main.zip
  awsCredentials: aws
  privilegePolicy: privilege-policy.json
pipeline:
  build:
    action: exec:run
    target: $target
    sleepTimeMs: 1500
    checkError: true
    commands:
      - cd ${appPath}helloworld/app
      - unset GOPATH
      - export GOOS=linux
      - export GOARCH=amd64
      - go build -o helloworld
      - zip -j helloworld.zip helloworld

    deploy:
      action: aws/lambda:deploy
      credentials: $awsCredentials
      functionname: $functionName
      runtime:  go1.x
      handler: helloworld
      code:
        zipfile: $LoadBinary(${codeZip})
      rolename: lambda-helloworld-executor
      define:
        - policyname: lambda-helloworld-executor-role
          policydocument: $Cat('${privilegePolicy}')
      attach:
        - policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
S3

endly deploy

@deploy.yaml

init:
  functionRole: lambda-mystoragefunction-executor
  functionName: MyStorageFuncton
  codeZip: ${appPath}mystoragefunction/app/mystoragefunction.zip
  privilegePolicy: privilege-policy.json
  myBucket: testBucket
  
pipeline:
  build:
    action: exec:run
    target: $target
    sleepTimeMs: 1500
    checkError: true
    commands:
      - cd ${appPath}mystoragefunction/app
      - unset GOPATH
      - export GOOS=linux
      - export GOARCH=amd64
      - go build -o mystoragefunction
      - zip -j mystoragefunction.zip mystoragefunction

  deploy:
    action: aws/lambda:deploy
    credentials: $awsCredentials
    functionname: $functionName
    runtime:  go1.x
    handler: mystoragefunction
    code:
      zipfile: $LoadBinary(${codeZip})
    rolename: lambda-mystoragefunction-executor
    define:
      - policyname: s3-${testBucketPrefix}2-role
        policydocument: $Cat('${privilegePolicy}')
    attach:
      - policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole

  notification:
    action: aws/s3:setupBucketNotification
    credentials: $awsCredentials
    sleepTimeMs: 20000
    bucket: ${myBucket}
    lambdaFunctionConfigurations:
      - functionName: $functionName
        id: ObjectCreatedEvents
        events:
          - s3:ObjectCreated:*
        filter:
          prefix:
            - folder1
          suffix:
            - .csv
SQS

endly deploy

@deploy.yaml

init:
  functionRole: lambda-mysqsfunction-executor
  functionName: MySQSFunction
  codeZip: ${appPath}mysqsfunction/mysqsfunction.zip
  privilegePolicy: privilege-policy.json
pipeline:
  deploy:
    build:
      action: exec:run
      target: $target
      sleepTimeMs: 1500
      checkError: true
      commands:
        - cd ${appPath}mysqsfunction
        - unset GOPATH
        - export GOOS=linux
        - export GOARCH=amd64
        - go build -o mysqsfunction
        - zip -j mysqsfunction.zip mysqsfunction

    setupFunction:
      action: aws/lambda:deploy
      credentials: $awsCredentials
      functionname: $functionName
      runtime:  go1.x
      handler: mysqsfunction
      code:
        zipfile: $LoadBinary(${codeZip})
      rolename: lambda-mysqsfunction-executor
      define:
        - policyname: sqs-my-queue-role
          policydocument: $Cat('${privilegePolicy}')
      attach:
        - policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      triggers:
        - source: myQueue
          type: sqs
          enabled: true
          batchSize: 10
  
SNS

endly deploy

@deploy.yaml

init:
  functionRole: lambda-mysnsfunc-executor
  functionName: AggFn
  codeZip: ${appPath}mysnsfunc/app/mysnsfunc.zip
  privilegePolicy: privilege-policy.json
pipeline:
  deploy:
    build:
      action: exec:run
      target: $target
      sleepTimeMs: 1500
      checkError: true
      commands:
        - cd ${appPath}mysnsfunc/app
        - unset GOPATH
        - export GOOS=linux
        - export GOARCH=amd64
        - go build -o mysnsfunc
        - zip -j mysnsfunc.zip mysnsfunc

    deployFunction:
      action: aws/lambda:deploy
      credentials: $awsCredentials
      functionname: $functionName
      runtime:  go1.x
      handler: mysnsfunc
      code:
        zipfile: $LoadBinary(${codeZip})
      rolename: lambda-mysnsfunc-executor
      define:
        - policyname: lambda-sns-execution-role
          policydocument: $Cat('${privilegePolicy}')
      attach:
        - policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole

    setupSubscription:
      action: aws/sns:setupSubscription
      protocol: lambda
      endpoint: $functionName
      topic: myTopic
Api Gateway

endly deploy

@deploy.yaml

init:
  functionRole: lambda-myapigwfunc-executor
  functionName: DsTransferFn
  codeZip: ${appPath}myapigwfunc/app/myapigwfunc.zip
  privilegePolicy: privilege-policy.json

pipeline:
  deploy:
    build:
      action: exec:run
      target: $target
      sleepTimeMs: 1500
      checkError: true
      commands:
        - cd ${appPath}myapigwfunc/app
        - unset GOPATH
        - export GOOS=linux
        - export GOARCH=amd64
        - go build -o myapigwfunc
        - zip -j myapigwfunc.zip myapigwfunc

    deployFunction:
      action: aws/lambda:deploy
      credentials: $awsCredentials
      functionname: $functionName
      runtime:  go1.x
      handler: myapigwfunc
      timeout: 360
      environment:
        variables:
          CONFIG: $AsString($config)
      code:
        zipfile: $LoadBinary(${codeZip})
      rolename: lambda-myapigwfunc-executor
      define:
        - policyname: myapigwfunce2e-role
          policydocument: $Cat('${privilegePolicy}')
      attach:
        - policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole

    setupAPI:
      action: aws/apigateway:deployAPI
      credentials: $awsCredentials
      '@name': myapigwfuncAPI
      resources:
        - path: /{proxy+}
          methods:
            - httpMethod: ANY
              functionname: $functionName
    sleepTimeMs: 15000
post:
  endpointURL: ${setupAPI.EndpointURL}
Vpc

@deploy.yaml

init:
  functionRole: lambda-myvpcfunc-executor
  functionName: MyVpcFunc
  codeZip: ${appPath}/myvpcfunc/app/myvpcfunc.zip
  privilegePolicy: privilege-policy.json
pipeline:

  build:
    action: exec:run
    target: $target
    sleepTimeMs: 1500
    checkError: true
    commands:
      - cd ${appPath}/myvpcfunc/app
      - unset GOPATH
      - export GOOS=linux
      - export GOARCH=amd64
      - go build -o myvpcfunc
      - zip -j myvpcfunc.zip myvpcfunc

  deploy:
    action: aws/lambda:deploy
    credentials: $awsSecrets
    functionname: $functionName
    runtime:  go1.x
    handler: myvpcfunc
    environment:
      variables:
        CONFIG: $AsString($myvpcfuncConfig)
    code:
      zipfile: $LoadBinary(${codeZip})
    rolename: lambda-myvpcfunc-executor
    define:
      - policyname: ${myvpcfuncConfig}-role
        policydocument: $Cat('${privilegePolicy}')
    attach:
      - policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      - policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole
    vpcMatcher:
      instance:
        name: myHostWithVpcTemplateSettings
        # vpcConfig:
        #  securityGroupIds:
        #   - sg-XXXXXXX
        #subnetIds:
        # - subnet-YYYYYY
    timeout: 900
    memorySize: 200

Scheduled

endly deploy

@deploy.yaml

init:
  functionRole: lambda-scheduled-executor
  functionName: ScheduledFn
  codeZip: ${appPath}scheduled/scheduled.zip
  privilegePolicy: ${parent.path}/privilege-policy.json
pipeline:
  deploy:
    build:
      action: exec:run
      target: $target
      sleepTimeMs: 1500
      checkError: true
      commands:
        - cd ${appPath}scheduled
        - unset GOPATH
        - export GOOS=linux
        - export GOARCH=amd64
        - go build -o scheduled
        - zip -j scheduled.zip scheduled

    setupFunction:
      action: aws/lambda:deploy
      credentials: $awsCredentials
      functionname: $functionName
      runtime:  go1.x
      handler: scheduled
      code:
        zipfile: $LoadBinary(${codeZip})
      schedule:
        expression: rate(1 minute)
      rolename: lambda-scheduled-executor
      attach:
        - policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole

Recreate function

endly deploy_brute_force @deploy_brute_force.yaml

init:
  functionRole: lambda-helloworld-executor
  functionName: HelloWorld
  codeZip: /tmp/hello/main.zip
  awsCredentials: aws
pipeline:
  deploy:
    build:
      action: exec:run
      target: $target
      sleepTimeMs: 1500
      errors:
        - ERROR
      commands:
        - cd /tmp/hello
        - export GOOS=linux
        - export GOARCH=amd64
        - go build -o main
        - zip -j main.zip main
    createRole:
      credentials: $awsCredentials
      action: aws/iam:recreateRole
      rolename: $functionRole
      assumerolepolicydocument: $Cat('/tmp/hello/trust-policy.json')
    attachPolicy:
      action: aws/iam:attachRolePolicy
      comments: attaching policy to ${createRole.Role.Arn}
      rolename: $functionRole
      policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      sleepTimeMs: 10000
    createFunction:
      action: aws/lambda:recreateFunction
      role: $createRole.Role.Arn
      functionname: ${functionName}
      runtime:  go1.x
      handler: main
      code:
        zipfile: $LoadBinary($codeZip)
Function invocation
endly -r=trigger

@trigger.yaml

init:
  functionName: HelloWorld
  awsCredentials: aws
pipeline:
  trigger:
    action: aws/lambda:invoke
    credentials: $awsCredentials
    comments: call $functionName lambda function
    functionname: $functionName
    payload: ""
    post:
      payload: $AsString($Payload)
  assert:
    action: validator:assert
    comments: 'validate function output: $payload '
    actual: $payload
    expected: /Hello World/

Documentation

Index

Constants

View Source
const DefaultTrustPolicy = `` /* 193-byte string literal not displayed */

DefaultTrustPolicy represents default trust policy

View Source
const (
	//ServiceID aws lambda service id.
	ServiceID = "aws/lambda"
)

Variables

This section is empty.

Functions

func GetClient

func GetClient(context *endly.Context) (*lambda.Lambda, error)

GetClient returns lambda client from context

func New

func New() endly.Service

New creates a new AWS Ec2 service.

Types

type CallInput

type CallInput lambda.InvokeInput

CallInput represents a call request

type CallOutput

type CallOutput struct {
	*lambda.InvokeOutput
	Response interface{}
}

CallOutput represents a call response

type DeployInput

type DeployInput struct {
	lambda.CreateFunctionInput `yaml:",inline" json:",inline"`
	ciam.SetupRolePolicyInput  ` json:",inline"`
	PresetRoleName             string `description:"in case that role is set - deployment skip permission setup"`
	VpcMatcher                 *ec2.GetVpcConfigInput
	Triggers                   []*EventSourceMapping
	Http                       *lambda.CreateFunctionUrlConfigInput
	Schedule                   *Schedule
}

DeployInput setup function, creates or updates existing one

func (*DeployInput) Init

func (i *DeployInput) Init() error

Init initializes deploy request

func (*DeployInput) ScheduleDeployRule

func (i *DeployInput) ScheduleDeployRule() *cloudwatchevents.DeployRuleInput

ScheduleDeployRule returns DeployRuleInput

func (*DeployInput) ScheduleEventsInput

func (i *DeployInput) ScheduleEventsInput(resourceARN *string) (*acloudwatchevents.PutEventsInput, error)

func (*DeployInput) Validate

func (i *DeployInput) Validate() error

type DeployOutput

type DeployOutput struct {
	*lambda.FunctionConfiguration
	URL           string
	RoleInfo      *ciam.GetRoleInfoOutput
	EventMappings []*lambda.EventSourceMappingConfiguration
}

func (*DeployOutput) Messages

func (i *DeployOutput) Messages() []*msg.Message

type DropFunctionInput

type DropFunctionInput lambda.DeleteFunctionInput

DropFunctionInput remove a function with all dependencies

type EventSourceMapping

type EventSourceMapping struct {
	Source                    string
	Type                      string
	SourceARN                 *string
	Enabled                   *bool
	BatchSize                 *int64     `min:"1" type:"integer"`
	StartingPosition          *string    `type:"string" enum:"EventSourcePosition"`
	StartingPositionTimestamp *time.Time `type:"timestamp"`
}

type EventTriggerInfo

type EventTriggerInfo struct {
	// The identifier of the event source mapping.
	UUID *string `yaml:"uuid,omitempty" type:"string"`

	// The maximum number of items to retrieve in a single batch.
	BatchSize *int64 `yaml:"batchSize,omitempty" min:"1" type:"integer"`

	// The Amazon Resource Name (ARN) of the event source.
	EventSourceArn *string `yaml:"sourceARN,omitempty" type:"string"`

	// The date that the event source mapping was last updated, in Unix time seconds.
	LastModified *time.Time `yaml:"modified,omitempty" type:"timestamp"`

	// The result of the last AWS Function invocation of your Function function.
	LastProcessingResult *string `yaml:"lastProcessingResult,omitempty" type:"string"`

	// The state of the event source mapping. It can be one of the following: Creating,
	// Enabling, Enabled, Disabling, Disabled, Updating, or Deleting.
	State *string `yaml:"state,omitempty" type:"string"`

	// The cause of the last state change, either User initiated or Function initiated.
	StateTransitionReason *string `yaml:"stateTransitionReason,omitempty" type:"string"`
}

type FunctionInfo

type FunctionInfo struct {
	Name string
	Arn  string
	URL  string
}

type RecreateFunctionInput

type RecreateFunctionInput lambda.CreateFunctionInput

RecreateFunctionInput drops function if exist to create a new one

type Schedule

type Schedule struct {
	Expression *string
	Event      *ScheduleEvent
}

Schedule represents schedule

func (*Schedule) Init

func (s *Schedule) Init() error

type ScheduleEvent

type ScheduleEvent struct {
	Detail     interface{}
	Source     *string
	DetailType *string
}

func (*ScheduleEvent) Init

func (e *ScheduleEvent) Init() error

type SetupFunctionEvent

type SetupFunctionEvent struct {
	Function *FunctionInfo
	Triggers []*EventTriggerInfo `yaml:"triggers,omitempty"`
}

func NewSetupFunctionEvent

func NewSetupFunctionEvent(output *DeployOutput) *SetupFunctionEvent

func (*SetupFunctionEvent) Messages

func (e *SetupFunctionEvent) Messages() []*msg.Message

type SetupPermissionInput

type SetupPermissionInput lambda.AddPermissionInput

SetupPermissionInput creates a permission if it does not exists

type SetupTriggerSourceInput

type SetupTriggerSourceInput struct {
	FunctionName *string
	Timeout      *int64
	Triggers     []*EventSourceMapping
}

SetupTriggerSourceInput represents setup triggers input

func (*SetupTriggerSourceInput) Validate

func (i *SetupTriggerSourceInput) Validate() error

type SetupTriggerSourceOutput

type SetupTriggerSourceOutput struct {
	EventMappings []*lambda.EventSourceMappingConfiguration
}

SetupTriggerSourceOutput represents setup triggers output

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL