README
¶
Lambda Service
This service is github.com/aws/aws-sdk-go/service/lambda.Lambda proxy
To check all supported method run
endly -s="aws/lambda"
To check method contract run endly -s="aws/lambda" -a=methodName
endly -s="aws/lambda" -a=deployFunction
On top of that service implements the following helper methods:
- deployFunction: creates or modifies function with specified policies
- recreateFunction: drop if exists and create new function
- dropFunction: drop function with dependencies
- setupPermission: add permission if it does not exists
Usage
Prerequisites:
Deployment
Basic
endly deploy
init:
functionRole: lambda-helloworld-executor
functionName: HelloWorld
codeZip: /tmp/hello/main.zip
awsCredentials: aws
privilegePolicy: privilege-policy.json
pipeline:
build:
action: exec:run
target: $target
sleepTimeMs: 1500
checkError: true
commands:
- cd ${appPath}helloworld/app
- unset GOPATH
- export GOOS=linux
- export GOARCH=amd64
- go build -o helloworld
- zip -j helloworld.zip helloworld
deploy:
action: aws/lambda:deploy
credentials: $awsCredentials
functionname: $functionName
runtime: go1.x
handler: helloworld
code:
zipfile: $LoadBinary(${codeZip})
rolename: lambda-helloworld-executor
define:
- policyname: lambda-helloworld-executor-role
policydocument: $Cat('${privilegePolicy}')
attach:
- policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
S3
endly deploy
init:
functionRole: lambda-mystoragefunction-executor
functionName: MyStorageFuncton
codeZip: ${appPath}mystoragefunction/app/mystoragefunction.zip
privilegePolicy: privilege-policy.json
myBucket: testBucket
pipeline:
build:
action: exec:run
target: $target
sleepTimeMs: 1500
checkError: true
commands:
- cd ${appPath}mystoragefunction/app
- unset GOPATH
- export GOOS=linux
- export GOARCH=amd64
- go build -o mystoragefunction
- zip -j mystoragefunction.zip mystoragefunction
deploy:
action: aws/lambda:deploy
credentials: $awsCredentials
functionname: $functionName
runtime: go1.x
handler: mystoragefunction
code:
zipfile: $LoadBinary(${codeZip})
rolename: lambda-mystoragefunction-executor
define:
- policyname: s3-${testBucketPrefix}2-role
policydocument: $Cat('${privilegePolicy}')
attach:
- policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
notification:
action: aws/s3:setupBucketNotification
credentials: $awsCredentials
sleepTimeMs: 20000
bucket: ${myBucket}
lambdaFunctionConfigurations:
- functionName: $functionName
id: ObjectCreatedEvents
events:
- s3:ObjectCreated:*
filter:
prefix:
- folder1
suffix:
- .csv
SQS
endly deploy
init:
functionRole: lambda-mysqsfunction-executor
functionName: MySQSFunction
codeZip: ${appPath}mysqsfunction/mysqsfunction.zip
privilegePolicy: privilege-policy.json
pipeline:
deploy:
build:
action: exec:run
target: $target
sleepTimeMs: 1500
checkError: true
commands:
- cd ${appPath}mysqsfunction
- unset GOPATH
- export GOOS=linux
- export GOARCH=amd64
- go build -o mysqsfunction
- zip -j mysqsfunction.zip mysqsfunction
setupFunction:
action: aws/lambda:deploy
credentials: $awsCredentials
functionname: $functionName
runtime: go1.x
handler: mysqsfunction
code:
zipfile: $LoadBinary(${codeZip})
rolename: lambda-mysqsfunction-executor
define:
- policyname: sqs-my-queue-role
policydocument: $Cat('${privilegePolicy}')
attach:
- policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
triggers:
- source: myQueue
type: sqs
enabled: true
batchSize: 10
SNS
endly deploy
init:
functionRole: lambda-mysnsfunc-executor
functionName: AggFn
codeZip: ${appPath}mysnsfunc/app/mysnsfunc.zip
privilegePolicy: privilege-policy.json
pipeline:
deploy:
build:
action: exec:run
target: $target
sleepTimeMs: 1500
checkError: true
commands:
- cd ${appPath}mysnsfunc/app
- unset GOPATH
- export GOOS=linux
- export GOARCH=amd64
- go build -o mysnsfunc
- zip -j mysnsfunc.zip mysnsfunc
deployFunction:
action: aws/lambda:deploy
credentials: $awsCredentials
functionname: $functionName
runtime: go1.x
handler: mysnsfunc
code:
zipfile: $LoadBinary(${codeZip})
rolename: lambda-mysnsfunc-executor
define:
- policyname: lambda-sns-execution-role
policydocument: $Cat('${privilegePolicy}')
attach:
- policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
setupSubscription:
action: aws/sns:setupSubscription
protocol: lambda
endpoint: $functionName
topic: myTopic
Api Gateway
endly deploy
init:
functionRole: lambda-myapigwfunc-executor
functionName: DsTransferFn
codeZip: ${appPath}myapigwfunc/app/myapigwfunc.zip
privilegePolicy: privilege-policy.json
pipeline:
deploy:
build:
action: exec:run
target: $target
sleepTimeMs: 1500
checkError: true
commands:
- cd ${appPath}myapigwfunc/app
- unset GOPATH
- export GOOS=linux
- export GOARCH=amd64
- go build -o myapigwfunc
- zip -j myapigwfunc.zip myapigwfunc
deployFunction:
action: aws/lambda:deploy
credentials: $awsCredentials
functionname: $functionName
runtime: go1.x
handler: myapigwfunc
timeout: 360
environment:
variables:
CONFIG: $AsString($config)
code:
zipfile: $LoadBinary(${codeZip})
rolename: lambda-myapigwfunc-executor
define:
- policyname: myapigwfunce2e-role
policydocument: $Cat('${privilegePolicy}')
attach:
- policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
setupAPI:
action: aws/apigateway:deployAPI
credentials: $awsCredentials
'@name': myapigwfuncAPI
resources:
- path: /{proxy+}
methods:
- httpMethod: ANY
functionname: $functionName
sleepTimeMs: 15000
post:
endpointURL: ${setupAPI.EndpointURL}
Vpc
init:
functionRole: lambda-myvpcfunc-executor
functionName: MyVpcFunc
codeZip: ${appPath}/myvpcfunc/app/myvpcfunc.zip
privilegePolicy: privilege-policy.json
pipeline:
build:
action: exec:run
target: $target
sleepTimeMs: 1500
checkError: true
commands:
- cd ${appPath}/myvpcfunc/app
- unset GOPATH
- export GOOS=linux
- export GOARCH=amd64
- go build -o myvpcfunc
- zip -j myvpcfunc.zip myvpcfunc
deploy:
action: aws/lambda:deploy
credentials: $awsSecrets
functionname: $functionName
runtime: go1.x
handler: myvpcfunc
environment:
variables:
CONFIG: $AsString($myvpcfuncConfig)
code:
zipfile: $LoadBinary(${codeZip})
rolename: lambda-myvpcfunc-executor
define:
- policyname: ${myvpcfuncConfig}-role
policydocument: $Cat('${privilegePolicy}')
attach:
- policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
- policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole
vpcMatcher:
instance:
name: myHostWithVpcTemplateSettings
# vpcConfig:
# securityGroupIds:
# - sg-XXXXXXX
#subnetIds:
# - subnet-YYYYYY
timeout: 900
memorySize: 200
Scheduled
endly deploy
init:
functionRole: lambda-scheduled-executor
functionName: ScheduledFn
codeZip: ${appPath}scheduled/scheduled.zip
privilegePolicy: ${parent.path}/privilege-policy.json
pipeline:
deploy:
build:
action: exec:run
target: $target
sleepTimeMs: 1500
checkError: true
commands:
- cd ${appPath}scheduled
- unset GOPATH
- export GOOS=linux
- export GOARCH=amd64
- go build -o scheduled
- zip -j scheduled.zip scheduled
setupFunction:
action: aws/lambda:deploy
credentials: $awsCredentials
functionname: $functionName
runtime: go1.x
handler: scheduled
code:
zipfile: $LoadBinary(${codeZip})
schedule:
expression: rate(1 minute)
rolename: lambda-scheduled-executor
attach:
- policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
Recreate function
endly deploy_brute_force
@deploy_brute_force.yaml
init:
functionRole: lambda-helloworld-executor
functionName: HelloWorld
codeZip: /tmp/hello/main.zip
awsCredentials: aws
pipeline:
deploy:
build:
action: exec:run
target: $target
sleepTimeMs: 1500
errors:
- ERROR
commands:
- cd /tmp/hello
- export GOOS=linux
- export GOARCH=amd64
- go build -o main
- zip -j main.zip main
createRole:
credentials: $awsCredentials
action: aws/iam:recreateRole
rolename: $functionRole
assumerolepolicydocument: $Cat('/tmp/hello/trust-policy.json')
attachPolicy:
action: aws/iam:attachRolePolicy
comments: attaching policy to ${createRole.Role.Arn}
rolename: $functionRole
policyarn: arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
sleepTimeMs: 10000
createFunction:
action: aws/lambda:recreateFunction
role: $createRole.Role.Arn
functionname: ${functionName}
runtime: go1.x
handler: main
code:
zipfile: $LoadBinary($codeZip)
Function invocation
endly -r=trigger
@trigger.yaml
init:
functionName: HelloWorld
awsCredentials: aws
pipeline:
trigger:
action: aws/lambda:invoke
credentials: $awsCredentials
comments: call $functionName lambda function
functionname: $functionName
payload: ""
post:
payload: $AsString($Payload)
assert:
action: validator:assert
comments: 'validate function output: $payload '
actual: $payload
expected: /Hello World/
Documentation
¶
Index ¶
- Constants
- func GetClient(context *endly.Context) (*lambda.Lambda, error)
- func New() endly.Service
- type CallInput
- type CallOutput
- type DeployInput
- type DeployOutput
- type DropFunctionInput
- type EventSourceMapping
- type EventTriggerInfo
- type FunctionInfo
- type RecreateFunctionInput
- type Schedule
- type ScheduleEvent
- type SetupFunctionEvent
- type SetupPermissionInput
- type SetupTriggerSourceInput
- type SetupTriggerSourceOutput
Constants ¶
View Source
const DefaultTrustPolicy = `` /* 193-byte string literal not displayed */
DefaultTrustPolicy represents default trust policy
View Source
const (
//ServiceID aws lambda service id.
ServiceID = "aws/lambda"
)
Variables ¶
This section is empty.
Functions ¶
Types ¶
type CallOutput ¶
type CallOutput struct {
*lambda.InvokeOutput
Response interface{}
}
CallOutput represents a call response
type DeployInput ¶
type DeployInput struct {
lambda.CreateFunctionInput `yaml:",inline" json:",inline"`
ciam.SetupRolePolicyInput ` json:",inline"`
PresetRoleName string `description:"in case that role is set - deployment skip permission setup"`
VpcMatcher *ec2.GetVpcConfigInput
Triggers []*EventSourceMapping
Http *lambda.CreateFunctionUrlConfigInput
Schedule *Schedule
}
DeployInput setup function, creates or updates existing one
func (*DeployInput) ScheduleDeployRule ¶
func (i *DeployInput) ScheduleDeployRule() *cloudwatchevents.DeployRuleInput
ScheduleDeployRule returns DeployRuleInput
func (*DeployInput) ScheduleEventsInput ¶
func (i *DeployInput) ScheduleEventsInput(resourceARN *string) (*acloudwatchevents.PutEventsInput, error)
func (*DeployInput) Validate ¶
func (i *DeployInput) Validate() error
type DeployOutput ¶
type DeployOutput struct {
*lambda.FunctionConfiguration
URL string
RoleInfo *ciam.GetRoleInfoOutput
EventMappings []*lambda.EventSourceMappingConfiguration
}
func (*DeployOutput) Messages ¶
func (i *DeployOutput) Messages() []*msg.Message
type DropFunctionInput ¶
type DropFunctionInput lambda.DeleteFunctionInput
DropFunctionInput remove a function with all dependencies
type EventSourceMapping ¶
type EventTriggerInfo ¶
type EventTriggerInfo struct {
// The identifier of the event source mapping.
UUID *string `yaml:"uuid,omitempty" type:"string"`
// The maximum number of items to retrieve in a single batch.
BatchSize *int64 `yaml:"batchSize,omitempty" min:"1" type:"integer"`
// The Amazon Resource Name (ARN) of the event source.
EventSourceArn *string `yaml:"sourceARN,omitempty" type:"string"`
// The date that the event source mapping was last updated, in Unix time seconds.
LastModified *time.Time `yaml:"modified,omitempty" type:"timestamp"`
// The result of the last AWS Function invocation of your Function function.
LastProcessingResult *string `yaml:"lastProcessingResult,omitempty" type:"string"`
// The state of the event source mapping. It can be one of the following: Creating,
// Enabling, Enabled, Disabling, Disabled, Updating, or Deleting.
State *string `yaml:"state,omitempty" type:"string"`
// The cause of the last state change, either User initiated or Function initiated.
StateTransitionReason *string `yaml:"stateTransitionReason,omitempty" type:"string"`
}
type FunctionInfo ¶
type RecreateFunctionInput ¶
type RecreateFunctionInput lambda.CreateFunctionInput
RecreateFunctionInput drops function if exist to create a new one
type Schedule ¶
type Schedule struct {
Expression *string
Event *ScheduleEvent
}
Schedule represents schedule
type ScheduleEvent ¶
func (*ScheduleEvent) Init ¶
func (e *ScheduleEvent) Init() error
type SetupFunctionEvent ¶
type SetupFunctionEvent struct {
Function *FunctionInfo
Triggers []*EventTriggerInfo `yaml:"triggers,omitempty"`
}
func NewSetupFunctionEvent ¶
func NewSetupFunctionEvent(output *DeployOutput) *SetupFunctionEvent
func (*SetupFunctionEvent) Messages ¶
func (e *SetupFunctionEvent) Messages() []*msg.Message
type SetupPermissionInput ¶
type SetupPermissionInput lambda.AddPermissionInput
SetupPermissionInput creates a permission if it does not exists
type SetupTriggerSourceInput ¶
type SetupTriggerSourceInput struct {
FunctionName *string
Timeout *int64
Triggers []*EventSourceMapping
}
SetupTriggerSourceInput represents setup triggers input
func (*SetupTriggerSourceInput) Validate ¶
func (i *SetupTriggerSourceInput) Validate() error
type SetupTriggerSourceOutput ¶
type SetupTriggerSourceOutput struct {
EventMappings []*lambda.EventSourceMappingConfiguration
}
SetupTriggerSourceOutput represents setup triggers output
Source Files
Click to show internal directories.
Click to hide internal directories.