Taxonomy of event- driven Lambda messages? - amazon-web-services

I'm building event driven AWS stacks with Lambda+APIGateway+SQS+SNS+S3+DynamoDB.
One of my constant frustrations is that, if you bind any of the above to Lambda (either through event notifications or event source mappings), the formats of the event messages received by the Lambda are completely different - so a message sent by S3 is completely different to one sent by SQS which is completely different to one sent by DynamoDB etc.
Normally I have to set up a Cloudformation stack with an event source + event source mapping + Lambda, then push a message onto the event source to see what message actually results. What a giant pain.
Is there not a single combined resource out there which lists the different schema formats of different event messages ? Hoping someone can point me in the right direction.

Lambda console provides some example events in Configure test event. Here are the examples from the console for the services you mentioned.
APIGateway (aws proxy)
{
"body": "eyJ0ZXN0IjoiYm9keSJ9",
"resource": "/{proxy+}",
"path": "/path/to/resource",
"httpMethod": "POST",
"isBase64Encoded": true,
"queryStringParameters": {
"foo": "bar"
},
"multiValueQueryStringParameters": {
"foo": [
"bar"
]
},
"pathParameters": {
"proxy": "/path/to/resource"
},
"stageVariables": {
"baz": "qux"
},
"headers": {
"Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
"Accept-Encoding": "gzip, deflate, sdch",
"Accept-Language": "en-US,en;q=0.8",
"Cache-Control": "max-age=0",
"CloudFront-Forwarded-Proto": "https",
"CloudFront-Is-Desktop-Viewer": "true",
"CloudFront-Is-Mobile-Viewer": "false",
"CloudFront-Is-SmartTV-Viewer": "false",
"CloudFront-Is-Tablet-Viewer": "false",
"CloudFront-Viewer-Country": "US",
"Host": "1234567890.execute-api.us-east-1.amazonaws.com",
"Upgrade-Insecure-Requests": "1",
"User-Agent": "Custom User Agent String",
"Via": "1.1 08f323deadbeefa7af34d5feb414ce27.cloudfront.net (CloudFront)",
"X-Amz-Cf-Id": "cDehVQoZnx43VYQb9j2-nvCh-9z396Uhbp027Y2JvkCPNLmGJHqlaA==",
"X-Forwarded-For": "127.0.0.1, 127.0.0.2",
"X-Forwarded-Port": "443",
"X-Forwarded-Proto": "https"
},
"multiValueHeaders": {
"Accept": [
"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"
],
"Accept-Encoding": [
"gzip, deflate, sdch"
],
"Accept-Language": [
"en-US,en;q=0.8"
],
"Cache-Control": [
"max-age=0"
],
"CloudFront-Forwarded-Proto": [
"https"
],
"CloudFront-Is-Desktop-Viewer": [
"true"
],
"CloudFront-Is-Mobile-Viewer": [
"false"
],
"CloudFront-Is-SmartTV-Viewer": [
"false"
],
"CloudFront-Is-Tablet-Viewer": [
"false"
],
"CloudFront-Viewer-Country": [
"US"
],
"Host": [
"0123456789.execute-api.us-east-1.amazonaws.com"
],
"Upgrade-Insecure-Requests": [
"1"
],
"User-Agent": [
"Custom User Agent String"
],
"Via": [
"1.1 08f323deadbeefa7af34d5feb414ce27.cloudfront.net (CloudFront)"
],
"X-Amz-Cf-Id": [
"cDehVQoZnx43VYQb9j2-nvCh-9z396Uhbp027Y2JvkCPNLmGJHqlaA=="
],
"X-Forwarded-For": [
"127.0.0.1, 127.0.0.2"
],
"X-Forwarded-Port": [
"443"
],
"X-Forwarded-Proto": [
"https"
]
},
"requestContext": {
"accountId": "123456789012",
"resourceId": "123456",
"stage": "prod",
"requestId": "c6af9ac6-7b61-11e6-9a41-93e8deadbeef",
"requestTime": "09/Apr/2015:12:34:56 +0000",
"requestTimeEpoch": 1428582896000,
"identity": {
"cognitoIdentityPoolId": null,
"accountId": null,
"cognitoIdentityId": null,
"caller": null,
"accessKey": null,
"sourceIp": "127.0.0.1",
"cognitoAuthenticationType": null,
"cognitoAuthenticationProvider": null,
"userArn": null,
"userAgent": "Custom User Agent String",
"user": null
},
"path": "/prod/path/to/resource",
"resourcePath": "/{proxy+}",
"httpMethod": "POST",
"apiId": "1234567890",
"protocol": "HTTP/1.1"
}
}
SQS
{
"Records": [
{
"messageId": "19dd0b57-b21e-4ac1-bd88-01bbb068cb78",
"receiptHandle": "MessageReceiptHandle",
"body": "Hello from SQS!",
"attributes": {
"ApproximateReceiveCount": "1",
"SentTimestamp": "1523232000000",
"SenderId": "123456789012",
"ApproximateFirstReceiveTimestamp": "1523232000001"
},
"messageAttributes": {},
"md5OfBody": "7b270e59b47ff90a553787216d55d91d",
"eventSource": "aws:sqs",
"eventSourceARN": "arn:aws:sqs:us-east-1:123456789012:MyQueue",
"awsRegion": "us-east-1"
}
]
}
SNS
{
"Records": [
{
"EventSource": "aws:sns",
"EventVersion": "1.0",
"EventSubscriptionArn": "arn:aws:sns:us-east-1:{{{accountId}}}:ExampleTopic",
"Sns": {
"Type": "Notification",
"MessageId": "95df01b4-ee98-5cb9-9903-4c221d41eb5e",
"TopicArn": "arn:aws:sns:us-east-1:123456789012:ExampleTopic",
"Subject": "example subject",
"Message": "example message",
"Timestamp": "1970-01-01T00:00:00.000Z",
"SignatureVersion": "1",
"Signature": "EXAMPLE",
"SigningCertUrl": "EXAMPLE",
"UnsubscribeUrl": "EXAMPLE",
"MessageAttributes": {
"Test": {
"Type": "String",
"Value": "TestString"
},
"TestBinary": {
"Type": "Binary",
"Value": "TestBinary"
}
}
}
}
]
}
S3 (put)
{
"Records": [
{
"eventVersion": "2.0",
"eventSource": "aws:s3",
"awsRegion": "us-east-1",
"eventTime": "1970-01-01T00:00:00.000Z",
"eventName": "ObjectCreated:Put",
"userIdentity": {
"principalId": "EXAMPLE"
},
"requestParameters": {
"sourceIPAddress": "127.0.0.1"
},
"responseElements": {
"x-amz-request-id": "EXAMPLE123456789",
"x-amz-id-2": "EXAMPLE123/5678abcdefghijklambdaisawesome/mnopqrstuvwxyzABCDEFGH"
},
"s3": {
"s3SchemaVersion": "1.0",
"configurationId": "testConfigRule",
"bucket": {
"name": "example-bucket",
"ownerIdentity": {
"principalId": "EXAMPLE"
},
"arn": "arn:aws:s3:::example-bucket"
},
"object": {
"key": "test/key",
"size": 1024,
"eTag": "0123456789abcdef0123456789abcdef",
"sequencer": "0A1B2C3D4E5F678901"
}
}
}
]
}
DynamoDB
{
"Records": [
{
"eventID": "c4ca4238a0b923820dcc509a6f75849b",
"eventName": "INSERT",
"eventVersion": "1.1",
"eventSource": "aws:dynamodb",
"awsRegion": "us-east-1",
"dynamodb": {
"Keys": {
"Id": {
"N": "101"
}
},
"NewImage": {
"Message": {
"S": "New item!"
},
"Id": {
"N": "101"
}
},
"ApproximateCreationDateTime": 1428537600,
"SequenceNumber": "4421584500000000017450439091",
"SizeBytes": 26,
"StreamViewType": "NEW_AND_OLD_IMAGES"
},
"eventSourceARN": "arn:aws:dynamodb:us-east-1:123456789012:table/ExampleTableWithStream/stream/2015-06-27T00:48:05.899"
},
{
"eventID": "c81e728d9d4c2f636f067f89cc14862c",
"eventName": "MODIFY",
"eventVersion": "1.1",
"eventSource": "aws:dynamodb",
"awsRegion": "us-east-1",
"dynamodb": {
"Keys": {
"Id": {
"N": "101"
}
},
"NewImage": {
"Message": {
"S": "This item has changed"
},
"Id": {
"N": "101"
}
},
"OldImage": {
"Message": {
"S": "New item!"
},
"Id": {
"N": "101"
}
},
"ApproximateCreationDateTime": 1428537600,
"SequenceNumber": "4421584500000000017450439092",
"SizeBytes": 59,
"StreamViewType": "NEW_AND_OLD_IMAGES"
},
"eventSourceARN": "arn:aws:dynamodb:us-east-1:123456789012:table/ExampleTableWithStream/stream/2015-06-27T00:48:05.899"
},
{
"eventID": "eccbc87e4b5ce2fe28308fd9f2a7baf3",
"eventName": "REMOVE",
"eventVersion": "1.1",
"eventSource": "aws:dynamodb",
"awsRegion": "us-east-1",
"dynamodb": {
"Keys": {
"Id": {
"N": "101"
}
},
"OldImage": {
"Message": {
"S": "This item has changed"
},
"Id": {
"N": "101"
}
},
"ApproximateCreationDateTime": 1428537600,
"SequenceNumber": "4421584500000000017450439093",
"SizeBytes": 38,
"StreamViewType": "NEW_AND_OLD_IMAGES"
},
"eventSourceARN": "arn:aws:dynamodb:us-east-1:123456789012:table/ExampleTableWithStream/stream/2015-06-27T00:48:05.899"
}
]
}

Related

AWS EventBridge Rule pattern "anything-but" with "prefix"

I'm trying to setup an AWS EventBridge rule that will filter all Okta user events with rawUserAgent as "anything-but" with the "prefix" libwww-perl. My question is that is there a way to chain AWS rule syntax on the same field in the event? I tried something like this, but it didn't work -
{
"detail": {
"eventType": [{
"prefix": "user.session.start"
}],
"outcome": {
"result": [{
"prefix": "FAILURE"
}]
},
"client": {
"userAgent": {
"rawUserAgent": [{
"anything-but": [{"prefix": "libwww-perl"}]
}]
}
}
}
}
Any suggestions on how I can achieve this?
Here's a sample event:
{
"version": "0",
"id": "123",
"detail-type": "SystemLog",
"source": "okta",
"account": "123",
"time": "2022-06-24T13:07:02Z",
"region": "us-east-1",
"resources": [],
"detail": {
"uuid": "123",
"published": "2022-06-24T13:07:02.586Z",
"eventType": "user.session.start",
"version": "0",
"displayMessage": "User login to Okta",
"severity": "INFO",
"client": {
"userAgent": {
"rawUserAgent": "libwww-perl/6.15",
"os": "Unknown",
"browser": "UNKNOWN"
},
"zone": "null",
"device": "Unknown",
"id": null,
"ipAddress": "192.168.1.1",
"geographicalContext": {
"city": null,
"state": null,
"country": "United States",
"postalCode": null,
"geolocation": {
"lat": 37.751,
"lon": -97.822
}
},
"ipChain": [
{
"ip": "192.168.1.1.",
"geographicalContext": {
"city": null,
"state": null
"country": "Canada",
"postalCode": null,
"geolocation": {
"lat": 37.751,
"lon": -97.822
}
},
"version": "V4",
"source": null
}
]
},
"device": null,
"actor": {
"id": "unknown",
"type": "User",
"alternateId": "abc#gmail.com",
"displayName": "unknown",
"detailEntry": null
},
"outcome": {
"result": "FAILURE",
"reason": "VERIFICATION_ERROR"
},
"target": null,
"transaction": {
"type": "WEB",
"id": "YrW29nCfOE-MgiNf6-1UkQAAA8I",
"detail": {}
},
"debugContext": {
"debugData": {
"loginResult": "VERIFICATION_ERROR",
"requestId": "abcd",
"threatSuspected": "true",
"requestUri": "",
"url": ""
}
},
"legacyEventType": "core.user_auth.login_failed",
"authenticationContext": {
"authenticationProvider": null,
"credentialProvider": null,
"credentialType": null,
"issuer": null,
"authenticationStep": 0,
"externalSessionId": "unknown",
"interface": null
},
"securityContext": {
"asNumber": 11174,
"asOrg": "qwerty",
"isp": "qwerty",
"domain": "qwerty.com",
"isProxy": false
},
"insertionTimestamp": null
}
}
You can use this pattern:
{
"detail": {
"eventType": [{
"prefix": "user.session.start"
}],
"client": {
"userAgent": {
"rawUserAgent": [{
"anything-but": {
"prefix": "libwww-perl"
}
}]
}
},
"outcome": {
"result": [{
"prefix": "FAILURE"
}]
}
}
}

AWS Lambda VScode launch.json

Recently AWS introduced launch configurations support for SAM debugging in the AWS Toolkit for VS Code
Ref : https://aws.amazon.com/blogs/developer/introducing-launch-configurations-support-for-sam-debugging-in-the-aws-toolkit-for-vs-code/
It means we cant use templates.json file, instead need to use launch.json to send in your event to lambda.
I want to send a test event to lambda function (a SQS message).
Before introducing launch configuration templates.json had it like this (and it worked fine):
"templates": {
"xxxxxxxx/template.yaml": {
"handlers": {
"xxxxxxxxx.lambdaHandler": {
"event": {
"Records": [
{
"messageId": "xxxxxxxxxxxxxxxx",
"receiptHandle": "xxxxxxxxxxxxxxxx",
"body": "{\"operation\": \"publish\", \"data\": { \"__typename\": \"xxxxxxxxxxxxxxxx\", \"id\": \"xxxxxxxxxxxxxxxx\" }}",
"attributes": {
"ApproximateReceiveCount": "1",
"SentTimestamp": "xxxxxxxxxxxxxxxx",
"SequenceNumber": "xxxxxxxxxxxxxxxx",
"MessageGroupId": "xxxxxxxxxxxxxxxx",
"SenderId": "xxxxxxxxxxxxxxxx:LambdaFunctionTest",
"MessageDeduplicationId": "xxxxxxxxxxxxxxxx",
"ApproximateFirstReceiveTimestamp": "xxxxxxxxxxxxxxxx"
},
"messageAttributes": {
"environment": {
"DataType": "String",
"stringValue": "Dev"
}},
"md5OfBody": "xxxxxxxxxxxxxxxx",
"eventSource": "aws:sqs",
"eventSourceARN": "arn:aws:sqs:us-east-1:xxxxxxxxxxxxxxxx:xxx.fifo",
"awsRegion": "us-east-1"
}
]
},
"environmentVariables": {}
}
............
But in launch.json , i pasted the Records in the following way and it is not excepting, see also attached jpg screenshot.
{
"configurations": [
{
"type": "aws-sam",
"request": "direct-invoke",
"name": "xxxxxxxx)",
"invokeTarget": {
"target": "code",
"projectRoot": "xxxxxxxx",
"lambdaHandler": "xxxxxxxx.lambdaHandler"
},
"lambda": {
"runtime": "nodejs12.x",
"payload": {
"json": {
"Records": [
{
"messageId": "xxxxxxxxxxxxxxxx",
"receiptHandle": "xxxxxxxxxxxxxxxx",
"body": "{\"operation\": \"publish\", \"data\": { \"__typename\": \"xxxxxxxxxxxxxxxx\", \"id\": \"xxxxxxxxxxxxxxxx\" }}",
"attributes": {
"ApproximateReceiveCount": "1",
"SentTimestamp": "xxxxxxxxxxxxxxxx",
"SequenceNumber": "xxxxxxxxxxxxxxxx",
"MessageGroupId": "xxxxxxxxxxxxxxxx",
"SenderId": "xxxxxxxxxxxxxxxx:LambdaFunctionTest",
"MessageDeduplicationId": "xxxxxxxxxxxxxxxx",
"ApproximateFirstReceiveTimestamp": "xxxxxxxxxxxxxxxx"
},
"messageAttributes": {
"environment": {
"DataType": "String",
"stringValue": "Dev"
}},
"md5OfBody": "xxxxxxxxxxxxxxxx",
"eventSource": "aws:sqs",
"eventSourceARN": "arn:aws:sqs:us-east-1:xxxxxxxxxxxxxxxx:xxx.fifo",
"awsRegion": "us-east-1"
}
]
},
},
}
},
enter image description here
Blockquote

Creating a JSON table from 'aws autoscaling describe-auto-scaling-groups'

I have a problem with parsing output/transforming it from aws autoscaling describe-auto-scaling-groups
The output looks like this:
{
"AutoScalingGroups": [
{
"AutoScalingGroupName": "eks-nodegroup-AZ1",
"AutoScalingGroupARN": "arn:aws:autoscaling:eu-central-1::autoScalingGroup:854a8f05-cd3c-421d-abf3-0f3730d0b068:autoScalingGroupName/eks-nodegroup-AZ1",
"LaunchTemplate": {
"LaunchTemplateId": "lt-XXXXXXXXXXXXX",
"LaunchTemplateName": "eks-nodegroup-AZ1",
"Version": "$Latest"
},
"MinSize": 1,
"MaxSize": 6,
"DesiredCapacity": 1,
"DefaultCooldown": 300,
"AvailabilityZones": [
"eu-central-1a"
],
"LoadBalancerNames": [],
"TargetGroupARNs": [],
"HealthCheckType": "EC2",
"HealthCheckGracePeriod": 300,
"Instances": [
{
"InstanceId": "i-XXXXXXXXXXXXXXX",
"AvailabilityZone": "eu-central-1a",
"LifecycleState": "InService",
"HealthStatus": "Healthy",
"LaunchTemplate": {
"LaunchTemplateId": "lt-XXXXXXXXXXXXX",
"LaunchTemplateName": "eks-nodegroup-AZ1",
"Version": "1"
},
"ProtectedFromScaleIn": false
}
],
"CreatedTime": "2019-09-24T17:24:57.805Z",
"SuspendedProcesses": [],
"VPCZoneIdentifier": "subnet-XXXXXXXXXXXX",
"EnabledMetrics": [],
"Tags": [
{
"ResourceId": "eks-nodegroup-AZ1",
"ResourceType": "auto-scaling-group",
"Key": "Name",
"Value": "eks-nodegroup-AZ1",
"PropagateAtLaunch": true
},
{
"ResourceId": "eks-nodegroup-AZ1",
"ResourceType": "auto-scaling-group",
"Key": "k8s.io/cluster-autoscaler/enabled",
"Value": "true",
"PropagateAtLaunch": true
},
{
"ResourceId": "eks-nodegroup-AZ1",
"ResourceType": "auto-scaling-group",
"Key": "k8s.io/cluster-autoscaler/k8s-team-sandbox",
"Value": "true",
"PropagateAtLaunch": true
},
{
"ResourceId": "eks-nodegroup-AZ1",
"ResourceType": "auto-scaling-group",
"Key": "kubernetes.io/cluster/k8s-team-sandbox",
"Value": "owned",
"PropagateAtLaunch": true
}
],
"TerminationPolicies": [
"Default"
],
"NewInstancesProtectedFromScaleIn": false,
"ServiceLinkedRoleARN": "arn:aws:iam::XXXXXXXXXXXXXXX:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling"
},
{
"AutoScalingGroupName": "eks-k8s-team-sandbox-AZ2",
"AutoScalingGroupARN": "arn:aws:autoscaling:eu-central-1::autoScalingGroup:25324f3a-b911-453c-b316-46657e850b19:autoScalingGroupName/eks-nodegroup-AZ2",
"LaunchTemplate": {
"LaunchTemplateId": "lt-XXXXXXXXXXXX",
"LaunchTemplateName": "eks-nodegroup-AZ2",
"Version": "$Latest"
},
"MinSize": 1,
"MaxSize": 6,
"DesiredCapacity": 1,
"DefaultCooldown": 300,
"AvailabilityZones": [
"eu-central-1b"
],
"LoadBalancerNames": [],
"TargetGroupARNs": [],
"HealthCheckType": "EC2",
"HealthCheckGracePeriod": 300,
"Instances": [
{
"InstanceId": "i-XXXXXXXXXXXX",
"AvailabilityZone": "eu-central-1b",
"LifecycleState": "InService",
"HealthStatus": "Healthy",
"LaunchTemplate": {
"LaunchTemplateId": "lt-XXXXXXXXXX",
"LaunchTemplateName": "eks-nodegroup-AZ2",
"Version": "1"
},
"ProtectedFromScaleIn": false
}
],
"CreatedTime": "2019-09-24T17:24:57.982Z",
"SuspendedProcesses": [],
"VPCZoneIdentifier": "subnet-XXXXXXXX",
"EnabledMetrics": [],
"Tags": [
{
"ResourceId": "eks-nodegroup-AZ2",
"ResourceType": "auto-scaling-group",
"Key": "Name",
"Value": "eks-nodegroup-AZ2",
"PropagateAtLaunch": true
},
{
"ResourceId": "eks-nodegroup-AZ2",
"ResourceType": "auto-scaling-group",
"Key": "k8s.io/cluster-autoscaler/enabled",
"Value": "true",
"PropagateAtLaunch": true
},
{
"ResourceId": "eks-nodegroup-AZ2",
"ResourceType": "auto-scaling-group",
"Key": "k8s.io/cluster-autoscaler/k8s-team-sandbox",
"Value": "true",
"PropagateAtLaunch": true
},
{
"ResourceId": "eks-nodegroup-AZ2",
"ResourceType": "auto-scaling-group",
"Key": "kubernetes.io/cluster/k8s-team-sandbox",
"Value": "owned",
"PropagateAtLaunch": true
}
],
"TerminationPolicies": [
"Default"
],
"NewInstancesProtectedFromScaleIn": false,
"ServiceLinkedRoleARN": "arn:aws:iam::ARN:role/aws-service-role/autoscaling.amazonaws.com/AWSServiceRoleForAutoScaling"
}
]
}
I need to parse it to get :
{
"eks-nodegroup-AZ1" : "$DesiredCapacityForEks-nodegroup-AZ1",
"eks-nodegroup-AZ2" : "$DesiredCapacityForEks-nodegroup-AZ2",
"eks-nodegroup-AZ3" : "$DesiredCapacityForEks-nodegroup-AZ3",
"eks-nodegroup-AZX" : "$DesiredCapacityForEks-nodegroup-AZX",
}
The following expected output will be used for external data resource for terraform to be able to automate DesiredCapacity value during the ASG rolling-updates.
Thanks,
Dominik
Try with your response,
response | jq '.AutoScalingGroups[] | {(.AutoScalingGroupName): .DesiredCapacity}' | jq -s add

AWS Cloud Formation template fails with Invalid mapping expression parameter specified

I am working on an AWS Cloud Formation template for an endpoint with a path like /user/{uid}/cart. I need to create an integration with an HTTP host. I've been attempting to map {uid} into the Integration Request URL Path Parameters like so:
"x-amazon-apigateway-integration": {
"uri": "http://${stageVariables.httpHost}/user/{uid}/cart",
"contentHandling": "CONVERT_TO_TEXT",
"timeoutInMillis": 29000,
"connectionType": "INTERNET",
"httpMethod": "PUT",
"passthroughBehavior": "WHEN_NO_MATCH",
"type": "HTTP_PROXY",
"requestParameters": {
"integration.request.path.uid" : "method.request.path.uid"
}...
I keep getting this error and I'm not sure what I'm doing wrong.
Errors found during import: Unable to put integration on 'PUT' for resource at path '/user/{uid}/cart': Invalid mapping expression specified: Validation Result: warnings : [], errors : [Invalid mapping expression parameter specified: method.request.path.uid]
Here's the full template
{
"Parameters": {
"AccessControlAllowOrigin": {
"Type": "String",
"Default": "*"
}
},
"Resources": {
"ConfigApi": {
"Type": "AWS::ApiGateway::RestApi",
"Properties": {
"Body": {
"swagger": "2.0",
"tags": [
{
"name": "users",
"description": "secure user calls"
}
],
"schemes": [
"https"
],
"paths": {
"/user/{uid}/cart": {
"parameters": [
{
"name": "uid",
"in": "path",
"description": "user id",
"required": true,
"type": "string",
"format": "uuid"
}
],
"put": {
"tags": [
"users",
"cart"
],
"summary": "When called, this endpoint completes the user cart and puts their cart into their library",
"operationId": "completeusercart",
"description": "Completes the user cart\n",
"produces": [
"application/json"
],
"responses": {
"200": {
"description": "the user identifier",
"headers": {
"Access-Control-Allow-Origin": {
"type": "string"
},
"Access-Control-Allow-Headers": {
"type": "string"
}
},
"schema": {
"type": "string"
}
}
},
"x-amazon-apigateway-integration": {
"uri": "http://${stageVariables.httpHost}/user/{uid}/cart",
"contentHandling": "CONVERT_TO_TEXT",
"timeoutInMillis": 29000,
"connectionType": "INTERNET",
"httpMethod": "PUT",
"passthroughBehavior": "WHEN_NO_MATCH",
"type": "HTTP_PROXY",
"requestParameters": {
"integration.request.path.uid" : "method.request.path.uid"
},
"responses": {
"default": {
"responseModels": {
"application/json": "Empty"
},
"responseParameters": {
"method.response.header.Access-Control-Allow-Origin": {
"Fn::Sub": "'${AccessControlAllowOrigin}'"
},
"method.response.header.Access-Control-Allow-Headers": "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
},
"statusCode": "200"
}
}
}
},
"options": {
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"responses": {
"200": {
"description": "200 response",
"schema": {
"$ref": "#/definitions/Empty"
},
"headers": {
"Access-Control-Allow-Origin": {
"type": "string"
},
"Access-Control-Allow-Methods": {
"type": "string"
},
"Access-Control-Allow-Headers": {
"type": "string"
}
}
}
},
"x-amazon-apigateway-integration": {
"httpMethod": "OPTIONS",
"passthroughBehavior": "WHEN_NO_MATCH",
"requestTemplates": {
"application/json": "{\"statusCode\": 200}"
},
"type": "MOCK",
"timeoutInMillis": 29000,
"responses": {
"2\\d{2}": {
"responseParameters": {
"method.response.header.Access-Control-Allow-Origin": {
"Fn::Sub": "'${AccessControlAllowOrigin}'"
},
"method.response.header.Access-Control-Allow-Methods": "'PUT,OPTIONS'",
"method.response.header.Access-Control-Allow-Headers": "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'"
},
"statusCode": "200"
},
"4\\d{2}": {
"statusCode": "403"
},
"5\\d{2}": {
"statusCode": "403"
}
}
}
}
}
},
"definitions": {
"Empty": {
"type": "object",
"title": "Empty Schema"
}
}
}
}
},
"ConfigApiStage": {
"Type": "AWS::ApiGateway::Stage",
"Properties": {
"DeploymentId": {
"Ref": "ApiDeployment"
},
"MethodSettings": [
{
"DataTraceEnabled": true,
"HttpMethod": "*",
"LoggingLevel": "INFO",
"ResourcePath": "/*"
}
],
"RestApiId": {
"Ref": "ConfigApi"
},
"Variables": {
"httpHost": "0.0.0.0"
},
"StageName": "LATEST"
}
},
"ApiDeployment": {
"Type": "AWS::ApiGateway::Deployment",
"Properties": {
"RestApiId": {
"Ref": "ConfigApi"
},
"StageName": "DummyStage"
}
}
}
}
Thanks for your help!
The issue was the placement of the parameters. These need to be under the PUT rather than under the path.
"paths": {
"/user/{uid}/cart": {
"put": {
"tags": [
"users",
"cart"
],
"parameters": [
{
"name": "uid",
"in": "path",
"description": "user id",
"required": true,
"type": "string",
"format": "uuid"
}
],...

Testing Event pattern in AWS lambda

I am pretty new to AWS and trying to update VPC security group when an Event is triggered by ELB
my Event pattern is something like below
{
"userIdentity": {
"invokedBy": [
"elasticloadbalancing.amazonaws.com"
]
},
"eventSource": [
"ec2.amazonaws.com"
],
"eventName": [
"CreateNetworkInterface"
]
}
and sample event is
{
"eventVersion": "1.05",
"userIdentity": {
"type": "Root",
"principalId": "233000205727",
"arn": "arn:aws:iam::233000205727:root",
"accountId": "233000205727",
"userName": "jmfe",
"invokedBy": "elasticloadbalancing.amazonaws.com"
},
"eventTime": "2017-04-15T09:10:30Z",
"eventSource": "ec2.amazonaws.com",
"eventName": "CreateNetworkInterface",
"awsRegion": "us-east-1",
"sourceIPAddress": "elasticloadbalancing.amazonaws.com",
"userAgent": "elasticloadbalancing.amazonaws.com",
"requestParameters": {
"subnetId": "subnet-2dbdf874",
"description": "ELB app/prod-artifactory-b-01-alb/73090a08b6f70469",
"groupSet": {
"items": [
{
"groupId": "sg-3a3b9a47"
}
]
},
"privateIpAddressesSet": {}
},
"responseElements": {
"networkInterface": {
"networkInterfaceId": "eni-4ad99293",
"internalInterfaceId": "interface-4ad99293",
"subnetId": "subnet-2dbdf874",
"vpcId": "vpc-876a77e2",
"availabilityZone": "us-east-1d",
"description": "ELB app/prod-artifactory-b-01-alb/73090a08b6f70469",
"ownerId": "233000205727",
"requesterId": "210368014644",
"requesterManaged": true,
"status": "pending",
"macAddress": "0e:61:f3:36:52:da",
"privateIpAddress": "10.19.84.120",
"privateDnsName": "ip-10-19-84-120.ec2.internal",
"sourceDestCheck": true,
"groupSet": {
"items": [
{
"groupId": "sg-3a3b9a47",
"groupName": "prod-artifactory-b-artifactory-01_client_sg"
}
]
},
"attachableToInstanceBySet": {},
"associableWithElasticIpBySet": {},
"privateIpAddressesSet": {
"item": [
{
"privateIpAddress": "10.19.84.120",
"privateDnsName": "ip-10-19-84-120.ec2.internal",
"primary": true
}
]
},
"ipv6AddressesSet": {},
"tagSet": {}
}
},
"requestID": "064477de-13d2-4e9c-b579-b69a2e6c4882",
"eventID": "0928e0db-89c3-4b33-abd5-62020854599a",
"eventType": "AwsApiCall",
"recipientAccountId": "233000205727"
}
{
"userIdentity": {
"invokedBy": ["elasticloadbalancing.amazonaws.com"]
},
"eventSource": ["ec2.amazonaws.com"],
"eventName": ["CreateNetworkInterface"]
}
I have created a rule with the above event pattern and want to call an AWS lambda function , the code is in python 3.6 and its just a simple hello world
def lambda_handler(event, context):
# TODO implement
return 'Hello from Lambda test'
When ever I test the lambda function with example event (from AWS console) it always Shows 'Hello from Lambda test' , I think I am not able to test the event and event pattern matching , I have changes the event and event pattern with garbage values and still the result is always pass, question is how to test the event and event pattern and see if the event pattern is working correctly within the rule