In the AWS Lambda management console you can have test events associated with a function.
Is it possible to configure the test events when deploying the Lambda function using the AWS CDK such that the test events are ready to use when someone later views the function in the management console?
That is not possible at the moment as CloudFormation itself does not support this (see this answer). You can, as mentioned in the linked post, use a CloudFormation CustomResource to prepare the invocation.
Another option is to create a output that prepares a cli command with payload. So that you can just copy past the generated call aws lambda invoke --function-name {PopulateFromCDK} --payload '{"key": "value"}'
Related
Is there a way (using either the AWS CLI or some API) to programmatically remove a layer from an AWS lambda function?
That is, I know I can add or update a layer version by running something like the following
aws lambda update-function-configuration --function-name my-function-name --layer arn:aws:lambda:us-west-2:000000000:layer:layer-name:7
However, this only allows me to add or update the function's configuration. I'd like to programmatically remove the arn:aws:lambda:us-west-2:000000000:layer:layer-name:7 layer from the AWS function named my-function-name
The values passed to --layers (note: not --layer, which appears to be an alias to the actual option) option replaces your entire layers configuration. This means that, by passing an empty --layers
$ aws lambda update-function-configuration --function-name my-function-name --layers
you can remove your entire layers configuration.
I am trying to add a trigger rule to a lambda version using cli:
I try the following command:
aws events put-targets --rule rule-name --targets "Id"="1","Arn"="arn..."
This commands run successfully and I can see my lambda function in Event Bridge console under targets. But when I go to lambda function and to the version I don't see any trigger event being added.
I am not sure if this an error/bug or expected behavior. Is there a way to add a trigger event to a published version of lambda function such that it shows in trigger console (essentially to show that trigger event is added successfully) using aws cli.
Use CDK. It will work
Create a lambda function and a rule using cdk. Then you can add that rule to lambda.
This works with CDK. But it doesn't work with CLI as you said. The trigger doesn't get added in lambda.
Sample code:
Note: This is not the complete CDK code. This is just the part for creating lambda,rule and adding it to lambda. This example is in Python
fn = lambda_.Function(self, "Name",
runtime=lambda_.Runtime.PYTHON_3_7,
handler="index.lambda_handler",
role=custom_role,
code=lambda_.Code.from_asset(
os.path.join(
up_dir(__file__, 2),
"resources/lambda/pathtoyourcode",
)
),
)
# Run Every Minute
run_every_minute = _events.Rule(
self,
"runEveryMinute",
schedule=_events.Schedule.rate(core.Duration.minutes(1))
)
# Add Lambda to CW Event Rule
run_every_minute.add_target(_targets.LambdaFunction(fn))
Via awscli > $ aws s3api put-bucket-notification-configuration
CONSOLE
I have had the same problem, it's a little bit frustating but, i've found other way and maybe a more logical way. Triggers in Lambda Console only support a few message notification services. And seems to be mostly for test purposes. Although, there's a way to invoke your lambda function from an event in S3.
To configure S3 to send some event file at some lambda function from some event occurs on your bucket, just go to your bucket through this path in S3 Console:
BucketName > Properties > EventNotifications !
AWSCLI
there you can configure your event source, even awscli support it vi 's3api' service command:
#$ aws s3api put-bucket-notification # Deprecated
#$ aws s3api put-bucket-notification-configuration
the last one support the following destination from S3:
Lambda functions
SNS Topic
SQS Queue
Ref using S3 Triggers with Lambda https://docs.aws.amazon.com/lambda/latest/dg/with-s3-tutorial.html#with-s3-tutorial-configure-event-source
It seems like this is not possible at the moment. I have checked the aws-sdk and there is a createEventSourceMapping method but that one only allows for DynamoDB, Kinesis, etc.
https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Lambda.html#createEventSourceMapping-property
I want to have a cloud formation template to list all lambda functions for a particular region. I don't need to write a lambda code using list-function and call it inside my CFT.
I tried incorporating CLI command inside CFT but it didn't work
There is no way to directly add a aws cli command in a cloudformation template. Either you will have to create a EC2 instance and then run the CLI command in the user data or create a lambda backed custom resource to do it.
Both will complicate the simple CLI command.
aws lambda list-functions --region eu-west-1
CFN is just an orchestration tool. It cannot compute on itself.
Instead we can use a simple lambda python script and invoke the same in the CFT
import boto3
#Create an lambda client
client = boto3.client(
"lambda"
)
response = client.list_functions(
MasterRegion='string',
FunctionVersion='ALL',
Marker='string',
MaxItems=123
)
print(response)
I am new to AWS SSM, my requirement is I have a Lambda function created for which I have to invoke this lambda using an SSM Document is it achievable? If so how please explain.
Thanks in Advance
You cannot directly invoke Lambda from SSM. However, you can configure the SSM to write logs to AWS Cloudwatch. From Cloudwatch it is possible to invoke a Lambda function in response to logs.
The aws SAM local documentation states that SAM Local will invoke functions with my locally configured IAM credentials.
I want to test a cloudformation template that consists of a Lambda function and a role attached to this function that grants access to delete the content of ONE SPECIFIC s3 bucket. The bucket name is both a template parameter, and an argument to the lambda function. (Not sure it matters, but I don't use the serverless transformations in the CFN template.)
I avoid testing this function with my admin profile, since a typo in the bucket name will delete all contents of the wrong bucket.
What is the suggested workflow to test such a function?
What I'm currently doing:
Create a temporary IAM user/group
attach the policy to be tested to this group
export the access environment variables before calling sam local invoke
Is there a quicker way to do this?
Invoke Lambda with DryRun
Invoke the function with Dryrun to request AWS Lambda to not execute the function but do some verification, such as if the caller is authorized to invoke the function and if the inputs are valid.
aws lambda invoke --function-name <name> --invocation-type DryRun
Creating ChangeSets for Cloudformation: Change Sets = Dry Run Mode
Create a changeset with "create-change-set" and review the changes in the Console UI or CLI and then apply the changes using execute changes using the CLI or UI.
Create Changeset:
aws cloudformation create-change-set --stack-name example --template-body file://templates/instance_and_route53.yml --parameters file://parameters/instance_and_route53.json --change-set-name changeset-1
Execute Changeset
aws cloudformation execute-change-set --stack-name example --change-set-name changeset-1