How to export existing configured and tested infrastructure (including AWS Lambda functions, API Gateways, ElastiCache clusters, Cloudwatch rules) to Cloudformation template?
I know about Cloudformer tool, but it supports limited number of AWS services (Amazon VPC, DynamoDB, etc) and don't supports some of services which we use. Which tools and approaches can I use in my case for generating Cloudformation template?
Partial solution: there is ability to export Lambda function to AWS SAM file
and then
We will get YAML file which describes your Lambda function as 'AWS::Serverless::Function'. But there are few things - we can't export Lambda aliases with such approach. Also that doesn't help with API Gateway exporting.
CloudFormer was built for this, however, I agree with #MaiKaY that you should rewrite everything. CloudFormer will create hard-links with IDs, where you have to replace these with references, add parameters and/or mappings. It can help you get started, so you know what you need in the template.
Related
We were in the process of setting up AWS Config Rules and came across a bug in one of the AWS managed rules. During our conversation with the AWS support person, he has revealed that the AWS Config Rules are processed by AWS Lambda functions behind the scenes.
I am curious to know what other AWS services use AWS Lambda behind the scenes. For example, AWS Systems Manager documents.
Thanks for your time.
Not exhaustive list, but here are some more examples:
AWS::Include Transform which is a macro hosted by AWS CloudFormation, to insert boilerplate content into your templates.
AWS::Serverless Transform which is a macro hosted by AWS CloudFormation, takes an entire template written in the AWS Serverless Application Model (AWS SAM) syntax and transforms and expands it into a compliant AWS CloudFormation template
Secret Manager and its password rotation: If you use your secret for one of the supported Amazon RDS databases, then Secrets Manager provides the Lambda function for you. And Secrets Manager automatically customizes the function to meet the requirements of the specified database.
I'm developing an API using API Gateway + Lambda Functions. The company's website is at EC2 and its images are at EFS. I have to develop one API method to upload some images to EFS, but I can't find a way to do that. Is EFS even accessible from a lambda function?
Thanks in advance
AWS has released Lambda filesystem support. See these details for configuration information, including CloudFormation and SAM templates. The file system and the Lambda function must be in the same region, and the function must be attached to the VPC, though it may be in a different account.
I am trying to clone my aws account(prod) to another account(test) with all resources and configuration I have set up on prod. Is there any best practice to replicate the aws account to another?
This is not possible.
Nor is there an easy way to list all resources in an AWS account.
Each AWS Service (eg EC2, S3, Lambda) have their own API calls to list resources and describe configurations. There is no universal way to request this information.
Best Practice is to only create resources using AWS CloudFormation templates, thereby having full documentation of resources created and the ability to deploy similar infrastructure in other AWS accounts or regions.
Some third-party services (eg https://www.hava.io/) can extract configuration information and automatically create AWS CloudFormation templates. However, these templates only record the configuration of AWS resources -- they do not replicate the content of storage on disks, Amazon S3 or databases.
Does AWS CloudFormation allow creating templated for AWS Elastic Transcoder?
PS: I tried creating a DataPipeline, but no that is not the same as Transcoder pipeline
Not yet. The following page shows all available resource types for AWS Cloudformation:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html
You could use a python lambda function wrapped in a custom resource. With Lambda support in custom resources, services/features not currently supported can be accommodated in the template.
This github project shows how
https://github.com/mazerte/aws-cloudformation-elastic-transcoder-pipeline
I would like to know if is possible to configure
SNS Delivery Retry Policies through cloudFormation.
I couldn't find it in any online documentation. If such configuration is possible,
I would really appreciate if someone could post a snippet showing how to do it.
Thanks in Advance,
AWS CloudFormation sometimes doesn't cover all (new) API actions available within other AWS Products & Services, though they usually get introduced within a few month later on.
Unfortunately, despite SNS Delivery Retry Policies for HTTP/HTTPS Endpoints being introduced in December 2011 already, this feature is still not supported as of today.
Workaround
You might be able to implement a workaround with CloudFormation still by means of the dedicated CustomResource type, which are special AWS CloudFormation resources that provide a way for a template developer to include resources in an AWS CloudFormation stack that are provided by a source other than Amazon Web Services. - the AWS CloudFormation Custom Resource Walkthrough provides a good overview of what this is all about, how it works and what's required to implement your own.
Your custom resource would need to implement the missing support for delivery retry policies by explicitly calling the SetSubscriptionAttributes or SetTopicAttributes API actions with the apparently also undocumented DeliveryPolicy attribute as per the Sample Requests shown there, e.g.:
{
"healthyRetryPolicy":
{
"minDelayTarget": <int>,
"maxDelayTarget": <int>,
"numRetries": <int>,
"numMaxDelayRetries": <int>,
"backoffFunction": "<linear|arithmetic|geometric|exponential>"
},
"throttlePolicy":
{
"maxReceivesPerSecond": <int>
}
}
I was able to do this by firstly deploying an AWS SNS Topic using CDK. I then had to create a Lambda function to set the attributes of the topic.
I have created an example of how to do this in the following repository:
https://github.com/Milan9805/cdk-set-topic-attributes
There is a GitHub action in the repository that uses cdk to deploy the topic and lambda. Then it invokes the lambda to set the topic attributes.