2019年9月27日 星期五

How to delete AWS Config service

How to delete AWS Config service

最近在用 AWS Config,玩過以後想說要刪掉,結果發現在 console 找不到 delete config 功能,查了文件後,看起來只能用 cli 才砍得到,而且還不是一個 command,而是 ConfigurationRecorderDeliveryChannel 兩個 resources 分開,如下:
$ aws configservice delete-configuration-recorder --configuration-recorder-name default
$ aws configservice delete-delivery-channel --delivery-channel-name default

Reference

張貼者:Villebez 發表時間 沒有留言:
標籤:

2019年9月24日 星期二

AWS Application Load Balancers Rule Condition Types

AWS Application Load Balancers Rule Condition Types

host-header
Route based on the host name of each request.
path-pattern
Route based on path patterns in the request URLs.
http-header
Route based on the HTTP headers for each request.
http-request-method
Route based on the HTTP request method of each request.
query-string
Route based on key/value pairs or values in the query strings.
source-ip
Route based on the source IP address of each request.

Reference

張貼者:Villebez 發表時間 沒有留言:
標籤:

2019年9月9日 星期一

AWS SAM (Serverless Application Mode)

What Is the AWS Serverless Application Model (AWS SAM)

The AWS Serverless Application Model (AWS SAM) is an open-source framework that you can use to build serverless applications on AWS.
A serverless application is a combination of Lambda functions, event sources, and other resources that work together to perform tasks. Note that a serverless application is more than just a Lambda function—it can include additional resources such as APIs, databases, and event source mappings.
簡單來說,就是結合 Lambda function 跟事件來源、其他資源等 serverless 的組合技

AWS SAM template specification.

顧名思義,不解釋,自己看比較快:AWS Serverless Application Model Specification
下面提供兩個範例
example: s3 create object send event to lambda function
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: s3 create object send event to lambda function
Resources:
  MyLambda:
    Type: AWS::Serverless::Function
    Properties:
      Handler: my_lambda.my_handler
      Timeout: 300
      Runtime: python3.6
      Role: arn:aws:iam:::role/LambdaRole
      Events:
        S3Event:
          Type: S3
          Properties:
            Bucket: !Ref MyBucket
            Events: s3:ObjectCreated:*
  MyBucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName:
example: cloudwatch schecduled event (每天凌晨兩點) trigger lambda function
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: cloudwatch schecduled event trigger lambda function
Resources:
  MyLambda:
    Type: AWS::Serverless::Function
    Properties:
      Handler: my_lambda.my_handler
      Timeout: 300
      Runtime: python3.6
      Role: arn:aws:iam:::role/LambdaRole
      Events:
        MyEvent:
          Type: Schedule
          Properties:
            Schedule: cron(0 18 * * ? *)

AWS SAM command line interface (AWS SAM CLI)

The AWS SAM CLI lets you locally build, test, and debug serverless applications that are defined by AWS SAM templates.
可以在本機執行 Lambda Function,並且如果用使用 event source 的話,可以產生測試用的 event 方便本機測試;另外,可以結合 CI 服務,執行 build, package, deploy,做到 CI/CD

Install

$ pip install awscli
$ pip install aws-sam-cli

How to use

validate

顧名思義,驗證 template 寫法是否正確

build

可以配合使用 --use-container 參數解決第三方程式庫引入問題

--use-container

If your functions depend on packages that have natively compiled dependencies, use this flag to build your function inside an AWS Lambda-like Docker container

local

example
$ sam local invoke -e event.json MyLambda

invoke

Invokes a local Lambda function once.

generate-event

產生測試用的 event 方便本機測試
You can use this command to generate sample payloads from different event sources such as S3, 
API Gateway, and SNS. These payloads contain the information that the event sources send to your Lambda functions.

Generate the event that S3 sends to your Lambda function when a new object is uploaded
  $ sam local generate-event s3 [put/delete]

  You can even customize the event by adding parameter flags. To find which flags apply to your command,
  run:

  $ sam local generate-event s3 [put/delete] --help

  Then you can add in those flags that you wish to customize using

  $ sam local generate-event s3 [put/delete] --bucket  --key 

  After you generate a sample event, you can use it to test your Lambda function locally
  $ sam local generate-event s3 [put/delete] --bucket  --key  | sam local invoke
example: s3 create object event
{
  "Records": [
    {
      "eventVersion": "2.0",
      "eventSource": "aws:s3",
      "awsRegion": "ap-northeast-1",
      "eventTime": "1970-01-01T00:00:00.000Z",
      "eventName": "ObjectCreated:Put",
      "userIdentity": {
        "principalId": "EXAMPLE"
      },
      "requestParameters": {
        "sourceIPAddress": "127.0.0.1"
      },
      "responseElements": {
        "x-amz-request-id": "EXAMPLE123456789",
        "x-amz-id-2": "EXAMPLE123/5678abcdefghijklambdaisawesome/mnopqrstuvwxyzABCDEFGH"
      },
      "s3": {
        "s3SchemaVersion": "1.0",
        "configurationId": "testConfigRule",
        "bucket": {
          "name": "my_bucket",
          "ownerIdentity": {
            "principalId": "EXAMPLE"
          },
          "arn": "arn:aws:s3:::my_bucket"
        },
        "object": {
          "key": "test.txt",
          "size": 19,
          "eTag": "8a6da8606b1e063921d61dbaf8f5b643",
          "sequencer": "0A1B2C3D4E5F678901"
        }
      }
    }
  ]
}
example: cloudwatch scheduled event
{
  "id": "cdc73f9d-aea9-11e3-9d5a-835b769c0d9c",
  "detail-type": "Scheduled Event",
  "source": "aws.events",
  "account": "",
  "time": "1970-01-01T00:00:00Z",
  "region": "us-east-1",
  "resources": [
    "arn:aws:events:us-east-1:123456789012:rule/ExampleRule"
  ],
  "detail": {}
}

package

Package an AWS SAM application. This is an alias for 'aws cloudformation package'.

deploy

Deploy an AWS SAM application. This is an alias for 'aws cloudformation deploy'.
張貼者:Villebez 發表時間 沒有留言:
標籤: ,

2019年9月5日 星期四

AWS SAM (Serverless Application Mode) policy template occurred error

有用到 sam policy template 的時候,在 deploy 時 cloudformation 會需要 create role,這時就必須有 iam:createRole 權限,並且在 command line 加上 --capabilities CAPABILITY_IAM 參數,例如:
sam deploy --template-file packaged.yaml --stack-name example-stack --capabilities CAPABILITY_IAM
否則會出現這樣的錯誤
An error occurred (InsufficientCapabilitiesException) when calling the ExecuteChangeSet operation: Requires capabilities : [CAPABILITY_IAM]

Reference

This error is a security related message: it happens when you try to create
a CloudFormation stack that includes the creation of IAM related resources.
You have to explicitly tell CloudFormation that you are OK with that.
張貼者:Villebez 發表時間 沒有留言:
標籤: , ,

2019年9月4日 星期三

使用 requirements.txt 在不同環境管理套件相依

最近剛入門 Python,遇到了在不同環境執行結果不同的問題,原來是套件版本不同導致,所以紀錄一下~
wiki - What is pip
pip is a de facto standard package-management system used to install and manage software packages written in Python
Python 常常會使用 PIP / PIP3 安裝很多套件(Library),但是要移植到其它機器或者要做環境 freeze (避免升級造成程式問題),很常見的作法就是使用 requirements.txt 來限定套件與版本 。

PIP 倒出現有環境套件

$ pip freeze > requirements.txt

openpyxl==2.6.3
boto3==1.9.220

PIP 安裝 requirements.txt 的套件

$ pip install -r requirements.txt
張貼者:Villebez 發表時間 沒有留言:
標籤: ,
訂閱: 文章 (Atom)