├── .gitignore ├── Gruntfile.js ├── LICENSE ├── README.md ├── package.json ├── src ├── aurora_manager.js ├── batch_manager.js ├── configuration.js ├── index.js └── logger.js ├── template.json └── zip_lambda_code.sh /.gitignore: -------------------------------------------------------------------------------- 1 | .jscsrc 2 | node_modules 3 | lib 4 | environment 5 | *.zip 6 | -------------------------------------------------------------------------------- /Gruntfile.js: -------------------------------------------------------------------------------- 1 | module.exports = function(grunt) { 2 | // Project configuration. 3 | grunt.initConfig({ 4 | pkg: grunt.file.readJSON('package.json'), 5 | options: { 6 | banner: '/*! <%= pkg.name %> <%= grunt.template.today("yyyy-mm-dd") %> */\n' 7 | }, 8 | run: { 9 | babel: { 10 | exec: 'node node_modules/babel-cli/bin/babel --presets es2015 -d lib --watch src' 11 | } 12 | } 13 | }); 14 | 15 | // Load the plugin that provides the "run" task. 16 | grunt.loadNpmTasks('grunt-run'); 17 | 18 | // Default task(s). 19 | //grunt.registerTask('default', ['run:babel']); 20 | }; 21 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | The MIT License (MIT) 2 | 3 | Copyright (c) 2016 GorillaStack 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # lambda-vpc-example 2 | 3 | ## Overview 4 | 5 | This repository contains the CloudFormation template to create: 6 | 7 | 1. a VPC 8 | 1. two private subnets 9 | 1. a HA RDS cluster running Aurora within the private subnets 10 | 1. a role for a lambda function 11 | 1. a lambda function that can connect to the Aurora DB 12 | 13 | The purpose of this is to illustrate how complex batch jobs with access to dark corners of your team's networking can be replaced by lambda functions for the purposes for cost savings. 14 | 15 | Read more about this in [our blog post](http://blog.gorillastack.com/open-source-aws-lambda/). 16 | 17 | ## Using this code 18 | 19 | This code designed to construct an example of a lambda function connecting to resources in a VPC. To reuse the code with your existing VPC, just take the part of the template that defines the lambda execution role, the target assumed role and the lambda function itself. 20 | 21 | ## Setup 22 | 23 | ### 1. Build and upload code to s3 24 | 25 | #### Install all dependencies 26 | 27 | Run `npm install` to install all dependencies for this repository. 28 | 29 | #### Start babel (the es6 to es5 transpiler) 30 | 31 | In liew of support for ecmascript2015 in the lambda execution environment, we transpile our es6/ecmascript2015 code to es5. We have made a grunt task to kick off this transpiler in watch mode, so during development, as you save your files, they are transpiled automatically. 32 | 33 | ``` 34 | # if you have grunt installed globally already: 35 | $ grunt run:babel 36 | 37 | # otherwise, use the local grunt module: 38 | $ node_modules/grunt-cli/bin/grunt run:babel 39 | ``` 40 | 41 | #### Build zipfile for s3 upload 42 | 43 | NB: your code must have been transpiled already in order to successfully run in s3. 44 | 45 | Use the `zip_lambda_code.sh` script provided in the repository to zip all relevant code and modules for lambda. 46 | 47 | ``` 48 | $ bash zip_lambda_code.sh 49 | ``` 50 | 51 | #### Choose or create bucket to house your code 52 | 53 | When creating a lambda function from s3 code, we need the s3 bucket to be in the same region as we are running our CloudFormation stack. Using the AWS CLI, take a look at what buckets you have available to store the lambda code: 54 | 55 | ``` 56 | $ aws s3 ls 57 | 58 | 2016-02-19 11:21:06 cf-templates-11111-ap-northeast-1 59 | 2015-10-08 11:59:04 cf-templates-11111-us-west-1 60 | 2015-08-16 12:51:34 random-logs 61 | 2015-10-13 22:38:14 some-bucket 62 | ... 63 | ``` 64 | 65 | If there is no bucket appropriate to store your code, create a new one. 66 | 67 | ``` 68 | $ aws s3 mb s3://my-lambdas --region 69 | 70 | make_bucket: s3://my-lambdas/ 71 | ``` 72 | 73 | #### Upload the code to s3 74 | 75 | ``` 76 | $ aws s3 cp lambda.zip s3://my-lambdas 77 | 78 | upload: ./lambda.zip to s3://my-lambdas/lambda.zip 79 | ``` 80 | 81 | ### 2. Create the periodic event source 82 | 83 | Unfortunately, CloudFormation does not yet support the creation of events and rules. For now, we have to create this via the AWS CLI. 84 | 85 | ``` 86 | $ aws events put-rule --name fire-every-5-minutes --region --schedule-expression "rate(5 minutes)" 87 | 88 | { 89 | "RuleArn": "arn:aws:events:::rule/fire-every-5-minutes" 90 | } 91 | ``` 92 | 93 | 94 | ### 3. Build your stack 95 | 96 | #### Amend the CloudFormation template provided 97 | 98 | The example CloudFormation template in the file '`template.json`' builds a VPC with two private subnets, containing a two node HA-Aurora cluster and our lambda function, with the CloudWatch alarm periodic trigger. 99 | 100 | Feel free to use the template as it comes, but you will probably just want to lift out the appropriate sections and use in your own existing CloudFormation templates. 101 | 102 | #### Substitute variables into the CloudFormation template 103 | 104 | Most important one to substitute is the RuleArn from the step above. 105 | 106 | #### Manually add VPC configuration for our lambda function 107 | 108 | This new VPC configuration option for lambda functions is not yet exposed via CloudFormation. Real pain! While we wait for its implementation in CloudFormation, add this configuration via the AWS CLI as follows: 109 | 110 | ``` 111 | $ aws lambda update-function-configuration --function-name --vpc-config SubnetIds=string,string,SecurityGroupIds=string,string 112 | 113 | ``` 114 | 115 | #### Associate the CloudWatch event rule as a source event for our lambda function 116 | 117 | In our CloudFormation template, we create a CloudWatch event rule to periodically create an event. Because there is no support for these event sources anywhere other than in the AWS console, this is one manual step we must make via the console. 118 | 119 | ![lambda config](https://s3-ap-southeast-2.amazonaws.com/gorillastack-random-public/lambda1.png) 120 | 121 | 1. Under your Lambda function, go to 'Event sources'. 122 | 1. Click 'Add event source' 123 | 1. Select your event from those listed 124 | 125 | ![lambda event source config](https://s3-ap-southeast-2.amazonaws.com/gorillastack-random-public/lambda2.png) 126 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "lambda-vpc-example", 3 | "version": "1.0.0", 4 | "description": "example of lambda function that can connect to resources in private subnets of non default vpc", 5 | "main": "lib/index.js", 6 | "private": "true", 7 | "dependencies": { 8 | "babel-polyfill": "^6.5.0", 9 | "co": "^4.6.0", 10 | "mysql": "^2.10.2", 11 | "winston": "^2.1.1" 12 | }, 13 | "devDependencies": { 14 | "babel-cli": "^6.5.1", 15 | "babel-preset-es2015": "^6.5.0", 16 | "grunt": "^0.4.5", 17 | "grunt-cli": "^0.1.13", 18 | "grunt-run": "^0.5.2" 19 | }, 20 | "scripts": { 21 | "test": "echo \"Error: no test specified\" && exit 1" 22 | }, 23 | "repository": { 24 | "type": "git", 25 | "url": "git+ssh://git@bitbucket.org/gorillastack/lambda-vpn-cloudformation.git" 26 | }, 27 | "author": "Elliott Spira", 28 | "license": "UNLICENSED", 29 | "homepage": "https://bitbucket.org/gorillastack/lambda-vpn-cloudformation#readme" 30 | } 31 | -------------------------------------------------------------------------------- /src/aurora_manager.js: -------------------------------------------------------------------------------- 1 | import mysql from 'mysql'; 2 | 3 | const DEFAULT_DATABASE_NAME = 'exDB'; 4 | 5 | class AuroraManager { 6 | constructor(host, user, password, database) { 7 | this.host = host; 8 | this.user = user; 9 | this.password = password; 10 | this.database = database || DEFAULT_DATABASE_NAME; 11 | } 12 | 13 | connect() { 14 | this.connection = mysql.createConnection({ 15 | host: this.host, 16 | user: this.user, 17 | password: this.password, 18 | database: this.database 19 | }); 20 | 21 | this.connection.connect(); 22 | } 23 | 24 | disconnect() { 25 | this.connection.end(); 26 | } 27 | 28 | /** 29 | * queryPromise 30 | * 31 | * Call mysql.query in any of its 3 forms (sqlString), (sqlString, values), (options) 32 | * Do not provide the callback function argument 33 | */ 34 | queryPromise(...args) { 35 | let _this = this; 36 | return new Promise((resolve, reject) => { 37 | const callback = (error, results, fields) => { 38 | if (error) { 39 | reject(error); 40 | } else { 41 | resolve(results); 42 | } 43 | }; 44 | 45 | args.push(callback); 46 | _this.connection.query.apply(_this.connection, args); 47 | }); 48 | } 49 | }; 50 | 51 | export default AuroraManager; 52 | -------------------------------------------------------------------------------- /src/batch_manager.js: -------------------------------------------------------------------------------- 1 | /** 2 | * batchTask 3 | * 4 | * Example batch task function 5 | * Calls relevant logic within object of BatchManager class 6 | * 7 | * @return {Promise} 8 | */ 9 | 10 | import config from './configuration'; 11 | import AuroraManager from './aurora_manager'; 12 | 13 | import co from 'co'; 14 | 15 | export function batchTask(logger) { 16 | let batchManager = new BatchManager(logger); 17 | return new Promise((resolve, reject) => { 18 | batchManager.execute().then((result) => { 19 | logger.info('Successfully ran batch task', result); 20 | resolve(result); 21 | }, (error) => { 22 | logger.error('Could not run batch task', error); 23 | reject(error); 24 | }); 25 | }); 26 | }; 27 | 28 | /** 29 | * BatchManager 30 | * 31 | * Class for example batch execution logic 32 | */ 33 | class BatchManager { 34 | constructor(logger) { 35 | this.logger = logger; 36 | this.auroraManager = new AuroraManager(config.DB_HOST, config.DB_USER, config.DB_PASSWORD, config.DB_DATABASE); 37 | } 38 | 39 | execute() { 40 | let _this = this; 41 | return co(function* () { 42 | // setup connection 43 | _this.auroraManager.connect(); 44 | 45 | yield _this.guaranteeInvocationCountTable(); 46 | yield _this.writeInvocationCountRecord(); 47 | 48 | // teardown connection 49 | _this.auroraManager.disconnect(); 50 | 51 | return true; 52 | }); 53 | } 54 | 55 | guaranteeInvocationCountTable() { 56 | let _this = this; 57 | 58 | let command = 'CREATE TABLE IF NOT EXISTS invocation_count (' 59 | + 'entry_id INT(11) NOT NULL AUTO_INCREMENT PRIMARY KEY, ' 60 | + 'execution_date DATETIME DEFAULT CURRENT_TIMESTAMP)'; 61 | 62 | return _this.auroraManager.queryPromise(command); 63 | } 64 | 65 | writeInvocationCountRecord() { 66 | let _this = this; 67 | 68 | return _this.auroraManager.queryPromise('INSERT INTO invocation_count SET ?', { 69 | execution_date: new Date 70 | }); 71 | } 72 | }; 73 | -------------------------------------------------------------------------------- /src/configuration.js: -------------------------------------------------------------------------------- 1 | export default { 2 | LOG_LEVEL: 'info', 3 | DB_USER: 'example', 4 | DB_PASSWORD: 'password', 5 | DB_HOST: 'testaurora-auroracluster-xxxxxxx.cluster-iiiii.ap-northeast-1.rds.amazonaws.com' 6 | }; 7 | -------------------------------------------------------------------------------- /src/index.js: -------------------------------------------------------------------------------- 1 | import 'babel-polyfill'; 2 | 3 | import loggerConstructor from './logger'; 4 | import {batchTask} from './batch_manager'; 5 | 6 | const logger = loggerConstructor(); 7 | 8 | export function handler(event, context) { 9 | logger.debug('BEGINNING Lambda function'); 10 | return new Promise((resolve, reject) => { 11 | batchTask(logger).then( 12 | (result) => { 13 | context.succeed(); 14 | }, 15 | 16 | (error) => { 17 | context.fail(error); 18 | } 19 | ).catch((error) => { 20 | context.fail(error); 21 | }); 22 | }); 23 | }; 24 | -------------------------------------------------------------------------------- /src/logger.js: -------------------------------------------------------------------------------- 1 | import config from './configuration'; 2 | 3 | export default function() { 4 | const winston = require('winston'); 5 | 6 | const logger = new (winston.Logger)({ 7 | transports: [ 8 | new winston.transports.Console({ 9 | level: config.LOG_LEVEL || 'debug', 10 | handleExceptions: true, 11 | json: true 12 | }) 13 | ] 14 | }); 15 | 16 | return logger; 17 | }; 18 | -------------------------------------------------------------------------------- /template.json: -------------------------------------------------------------------------------- 1 | { 2 | "Description" : "GorillaStack CloudFormation Sample Template VPC_With_RDS_Aurora_And_Lambda: Sample template showing how to create a private subnet in a VPC with an RDS instance and configure a lambda function to access this instance.", 3 | "Parameters" : { 4 | "VPCCIDR" : { 5 | "Type" : "String", 6 | "Description" : "IP Address range for the VPC", 7 | "MinLength": "9", 8 | "MaxLength": "18", 9 | "Default": "10.12.0.0/16", 10 | "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", 11 | "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x." 12 | }, 13 | 14 | "PrivateSubnetACIDR" : { 15 | "Type" : "String", 16 | "Description" : "IP Address range for the VPN connected Subnet", 17 | "MinLength": "9", 18 | "MaxLength": "18", 19 | "Default": "10.12.0.0/24", 20 | "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", 21 | "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x." 22 | }, 23 | 24 | "PrivateSubnetBCIDR" : { 25 | "Type" : "String", 26 | "Description" : "IP Address range for the VPN connected Subnet", 27 | "MinLength": "9", 28 | "MaxLength": "18", 29 | "Default": "10.12.1.0/24", 30 | "AllowedPattern": "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})", 31 | "ConstraintDescription": "must be a valid IP CIDR range of the form x.x.x.x/x." 32 | }, 33 | 34 | "AvailabilityZoneA" : { 35 | "Type" : "String", 36 | "Description" : "First AvailabilityZone", 37 | "Default": "ap-northeast-1a" 38 | }, 39 | 40 | "AvailabilityZoneB" : { 41 | "Type" : "String", 42 | "Description" : "Second AvailabilityZone", 43 | "Default": "ap-northeast-1c" 44 | }, 45 | 46 | "CodeS3Bucket" : { 47 | "Type" : "String", 48 | "Description" : "S3 bucket in which the code is located" 49 | }, 50 | 51 | "CodeS3Key" : { 52 | "Type" : "String", 53 | "Description" : "String of path to the code zip file in the s3 bucket", 54 | "Default": "lambda.zip" 55 | }, 56 | 57 | "EventSourceArn" : { 58 | "Type" : "String", 59 | "Description" : "Arn of the event source we want to listen to" 60 | }, 61 | 62 | "DatabaseName" : { 63 | "Type" : "String", 64 | "Description" : "Name of up to 8 characters to identify your database", 65 | "AllowedPattern": "\\w{1,8}", 66 | "Default": "exDB" 67 | }, 68 | 69 | "DBMasterUsername" : { 70 | "Type" : "String", 71 | "Description" : "Master username for the DB cluster", 72 | "Default": "example" 73 | }, 74 | 75 | "DBMasterUserPassword" : { 76 | "Type" : "String", 77 | "Description" : "Master user's password for the DB cluster", 78 | "Default": "password" 79 | }, 80 | 81 | "DBInstanceClass" : { 82 | "Type": "String", 83 | "Description": "Database instance type", 84 | "Default": "db.r3.large" 85 | } 86 | }, 87 | 88 | "Resources" : { 89 | 90 | "VPC" : { 91 | "Type" : "AWS::EC2::VPC", 92 | "Properties" : { 93 | "EnableDnsSupport" : "true", 94 | "EnableDnsHostnames" : "true", 95 | "CidrBlock" : { "Ref" : "VPCCIDR" }, 96 | "Tags" : [ 97 | { "Key" : "Application", "Value" : { "Ref" : "AWS::StackName" } }, 98 | { "Key" : "Network", "Value" : "VPN Connected VPC" } 99 | ] 100 | } 101 | }, 102 | 103 | "PrivateSubnetA" : { 104 | "Type" : "AWS::EC2::Subnet", 105 | "Properties" : { 106 | "VpcId" : { "Ref" : "VPC" }, 107 | "AvailabilityZone" : { "Ref" : "AvailabilityZoneA" }, 108 | "CidrBlock" : { "Ref" : "PrivateSubnetACIDR" }, 109 | "Tags" : [ 110 | { "Key" : "Application", "Value" : { "Ref" : "AWS::StackName" } }, 111 | { "Key" : "Subnet Type", "Value" : "Private" } 112 | ] 113 | } 114 | }, 115 | 116 | 117 | "PrivateSubnetB" : { 118 | "Type" : "AWS::EC2::Subnet", 119 | "Properties" : { 120 | "VpcId" : { "Ref" : "VPC" }, 121 | "CidrBlock" : { "Ref" : "PrivateSubnetBCIDR" }, 122 | "AvailabilityZone" : { "Ref" : "AvailabilityZoneB" }, 123 | "Tags" : [ 124 | { "Key" : "Application", "Value" : { "Ref" : "AWS::StackName" } }, 125 | { "Key" : "Subnet Type", "Value" : "Private" } 126 | ] 127 | } 128 | }, 129 | 130 | "VPCSecurityGroup" : { 131 | "Type" : "AWS::EC2::SecurityGroup", 132 | "Properties" : { 133 | "GroupDescription" : "Security Group for our private VPC", 134 | "SecurityGroupEgress" : [], 135 | "SecurityGroupIngress" : [{ 136 | "CidrIp" : { "Ref" : "VPCCIDR" }, 137 | "FromPort" : 3306, 138 | "IpProtocol" : "TCP", 139 | "ToPort" : 3306 140 | }], 141 | "VpcId" : { "Ref" : "VPC" } 142 | } 143 | }, 144 | 145 | "DBSubnetGroup": { 146 | "Type" : "AWS::RDS::DBSubnetGroup", 147 | "Properties" : { 148 | "DBSubnetGroupDescription" : "AuroraPrivateSubnetGroup", 149 | "SubnetIds" : [ { "Ref" : "PrivateSubnetA" }, { "Ref" : "PrivateSubnetB" } ] 150 | } 151 | }, 152 | 153 | "AuroraCluster": { 154 | "Type" : "AWS::RDS::DBCluster", 155 | "Properties" : { 156 | "DBSubnetGroupName" : { "Ref": "DBSubnetGroup" }, 157 | "DatabaseName" : { "Ref" : "DatabaseName" }, 158 | "Engine" : "aurora", 159 | "MasterUsername" : { "Ref" : "DBMasterUsername" }, 160 | "MasterUserPassword" : { "Ref" : "DBMasterUserPassword" }, 161 | "VpcSecurityGroupIds" : [ { "Ref" : "VPCSecurityGroup" } ] 162 | } 163 | }, 164 | 165 | "AuroraNode1": { 166 | "Type" : "AWS::RDS::DBInstance", 167 | "Properties" : { 168 | "DBClusterIdentifier" : { "Ref": "AuroraCluster" }, 169 | "DBSubnetGroupName" : { "Ref" : "DBSubnetGroup" }, 170 | "Engine" : "aurora", 171 | "DBInstanceClass" : { "Ref" : "DBInstanceClass" }, 172 | "AvailabilityZone" : { "Fn::GetAtt" : [ "PrivateSubnetA", "AvailabilityZone" ] }, 173 | "PubliclyAccessible" : false 174 | } 175 | }, 176 | 177 | "AuroraNode2": { 178 | "Type" : "AWS::RDS::DBInstance", 179 | "Properties" : { 180 | "DBClusterIdentifier" : { "Ref": "AuroraCluster" }, 181 | "DBSubnetGroupName" : { "Ref" : "DBSubnetGroup" }, 182 | "Engine" : "aurora", 183 | "DBInstanceClass" : { "Ref" : "DBInstanceClass" }, 184 | "AvailabilityZone" : { "Fn::GetAtt" : [ "PrivateSubnetB", "AvailabilityZone" ] }, 185 | "PubliclyAccessible" : false 186 | } 187 | }, 188 | 189 | "LambdaExecutionRole": { 190 | "Type": "AWS::IAM::Role", 191 | "Properties": { 192 | "AssumeRolePolicyDocument": { 193 | "Version" : "2012-10-17", 194 | "Statement": [ { 195 | "Effect": "Allow", 196 | "Principal": { 197 | "Service": [ "lambda.amazonaws.com" ] 198 | }, 199 | "Action": [ "sts:AssumeRole" ] 200 | } ] 201 | }, 202 | "Path": "/", 203 | "Policies": [ 204 | { 205 | "PolicyName": "LambdaExecutionRolePolicy", 206 | "PolicyDocument" : { 207 | "Version": "2012-10-17", 208 | "Statement": [ 209 | { 210 | "Effect": "Allow", 211 | "Action": [ 212 | "logs:CreateLogGroup", 213 | "logs:CreateLogStream", 214 | "logs:PutLogEvents" 215 | ], 216 | "Resource": "arn:aws:logs:*:*:*" 217 | }, 218 | { 219 | "Effect": "Allow", 220 | "Action": [ 221 | "s3:GetObject", 222 | "s3:ListBucket" 223 | ], 224 | "Resource": [ 225 | "arn:aws:s3:::*" 226 | ] 227 | }, 228 | { 229 | "Effect": "Allow", 230 | "Action": [ 231 | "ec2:CreateNetworkInterface", 232 | "ec2:DescribeNetworkInterfaces", 233 | "ec2:DeleteNetworkInterface" 234 | ], 235 | "Resource": [ 236 | "*" 237 | ] 238 | } 239 | ] 240 | } 241 | } 242 | ] 243 | } 244 | }, 245 | 246 | "LambdaFunction" : { 247 | "Type" : "AWS::Lambda::Function", 248 | "Properties" : { 249 | "Code" : { 250 | "S3Bucket" : { "Ref" : "CodeS3Bucket" }, 251 | "S3Key" : { "Ref" : "CodeS3Key" } 252 | }, 253 | "Description" : "example lambda function that can access VPC resources", 254 | "Runtime" : "nodejs", 255 | "Handler" : "index.handler", 256 | "Role" : { "Fn::GetAtt" : [ "LambdaExecutionRole", "Arn" ] } 257 | } 258 | } 259 | }, 260 | 261 | "Outputs" : { 262 | "VPCId" : { 263 | "Description" : "VPCId of the newly created VPC", 264 | "Value" : { "Ref" : "VPC" } 265 | }, 266 | "PrivateSubnetA" : { 267 | "Description" : "SubnetId of the private subnet", 268 | "Value" : { "Ref" : "PrivateSubnetA" } 269 | }, 270 | "PrivateSubnetB" : { 271 | "Description" : "SubnetId of the private subnet", 272 | "Value" : { "Ref" : "PrivateSubnetB" } 273 | }, 274 | "AuroraEndpoint" : { 275 | "Description" : "The connection endpoint for the DB cluster", 276 | "Value" : { "Fn::GetAtt" : [ "AuroraCluster", "Endpoint.Address" ] } 277 | }, 278 | "AuroraPort" : { 279 | "Description" : "The connection port for the DB cluster", 280 | "Value" : { "Fn::GetAtt" : [ "AuroraCluster", "Endpoint.Port" ] } 281 | }, 282 | "AuroraNode1" : { 283 | "Description" : "AuroraNode1", 284 | "Value" : { "Ref" : "AuroraNode1" } 285 | }, 286 | "AuroraNode2" : { 287 | "Description" : "AuroraNode2", 288 | "Value" : { "Ref" : "AuroraNode2" } 289 | }, 290 | "LambdaFunction" : { 291 | "Description" : "Lambda function ARN", 292 | "Value" : { "Fn::GetAtt" : ["LambdaFunction", "Arn"] } 293 | } 294 | } 295 | } 296 | -------------------------------------------------------------------------------- /zip_lambda_code.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | pushd lib 4 | zip -r lambda.zip * 5 | popd 6 | mv lib/lambda.zip . 7 | zip -g lambda.zip -r node_modules/ 8 | --------------------------------------------------------------------------------