From 7fca9f99504221640a1adca4cb54b0735abe1b23 Mon Sep 17 00:00:00 2001 From: fidelis-ogunsanmi Date: Mon, 25 Jul 2022 12:22:50 -0400 Subject: [PATCH] added changes for MOD9 --- 09-lambda/9-1-2.yaml | 124 +++++++++++++++++++++++++++++ 09-lambda/9-1-3.yaml | 116 +++++++++++++++++++++++++++ 09-lambda/9-2-1.yaml | 135 ++++++++++++++++++++++++++++++++ 09-lambda/exec.sh | 41 ++++++++++ 09-lambda/function/lambda.py | 25 ++++++ 09-lambda/lambda_one.py | 8 ++ 09-lambda/template.packaged.yml | 129 ++++++++++++++++++++++++++++++ 7 files changed, 578 insertions(+) create mode 100644 09-lambda/9-1-2.yaml create mode 100644 09-lambda/9-1-3.yaml create mode 100644 09-lambda/9-2-1.yaml create mode 100755 09-lambda/exec.sh create mode 100644 09-lambda/function/lambda.py create mode 100644 09-lambda/lambda_one.py create mode 100644 09-lambda/template.packaged.yml diff --git a/09-lambda/9-1-2.yaml b/09-lambda/9-1-2.yaml new file mode 100644 index 00000000..efcdecbb --- /dev/null +++ b/09-lambda/9-1-2.yaml @@ -0,0 +1,124 @@ +AWSTemplateFormatVersion: "2010-09-09" + +Parameters: + LambdaRoleName: + Type: String + Default: HelloLambdaRole + LambdaFunctionName: + Type: String + Default: SimpleHelloFunction + apiGatewayName: + Type: String + Default: my-api + apiGatewayStageName: + Type: String + AllowedPattern: "[a-z0-9]+" + Default: call + apiGatewayHTTPMethod: + Type: String + Default: POST + +Resources: + HelloLambdaRole: + Type: AWS::IAM::Role + Properties: + RoleName: !Ref LambdaRoleName + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Principal: + Service: lambda.amazonaws.com + Action: sts:AssumeRole + + HelloLambdaFunction: + Type: AWS::Lambda::Function + Properties: + FunctionName: HelloLambdaFunction + Role: !GetAtt HelloLambdaRole.Arn + Runtime: python3.7 + Handler: index.my_handler + Code: + ZipFile: | + import json + + def my_handler(event, context): + return { + 'statusCode': 200, + 'body': json.dumps('Hello AWS!') + } + + ApiGatewayRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: '' + Effect: 'Allow' + Principal: + Service: + - 'apigateway.amazonaws.com' + Action: + - 'sts:AssumeRole' + Path: '/' + Policies: + - PolicyName: apilambdaaccess + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: lambda:InvokeFunction + Resource: !GetAtt HelloLambdaFunction.Arn + + ApiGatewayRestApi: + Type: AWS::ApiGateway::RestApi + Properties: + Name: !Ref apiGatewayName + + ApiGatewayResource: + Type: AWS::ApiGateway::Resource + Properties: + ParentId: !GetAtt ApiGatewayRestApi.RootResourceId + PathPart: 'lambda' + RestApiId: !Ref ApiGatewayRestApi + + ApiGatewayMethod: + Type: AWS::ApiGateway::Method + Properties: + HttpMethod: POST + MethodResponses: + - StatusCode: "200" + AuthorizationType: AWS_IAM + Integration: + Type: AWS_PROXY + Credentials: !GetAtt ApiGatewayRole.Arn + IntegrationHttpMethod: POST + IntegrationResponses: + - StatusCode: "200" + Uri: !Sub 'arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${HelloLambdaFunction.Arn}/invocations' + OperationName: 'lambda' + ResourceId: !Ref ApiGatewayResource + RestApiId: !Ref ApiGatewayRestApi + + ApiGatewayModel: + Type: AWS::ApiGateway::Model + Properties: + ContentType: 'application/json' + RestApiId: !Ref ApiGatewayRestApi + Schema: {} + + ApiGatewayDeployment: + Type: AWS::ApiGateway::Deployment + DependsOn: ApiGatewayMethod + Properties: + Description: Lambda API Deployment + RestApiId: !Ref ApiGatewayRestApi + + ApiGatewayStage: + Type: AWS::ApiGateway::Stage + Properties: + DeploymentId: !Ref ApiGatewayDeployment + Description: Lambda API Stage v0 + RestApiId: !Ref ApiGatewayRestApi + StageName: 'v0' + \ No newline at end of file diff --git a/09-lambda/9-1-3.yaml b/09-lambda/9-1-3.yaml new file mode 100644 index 00000000..a572f438 --- /dev/null +++ b/09-lambda/9-1-3.yaml @@ -0,0 +1,116 @@ +AWSTemplateFormatVersion: "2010-09-09" + +Parameters: + LambdaRoleName: + Type: String + Default: HelloLambdaRole + LambdaFunctionName: + Type: String + Default: SimpleHelloFunction + apiGatewayName: + Type: String + Default: my-api + apiGatewayStageName: + Type: String + AllowedPattern: "[a-z0-9]+" + Default: call + apiGatewayHTTPMethod: + Type: String + Default: POST + +Resources: + HelloLambdaRole: + Type: AWS::IAM::Role + Properties: + RoleName: !Ref LambdaRoleName + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Principal: + Service: lambda.amazonaws.com + Action: sts:AssumeRole + + HelloLambdaFunction: + Type: AWS::Lambda::Function + Properties: + FunctionName: HelloLambdaFunction + Role: !GetAtt HelloLambdaRole.Arn + Runtime: python3.7 + Handler: lambda_one.my_handler + Code: lambda_one.py + + ApiGatewayRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: '' + Effect: 'Allow' + Principal: + Service: + - 'apigateway.amazonaws.com' + Action: + - 'sts:AssumeRole' + Path: '/' + Policies: + - PolicyName: apilambdaaccess + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: lambda:InvokeFunction + Resource: !GetAtt HelloLambdaFunction.Arn + + ApiGatewayRestApi: + Type: AWS::ApiGateway::RestApi + Properties: + Name: !Ref apiGatewayName + + ApiGatewayResource: + Type: AWS::ApiGateway::Resource + Properties: + ParentId: !GetAtt ApiGatewayRestApi.RootResourceId + PathPart: 'lambda' + RestApiId: !Ref ApiGatewayRestApi + + ApiGatewayMethod: + Type: AWS::ApiGateway::Method + Properties: + HttpMethod: POST + MethodResponses: + - StatusCode: "200" + AuthorizationType: AWS_IAM + Integration: + Type: AWS_PROXY + Credentials: !GetAtt ApiGatewayRole.Arn + IntegrationHttpMethod: POST + IntegrationResponses: + - StatusCode: "200" + Uri: !Sub 'arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${HelloLambdaFunction.Arn}/invocations' + OperationName: 'lambda' + ResourceId: !Ref ApiGatewayResource + RestApiId: !Ref ApiGatewayRestApi + + ApiGatewayModel: + Type: AWS::ApiGateway::Model + Properties: + ContentType: 'application/json' + RestApiId: !Ref ApiGatewayRestApi + Schema: {} + + ApiGatewayDeployment: + Type: AWS::ApiGateway::Deployment + DependsOn: ApiGatewayMethod + Properties: + Description: Lambda API Deployment + RestApiId: !Ref ApiGatewayRestApi + + ApiGatewayStage: + Type: AWS::ApiGateway::Stage + Properties: + DeploymentId: !Ref ApiGatewayDeployment + Description: Lambda API Stage v0 + RestApiId: !Ref ApiGatewayRestApi + StageName: 'v0' + \ No newline at end of file diff --git a/09-lambda/9-2-1.yaml b/09-lambda/9-2-1.yaml new file mode 100644 index 00000000..7a209054 --- /dev/null +++ b/09-lambda/9-2-1.yaml @@ -0,0 +1,135 @@ +AWSTemplateFormatVersion: '2010-09-09' + +Parameters: + LambdaRoleName: + Type: String + Default: HelloLambdaRole + LambdaFunctionName: + Type: String + Default: SimpleHelloFunction + apiGatewayName: + Type: String + Default: my-api + apiGatewayStageName: + Type: String + AllowedPattern: "[a-z0-9]+" + Default: call + apiGatewayHTTPMethod: + Type: String + Default: POST + +Resources: + LambdaFunction: + Type: AWS::Lambda::Function + Properties: + Handler: lambda.lambda_handler + Code: function/ + Role: !GetAtt LambdaExecutionRole.Arn + Runtime: python3.9 + + LambdaExecutionRole: + Type: AWS::IAM::Role + Properties: + RoleName: FidelisLambdaExecutionRole + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Principal: + Service: lambda.amazonaws.com + Action: sts:AssumeRole + Policies: + - PolicyName: LambdaPolicy + PolicyDocument: + Version: 2012-10-17 + Statement: + - Action: + - dynamodb:GetItem + - dynamodb:PutItem + - dynamodb:UpdateItem + Resource: !GetAtt DynamoTable.Arn + Effect: Allow + + DynamoTable: + Type: AWS::DynamoDB::Table + Properties: + TableName: FidelisMod9 + AttributeDefinitions: + - AttributeName: Key1 + AttributeType: S + KeySchema: + - AttributeName: Key1 + KeyType: HASH + ProvisionedThroughput: + ReadCapacityUnits: 5 + WriteCapacityUnits: 5 + + ApiGatewayRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: '' + Effect: 'Allow' + Principal: + Service: + - 'apigateway.amazonaws.com' + Action: + - 'sts:AssumeRole' + Path: '/' + Policies: + - PolicyName: apigw-lambda-access + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: lambda:InvokeFunction + Resource: !GetAtt LambdaFunction.Arn + + ApiGatewayRestApi: + Type: AWS::ApiGateway::RestApi + Properties: + Name: !Ref apiGatewayName + + ApiGatewayMethod: + Type: AWS::ApiGateway::Method + Properties: + HttpMethod: ANY + Integration: + Type: AWS + Credentials: !GetAtt ApiGatewayRole.Arn + IntegrationHttpMethod: POST + IntegrationResponses: + - StatusCode: "200" + Uri: !Sub "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${MyLambda.Arn}/invocations" + + OperationName: hello + ResourceId: !GetAtt ApiGatewayRestApi.RootResourceId + RestApiId: !Ref ApiGatewayRestApi + MethodResponses: + - StatusCode: "200" + AuthorizationType: AWS_IAM + + ApiGatewayDeployment: + Type: AWS::ApiGateway::Deployment + DependsOn: ApiGatewayMethod + Properties: + Description: Lambda API Deployment + RestApiId: !Ref ApiGatewayRestApi + + Type: AWS::Lambda::Permission + Properties: + Action: lambda:invokeFunction + FunctionName: !Ref LambdaFunction + Principal: apigateway.amazonaws.com + SourceArn: !Sub "arn:aws:execute-api:${AWS::Region}:${AWS::AccountId}:${ApiGatewayRestApi}" + +Outputs: + RestApiId: + Value: !Ref ApiGatewayRestApi + Export: + Name: FidelisMod9RestApiId + ResourceId: + Value: !GetAtt ApiGatewayRestApi.RootResourceId + Export: + Name: FidelisModule9ApiResourceId \ No newline at end of file diff --git a/09-lambda/exec.sh b/09-lambda/exec.sh new file mode 100755 index 00000000..c6f9ba23 --- /dev/null +++ b/09-lambda/exec.sh @@ -0,0 +1,41 @@ +#!/bin/bash + +PROFILE="labmfa" +TEMPLATE="9-1-3.yaml" +STACK_NAME="fidelisApi" +BUCKET="stelligent-u-fidelisogunsanmi" +OUTPUT_FILE="template.packaged.yml" +REGION="us-east-1" + +# validate stack +# aws cloudformation validate-template \ +# --template-body file://$TEMPLATE \ +# --profile $PROFILE + +# deploy the stack +# aws cloudformation deploy --template-file $TEMPLATE \ +# --stack-name $STACK_NAME --profile $PROFILE \ +# --capabilities CAPABILITY_NAMED_IAM \ +# --region $REGION + +# aws apigateway test-invoke-method --rest-api-id **** \ +# --resource-id **** \ +# --http-method POST --path-with-query-string '/lambda' \ +# --profile $PROFILE \ +# --region $REGION + +# aws cloudformation package +# aws cloudformation package \ +# --template-file $TEMPLATE \ +# --s3-bucket $BUCKET \ +# --output-template-file $OUTPUT_FILE \ +# --profile $PROFILE \ +# --region $REGION + +# aws cloudformation deploy +aws cloudformation deploy \ + --template-file $OUTPUT_FILE \ + --stack-name $STACK_NAME \ + --region $REGION \ + --capabilities CAPABILITY_NAMED_IAM \ + --profile $PROFILE \ No newline at end of file diff --git a/09-lambda/function/lambda.py b/09-lambda/function/lambda.py new file mode 100644 index 00000000..aa97c812 --- /dev/null +++ b/09-lambda/function/lambda.py @@ -0,0 +1,25 @@ +import json +import boto3 +import botocore + + +def lambda_handler(event, context): + dynamodb = boto3.client('dynamodb') + + first_key = event.get('key1') + second_key = event.get('key2') + table_name = 'FidelisMod9' + + try: + dynamodb.put_item(TableName=table_name, Item={ + 'Key1': {'S': first_key}, 'Key2': {'S': second_key}}) + + return { + 'statusCode': 200, + 'body': json.dumps(f'{first_key} and {second_key} written successfully to {table_name}') + } + except botocore.exceptions.ClientError as error: + return { + 'statusCode': 500, + 'body': json.dumps(f"{error.response.get('Error').get('Code')}") + } diff --git a/09-lambda/lambda_one.py b/09-lambda/lambda_one.py new file mode 100644 index 00000000..56de29f0 --- /dev/null +++ b/09-lambda/lambda_one.py @@ -0,0 +1,8 @@ +import json + + +def my_handler(event, context): + return { + 'statusCode': 200, + 'body': json.dumps('Hello AWS!') + } diff --git a/09-lambda/template.packaged.yml b/09-lambda/template.packaged.yml new file mode 100644 index 00000000..a8db93fe --- /dev/null +++ b/09-lambda/template.packaged.yml @@ -0,0 +1,129 @@ +AWSTemplateFormatVersion: '2010-09-09' +Parameters: + LambdaRoleName: + Type: String + Default: HelloLambdaRole + LambdaFunctionName: + Type: String + Default: SimpleHelloFunction + apiGatewayName: + Type: String + Default: my-api + apiGatewayStageName: + Type: String + AllowedPattern: '[a-z0-9]+' + Default: call + apiGatewayHTTPMethod: + Type: String + Default: POST +Resources: + HelloLambdaRole: + Type: AWS::IAM::Role + Properties: + RoleName: + Ref: LambdaRoleName + AssumeRolePolicyDocument: + Statement: + - Effect: Allow + Principal: + Service: lambda.amazonaws.com + Action: sts:AssumeRole + HelloLambdaFunction: + Type: AWS::Lambda::Function + Properties: + FunctionName: HelloLambdaFunction + Role: + Fn::GetAtt: + - HelloLambdaRole + - Arn + Runtime: python3.7 + Handler: lambda_one.my_handler + Code: + S3Bucket: stelligent-u-fidelisogunsanmi + S3Key: 712997f65aed8ee758e966e8ac3f3c9f + ApiGatewayRole: + Type: AWS::IAM::Role + Properties: + AssumeRolePolicyDocument: + Version: '2012-10-17' + Statement: + - Sid: '' + Effect: Allow + Principal: + Service: + - apigateway.amazonaws.com + Action: + - sts:AssumeRole + Path: / + Policies: + - PolicyName: apilambdaaccess + PolicyDocument: + Version: '2012-10-17' + Statement: + - Effect: Allow + Action: lambda:InvokeFunction + Resource: + Fn::GetAtt: + - HelloLambdaFunction + - Arn + ApiGatewayRestApi: + Type: AWS::ApiGateway::RestApi + Properties: + Name: + Ref: apiGatewayName + ApiGatewayResource: + Type: AWS::ApiGateway::Resource + Properties: + ParentId: + Fn::GetAtt: + - ApiGatewayRestApi + - RootResourceId + PathPart: lambda + RestApiId: + Ref: ApiGatewayRestApi + ApiGatewayMethod: + Type: AWS::ApiGateway::Method + Properties: + HttpMethod: POST + MethodResponses: + - StatusCode: '200' + AuthorizationType: AWS_IAM + Integration: + Type: AWS_PROXY + Credentials: + Fn::GetAtt: + - ApiGatewayRole + - Arn + IntegrationHttpMethod: POST + IntegrationResponses: + - StatusCode: '200' + Uri: + Fn::Sub: arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${HelloLambdaFunction.Arn}/invocations + OperationName: lambda + ResourceId: + Ref: ApiGatewayResource + RestApiId: + Ref: ApiGatewayRestApi + ApiGatewayModel: + Type: AWS::ApiGateway::Model + Properties: + ContentType: application/json + RestApiId: + Ref: ApiGatewayRestApi + Schema: {} + ApiGatewayDeployment: + Type: AWS::ApiGateway::Deployment + DependsOn: ApiGatewayMethod + Properties: + Description: Lambda API Deployment + RestApiId: + Ref: ApiGatewayRestApi + ApiGatewayStage: + Type: AWS::ApiGateway::Stage + Properties: + DeploymentId: + Ref: ApiGatewayDeployment + Description: Lambda API Stage v0 + RestApiId: + Ref: ApiGatewayRestApi + StageName: v0