I have only programmatic access to AWS cloud watch and other services. I created a lambda and event source mapping with DynamoDB. It uploaded and ran successfully but I don't know which log group is it logging. Is there a way through the CLI to check which log group a lambda is configured with?
Related
I would like to trigger an AWS Lambda Function whenever a new file is added to AWS FSX. This is in order to perform an action on the file using to the Lambda function that gets notified.
While considering AWS cloudtrail, Eventbridge and Cloudwatch to trigger the Lambda function; I was unable to find AWS FSX in the data source options for this monitoring resource in AWS. Any suggestion on what tool can be used?
ServiceNow integration with application
I have a spring boot application , that writes critical errors to a separate log flle. I would like to create a ServiceNow ticket for each unique entry in the log file . Can this be achieved?
you should have the option to trigger a script for the application logs. usually if you are using AWS cloud watch, you can trigger a lambda function and in the lambda function you can write a piece of code to trigger ServiceNow API for creating ServiceNow ticket.
Ref: https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/RunLambdaSchedule.html
https://docs.servicenow.com/bundle/geneva-servicenow-platform/page/integrate/inbound_rest/reference/r_TableAPIPythonExamples.html
I have a Spring Web Service deployed on Elastic Beanstalk. I'm using AWS CloudFormation for the infrastructure and I'm using AWS CodePipeline to deploy the web service automatically from merges to the master branch.
Recently I added DynamoDB integration, and I need to configure a couple things in my application.properties. I attempted to use environment variables to configure the application.properties but I hit a wall when trying to set the environment variables from CodeDeploy.
This is my application.properties
amazon.dynamodb.endpoint=${DYNAMODB_ENDPOINT:http://localhost:8000}
amazon.dynamodb.region=${AWS_REGION:default-region}
amazon.dynamodb.accesskey=${DYNAMODB_ACCESS_KEY:TestAccessKey}
amazon.dynamodb.secretkey=${DYNAMODB_SECRET_KEY:TestSecretKey}
spring.data.dynamodb.entity2ddl.auto = create-drop
spring.data.dynamodb.entity2ddl.gsiProjectionType = ALL
spring.data.dynamodb.entity2ddl.readCapacity = 10
spring.data.dynamodb.entity2ddl.writeCapacity = 1
The defaults are for when I'm running a local DynamoDB instance and they work fine. However, I can't figure out how to get CodeDeploy to set environment variables for me, I also considered getting CloudFormation to set the environment variables, but couldn't find how to do that either. I tried manually setting the environment variables in the EC2 instance but that didn't work and isn't the solution I'm looking for as I'm using EB and want this project to use fully automated deployments. Please let me know if this is possible, what the industry standard is for configuring web services, and if I'm misunderstanding either CodeDeploy or CloudFormation.
In general, it is a bad practice to include access and secret keys in any sort of files or in your deployment automation.
Your instance that your application is deployed to should have an instance profile (i.e. IAM Role) attached to it which should have the appropriate DynamoDB permissions you need.
If you have that instance profile attached, the SDK should automatically be able to detect the credentials, region and endpoint is needs to communicate with.
You may need to update the way you are creating your DynamoDB client to just use the defaults.
To setup your development machine with these properties in a way that the AWS SDK can retrieve without explicitly putting them in properties files, you can run the aws configure command of the AWS CLI which should setup your ~/.aws/ folder with information about your region and credentials to use on your dev machine.
I've written a basic Ballerina function and attempted to deploy as AWS Lambda.
AWS reports a permissions error when I try to add the Lambda layer (using the published ARN link - https://ballerina.io/deployment/aws-lambda/#ballerina-aws-lambda-layer-compatibility-matrix)
The error is
not authorised to perform lambda:GetLayerVersion on resource: arn:aws:lambda:eu-west-1:141896495686:layer:ballerina-0-990-3:4
I'm using eu-west-1 region. I've also tried us-west-1.
I've checked and my lambda execution role does include GetLayerVersion permission. I've also check that I can add alternative public layers successfully. For example the custom node11 runtime from https://github.com/lambci/node-custom-lambda
arn:aws:lambda:eu-west-1:553035198032:layer:nodejs11:11
can be added and saved without the same permission error.
This suggests the ballerina layer may not have appropriately public permissions. I'm just exploring so happy to deploy my own private layer if the runtime package can be shared.
We have created layers for all the regions but unfortunately, permissions were not set for all the regions. Above error is causing due to that and now we have fixed it. You can following Layers and please try again.
arn:aws:lambda:eu-west-1:141896495686:layer:ballerina-0-990-3:4
arn:aws:lambda:us-west-1:141896495686:layer:ballerina-0-990-3:4
Also you should be able to use any layer by replacing the region part of following ARN as specified in the website
arn:aws:lambda:<region to be replaced>:141896495686:layer:ballerina-0-990-3:4
Update for 1.0 onward releases
For 1.0 onward releases you need to use following layer. Now there are no release specific layers you can use same layer for new releases as well
aws lambda update-function-configuration --function-name <FUNCTION_NAME> --layers arn:aws:lambda:<REGION_ID>:141896495686:layer:ballerina:2
Update from WSO2 - thanks to Anjana Fernando:
Since the 1.x GA release of Ballerina, up to date references to the Layer ARN's are displayed at compile time with the generated deployment instructions.
For the Lambda By-Example sample, the generated deployment instructions include the following:
Run the following commands to deploy each Ballerina AWS Lambda function:
aws lambda create-function --function-name <FUNCTION_NAME> --zip-file fileb://aws-ballerina-lambda-functions.zip --handler
aws_lambda_deployment.<FUNCTION_NAME> --runtime provided --role <LAMBDA_ROLE_ARN> --timeout 10 --memory-size 1024
aws lambda update-function-configuration --function-name <FUNCTION_NAME> --layers arn:aws:lambda:<REGION_ID>:141896495686:layer:ballerina:2
Replacing the FUNCTION_NAME and your own LAMBDA_ROLE_ARN are still needed, of course, but the --layers option is a reference to the layer runtime matching the Ballerina compiler version. The only change needed is to identify the REGION_ID, e.g., us-east-1 for the layer to be included in your deployment.
As such,
--layers arn:aws:lambda:<REGION_ID>:141896495686:layer:ballerina:2
would be modified to
--layers arn:aws:lambda:us-east-1:141896495686:layer:ballerina:2
to include the appropriate layer from AWS' us-east-1 region.
Hi im trying to connect to mySQL server hosted on aws using an AWS lambda function.I'm very new to this so it would be of great help if someone could provide me any sample code.
Objective is to devlop an alexa skill which retrieves certain data from the db and provides this as output
Please read lambda documentation on creating lambda deployment package which will answer your question. Ensure the packaged environment is same as Lambda Environment (Amazon Linux)
http://docs.aws.amazon.com/lambda/latest/dg/lambda-python-how-to-create-deployment-package.html