AWS Lambda function 带占位符
[英]AWS Lambda function with placeholders
问题描述
I am working on AWS Lambda function for my python function.
我正在为我的 python ZC1C425268E68385D1AB5074C17A94F 开发 AWS Lambda function。 I have a python function that calls an IAM policy form a file and populates it using the function.我有一个 python function 从文件中调用 IAM 策略并使用 function 填充它。 This is my function, name of the file is template_utils.py":这是我的 function,文件名是 template_utils.py”:
import sys
import json
import time
import meta_templates
from jinja2 import Template
def lambda_handler(event,context):
template_data = {}
template_data["region"] = event.get('region')
template_data["instance_types"] = event.get('instance_type')
template_data["ebs_volume_size"] = event.get('ebs_volume_size')
template_data["meta_template_name"] = event.get('meta_template_name')
meta_template_dict = getattr(meta_templates, template_data["meta_template_name"])
meta_template_json = json.dumps(meta_template_dict)
template_json = Template(meta_template_json).render(template_data)
return template_json
template_json = lambda_handler(
region="us-east-2",
instance_type="t2.micro",
ebs_volume_size="20",
meta_template_name="ec2_policy_meta_template"
)
print(template_json)
This is my policy file named "meta_templates.py"这是我的名为“meta_templates.py”的策略文件
import json
from jinja2 import Template
ec2_policy_meta_template = {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "ec2:RunInstances",
"Resource": [
"arn:aws:ec2:{{region}}::instance/*",
"arn:aws:ec2:{{region}}::network-interface/*",
"arn:aws:ec2:{{region}}::key-pair/*",
"arn:aws:ec2:{{region}}::security-group/*",
"arn:aws:ec2:{{region}}::subnet/*",
"arn:aws:ec2:{{region}}::volume/*",
"arn:aws:ec2:{{region}}::image/ami-*"
],
"Condition": {
"ForAllValues:NumericLessThanEquals": {
"ec2:VolumeSize": "{{ebs_volume_size}}"
},
"ForAllValues:StringEquals": {
"ec2:InstanceType": "{{instance_type}}"
}
}
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"ec2:TerminateInstances",
"ec2:StartInstances",
"ec2:StopInstances"
],
"Resource": "arn:aws:ec2:{{region}}::instance/*",
"Condition": {
"ForAllValues:StringEquals": {
"ec2:InstanceType": "{{instance_type}}"
}
}
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"ec2:GetConsole*",
"cloudwatch:DescribeAlarms",
"iam:ListInstanceProfiles",
"cloudwatch:GetMetricStatistics",
"ec2:DescribeKeyPairs",
"ec2:CreateKeyPair"
],
"Resource": "*",
"Condition": {
"DateGreaterThan": {
"aws:CurrentTime": "{{start_time}}"
},
"DateLessThanEquals": {
"aws:CurrentTime": "{{end_time}}"
}
}
}
]
}
I want to create a lambda handler that does the same thing with the function "template_utils.py".I'm new to this not sure how to proceed with it.I am getting this error:我想创建一个 lambda 处理程序,它与 function “template_utils.py”做同样的事情。我是新手,不知道如何继续它。我收到这个错误:
Traceback (most recent call last):
File "/home/pranay/Desktop/work/lambda_handler.py", line 18, in <module>
template_json = lambda_handler(
TypeError: lambda_handler() got an unexpected keyword argument 'region'
1 个解决方案
解决方案1
0 已采纳 2021-01-08 16:52:32
This should work, providing that you are passing the correct data in the event.这应该可以工作,前提是您在事件中传递了正确的数据。
import json
def lambda_handler(event, context):
template_data = {}
region = event.get('region')
instance_type = event.get('instance_type')
ebs_volume_size = event.get('ebs_volume_size')
start_time = event.get('start_time')
end_time = event.get('end_time')
ec2_policy_meta_template = {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "ec2:RunInstances",
"Resource": [
"arn:aws:ec2:{{region}}::instance/*",
"arn:aws:ec2:{{region}}::network-interface/*",
"arn:aws:ec2:{{region}}::key-pair/*",
"arn:aws:ec2:{{region}}::security-group/*",
"arn:aws:ec2:{{region}}::subnet/*",
"arn:aws:ec2:{{region}}::volume/*",
"arn:aws:ec2:{{region}}::image/ami-*"
],
"Condition": {
"ForAllValues:NumericLessThanEquals": {
"ec2:VolumeSize": "{{ebs_volume_size}}"
},
"ForAllValues:StringEquals": {
"ec2:InstanceType": "{{instance_type}}"
}
}
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"ec2:TerminateInstances",
"ec2:StartInstances",
"ec2:StopInstances"
],
"Resource": "arn:aws:ec2:{{region}}::instance/*",
"Condition": {
"ForAllValues:StringEquals": {
"ec2:InstanceType": "{{instance_type}}"
}
}
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"ec2:GetConsole*",
"cloudwatch:DescribeAlarms",
"iam:ListInstanceProfiles",
"cloudwatch:GetMetricStatistics",
"ec2:DescribeKeyPairs",
"ec2:CreateKeyPair"
],
"Resource": "*",
"Condition": {
"DateGreaterThan": {
"aws:CurrentTime": "{{start_time}}"
},
"DateLessThanEquals": {
"aws:CurrentTime": "{{end_time}}"
}
}
}
]
}
json_data = json.dumps(ec2_policy_meta_template)
# Update resources with a string replacement
json_data = json_data.replace("{{region}}", region)
json_data = json_data.replace("{{instance_type}}", instance_type)
json_data = json_data.replace("{{ebs_volume_size}}", ebs_volume_size)
json_data = json_data.replace("{{start_time}}", start_time)
json_data = json_data.replace("{{end_time}}", end_time)
return json_data
This example uses only Python (no third party libraries) it's not the most elegant solution but its simple.此示例仅使用 Python(无第三方库)它不是最优雅的解决方案,但它很简单。 If you want to create additional replacements, just add some additional tags "{{some_text}}" and replace it as shown below.如果您想创建额外的替换,只需添加一些额外的标签“{{some_text}}”并替换它,如下所示。
Here is a test event that works from the lambda console.这是一个可从 lambda 控制台运行的测试事件。
And here is an example of a working invocation这是一个工作调用的例子
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.