AWS Lambda function with placeholders
Question
I am working on AWS Lambda function for my python function. I have a python function that calls an IAM policy form a file and populates it using the function. This is my function, name of the file is template_utils.py":
import sys
import json
import time
import meta_templates
from jinja2 import Template
def lambda_handler(event,context):
template_data = {}
template_data["region"] = event.get('region')
template_data["instance_types"] = event.get('instance_type')
template_data["ebs_volume_size"] = event.get('ebs_volume_size')
template_data["meta_template_name"] = event.get('meta_template_name')
meta_template_dict = getattr(meta_templates, template_data["meta_template_name"])
meta_template_json = json.dumps(meta_template_dict)
template_json = Template(meta_template_json).render(template_data)
return template_json
template_json = lambda_handler(
region="us-east-2",
instance_type="t2.micro",
ebs_volume_size="20",
meta_template_name="ec2_policy_meta_template"
)
print(template_json)
This is my policy file named "meta_templates.py"
import json
from jinja2 import Template
ec2_policy_meta_template = {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "ec2:RunInstances",
"Resource": [
"arn:aws:ec2:{{region}}::instance/*",
"arn:aws:ec2:{{region}}::network-interface/*",
"arn:aws:ec2:{{region}}::key-pair/*",
"arn:aws:ec2:{{region}}::security-group/*",
"arn:aws:ec2:{{region}}::subnet/*",
"arn:aws:ec2:{{region}}::volume/*",
"arn:aws:ec2:{{region}}::image/ami-*"
],
"Condition": {
"ForAllValues:NumericLessThanEquals": {
"ec2:VolumeSize": "{{ebs_volume_size}}"
},
"ForAllValues:StringEquals": {
"ec2:InstanceType": "{{instance_type}}"
}
}
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"ec2:TerminateInstances",
"ec2:StartInstances",
"ec2:StopInstances"
],
"Resource": "arn:aws:ec2:{{region}}::instance/*",
"Condition": {
"ForAllValues:StringEquals": {
"ec2:InstanceType": "{{instance_type}}"
}
}
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"ec2:GetConsole*",
"cloudwatch:DescribeAlarms",
"iam:ListInstanceProfiles",
"cloudwatch:GetMetricStatistics",
"ec2:DescribeKeyPairs",
"ec2:CreateKeyPair"
],
"Resource": "*",
"Condition": {
"DateGreaterThan": {
"aws:CurrentTime": "{{start_time}}"
},
"DateLessThanEquals": {
"aws:CurrentTime": "{{end_time}}"
}
}
}
]
}
I want to create a lambda handler that does the same thing with the function "template_utils.py".I'm new to this not sure how to proceed with it.I am getting this error:
Traceback (most recent call last):
File "/home/pranay/Desktop/work/lambda_handler.py", line 18, in <module>
template_json = lambda_handler(
TypeError: lambda_handler() got an unexpected keyword argument 'region'
1 answers
solution1
0 ACCPTED 2021-01-08 16:52:32
This should work, providing that you are passing the correct data in the event.
import json
def lambda_handler(event, context):
template_data = {}
region = event.get('region')
instance_type = event.get('instance_type')
ebs_volume_size = event.get('ebs_volume_size')
start_time = event.get('start_time')
end_time = event.get('end_time')
ec2_policy_meta_template = {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": "ec2:RunInstances",
"Resource": [
"arn:aws:ec2:{{region}}::instance/*",
"arn:aws:ec2:{{region}}::network-interface/*",
"arn:aws:ec2:{{region}}::key-pair/*",
"arn:aws:ec2:{{region}}::security-group/*",
"arn:aws:ec2:{{region}}::subnet/*",
"arn:aws:ec2:{{region}}::volume/*",
"arn:aws:ec2:{{region}}::image/ami-*"
],
"Condition": {
"ForAllValues:NumericLessThanEquals": {
"ec2:VolumeSize": "{{ebs_volume_size}}"
},
"ForAllValues:StringEquals": {
"ec2:InstanceType": "{{instance_type}}"
}
}
},
{
"Sid": "VisualEditor1",
"Effect": "Allow",
"Action": [
"ec2:TerminateInstances",
"ec2:StartInstances",
"ec2:StopInstances"
],
"Resource": "arn:aws:ec2:{{region}}::instance/*",
"Condition": {
"ForAllValues:StringEquals": {
"ec2:InstanceType": "{{instance_type}}"
}
}
},
{
"Sid": "VisualEditor2",
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"ec2:GetConsole*",
"cloudwatch:DescribeAlarms",
"iam:ListInstanceProfiles",
"cloudwatch:GetMetricStatistics",
"ec2:DescribeKeyPairs",
"ec2:CreateKeyPair"
],
"Resource": "*",
"Condition": {
"DateGreaterThan": {
"aws:CurrentTime": "{{start_time}}"
},
"DateLessThanEquals": {
"aws:CurrentTime": "{{end_time}}"
}
}
}
]
}
json_data = json.dumps(ec2_policy_meta_template)
# Update resources with a string replacement
json_data = json_data.replace("{{region}}", region)
json_data = json_data.replace("{{instance_type}}", instance_type)
json_data = json_data.replace("{{ebs_volume_size}}", ebs_volume_size)
json_data = json_data.replace("{{start_time}}", start_time)
json_data = json_data.replace("{{end_time}}", end_time)
return json_data
This example uses only Python (no third party libraries) it's not the most elegant solution but its simple. If you want to create additional replacements, just add some additional tags "{{some_text}}" and replace it as shown below.
Here is a test event that works from the lambda console.
And here is an example of a working invocation
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
AWS lambda function questions
Python function on AWS Lambda
AWS lambda function error
AWS lambda AccessDeniedException calling another lambda function
Executing AWS Lambda Function not working
AWS Lambda function firing twice
Import pytz into AWS lambda function
AWS lambda function python/pysparkl
aws lambda function handler python
AWS Lambda function state (zappa)
Related Tags