Create infrastructure to call lambda

2020-05-14 04:39:51 -04:00
parent af8931e2db
commit d577cd02ef
6 changed files with 186 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
@ -30,4 +30,7 @@
 *.exe
 *.out
 *.app
-.vscode
+.vscode
+
+# Compressed Artifacts
+*.zip
--- a/infrastructure/cloudformation/dt/cloudwatch.yaml
+++ b/infrastructure/cloudformation/dt/cloudwatch.yaml
@ -0,0 +1,39 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: DT CloudWatch stack
+Parameters:
+  #------------------------
+  # Deployment Information
+  #------------------------
+  environment:
+    Type: String
+    Description: Name of the environment
+    Default: production
+
+  #----------------
+  # ECS Information
+  #----------------
+  Cluster:
+    Description: The ECS cluster to watch
+    Type: String
+
+  #-------------------
+  # Lambda Information
+  #-------------------
+  LambdaArn:
+    Description: Lambda function to call upon ecs task state change
+    Type: String
+
+Resources:
+
+  TaskListRule:
+    EventPattern:
+      source:
+      - "aws.ecs"
+      detail-type:
+      - "ECS Task State Change"
+      detail:
+        clusterArn:
+        - !Ref Cluster
+    Targets:
+    - Id: RedisUpdater
+      Arn: !Ref LambdaArn
--- a/infrastructure/cloudformation/dt/iam.yaml
+++ b/infrastructure/cloudformation/dt/iam.yaml
@ -0,0 +1,40 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: DT IAM stack
+Parameters:
+  #------------------------
+  # Deployment Information
+  #------------------------
+  environment:
+    Type: String
+    Description: Name of the environment
+    Default: production
+
+Resources:
+  DefaultLambdaRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Version: 2012-10-17
+        Statement: 
+          - Effect: Allow
+            Principal: 
+              Service: 
+                - lambda.amazonaws.com
+            Action: 
+              - sts:AssumeRole
+      Policies: 
+        - PolicyName: LambdaLogging
+          PolicyDocument: 
+            Version: 2012-10-17
+            Statement: 
+              - Effect: Allow
+                Action: 
+                  - logs:CreateLogGroup
+                  - logs:CreateLogStream
+                  - logs:PutLogEvents
+                Resource: "*"
+
+Outputs:
+  DefaultRole:
+    Description: Default lambda role with logging policy
+    Value: !Ref DefaultLambdaRole
--- a/infrastructure/cloudformation/dt/lambdas.yaml
+++ b/infrastructure/cloudformation/dt/lambdas.yaml
@ -0,0 +1,64 @@
+AWSTemplateFormatVersion: "2010-09-09"
+Description: DT Lambdas stack
+Parameters:
+  #------------------------
+  # Deployment Information
+  #------------------------
+  environment:
+    Type: String
+    Description: Name of the environment
+    Default: production
+
+  #----------------
+  # IAM Information
+  #----------------
+  TaskManagerRole:
+    Type: String
+    Description: IAM role assumed by Task Manager Lambda
+  VpcId:
+    Type: AWS::EC2::VPC::Id
+    Description: The id of the VPC the cluster will be in
+    ConstraintDescription: VPC Id must begin with 'vpc-'
+  SubnetIds:
+    Type: List<AWS::EC2::Subnet::Id>
+    Description: Comma seperated list of subnets for ECS instances to run in
+
+Resources:
+
+  TaskListSecurityGroup:
+    Type: AWS::EC2::SecurityGroup
+    Properties:
+      GroupDescription: TaskListManagerLambda Allowed Ports
+      VpcId: !Ref VpcId
+      SecurityGroupIngress:
+      - IpProtocol: tcp
+        FromPort: '0'
+        ToPort: '65535'
+        CidrIp: 0.0.0.0/0
+      SecurityGroupEgress:
+      - IpProtocol: tcp
+        FromPort: '0'
+        ToPort: '65535'
+        CidrIp: 0.0.0.0/0
+
+
+  TaskListManagerLambda:
+    Type: AWS::Lambda::Function
+    Runtime: python3.7
+    Code:
+      S3Bucket: sumu-stacks
+      S3Key: !Sub "dt/${release}/lambda/task_queue_manager.zip"
+    FunctionName: !Sub "FnQueueManager-DT-${environment}"
+    Description:
+    MemorySize: 128
+    Timeout: 10
+    Role: !Ref QueueManagerRole
+    VpcConfig:
+      SecurityGroupIds:
+      - !Ref TaskListSecurityGroup
+      SubnetIds: !Ref SubnetIds
+
+Outputs:
+  TaskListManager:
+    Value: !Ref TaskListManagerLambda
+    Description: Function that adds and removes tasks from a redis list
--- a/infrastructure/cloudformation/dt/top.yaml
+++ b/infrastructure/cloudformation/dt/top.yaml
@ -68,6 +68,41 @@ Resources:
        SubDomain: !Ref SubDomain
        DtDNS: !GetAtt LoadBalancing.Outputs.NlbDnsName

+  #-----
+  # IAM
+  #-----
+  IAM:
+    Type: AWS::CloudFormation::Stack
+    Properties:
+      TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/dt/${release}/cloudformation/dt/iam.yaml'
+      Parameters:
+        environment: !Ref environment
+
+  #--------
+  # Lambda
+  #--------
+  LambdaFunctions:
+    Type: AWS::CloudFormation::Stack
+    Properties:
+      TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/dt/${release}/cloudformation/dt/lambda.yaml'
+      Paramters:
+        environment: !Ref environment
+        TaskManagerRole: !GetAtt IAM.Outputs.DefaultRole
+        VpcId: !Ref VpcId
+        SubnetIds: !Ref PublicSubnets
+
+  #------------
+  # CloudWatch
+  #------------
+  CloudWatchRules:
+    Type: AWS::CloudFormation::Stack
+    Properties:
+      TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/dt/${release}/cloudformation/dt/cloudwatch.yaml'
+      Paramters:
+        environment: !Ref environment
+        Cluster: !GetAtt EcsCluster.Outputs.Cluster
+        LambdaArn: !GetAtt LambdaFunctions.Outputs.TaskListManager
+
  #---------
  # Caching
  #---------
--- a/infrastructure/lambda/task_queue_manager/lambda_handler.py
+++ b/infrastructure/lambda/task_queue_manager/lambda_handler.py
@ -0,0 +1,4 @@
+import json
+
+def lambda_handler(event, context):
+    print(json.dumps(event))