aws-control-tower-customizations icon indicating copy to clipboard operation
aws-control-tower-customizations copied to clipboard
verified publisher icon aws-solutions

Support for nested lambda function deployment (packaging and upload to s3) as part of CF template

Open rohit3d2003 opened this issue 4 years ago • 6 comments

Is your feature request related to a problem? Please describe.

We have a lot of custom AWS Config rules backed by custom lambdas. These lambda functions are written in python but instead of writing it inline inside CloudFormation template, we have a need to define them in folder and be able to package them in s3 and dynamically deploy as part of cloud-formation. Currently manifest file does not support 'aws cloudformation package' command. If there are other options, please let me know. Our goal is to use CT without customizing the AWS provided solution unless required

Describe the feature you'd like

Support for lambda packaging as part of manifest definition or something along these lines

Additional context

rohit3d2003 avatar Oct 28 '21 04:10 rohit3d2003

Thanks for your feedback. We have added this to our backlog.

deolank avatar Nov 15 '21 15:11 deolank

We worked around this by modifying our pipeline to include a "preprocessor" stage which takes care of creating the Lambda zips based on directories in the repo..

But I'd prefer to not have deviated.

cacack avatar Mar 15 '22 22:03 cacack

@cacack

We worked around this by modifying our pipeline to include a "preprocessor" stage which takes care of creating the Lambda zips based on directories in the repo..

But I'd prefer to not have deviated.

Can you provide details how you hooked the preprocessor into the existing CodePipeline?

ryanash999 avatar Nov 16 '22 16:11 ryanash999

Not sure how cacack managed this, but one way is to:

  • Set the customization pipeline to trigger from S3 instead of Git
  • Create a pre-processor pipeline that runs prior to the customization pipeline that triggers from Git and outputs a zip to S3 to trigger the customization pipeline. Do anything you need to in this pipeline.

rjenks avatar Nov 23 '22 20:11 rjenks

@ryanash999 our solution was something like this:

  • Created an S3 bucket to house the Lambda zips
  • Located all of our Lambda functions into unique directories housed in a subdirectory in the repo.
  • Created a CodeBuild project which essentially walked the directories, zipping them individually and uploading to S3.
  • Modified the CfCT CodePipeline to call our Preprocess stage before the Build stage.
  • Updated our CfCT templates to reference the S3 URL for the given Lambda.

cacack avatar Nov 24 '22 01:11 cacack