Function based deploy and management tool for AWS Lambda.

• Python2.7
• pip

Automatically collect the lightweighted and compiled libraries in the virtualenv environment.

pip install lamvery

First,

lamvery init

And then edit your .lamvery.yml like so.
The configuration is written in YAML syntax with jinja2 template.
Environment variables are stored in the env variable.

profile: private
region: us-east-1
versioning: true
default_alias: test
configuration:
  name: lamvery-test
  runtime: python2.7
  role: {{ env['AWS_LAMBDA_ROLE'] }}
  handler: lambda_function.lambda_handler
  description: This is sample lambda function.
  timeout: 10
  memory_size: 128
  vpc_config:
    subnets:
    - subnet-cadf2993
    security_groups:
    - sg-4d095028

The name of a profile to use. If not given, this depends on boto3.

The region name of your environment.
If you doesn't set this option, this depends on boto3.

Enable the function versioning.

The alias when it has not been specified in the -a or --alias option.

• name
  The name of your function.

• runtime
  The runtime environment for the Lambda function you are uploading.
  Currently, lamvery supports python2.7 and nodejs.

• role
  The Amazon Resource Name (ARN) of the IAM role for your function.

• handler
  The function within your code that Lambda calls to begin execution.

• description
  The description of your function.

• timeout
  The function execution time(seconds) at which Lambda should terminate the function.

• memory_size
  The amount of memory for your function environment.

• vpc_config
  The VPC configurations for the function to access resources in your VPC.

  • subnets
    The Subnet ids in your VPC.
  • security_groups
    The SecurityGroup ids in your VPC.

- rule: foo
  description: bar
  schedule: 'rate(5 minutes)'
  targets:
  - id: test-target-id
    input:
      this:
      - is: a
      - sample: input

The name of CloudWatch Event Rule.

The description of CloudWatch Event Rule.

The schedule expression of CloudWatch Event Rule.

When this setting is true, change the state of CloudWatch Event Rule to DISABLED.
default: false

The targets of CloudWatch Event Rule.

• id
  The unique target assignment ID.
• input
  Arguments passed to the target.
• input_path
  The value of the JSONPath that is used for extracting part of the matched event when passing it to the target.

input and input_path are mutually-exclusive and optional parameters of a target.

key_id: {{ env['AWS_KMS_KEY_ID'] }}
cipher_texts:
  foo: CiC4xW9lg7HaxaueeN+d9yJMyY1uw1i7tYVvQz9I8+e2UBKXAQEBAgB4uMVvZYOx2sWrnnjfnfciTMmNbsNYu7WFb0M/SPPntlAAAABuMGwGCSqGSIb3DQEHBqBfMF0CAQAwWAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAzWTJWk/69T8NTBquoCARCAK2Hg2de71hzwjiMKkfMSG2G1Olj1EjxajS+3PsFVTPZ91Oi/AjR1aMqAI8U=

The ID of your encryption key on KMS.

The name and cipher texts for passing to lambda function.

- ^\.lamvery\.yml$
- ^\.lamvery\.event\.yml$
- ^\.lamvery\.secret\.yml$
- ^\.lamvery\.exclude\.yml$

Exclude files or directories using regular expression.

• Archive your code and libraries to <your-function-name>.zip
• Store the secret informations to the archive

lamvery archive

• Archive and deploy your code and libraries
• Store the secret informations to the archive
• Update configuration of the function
• Set alias to a version of the function

lamvery deploy

You have to turn on(true) versioning and set a value to default_alias in the configuration file.

• Rollback to the previous version of the function

lamvery rollback

• Set alias to a version of the function

lamvery set-alias -a <alias> -v <alias-version>

• Encrypt a text value using KMS

lamvery encrypt [-s] -n <secret-name> <secret-value>

• Decrypt the secret information using KMS

lamvery decrypt -n <secret-name>

• Apply CloudWatch Events setting

lamvery events [-k]

• Invoke the function and output logs to stdout

lamvery invoke [-a <alias>] [-v <version>] '{"foo": "bar"}'

or

lamvery invoke [-a <alias>] [-v <version>] path/to/input.json

• Watch the function's log events on CloudWatch Logs

lamvery logs [-f] [-F <filter>] [-s <start-time-string>] [-i <interval-seconds>]

This option is needed by the deploy,set-alias,invoke,rollback commands.
Alias for a version of the function.

This option needed by all commands.
Specify the configuration file.
default: .lamvery.yml

This option is needed by the deploy and alias commands.
Output the difference of configuration and the alias without updating.

This option is needed by the archive and deploy command.
Archive only the lambda function file, so you can inline edit in the AWS Management Console.

This option is needed by the archive and deploy command.
Archive without all libraries.

This option is needed by the encrypt and decrypt commands.
The name of the secret value.

This option is only needed by the deploy command. Publish the version as an atomic operation.

This option is only needed by the events command. Keep the empty CloudWatch Event Rule that does not have CloudWatch Event Target.

This option is only needed by the encrypt command.
Store encripted value to configuration file (default: .lamvery.yml).
Requires the -n or --secret-name option.

This option is needed by the set-alias,invoke,rollback commands.
Version of the function.

This option is only needed by the logs command.
Watch the log events and updates the display (like tail -f).

This option is only needed by the logs command.
Filtering pattern for the log messages.

This option is only needed by the logs command.
Intervals(seconds) to watch the log events.

This option is only needed by the logs command.
Time to start the log events watching.
Examples: yesterday,"-1 h", "2016-01-01", "2016-01-01 10:20:30"

This option is only needed by the set-alias command.
The alias of the version that is targeted for setting alias.

See: https://docs.aws.amazon.com/kms/latest/developerguide/create-keys.html

Policy example:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "kms:Decrypt"
            ],
            "Resource": [
                "arn:aws:kms:us-east-1:<your-account-number>:key/<your-key-id>"
            ]
        }
    ]
}

Configuration example:

• .lamvery.yml

profile: default
region: us-east-1
versioning: false
default_alias: null
configuration:
  name: sample_lambda_function
  runtime: python2.7 # or nodejs
  role: arn:aws:iam::000000000000:role/lambda_basic_execution
  handler: lambda_function.lambda_handler
  description: This is sample lambda function.
  timeout: 10
  memory_size: 128

• .lamvery.secret.yml

key_id: xxxx-yyyy-zzzz # <-here!
cipher_texts: {}

Command example:

lamvery encrypt -s -n foo "This is a secret"

Code example:

• Python

  import lamvery

  def lambda_handler(event, context):
      print(lamvery.secret.get('foo'))

• Node.js

var lamvery = require('./lamvery.js');

exports.lambda_handler = function(event, context) {
    lamvery.secret.get('foo', function(err, data) {
        console.log(data);
    });
}

Command example:

lamvery deploy

Command example:

lamvery invoke {}

Result example:

START RequestId: 13829c9c-9f13-11e5-921b-6f048cff3c2d Version: $LATEST
This is a secret
END RequestId: 13829c9c-9f13-11e5-921b-6f048cff3c2d

• Source hosted at GitHub
• Report issues/questions/feature requests on GitHub Issues

Pull requests are very welcome! Make sure your patches are well tested. Ideally create a topic branch for every separate change you make. For example:

1. Fork the repo
2. Create your feature branch (git checkout -b my-new-feature)
3. Commit your changes (git commit -am 'Added some feature')
4. Push to the branch (git push origin my-new-feature)
5. Create new Pull Request

Created and maintained by Masashi Terui (marcy9114@gmail.com)

MIT License (see LICENSE)