def get_function(session_factory, options, groups): config = dict( name='cloud-maid-error-notify', handler='logsub.process_log_event', runtime='python2.7', memory_size=512, timeout=15, role=options.role, description='Maid Error Notify', events=[ CloudWatchLogSubscription( session_factory, groups, options.pattern)]) archive = PythonPackageArchive( # Directory to lambda file os.path.join( os.path.dirname(inspect.getabsfile(c7n)), 'logsub.py'), # Don't include virtualenv deps lib_filter=lambda x, y, z: ([], [])) archive.create() archive.add_contents( 'config.json', json.dumps({ 'topic': options.topic, 'subject': options.subject })) archive.close() return LambdaFunction(config, archive)
def get_function(session_factory, options, groups): config = dict(name='cloud-maid-error-notify', handler='logsub.process_log_event', runtime='python2.7', memory_size=512, timeout=15, role=options.role, description='Maid Error Notify', events=[ CloudWatchLogSubscription(session_factory, groups, options.pattern) ]) archive = PythonPackageArchive( # Directory to lambda file os.path.join(os.path.dirname(inspect.getabsfile(c7n)), 'logsub.py'), # Don't include virtualenv deps lib_filter=lambda x, y, z: ([], [])) archive.create() archive.add_contents( 'config.json', json.dumps({ 'topic': options.topic, 'subject': options.subject })) archive.close() return LambdaFunction(config, archive)
def get_function(session_factory, name, role, log_groups, project, account_name, account_id, pattern="Traceback"): """Lambda function provisioning. Self contained within the component, to allow for easier reuse. """ # Lazy import to avoid runtime dependency import inspect import os import c7n from c7n.mu import (LambdaFunction, PythonPackageArchive, CloudWatchLogSubscription) config = dict(name=name, runtime='python2.7', memory_size=512, timeout=15, role=role, description='Custodian Sentry Relay', events=[ CloudWatchLogSubscription(session_factory, log_groups, pattern) ]) archive = PythonPackageArchive( # Directory to lambda file os.path.join(os.path.dirname(inspect.getabsfile(c7n)), 'ufuncs', 'cwl2sentry.py'), # Don't include virtualenv deps lib_filter=lambda x, y, z: ([], [])) archive.create() archive.add_contents( 'config.json', json.dumps({ 'project': project, 'account_name': account_name, 'account_id': account_id })) archive.close() return LambdaFunction(config, archive)
def get_function(session_factory, name, handler, role, log_groups, project, account_name, account_id, sentry_dsn, pattern="Traceback"): """Lambda function provisioning. Self contained within the component, to allow for easier reuse. """ # Lazy import to avoid runtime dependency from c7n.mu import (LambdaFunction, PythonPackageArchive, CloudWatchLogSubscription) config = dict(name=name, handler=handler, runtime='python2.7', memory_size=512, timeout=15, role=role, description='Custodian Sentry Relay', events=[ CloudWatchLogSubscription(session_factory, log_groups, pattern) ]) archive = PythonPackageArchive(os.path.dirname(__file__), skip='*.pyc', lib_filter=lambda x, y, z: ([], [])) archive.create() archive.add_contents( 'config.json', json.dumps({ 'project': project, 'account_name': account_name, 'account_id': account_id, 'sentry_dsn': sentry_dsn, })) archive.add_contents('handler.py', 'from c7n_sentry.c7nsentry import process_log_event') archive.close() return LambdaFunction(config, archive)
def get_function(session_factory, name, role, sns_topic, log_groups, subject="Lambda Error", pattern="Traceback"): """Lambda function provisioning. Self contained within the component, to allow for easier reuse. """ # Lazy import to avoid runtime dependency import inspect import os import c7n from c7n.mu import (LambdaFunction, PythonPackageArchive, CloudWatchLogSubscription) config = dict(name=name, handler='logsub.process_log_event', runtime='python2.7', memory_size=512, timeout=15, role=role, description='Custodian Ops Error Notify', events=[ CloudWatchLogSubscription(session_factory, log_groups, pattern) ]) archive = PythonPackageArchive( # Directory to lambda file os.path.join(os.path.dirname(inspect.getabsfile(c7n)), 'ufuncs', 'logsub.py'), # Don't include virtualenv deps lib_filter=lambda x, y, z: ([], [])) archive.create() archive.add_contents('config.json', json.dumps({ 'topic': sns_topic, 'subject': subject })) archive.close() return LambdaFunction(config, archive)
def test_lambda_cross_account(self): self.patch(CrossAccountAccessFilter, 'executor_factory', MainThreadExecutor) session_factory = self.replay_flight_data('test_cross_account_lambda') client = session_factory().client('lambda') name = 'c7n-cross-check' tmp_dir = tempfile.mkdtemp() self.addCleanup(os.rmdir, tmp_dir) archive = PythonPackageArchive(tmp_dir, tmp_dir) archive.create() archive.add_contents('handler.py', LAMBDA_SRC) archive.close() func = LambdaFunction( { 'runtime': 'python2.7', 'name': name, 'description': '', 'handler': 'handler.handler', 'memory_size': 128, 'timeout': 5, 'role': self.role }, archive) manager = LambdaManager(session_factory) info = manager.publish(func) self.addCleanup(manager.remove, func) client.add_permission(FunctionName=name, StatementId='oops', Principal='*', Action='lambda:InvokeFunction') p = self.load_policy( { 'name': 'lambda-cross', 'resource': 'lambda', 'filters': ['cross-account'] }, session_factory=session_factory) resources = p.run() self.assertEqual(len(resources), 1) self.assertEqual(resources[0]['FunctionName'], name)
def get_archive(config): required = ['ldap', 'jinja2', 'markupsafe'] remove = ['_ldap.so', '_yaml.so', 'c7n.egg-link'] def lib_filter(root, dirs, files): for f in tuple(files): if f.endswith('.pyo'): files.remove(f) for r in remove: if r in files: files.remove(r) if os.path.basename(root) == 'site-packages': for n in tuple(dirs): if n not in required: dirs.remove(n) return dirs, files archive = PythonPackageArchive(os.path.dirname(__file__), skip='*.pyc', lib_filter=lib_filter) archive.create() template_dir = os.path.abspath( os.path.join(os.path.dirname(__file__), '..', 'msg-templates')) for t in os.listdir(template_dir): with open(os.path.join(template_dir, t)) as fh: archive.add_contents('msg-templates/%s' % t, fh.read()) archive.add_contents('config.json', json.dumps(config)) archive.add_contents('periodic.py', entry_source) archive.add_contents( '_ldap.so', open( os.path.join(os.path.dirname(sys.executable), '..', 'deps', '_ldap.so')).read()) archive.close() return archive
def get_function(session_factory, name, role, sns_topic, log_groups, subject="Lambda Error", pattern="Traceback"): """Lambda function provisioning. Self contained within the component, to allow for easier reuse. """ # Lazy import to avoid runtime dependency import inspect import os import c7n from c7n.mu import ( LambdaFunction, PythonPackageArchive, CloudWatchLogSubscription) config = dict( name=name, handler='logsub.process_log_event', runtime='python2.7', memory_size=512, timeout=15, role=role, description='Custodian Ops Error Notify', events=[ CloudWatchLogSubscription( session_factory, log_groups, pattern)]) archive = PythonPackageArchive( # Directory to lambda file os.path.join( os.path.dirname(inspect.getabsfile(c7n)), 'ufuncs', 'logsub.py'), # Don't include virtualenv deps lib_filter=lambda x, y, z: ([], [])) archive.create() archive.add_contents( 'config.json', json.dumps({ 'topic': sns_topic, 'subject': subject })) archive.close() return LambdaFunction(config, archive)
def test_lambda_cross_account(self): self.patch( CrossAccountAccessFilter, 'executor_factory', MainThreadExecutor) session_factory = self.replay_flight_data('test_cross_account_lambda') client = session_factory().client('lambda') name = 'c7n-cross-check' tmp_dir = tempfile.mkdtemp() self.addCleanup(os.rmdir, tmp_dir) archive = PythonPackageArchive(tmp_dir, tmp_dir) archive.create() archive.add_contents('handler.py', LAMBDA_SRC) archive.close() func = LambdaFunction({ 'runtime': 'python2.7', 'name': name, 'description': '', 'handler': 'handler.handler', 'memory_size': 128, 'timeout': 5, 'role': self.role}, archive) manager = LambdaManager(session_factory) info = manager.publish(func) self.addCleanup(manager.remove, func) client.add_permission( FunctionName=name, StatementId='oops', Principal='*', Action='lambda:InvokeFunction') p = self.load_policy( {'name': 'lambda-cross', 'resource': 'lambda', 'filters': ['cross-account']}, session_factory=session_factory) resources = p.run() self.assertEqual(len(resources), 1) self.assertEqual(resources[0]['FunctionName'], name)
def get_function(session_factory, name, role, events): import os from c7n.mu import (LambdaFunction, PythonPackageArchive) config = dict(name=name, handler='helloworld.main', runtime='python2.7', memory_size=512, timeout=15, role=role, description='Hello World', events=events) archive = PythonPackageArchive( # Directory to lambda file os.path.abspath(__file__), # Don't include virtualenv deps lib_filter=lambda x, y, z: ([], [])) archive.create() archive.close() return LambdaFunction(config, archive)
def get_archive(config): required = ['ldap', 'jinja2', 'markupsafe'] remove = ['_yaml.so', 'c7n.egg-link'] def lib_filter(root, dirs, files): for f in tuple(files): if f.endswith('.pyo'): files.remove(f) for r in remove: if r in files: files.remove(r) if os.path.basename(root) == 'site-packages': for n in tuple(dirs): if n not in required: dirs.remove(n) return dirs, files archive = PythonPackageArchive( os.path.dirname(__file__), skip='*.pyc', lib_filter=lib_filter) archive.create() template_dir = os.path.abspath( os.path.join(os.path.dirname(__file__), '..', 'msg-templates')) for t in os.listdir(template_dir): with open(os.path.join(template_dir, t)) as fh: archive.add_contents('msg-templates/%s' % t, fh.read()) archive.add_contents('config.json', json.dumps(config)) archive.add_contents('periodic.py', entry_source) archive.close() return archive