def get_function(session_factory, options, groups):
config = dict(
name='cloud-maid-error-notify',
handler='logsub.process_log_event',
runtime='python2.7',
memory_size=512,
timeout=15,
role=options.role,
description='Maid Error Notify',
events=[
CloudWatchLogSubscription(
session_factory, groups, options.pattern)])
archive = PythonPackageArchive(
# Directory to lambda file
os.path.join(
os.path.dirname(inspect.getabsfile(c7n)), 'logsub.py'),
# Don't include virtualenv deps
lib_filter=lambda x, y, z: ([], []))
archive.create()
archive.add_contents(
'config.json', json.dumps({
'topic': options.topic,
'subject': options.subject
}))
archive.close()
return LambdaFunction(config, archive)
def get_function(session_factory, options, groups):
config = dict(name='cloud-maid-error-notify',
handler='logsub.process_log_event',
runtime='python2.7',
memory_size=512,
timeout=15,
role=options.role,
description='Maid Error Notify',
events=[
CloudWatchLogSubscription(session_factory, groups,
options.pattern)
])
archive = PythonPackageArchive(
# Directory to lambda file
os.path.join(os.path.dirname(inspect.getabsfile(c7n)), 'logsub.py'),
# Don't include virtualenv deps
lib_filter=lambda x, y, z: ([], []))
archive.create()
archive.add_contents(
'config.json',
json.dumps({
'topic': options.topic,
'subject': options.subject
}))
archive.close()
return LambdaFunction(config, archive)
def get_function(session_factory,
name,
role,
log_groups,
project,
account_name,
account_id,
pattern="Traceback"):
"""Lambda function provisioning.
Self contained within the component, to allow for easier reuse.
"""
# Lazy import to avoid runtime dependency
import inspect
import os
import c7n
from c7n.mu import (LambdaFunction, PythonPackageArchive,
CloudWatchLogSubscription)
config = dict(name=name,
runtime='python2.7',
memory_size=512,
timeout=15,
role=role,
description='Custodian Sentry Relay',
events=[
CloudWatchLogSubscription(session_factory, log_groups,
pattern)
])
archive = PythonPackageArchive(
# Directory to lambda file
os.path.join(os.path.dirname(inspect.getabsfile(c7n)), 'ufuncs',
'cwl2sentry.py'),
# Don't include virtualenv deps
lib_filter=lambda x, y, z: ([], []))
archive.create()
archive.add_contents(
'config.json',
json.dumps({
'project': project,
'account_name': account_name,
'account_id': account_id
}))
archive.close()
return LambdaFunction(config, archive)
def get_function(session_factory,
name,
handler,
role,
log_groups,
project,
account_name,
account_id,
sentry_dsn,
pattern="Traceback"):
"""Lambda function provisioning.
Self contained within the component, to allow for easier reuse.
"""
# Lazy import to avoid runtime dependency
from c7n.mu import (LambdaFunction, PythonPackageArchive,
CloudWatchLogSubscription)
config = dict(name=name,
handler=handler,
runtime='python2.7',
memory_size=512,
timeout=15,
role=role,
description='Custodian Sentry Relay',
events=[
CloudWatchLogSubscription(session_factory, log_groups,
pattern)
])
archive = PythonPackageArchive(os.path.dirname(__file__),
skip='*.pyc',
lib_filter=lambda x, y, z: ([], []))
archive.create()
archive.add_contents(
'config.json',
json.dumps({
'project': project,
'account_name': account_name,
'account_id': account_id,
'sentry_dsn': sentry_dsn,
}))
archive.add_contents('handler.py',
'from c7n_sentry.c7nsentry import process_log_event')
archive.close()
return LambdaFunction(config, archive)
def get_function(session_factory,
name,
role,
sns_topic,
log_groups,
subject="Lambda Error",
pattern="Traceback"):
"""Lambda function provisioning.
Self contained within the component, to allow for easier reuse.
"""
# Lazy import to avoid runtime dependency
import inspect
import os
import c7n
from c7n.mu import (LambdaFunction, PythonPackageArchive,
CloudWatchLogSubscription)
config = dict(name=name,
handler='logsub.process_log_event',
runtime='python2.7',
memory_size=512,
timeout=15,
role=role,
description='Custodian Ops Error Notify',
events=[
CloudWatchLogSubscription(session_factory, log_groups,
pattern)
])
archive = PythonPackageArchive(
# Directory to lambda file
os.path.join(os.path.dirname(inspect.getabsfile(c7n)), 'ufuncs',
'logsub.py'),
# Don't include virtualenv deps
lib_filter=lambda x, y, z: ([], []))
archive.create()
archive.add_contents('config.json',
json.dumps({
'topic': sns_topic,
'subject': subject
}))
archive.close()
return LambdaFunction(config, archive)
def test_lambda_cross_account(self):
self.patch(CrossAccountAccessFilter, 'executor_factory',
MainThreadExecutor)
session_factory = self.replay_flight_data('test_cross_account_lambda')
client = session_factory().client('lambda')
name = 'c7n-cross-check'
tmp_dir = tempfile.mkdtemp()
self.addCleanup(os.rmdir, tmp_dir)
archive = PythonPackageArchive(tmp_dir, tmp_dir)
archive.create()
archive.add_contents('handler.py', LAMBDA_SRC)
archive.close()
func = LambdaFunction(
{
'runtime': 'python2.7',
'name': name,
'description': '',
'handler': 'handler.handler',
'memory_size': 128,
'timeout': 5,
'role': self.role
}, archive)
manager = LambdaManager(session_factory)
info = manager.publish(func)
self.addCleanup(manager.remove, func)
client.add_permission(FunctionName=name,
StatementId='oops',
Principal='*',
Action='lambda:InvokeFunction')
p = self.load_policy(
{
'name': 'lambda-cross',
'resource': 'lambda',
'filters': ['cross-account']
},
session_factory=session_factory)
resources = p.run()
self.assertEqual(len(resources), 1)
self.assertEqual(resources[0]['FunctionName'], name)
def get_archive(config):
required = ['ldap', 'jinja2', 'markupsafe']
remove = ['_ldap.so', '_yaml.so', 'c7n.egg-link']
def lib_filter(root, dirs, files):
for f in tuple(files):
if f.endswith('.pyo'):
files.remove(f)
for r in remove:
if r in files:
files.remove(r)
if os.path.basename(root) == 'site-packages':
for n in tuple(dirs):
if n not in required:
dirs.remove(n)
return dirs, files
archive = PythonPackageArchive(os.path.dirname(__file__),
skip='*.pyc',
lib_filter=lib_filter)
archive.create()
template_dir = os.path.abspath(
os.path.join(os.path.dirname(__file__), '..', 'msg-templates'))
for t in os.listdir(template_dir):
with open(os.path.join(template_dir, t)) as fh:
archive.add_contents('msg-templates/%s' % t, fh.read())
archive.add_contents('config.json', json.dumps(config))
archive.add_contents('periodic.py', entry_source)
archive.add_contents(
'_ldap.so',
open(
os.path.join(os.path.dirname(sys.executable), '..', 'deps',
'_ldap.so')).read())
archive.close()
return archive
def get_function(session_factory, name, role, sns_topic, log_groups,
subject="Lambda Error", pattern="Traceback"):
"""Lambda function provisioning.
Self contained within the component, to allow for easier reuse.
"""
# Lazy import to avoid runtime dependency
import inspect
import os
import c7n
from c7n.mu import (
LambdaFunction, PythonPackageArchive, CloudWatchLogSubscription)
config = dict(
name=name,
handler='logsub.process_log_event',
runtime='python2.7',
memory_size=512,
timeout=15,
role=role,
description='Custodian Ops Error Notify',
events=[
CloudWatchLogSubscription(
session_factory, log_groups, pattern)])
archive = PythonPackageArchive(
# Directory to lambda file
os.path.join(
os.path.dirname(inspect.getabsfile(c7n)), 'ufuncs', 'logsub.py'),
# Don't include virtualenv deps
lib_filter=lambda x, y, z: ([], []))
archive.create()
archive.add_contents(
'config.json', json.dumps({
'topic': sns_topic,
'subject': subject
}))
archive.close()
return LambdaFunction(config, archive)
def test_lambda_cross_account(self):
self.patch(
CrossAccountAccessFilter, 'executor_factory', MainThreadExecutor)
session_factory = self.replay_flight_data('test_cross_account_lambda')
client = session_factory().client('lambda')
name = 'c7n-cross-check'
tmp_dir = tempfile.mkdtemp()
self.addCleanup(os.rmdir, tmp_dir)
archive = PythonPackageArchive(tmp_dir, tmp_dir)
archive.create()
archive.add_contents('handler.py', LAMBDA_SRC)
archive.close()
func = LambdaFunction({
'runtime': 'python2.7',
'name': name, 'description': '',
'handler': 'handler.handler',
'memory_size': 128,
'timeout': 5,
'role': self.role}, archive)
manager = LambdaManager(session_factory)
info = manager.publish(func)
self.addCleanup(manager.remove, func)
client.add_permission(
FunctionName=name,
StatementId='oops',
Principal='*',
Action='lambda:InvokeFunction')
p = self.load_policy(
{'name': 'lambda-cross',
'resource': 'lambda',
'filters': ['cross-account']},
session_factory=session_factory)
resources = p.run()
self.assertEqual(len(resources), 1)
self.assertEqual(resources[0]['FunctionName'], name)
def get_function(session_factory, name, role, events):
import os
from c7n.mu import (LambdaFunction, PythonPackageArchive)
config = dict(name=name,
handler='helloworld.main',
runtime='python2.7',
memory_size=512,
timeout=15,
role=role,
description='Hello World',
events=events)
archive = PythonPackageArchive(
# Directory to lambda file
os.path.abspath(__file__),
# Don't include virtualenv deps
lib_filter=lambda x, y, z: ([], []))
archive.create()
archive.close()
return LambdaFunction(config, archive)
def get_archive(config):
required = ['ldap', 'jinja2', 'markupsafe']
remove = ['_yaml.so', 'c7n.egg-link']
def lib_filter(root, dirs, files):
for f in tuple(files):
if f.endswith('.pyo'):
files.remove(f)
for r in remove:
if r in files:
files.remove(r)
if os.path.basename(root) == 'site-packages':
for n in tuple(dirs):
if n not in required:
dirs.remove(n)
return dirs, files
archive = PythonPackageArchive(
os.path.dirname(__file__),
skip='*.pyc',
lib_filter=lib_filter)
archive.create()
template_dir = os.path.abspath(
os.path.join(os.path.dirname(__file__), '..', 'msg-templates'))
for t in os.listdir(template_dir):
with open(os.path.join(template_dir, t)) as fh:
archive.add_contents('msg-templates/%s' % t, fh.read())
archive.add_contents('config.json', json.dumps(config))
archive.add_contents('periodic.py', entry_source)
archive.close()
return archive