def install(session, function_arn, layer_arn, account_id, allow_upgrade, verbose): client = session.client("lambda") config = get_function(session, function_arn) if not config: failure("Could not find function: %s" % function_arn) return False region = session.region_name update_kwargs = _add_new_relic(config, region, layer_arn, account_id, allow_upgrade) if not update_kwargs: return False try: res = client.update_function_configuration(**update_kwargs) except botocore.exceptions.ClientError as e: failure("Failed to update configuration for '%s': %s" % (config["Configuration"]["FunctionArn"], e)) return False else: if verbose: click.echo(json.dumps(res, indent=2)) success("Successfully installed layer on %s" % function_arn) return True
def update_log_ingestion(input): """ Updates the New Relic AWS Lambda log ingestion function and role. Returns True for success and False for failure. """ assert isinstance(input, IntegrationUpdate) function = get_function(input.session, "newrelic-log-ingestion") if function is None: failure("No 'newrelic-log-ingestion' function in region '%s'. " "Run 'newrelic-lambda integrations install' to install it." % input.session.region_name) return False stack_status = _check_for_ingest_stack(input.session) if stack_status is None: failure( "No 'NewRelicLogIngestion' stack in region '%s'. " "This likely means the New Relic log ingestion function was " "installed manually. " "In order to install via the CLI, please delete this function and " "run 'newrelic-lambda integrations install'." % input.session.region_name) return False try: update_log_ingestion_function(input) except Exception as e: failure("Failed to update 'newrelic-log-ingestion' function: %s" % e) return False else: return True
def uninstall(input, function_arn): assert isinstance(input, LayerUninstall) client = input.session.client("lambda") config = get_function(input.session, function_arn) if not config: failure("Could not find function: %s" % function_arn) return False update_kwargs = _remove_new_relic(input, config) if not update_kwargs: return False try: res = client.update_function_configuration(**update_kwargs) except botocore.exceptions.ClientError as e: failure("Failed to update configuration for '%s': %s" % (config["Configuration"]["FunctionArn"], e)) return False else: policy_arn = _get_license_key_policy_arn(input.session) if policy_arn: _detach_license_key_policy(input.session, config["Configuration"]["Role"], policy_arn) if input.verbose: click.echo(json.dumps(res, indent=2)) success("Successfully uninstalled layer on %s" % function_arn) return True
def install_log_ingestion(session, nr_license_key, enable_logs=False): """ Installs the New Relic AWS Lambda log ingestion function and role. Returns True for success and False for failure. """ function = get_function(session, "newrelic-log-ingestion") if function is None: stack_status = check_for_ingest_stack(session) if stack_status is None: click.echo( "Setting up 'newrelic-log-ingestion' function in region: %s" % session.region_name) try: create_log_ingestion_function(session, nr_license_key, enable_logs) except Exception as e: failure( "Failed to create 'newrelic-log-ingestion' function: %s" % e) return False else: failure( "CloudFormation Stack NewRelicLogIngestion exists (status: %s), but " "newrelic-log-ingestion Lambda function does not.\n" "Please manually delete the stack and re-run this command." % stack_status) return False else: success( "The 'newrelic-log-ingestion' function already exists in region %s, " "skipping" % session.region_name) return True
def update_log_ingestion( session, nr_license_key=None, enable_logs=None, memory_size=None, timeout=None, role_name=None, ): """ Updates the New Relic AWS Lambda log ingestion function and role. Returns True for success and False for failure. """ function = get_function(session, "newrelic-log-ingestion") if function is None: failure("No 'newrelic-log-ingestion' function in region '%s'. " "Run 'newrelic-lambda integrations install' to install it." % session.region_name) return False stack_status = check_for_ingest_stack(session) if stack_status is None: failure( "No 'NewRelicLogIngestion' stack in region '%s'. " "This likely means the New Relic log ingestion function was installed manually. " "In order to install via the CLI, please delete this function and run 'newrelic-lambda integrations install'." % session.region_name) return False try: update_log_ingestion_function(session, nr_license_key, enable_logs, memory_size, timeout, role_name) except Exception as e: failure("Failed to update 'newrelic-log-ingestion' function: %s" % e) return False else: return True
def get_log_ingestion_license_key(session): """ Fetches the license key value from the log ingestion function """ function = get_function(session, "newrelic-log-ingestion") if function: return function["Configuration"]["Environment"]["Variables"][ "LICENSE_KEY"] return None
def uninstall(session, function_arn): client = session.client("lambda") config = get_function(session, function_arn) if not config: raise click.UsageError("Could not find function: %s" % function_arn) region = session.region_name update_kwargs = _remove_new_relic(config, region) try: return client.update_function_configuration(**update_kwargs) except botocore.exceptions.ClientError as e: raise click.UsageError(str(e))
def install(session, function_arn, layer_arn, account_id, allow_upgrade): client = session.client("lambda") config = get_function(session, function_arn) if not config: raise click.UsageError("Could not find function: %s" % function_arn) return region = session.region_name update_kwargs = _add_new_relic(config, region, layer_arn, account_id, allow_upgrade) try: return client.update_function_configuration(**update_kwargs) except botocore.exceptions.ClientError as e: raise click.UsageError(str(e))
def install(input, function_arn): assert isinstance(input, LayerInstall) client = input.session.client("lambda") config = get_function(input.session, function_arn) if not config: failure("Could not find function: %s" % function_arn) return False policy_arn = _get_license_key_policy_arn(input.session) if input.enable_extension and not policy_arn and not input.nr_api_key: raise click.UsageError( "In order to use `--enable-extension`, you must first run " "`newrelic-lambda integrations install` with the " "`--enable-license-key-secret` flag. This uses AWS Secrets Manager " "to securely store your New Relic license key in your AWS account. " "If you are unable to use AWS Secrets Manager, re-run this command with " "`--nr-api-key` argument with your New Relic API key to set your license " "key in a NEW_RELIC_LICENSE_KEY environment variable instead.") nr_license_key = None if not policy_arn and input.nr_api_key and input.nr_region: gql = api.validate_gql_credentials(input) nr_license_key = api.retrieve_license_key(gql) update_kwargs = _add_new_relic(input, config, nr_license_key) if not update_kwargs or not isinstance(update_kwargs, dict): return False try: res = client.update_function_configuration(**update_kwargs) except botocore.exceptions.ClientError as e: failure("Failed to update configuration for '%s': %s" % (config["Configuration"]["FunctionArn"], e)) return False else: if input.enable_extension and policy_arn: _attach_license_key_policy(input.session, config["Configuration"]["Role"], policy_arn) if input.enable_extension_function_logs: subscriptions.remove_log_subscription(input, function_arn) if input.verbose: click.echo(json.dumps(res, indent=2)) success("Successfully installed layer on %s" % function_arn) return True
def create_log_subscription(input, function_name): assert isinstance(input, SubscriptionInstall) destination = get_function(input.session, "newrelic-log-ingestion") if destination is None: failure( "Could not find 'newrelic-log-ingestion' function. Is the New Relic AWS " "integration installed?" ) return False destination_arn = destination["Configuration"]["FunctionArn"] subscription_filters = _get_subscription_filters(input.session, function_name) if subscription_filters is None: return False newrelic_filters = [ filter for filter in subscription_filters if "NewRelicLogStreaming" in filter["filterName"] ] if len(subscription_filters) > len(newrelic_filters): warning( "WARNING: Found a log subscription filter that was not installed by New " "Relic. This may prevent the New Relic log subscription filter from being " "installed. If you know you don't need this log subscription filter, you " "should first remove it and rerun this command. If your organization " "requires this log subscription filter, please contact New Relic at " "[email protected] for assistance with getting the AWS log " "subscription filter limit increased." ) if not newrelic_filters: click.echo("Adding New Relic log subscription to '%s'" % function_name) return _create_subscription_filter( input.session, function_name, destination_arn, input.filter_pattern ) else: click.echo( "Found log subscription for '%s', verifying configuration" % function_name ) newrelic_filter = newrelic_filters[0] if newrelic_filter["filterPattern"] != input.filter_pattern: return _remove_subscription_filter( input.session, function_name, newrelic_filter["filterName"] ) and _create_subscription_filter( input.session, function_name, destination_arn, input.filter_pattern ) return True
def install(session, function_arn, layer_arn, account_id, allow_upgrade): client = session.client("lambda") config = get_function(session, function_arn) if not config: failure("Could not find function: %s" % function_arn) return region = session.region_name update_kwargs = _add_new_relic(config, region, layer_arn, account_id, allow_upgrade) if not update_kwargs: return try: return client.update_function_configuration(**update_kwargs) except botocore.exceptions.ClientError as e: failure("Failed to update configuration for '%s': %s" % (config["Configuration"]["FunctionArn"], e)) return
def install(input, function_arn): assert isinstance(input, LayerInstall) client = input.session.client("lambda") config = get_function(input.session, function_arn) if not config: failure("Could not find function: %s" % function_arn) return False nr_account_id, policy_arn = _get_license_key_outputs(input.session) # If a managed secret exists but it was created with a different NR account # id and license key We want to notify the user and point them to # documentation on how to proceed. if (policy_arn and nr_account_id and nr_account_id != str(input.nr_account_id) and not input.nr_api_key): raise click.UsageError( "A managed secret already exists in this region for New Relic account {0}. " "Creating one managed secret per region is currently supported via " "the cli. To set up an additional secret for New Relic account {1} " "see our docs:\n{2}.\n" "Or you can re-run this command with " "`--nr-api-key` argument with your New Relic API key to set your license " "key in a NEW_RELIC_LICENSE_KEY environment variable instead.". format(nr_account_id, input.nr_account_id, utils.NR_DOCS_ACT_LINKING_URL)) if input.enable_extension and not policy_arn and not input.nr_api_key: raise click.UsageError( "In order to use `--enable-extension`, you must first run " "`newrelic-lambda integrations install` with the " "`--enable-license-key-secret` flag. This uses AWS Secrets Manager " "to securely store your New Relic license key in your AWS account. " "If you are unable to use AWS Secrets Manager, re-run this command with " "`--nr-api-key` argument with your New Relic API key to set your license " "key in a NEW_RELIC_LICENSE_KEY environment variable instead.") nr_license_key = None if (not policy_arn or nr_account_id != str(input.nr_account_id) and input.nr_api_key and input.nr_region): gql = api.validate_gql_credentials(input) nr_license_key = api.retrieve_license_key(gql) update_kwargs = _add_new_relic(input, config, nr_license_key) if isinstance(update_kwargs, bool): return update_kwargs try: res = client.update_function_configuration(**update_kwargs) except botocore.exceptions.ClientError as e: failure("Failed to update configuration for '%s': %s" % (config["Configuration"]["FunctionArn"], e)) return False else: if input.enable_extension and policy_arn: _attach_license_key_policy(input.session, config["Configuration"]["Role"], policy_arn) if input.enable_extension_function_logs: subscriptions.remove_log_subscription(input, function_arn) if input.verbose: click.echo(json.dumps(res, indent=2)) success("Successfully installed layer on %s" % function_arn) return True