Hi How do I configure VPC details for AWS lambda created usi Pulumi Community #getting-started

Hi, How do I configure VPC details for AWS lambda ...

helpful-winter-64866

04/21/2023, 9:40 AM

Hi, How do I configure VPC details for AWS lambda created using

aws.lambda.CallbackFunction

? It looks like I can only configure that using

aws.lambda.Function

. The problem with this is that my functions code is written in Typescript and I'd rather have Pulumi handle the transpiling of it.

brave-planet-10645

04/21/2023, 9:45 AM

CallbackFunction

has the same inputs as a lambda function. So you can set vpcConfig (https://www.pulumi.com/registry/packages/aws/api-docs/lambda/function/#vpcconfig_nodejs) in the same way

brave-planet-10645

04/21/2023, 9:47 AM

Just an FYI, Pulumi can’t serialise code outside of the handler method, so if you follow best practices and created connection strings or getting config from parameter store etc outside of the handler, it’s not going to work here. The callbackfunction serialisation works great for data transformation, but if you need to interact with anything outside of the handler (like setting up connection strings, or other things you want to share as part of the lambda context) then I recommend you use the

lambda.Function

instead

helpful-winter-64866

04/21/2023, 9:50 AM

Yeah my lambda is going to need RDS Aurora MySQL access. So then I should use

lambda.Function

instead? How do I transpile my code?

brave-planet-10645

04/21/2023, 9:51 AM

You’d do that as part of your build pipeline, so before you run

pulumi up

helpful-winter-64866

04/21/2023, 9:52 AM

Was hoping you wouldn’t say that 😓 Thanks!

dry-pilot-49577

04/21/2023, 11:22 PM

FWIW I got that part working via an s3 bucket to store the lambda. s3.ts (the bucket)

Copy code

import * as awsnative from "@pulumi/aws-native";

export const lambdaStore = new awsnative.s3.Bucket("lambda_artifacts", {
  // note: do not rename a bucket
  // <https://github.com/pulumi/pulumi-aws-native/issues/584>
  bucketName: "s3.lambda.artifacts",
  accessControl: "Private",
  versioningConfiguration: {
    status: "Enabled",
  },
  lifecycleConfiguration: {
    rules: [
      {
        id: "keepLastX",
        status: "Enabled",
        noncurrentVersionExpiration: {
          // keep last 10, even if a service isn't touched for a while
          newerNoncurrentVersions: 10,
          // keep anything from last 30 days
          noncurrentDays: 30,
        },
      },
    ],
  },
});

lambda/provisioned-graphql.ts (relevant lines)

Copy code

import * as pulumi from "@pulumi/pulumi";
import * as awsnative from "@pulumi/aws-native";
import * as aws from "@pulumi/aws";
import { lambdaStore } from "../../services/s3.js";

const LAMBDA_NAME = "graphql-prov";

const file = new aws.s3.BucketObjectv2(LAMBDA_NAME, {
  bucket: lambdaStore.id,
  key: `${LAMBDA_NAME}.zip`,
  source: new pulumi.asset.FileArchive(
    "./artifacts/lambdas/graphql-public.zip"
  ),
});

export const fn = new awsnative.lambda.Function(LAMBDA_NAME, {
  role: role.arn,
  memorySize: 128,
  architectures: ["arm64"],
  runtime: "nodejs16.x",
  handler: "index.handler",
  code: {
    s3Bucket: lambdaStore.id,
    s3Key: file.key,
    s3ObjectVersion: file.versionId,
  },
});

Moving to a bundled zip meant I could use esbuild etc to bundle the lambda properly. It adds a few extra steps, but you gain easy rollbacks via s3 versioning and a bit more control over the conversion from ts to js.

3 Views

Open in Slack

Previous Next