Python CloudFormation:将列表传递给Lambda函数
我有一个CloudFormation脚本,可以为RDS备份创建Lambda函数。如何将服务器列表从CloudFormation模板传递给lambda函数?现在它们是硬编码的,我认为这并不理想 云形成脚本:Python CloudFormation:将列表传递给Lambda函数,python,amazon-web-services,aws-lambda,amazon-cloudformation,Python,Amazon Web Services,Aws Lambda,Amazon Cloudformation,我有一个CloudFormation脚本,可以为RDS备份创建Lambda函数。如何将服务器列表从CloudFormation模板传递给lambda函数?现在它们是硬编码的,我认为这并不理想 云形成脚本: { "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "ruleName": { "Description": "Name for CloudWatch Rule.", "Type": "St
{ "AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"ruleName": {
"Description": "Name for CloudWatch Rule.",
"Type": "String"
},
"cronSchedule": {
"Description": "Cron Schedule Expression",
"Type": "String",
"Default": "cron(0 05 * * ? *)"
},
"bucketName" : {
"Description": "S3 Bucket storing the lambda script",
"Type": "String"
},
"lambdaTimeout": {
"Description": "Timeout for Lambda",
"Type": "String",
"Default": "3"
},
"instanceList":{
"Description": "",
"Type": "String"
}
},
"Resources": {
"cloudWatchRule": {
"Type": "AWS::Events::Rule",
"DependsOn": "lambdaFunction",
"Properties": {
"Description": "Cron Schedule",
"Name": {
"Ref": "ruleName"
},
"ScheduleExpression": {
"Ref": "cronSchedule"
},
"State": "ENABLED",
"Targets": [
{
"Arn":{
"Fn::GetAtt": ["lambdaFunction","Arn"]
},
"Id": {
"Ref": "lambdaFunction"
}
}
]
}
},
"lambdaFunction": {
"Type":"AWS::Lambda::Function",
"DependsOn": [
"lambdaRdsBackupRole",
"rdsBackupExecutionPolicy"
],
"Properties":{
"Code": {
"S3Bucket": {
"Ref": "bucketName"
},
"S3Key": "lambdaFunctions/rdsBackup.zip"
},
"Role": {
"Fn::GetAtt": ["lambdaRdsBackupRole", "Arn"]
},
"Handler": "rdsBackup.lambda_handler",
"Environment":{
"Variables": {
"dbInstances": {
"Ref": "instanceList"
}
}
},
"Runtime": "python3.6",
"MemorySize": 128,
"Timeout": {
"Ref": "lambdaTimeout"
}
}
},
"lambdaRdsBackupRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/"
}
},
"rdsBackupExecutionPolicy": {
"DependsOn": [
"lambdaRdsBackupRole"
],
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyName": "lambdaRdsBackupRolePolicy",
"Roles": [
{
"Ref": "lambdaRdsBackupRole"
}
],
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*"
},
{
"Effect": "Allow",
"Action": [
"rds:AddTagsToResource",
"rds:DeleteDBSnapshot"
],
"Resource": "arn:aws:rds:*:*"
},
{
"Effect": "Allow",
"Action": [
"rds:ListTagsForResource",
"rds:CreateDBSnapshot"
],
"Resource": "arn:aws:rds:*:*"
},
{
"Effect": "Allow",
"Action": [
"rds:DescribeDBSnapshots"
],
"Resource": "*"
}
]
}
}
}
}
}
import boto3
import datetime
def lambda_handler(event, context):
print("Connecting to RDS")
client = boto3.client('rds')
# Instance to backup
dbInstances = ['testdb', 'testdb2']
for dbInstance in dbInstances:
print("RDS snapshot backups started at %s...\n" % datetime.datetime.now())
for snapshot in client.describe_db_snapshots(DBInstanceIdentifier=dbInstance, MaxRecords=50)['DBSnapshots']:
try:
createTs = snapshot['SnapshotCreateTime'].replace(tzinfo=None)
if createTs < datetime.datetime.now() - datetime.timedelta(days=30):
print("Deleting snapshot id:", snapshot['DBSnapshotIdentifier'])
client.delete_db_snapshot(
DBSnapshotIdentifier=snapshot['DBSnapshotIdentifier']
)
except Exception as e:
print("Error: "+ str(e))
pass
client.create_db_snapshot(
DBInstanceIdentifier=dbInstance,
DBSnapshotIdentifier=dbInstance+'{}'.format(datetime.datetime.now().strftime("%y-%m-%d-%H")),
Tags=[
{
'Key': 'Name',
'Value': 'dbInstance'
},
]
)
"Environment":{
"Variables": {
"dbInstances": {
"Ref": "instanceList"
}
}
},
{ "AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"ruleName": {
"Description": "Name for CloudWatch Rule.",
"Type": "String"
},
"cronSchedule": {
"Description": "Cron Schedule Expression",
"Type": "String",
"Default": "cron(0 05 * * ? *)"
},
"bucketName" : {
"Description": "S3 Bucket storing the lambda script",
"Type": "String"
},
"lambdaTimeout": {
"Description": "Timeout for Lambda",
"Type": "String",
"Default": "3"
},
"instanceList":{
"Description": "",
"Type": "String"
}
},
"Resources": {
"cloudWatchRule": {
"Type": "AWS::Events::Rule",
"DependsOn": "lambdaFunction",
"Properties": {
"Description": "Cron Schedule",
"Name": {
"Ref": "ruleName"
},
"ScheduleExpression": {
"Ref": "cronSchedule"
},
"State": "ENABLED",
"Targets": [
{
"Arn":{
"Fn::GetAtt": ["lambdaFunction","Arn"]
},
"Id": {
"Ref": "lambdaFunction"
}
}
]
}
},
"lambdaFunction": {
"Type":"AWS::Lambda::Function",
"DependsOn": [
"lambdaRdsBackupRole",
"rdsBackupExecutionPolicy"
],
"Properties":{
"Code": {
"S3Bucket": {
"Ref": "bucketName"
},
"S3Key": "lambdaFunctions/rdsBackup.zip"
},
"Role": {
"Fn::GetAtt": ["lambdaRdsBackupRole", "Arn"]
},
"Handler": "rdsBackup.lambda_handler",
"Environment":{
"Variables": {
"dbInstances": {
"Ref": "instanceList"
}
}
},
"Runtime": "python3.6",
"MemorySize": 128,
"Timeout": {
"Ref": "lambdaTimeout"
}
}
},
"lambdaRdsBackupRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/"
}
},
"rdsBackupExecutionPolicy": {
"DependsOn": [
"lambdaRdsBackupRole"
],
"Type": "AWS::IAM::Policy",
"Properties": {
"PolicyName": "lambdaRdsBackupRolePolicy",
"Roles": [
{
"Ref": "lambdaRdsBackupRole"
}
],
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*"
},
{
"Effect": "Allow",
"Action": [
"rds:AddTagsToResource",
"rds:DeleteDBSnapshot"
],
"Resource": "arn:aws:rds:*:*"
},
{
"Effect": "Allow",
"Action": [
"rds:ListTagsForResource",
"rds:CreateDBSnapshot"
],
"Resource": "arn:aws:rds:*:*"
},
{
"Effect": "Allow",
"Action": [
"rds:DescribeDBSnapshots"
],
"Resource": "*"
}
]
}
}
}
}
}
import boto3
import datetime
def lambda_handler(event, context):
print("Connecting to RDS")
client = boto3.client('rds')
# Instance to backup
dbInstances = ['testdb', 'testdb2']
for dbInstance in dbInstances:
print("RDS snapshot backups started at %s...\n" % datetime.datetime.now())
for snapshot in client.describe_db_snapshots(DBInstanceIdentifier=dbInstance, MaxRecords=50)['DBSnapshots']:
try:
createTs = snapshot['SnapshotCreateTime'].replace(tzinfo=None)
if createTs < datetime.datetime.now() - datetime.timedelta(days=30):
print("Deleting snapshot id:", snapshot['DBSnapshotIdentifier'])
client.delete_db_snapshot(
DBSnapshotIdentifier=snapshot['DBSnapshotIdentifier']
)
except Exception as e:
print("Error: "+ str(e))
pass
client.create_db_snapshot(
DBInstanceIdentifier=dbInstance,
DBSnapshotIdentifier=dbInstance+'{}'.format(datetime.datetime.now().strftime("%y-%m-%d-%H")),
Tags=[
{
'Key': 'Name',
'Value': 'dbInstance'
},
]
)
导入boto3
导入日期时间
def lambda_处理程序(事件、上下文):
打印(“连接到RDS”)
client=bot3.client('rds')
#要备份的实例
dbInstances=['testdb','testdb2']
对于dbInstances中的dbInstance:
打印(“RDS快照备份开始于%s…。\n”%datetime.datetime.now()
用于客户端中的快照。描述\u db\u快照(DBInstanceIdentifier=dbInstance,MaxRecords=50)['DBSnapshots']:
尝试:
createTs=snapshot['SnapshotCreateTime']。替换(tzinfo=None)
如果createTs如果不知道你的最终目标,很难推荐其中一个而不是另一个。可能有几种方法可以做到这一点。下面列出了我想到的几个例子 1) 如果您打算将变量添加到cloud formation模板中,我会将python脚本内联添加到cloudformation模板中,您可以将数组作为变量传递到模板中 2) 您可以为lambda函数创建环境变量,并且每次执行它时(控制台或命令行),都可以使用新的数据库实例更新环境变量 3) 您可以使用API网关之类的工具,并将其绑定到lambda函数。可以在POST请求中将数组传递给lambda函数 如果不知道你的最终目标,就很难推荐其中一个