feat(layers): add regular and arm64 flavours

Author: rubenfonseca

layer/app.py

@@ -8,7 +8,8 @@
 app = cdk.App()
 
 POWERTOOLS_VERSION: str = app.node.try_get_context("version")
-SSM_PARAM_LAYER_ARN: str = "/layers/powertools-layer-arn"
+SSM_PARAM_LAYER_ARN: str = "/layers/powertools-layer-v2-arn"
+SSM_PARAM_ARM64_LAYER_ARN: str = "/layers/powertools-layer-v2-arm64-arn"
 
 if not POWERTOOLS_VERSION:
     raise ValueError(
@@ -21,13 +22,15 @@
     "LayerStack",
     powertools_version=POWERTOOLS_VERSION,
     ssm_paramter_layer_arn=SSM_PARAM_LAYER_ARN,
+    ssm_parameter_arm64_layer_arn=SSM_PARAM_ARM64_LAYER_ARN,
 )
 
 CanaryStack(
     app,
     "CanaryStack",
     powertools_version=POWERTOOLS_VERSION,
     ssm_paramter_layer_arn=SSM_PARAM_LAYER_ARN,
+    ssm_parameter_arm64_layer_arn=SSM_PARAM_ARM64_LAYER_ARN,
 )
 
 app.synth()

layer/layer/canary/app.py

@@ -1,6 +1,7 @@
 import datetime
 import json
 import os
+import platform
 from importlib.metadata import version
 
 import boto3
@@ -66,7 +67,7 @@ def verify_powertools_version() -> None:
     current_version = version("aws_lambda_powertools")
     if powertools_version != current_version:
         raise ValueError(
-            f'Expected powertoosl version is "{powertools_version}", but layer contains version "{current_version}"'
+            f'Expected powertools version is "{powertools_version}", but layer contains version "{current_version}"'
         )
     logger.info(f"Current Powertools version is: {current_version}")
 
@@ -80,6 +81,8 @@ def send_notification():
             "Not sending notification to event bus, because this is not the PROD stage"
         )
         return
+
+    architecture = platform.uname()[4]
     event = {
         "Time": datetime.datetime.now(),
         "Source": "powertools.layer.canary",
@@ -90,6 +93,7 @@ def send_notification():
                 "version": powertools_version,
                 "region": os.environ["AWS_REGION"],
                 "layerArn": layer_arn,
+                "architecture": architecture,
             }
         ),
     }

layer/layer/canary_stack.py

@@ -2,12 +2,16 @@
 
 from aws_cdk import CfnParameter, CustomResource, Duration, Stack
 from aws_cdk.aws_iam import Effect, ManagedPolicy, PolicyStatement, Role, ServicePrincipal
-from aws_cdk.aws_lambda import Code, Function, LayerVersion, Runtime
+from aws_cdk.aws_lambda import Architecture, Code, Function, LayerVersion, Runtime
 from aws_cdk.aws_logs import RetentionDays
 from aws_cdk.aws_ssm import StringParameter
 from aws_cdk.custom_resources import Provider
 from constructs import Construct
 
+VERSION_TRACKING_EVENT_BUS_ARN: str = (
+    "arn:aws:events:eu-central-1:027876851704:event-bus/VersionTrackingEventBus"
+)
+
 
 class CanaryStack(Stack):
     def __init__(
@@ -16,29 +20,70 @@ def __init__(
         construct_id: str,
         powertools_version: str,
         ssm_paramter_layer_arn: str,
+        ssm_parameter_arm64_layer_arn: str,
         **kwargs,
     ) -> None:
         super().__init__(scope, construct_id, **kwargs)
 
-        VERSION_TRACKING_EVENT_BUS_ARN: str = (
-            "arn:aws:events:eu-central-1:027876851704:event-bus/VersionTrackingEventBus"
-        )
-
         layer_arn = StringParameter.from_string_parameter_attributes(
             self, "LayerVersionArnParam", parameter_name=ssm_paramter_layer_arn
         ).string_value
+        Canary(
+            self,
+            "Canary-x86-64",
+            layer_arn=layer_arn,
+            powertools_version=powertools_version,
+            architecture=Architecture.X86_64(),
+        )
 
-        layer = LayerVersion.from_layer_version_arn(self, "PowertoolsLayer", layer_version_arn=layer_arn)
-        deploy_stage = CfnParameter(self, "DeployStage", description="Deployment stage for canary").value_as_string
+        layer_arm64_arn = StringParameter.from_string_parameter_attributes(
+            self,
+            "LayerArm64VersionArnParam",
+            parameter_name=ssm_parameter_arm64_layer_arn,
+        ).string_value
+        Canary(
+            self,
+            "Canary-arm64",
+            layer_arn=layer_arm64_arn,
+            powertools_version=powertools_version,
+            architecture=Architecture.ARM_64(),
+        )
 
-        execution_role = Role(self, "LambdaExecutionRole", assumed_by=ServicePrincipal("lambda.amazonaws.com"))
+
+class Canary(Construct):
+    def __init__(
+        self,
+        scope: Construct,
+        construct_id: str,
+        layer_arn: str,
+        powertools_version: str,
+        architecture: Architecture,
+    ):
+        super().__init__(scope, construct_id)
+
+        layer = LayerVersion.from_layer_version_arn(
+            self, "PowertoolsLayer", layer_version_arn=layer_arn
+        )
+        deploy_stage = CfnParameter(
+            self, "DeployStage", description="Deployment stage for canary"
+        ).value_as_string
+
+        execution_role = Role(
+            self,
+            "LambdaExecutionRole",
+            assumed_by=ServicePrincipal("lambda.amazonaws.com"),
+        )
 
         execution_role.add_managed_policy(
-            ManagedPolicy.from_aws_managed_policy_name("service-role/AWSLambdaBasicExecutionRole")
+            ManagedPolicy.from_aws_managed_policy_name(
+                "service-role/AWSLambdaBasicExecutionRole"
+            )
         )
 
         execution_role.add_to_policy(
-            PolicyStatement(effect=Effect.ALLOW, actions=["lambda:GetFunction"], resources=["*"])
+            PolicyStatement(
+                effect=Effect.ALLOW, actions=["lambda:GetFunction"], resources=["*"]
+            )
         )
 
         canary_lambda = Function(
@@ -49,7 +94,8 @@ def __init__(
             layers=[layer],
             memory_size=512,
             timeout=Duration.seconds(10),
-            runtime=Runtime.PYTHON_3_9,
+            runtime=Runtime.PYTHON_3_9(),
+            architecture=architecture,
             log_retention=RetentionDays.ONE_MONTH,
             role=execution_role,
             environment={
@@ -62,13 +108,22 @@ def __init__(
 
         canary_lambda.add_to_role_policy(
             PolicyStatement(
-                effect=Effect.ALLOW, actions=["events:PutEvents"], resources=[VERSION_TRACKING_EVENT_BUS_ARN]
+                effect=Effect.ALLOW,
+                actions=["events:PutEvents"],
+                resources=[VERSION_TRACKING_EVENT_BUS_ARN],
             )
         )
 
         # custom resource provider configuration
         provider = Provider(
-            self, "CanaryCustomResource", on_event_handler=canary_lambda, log_retention=RetentionDays.ONE_MONTH
+            self,
+            "CanaryCustomResource",
+            on_event_handler=canary_lambda,
+            log_retention=RetentionDays.ONE_MONTH,
         )
         # force to recreate resource on each deployment with randomized name
-        CustomResource(self, f"CanaryTrigger-{str(uuid.uuid4())[0:7]}", service_token=provider.service_token)
+        CustomResource(
+            self,
+            f"CanaryTrigger-{str(uuid.uuid4())[0:7]}",
+            service_token=provider.service_token,
+        )

layer/layer/layer_stack.py

@@ -1,18 +1,38 @@
 from aws_cdk import CfnOutput, RemovalPolicy, Stack
-from aws_cdk.aws_lambda import CfnLayerVersionPermission
+from aws_cdk.aws_lambda import Architecture, CfnLayerVersionPermission
 from aws_cdk.aws_ssm import StringParameter
 from cdk_lambda_powertools_python_layer import LambdaPowertoolsLayer
 from constructs import Construct
 
 
 class LayerStack(Stack):
     def __init__(
-        self, scope: Construct, construct_id: str, powertools_version: str, ssm_paramter_layer_arn: str, **kwargs
+        self,
+        scope: Construct,
+        construct_id: str,
+        powertools_version: str,
+        ssm_paramter_layer_arn: str,
+        ssm_parameter_arm64_layer_arn: str,
+        **kwargs
     ) -> None:
         super().__init__(scope, construct_id, **kwargs)
 
         layer = LambdaPowertoolsLayer(
-            self, "Layer", layer_version_name="AWSLambdaPowertoolsPython", version=powertools_version
+            self,
+            "Layer",
+            layer_version_name="AWSLambdaPowertoolsPythonV2",
+            version=powertools_version,
+            include_extras=True,
+            compatible_architectures=[Architecture.X86_64()],
+        )
+
+        layer_arm64 = LambdaPowertoolsLayer(
+            self,
+            "Layer-ARM64",
+            layer_version_name="AWSLambdaPowertoolsPythonV2-Arm64",
+            version=powertools_version,
+            include_extras=True,
+            compatible_architectures=[Architecture.ARM_64()],
         )
 
         layer_permission = CfnLayerVersionPermission(
@@ -23,9 +43,32 @@ def __init__(
             principal="*",
         )
 
+        layer_permission_arm64 = CfnLayerVersionPermission(
+            self,
+            "PublicLayerAccessArm64",
+            action="lambda:GetLayerVersion",
+            layer_version_arn=layer_arm64.layer_version_arn,
+            principal="*",
+        )
+
         layer_permission.apply_removal_policy(RemovalPolicy.RETAIN)
+        layer_permission_arm64.apply_removal_policy(RemovalPolicy.RETAIN)
+
         layer.apply_removal_policy(RemovalPolicy.RETAIN)
+        layer_arm64.apply_removal_policy(RemovalPolicy.RETAIN)
 
-        StringParameter(self, "VersionArn", parameter_name=ssm_paramter_layer_arn, string_value=layer.layer_version_arn)
+        StringParameter(
+            self,
+            "VersionArn",
+            parameter_name=ssm_paramter_layer_arn,
+            string_value=layer.layer_version_arn,
+        )
+        StringParameter(
+            self,
+            "Arm64VersionArn",
+            parameter_name=ssm_parameter_arm64_layer_arn,
+            string_value=layer_arm64.layer_version_arn,
+        )
 
         CfnOutput(self, "LatestLayerArn", value=layer.layer_version_arn)
+        CfnOutput(self, "LatestArm64LayerArn", value=layer_arm64.layer_version_arn)

layer/pyproject.toml

@@ -1,14 +1,14 @@
 [tool.poetry]
 name = "aws-lambda-powertools-python-layer"
-version = "0.1.0"
+version = "1.1.0"
 description = "AWS Lambda Powertools for Python Lambda Layers"
 authors = ["DevAx <aws-devax-open-source@amazon.com>"]
 license = "MIT"
 
 [tool.poetry.dependencies]
 python = "^3.9"
-cdk-lambda-powertools-python-layer = "^2.0.49"
-aws-cdk-lib = "^2.35.0"
+cdk-lambda-powertools-python-layer = "^3.0.0"
+aws-cdk-lib = "^2.42.0"
 
 [tool.poetry.dev-dependencies]
 pytest = "^7.1.2"