From bded2a88accaa283fcad31a1529aef2fdc6675dd Mon Sep 17 00:00:00 2001 From: Keith Rozario Date: Fri, 17 May 2024 16:33:00 +0800 Subject: [PATCH 1/5] changed to AWS CDK v2 --- docs/index.md | 40 +++++++++++++++++++++++++--------------- 1 file changed, 25 insertions(+), 15 deletions(-) diff --git a/docs/index.md b/docs/index.md index 88367b3c4ec..056727f182a 100644 --- a/docs/index.md +++ b/docs/index.md @@ -96,23 +96,28 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc === "CDK" - ```python hl_lines="11 16" - from aws_cdk import core, aws_lambda + ```python hl_lines="16 21" + from aws_cdk import ( + Stack, + aws_lambda, + Aws + ) + from constructs import Construct - class SampleApp(core.Construct): + class SampleApp(Stack): - def __init__(self, scope: core.Construct, id_: str, env: core.Environment) -> None: - super().__init__(scope, id_) + def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: + super().__init__(scope, construct_id, **kwargs) powertools_layer = aws_lambda.LayerVersion.from_layer_version_arn( self, id="lambda-powertools", - layer_version_arn=f"arn:aws:lambda:{env.region}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69" + layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69" ) aws_lambda.Function(self, 'sample-app-lambda', runtime=aws_lambda.Runtime.PYTHON_3_9, - layers=[powertools_layer] + layers=[powertools_layer], # other props... ) ``` @@ -250,24 +255,29 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc === "CDK" - ```python hl_lines="11 17" - from aws_cdk import core, aws_lambda + ```python hl_lines="16 21" + from aws_cdk import ( + Stack, + aws_lambda, + Aws + ) + from constructs import Construct - class SampleApp(core.Construct): + class SampleApp(Stack): - def __init__(self, scope: core.Construct, id_: str, env: core.Environment) -> None: - super().__init__(scope, id_) + def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: + super().__init__(scope, construct_id, **kwargs) powertools_layer = aws_lambda.LayerVersion.from_layer_version_arn( self, id="lambda-powertools", - layer_version_arn=f"arn:aws:lambda:{env.region}:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69" + layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69" ) aws_lambda.Function(self, 'sample-app-lambda', runtime=aws_lambda.Runtime.PYTHON_3_9, - architecture=aws_lambda.Architecture.ARM_64, - layers=[powertools_layer] + layers=[powertools_layer], + architecture=aws_lambda.Architecture.ARM_64 # other props... ) ``` From 17cf1e2fc8c1bd9af4b71b01302b6c1d1f29824b Mon Sep 17 00:00:00 2001 From: Keith Rozario Date: Fri, 17 May 2024 16:37:12 +0800 Subject: [PATCH 2/5] modified to python312 --- docs/index.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/index.md b/docs/index.md index 056727f182a..52df545e491 100644 --- a/docs/index.md +++ b/docs/index.md @@ -116,7 +116,7 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc ) aws_lambda.Function(self, 'sample-app-lambda', - runtime=aws_lambda.Runtime.PYTHON_3_9, + runtime=aws_lambda.Runtime.PYTHON_3_12, layers=[powertools_layer], # other props... ) @@ -275,7 +275,7 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc ) aws_lambda.Function(self, 'sample-app-lambda', - runtime=aws_lambda.Runtime.PYTHON_3_9, + runtime=aws_lambda.Runtime.PYTHON_3_12, layers=[powertools_layer], architecture=aws_lambda.Architecture.ARM_64 # other props... From 3534d1d5ac756e37fae2caf974dd491d869a9e89 Mon Sep 17 00:00:00 2001 From: Keith Rozario Date: Mon, 20 May 2024 09:50:51 +0800 Subject: [PATCH 3/5] moved cdk to examples --- docs/index.md | 49 ++-------------------------------- examples/install/arm64/cdk.py | 25 +++++++++++++++++ examples/install/x86_64/cdk.py | 24 +++++++++++++++++ 3 files changed, 51 insertions(+), 47 deletions(-) create mode 100644 examples/install/arm64/cdk.py create mode 100644 examples/install/x86_64/cdk.py diff --git a/docs/index.md b/docs/index.md index 52df545e491..ea66dc41c86 100644 --- a/docs/index.md +++ b/docs/index.md @@ -97,29 +97,7 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc === "CDK" ```python hl_lines="16 21" - from aws_cdk import ( - Stack, - aws_lambda, - Aws - ) - from constructs import Construct - - class SampleApp(Stack): - - def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: - super().__init__(scope, construct_id, **kwargs) - - powertools_layer = aws_lambda.LayerVersion.from_layer_version_arn( - self, - id="lambda-powertools", - layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69" - ) - aws_lambda.Function(self, - 'sample-app-lambda', - runtime=aws_lambda.Runtime.PYTHON_3_12, - layers=[powertools_layer], - # other props... - ) + --8<-- "examples/install/x86_64/cdk.py" ``` === "Terraform" @@ -256,30 +234,7 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc === "CDK" ```python hl_lines="16 21" - from aws_cdk import ( - Stack, - aws_lambda, - Aws - ) - from constructs import Construct - - class SampleApp(Stack): - - def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: - super().__init__(scope, construct_id, **kwargs) - - powertools_layer = aws_lambda.LayerVersion.from_layer_version_arn( - self, - id="lambda-powertools", - layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69" - ) - aws_lambda.Function(self, - 'sample-app-lambda', - runtime=aws_lambda.Runtime.PYTHON_3_12, - layers=[powertools_layer], - architecture=aws_lambda.Architecture.ARM_64 - # other props... - ) + --8<-- "examples/install/arm64/cdk.py" ``` === "Terraform" diff --git a/examples/install/arm64/cdk.py b/examples/install/arm64/cdk.py new file mode 100644 index 00000000000..f0b4621fb21 --- /dev/null +++ b/examples/install/arm64/cdk.py @@ -0,0 +1,25 @@ +from aws_cdk import ( + Stack, + aws_lambda, + Aws +) +from constructs import Construct + +class SampleApp(Stack): + + def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: + super().__init__(scope, construct_id, **kwargs) + + powertools_layer = aws_lambda.LayerVersion.from_layer_version_arn( + self, + id="lambda-powertools", + layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69" + ) + aws_lambda.Function(self, + 'sample-app-lambda', + runtime=aws_lambda.Runtime.PYTHON_3_12, + layers=[powertools_layer], + architecture=aws_lambda.Architecture.ARM_64, + code=aws_lambda.Code.from_asset('lambda'), + handler='hello.handler' + ) diff --git a/examples/install/x86_64/cdk.py b/examples/install/x86_64/cdk.py new file mode 100644 index 00000000000..21a200fcf3e --- /dev/null +++ b/examples/install/x86_64/cdk.py @@ -0,0 +1,24 @@ +from aws_cdk import ( + Stack, + aws_lambda, + Aws +) +from constructs import Construct + +class SampleApp(Stack): + + def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: + super().__init__(scope, construct_id, **kwargs) + + powertools_layer = aws_lambda.LayerVersion.from_layer_version_arn( + self, + id="lambda-powertools", + layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69" + ) + aws_lambda.Function(self, + 'sample-app-lambda', + runtime=aws_lambda.Runtime.PYTHON_3_12, + layers=[powertools_layer], + code=aws_lambda.Code.from_asset('lambda'), + handler='hello.handler' + ) From 005fbab440cc8a470a0cdff1710273295bdbf813 Mon Sep 17 00:00:00 2001 From: Keith Rozario Date: Mon, 20 May 2024 11:34:49 +0800 Subject: [PATCH 4/5] moved code to examples --- docs/index.md | 392 ++-------------------- examples/install/arm64/amplify.txt | 21 ++ examples/install/arm64/pulumi.py | 31 ++ examples/install/arm64/sam.yaml | 7 + examples/install/arm64/serverless.yaml | 6 + examples/install/arm64/terraform.tf | 41 +++ examples/install/sar/cdk.py | 37 ++ examples/install/sar/sam.yaml | 14 + examples/install/sar/scoped_down_iam.yaml | 54 +++ examples/install/sar/serverless.yaml | 16 + examples/install/sar/terraform.tf | 41 +++ examples/install/x86_64/amplify.txt | 21 ++ examples/install/x86_64/pulumi.py | 31 ++ examples/install/x86_64/sam.yaml | 6 + examples/install/x86_64/serverless.yaml | 5 + examples/install/x86_64/terraform.tf | 40 +++ 16 files changed, 392 insertions(+), 371 deletions(-) create mode 100644 examples/install/arm64/amplify.txt create mode 100644 examples/install/arm64/pulumi.py create mode 100644 examples/install/arm64/sam.yaml create mode 100644 examples/install/arm64/serverless.yaml create mode 100644 examples/install/arm64/terraform.tf create mode 100644 examples/install/sar/cdk.py create mode 100644 examples/install/sar/sam.yaml create mode 100644 examples/install/sar/scoped_down_iam.yaml create mode 100644 examples/install/sar/serverless.yaml create mode 100644 examples/install/sar/terraform.tf create mode 100644 examples/install/x86_64/amplify.txt create mode 100644 examples/install/x86_64/pulumi.py create mode 100644 examples/install/x86_64/sam.yaml create mode 100644 examples/install/x86_64/serverless.yaml create mode 100644 examples/install/x86_64/terraform.tf diff --git a/docs/index.md b/docs/index.md index ea66dc41c86..268de3b6e9b 100644 --- a/docs/index.md +++ b/docs/index.md @@ -76,22 +76,14 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc === "SAM" - ```yaml hl_lines="5" - MyLambdaFunction: - Type: AWS::Serverless::Function - Properties: - Layers: - - !Sub arn:aws:lambda:${AWS::Region}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 + ```yaml hl_lines="6" + --8<-- "examples/install/x86_64/sam.yaml" ``` === "Serverless framework" ```yaml hl_lines="5" - functions: - hello: - handler: lambda_function.lambda_handler - layers: - - arn:aws:lambda:${aws:region}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 + --8<-- "examples/install/x86_64/serverless.yaml" ``` === "CDK" @@ -102,133 +94,34 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc === "Terraform" - ```terraform hl_lines="9 38" - terraform { - required_version = "~> 1.0.5" - required_providers { - aws = "~> 3.50.0" - } - } - - provider "aws" { - region = "{region}" - } - - resource "aws_iam_role" "iam_for_lambda" { - name = "iam_for_lambda" - - assume_role_policy = < - ? Choose the runtime that you want to use: Python - ? Do you want to configure advanced settings? Yes - ... - ? Do you want to enable Lambda layers for this function? Yes - ? Enter up to 5 existing Lambda layer ARNs (comma-separated): arn:aws:lambda:eu-central-1:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 - ❯ amplify push -y - - - # Updating an existing function and add the layer - ❯ amplify update function - ? Select the Lambda function you want to update test2 - General information - - Name: - ? Which setting do you want to update? Lambda layers configuration - ? Do you want to enable Lambda layers for this function? Yes - ? Enter up to 5 existing Lambda layer ARNs (comma-separated): arn:aws:lambda:eu-central-1:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 - ? Do you want to edit the local lambda function now? No + --8<-- "examples/install/x86_64/amplify.txt" ``` === "arm64" === "SAM" - ```yaml hl_lines="6" - MyLambdaFunction: - Type: AWS::Serverless::Function - Properties: - Architectures: [arm64] - Layers: - - !Sub arn:aws:lambda:${AWS::Region}:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 + ```yaml hl_lines="7" + --8<-- "examples/install/arm64/sam.yaml" ``` === "Serverless framework" ```yaml hl_lines="6" - functions: - hello: - handler: lambda_function.lambda_handler - architecture: arm64 - layers: - - arn:aws:lambda:${aws:region}:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 + --8<-- "examples/install/arm64/serverless.yaml" ``` === "CDK" @@ -240,111 +133,19 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc === "Terraform" ```terraform hl_lines="9 37" - terraform { - required_version = "~> 1.0.5" - required_providers { - aws = "~> 3.50.0" - } - } - - provider "aws" { - region = "{region}" - } - - resource "aws_iam_role" "iam_for_lambda" { - name = "iam_for_lambda" - - assume_role_policy = < - ? Choose the runtime that you want to use: Python - ? Do you want to configure advanced settings? Yes - ... - ? Do you want to enable Lambda layers for this function? Yes - ? Enter up to 5 existing Lambda layer ARNs (comma-separated): arn:aws:lambda:eu-central-1:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 - ❯ amplify push -y - - - # Updating an existing function and add the layer - ❯ amplify update function - ? Select the Lambda function you want to update test2 - General information - - Name: - ? Which setting do you want to update? Lambda layers configuration - ? Do you want to enable Lambda layers for this function? Yes - ? Enter up to 5 existing Lambda layer ARNs (comma-separated): arn:aws:lambda:eu-central-1:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 - ? Do you want to edit the local lambda function now? No + --8<-- "examples/install/x86_64/amplify.txt" ``` ### Local development @@ -461,78 +262,20 @@ Compared with the [public Layer ARN](#lambda-layer) option, SAR allows you to ch === "SAM" - ```yaml hl_lines="5-6 12-13" - AwsLambdaPowertoolsPythonLayer: - Type: AWS::Serverless::Application - Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer - SemanticVersion: 2.0.0 # change to latest semantic version available in SAR - - MyLambdaFunction: - Type: AWS::Serverless::Function - Properties: - Layers: - # fetch Layer ARN from SAR App stack output - - !GetAtt AwsLambdaPowertoolsPythonLayer.Outputs.LayerVersionArn + ```yaml hl_lines="6-7 13-14" + --8<-- "examples/install/sar/sam.yaml" ``` === "Serverless framework" ```yaml hl_lines="5 8 10-11" - functions: - main: - handler: lambda_function.lambda_handler - layers: - - !GetAtt AwsLambdaPowertoolsPythonLayer.Outputs.LayerVersionArn - - resources: - Transform: AWS::Serverless-2016-10-31 - Resources:**** - AwsLambdaPowertoolsPythonLayer: - Type: AWS::Serverless::Application - Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer - # Find latest from github.com/aws-powertools/powertools-lambda-python/releases - SemanticVersion: 2.0.0 + --8<-- "examples/install/sar/serverless.yaml" ``` === "CDK" - ```python hl_lines="14 22-23 31" - from aws_cdk import core, aws_sam as sam, aws_lambda - - POWERTOOLS_BASE_NAME = 'AWSLambdaPowertools' - # Find latest from github.com/aws-powertools/powertools-lambda-python/releases - POWERTOOLS_VER = '2.0.0' - POWERTOOLS_ARN = 'arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer' - - class SampleApp(core.Construct): - - def __init__(self, scope: core.Construct, id_: str) -> None: - super().__init__(scope, id_) - - # Launches SAR App as CloudFormation nested stack and return Lambda Layer - powertools_app = sam.CfnApplication(self, - f'{POWERTOOLS_BASE_NAME}Application', - location={ - 'applicationId': POWERTOOLS_ARN, - 'semanticVersion': POWERTOOLS_VER - }, - ) - - powertools_layer_arn = powertools_app.get_att("Outputs.LayerVersionArn").to_string() - powertools_layer_version = aws_lambda.LayerVersion.from_layer_version_arn(self, f'{POWERTOOLS_BASE_NAME}', powertools_layer_arn) - - aws_lambda.Function(self, - 'sample-app-lambda', - runtime=aws_lambda.Runtime.PYTHON_3_8, - function_name='sample-lambda', - code=aws_lambda.Code.asset('./src'), - handler='app.handler', - layers: [powertools_layer_version] - ) + ```python hl_lines="19 27-28 36" + --8<-- "examples/install/sar/cdk.py" ``` === "Terraform" @@ -540,106 +283,13 @@ Compared with the [public Layer ARN](#lambda-layer) option, SAR allows you to ch > Credits to [Dani Comnea](https://github.com/DanyC97){target="_blank" rel="nofollow"} for providing the Terraform equivalent. ```terraform hl_lines="12-13 15-20 23-25 40" - terraform { - required_version = "~> 0.13" - required_providers { - aws = "~> 3.50.0" - } - } - - provider "aws" { - region = "us-east-1" - } - - resource "aws_serverlessapplicationrepository_cloudformation_stack" "deploy_sar_stack" { - name = "aws-lambda-powertools-python-layer" - - application_id = data.aws_serverlessapplicationrepository_application.sar_app.application_id - semantic_version = data.aws_serverlessapplicationrepository_application.sar_app.semantic_version - capabilities = [ - "CAPABILITY_IAM", - "CAPABILITY_NAMED_IAM" - ] - } - - data "aws_serverlessapplicationrepository_application" "sar_app" { - application_id = "arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer" - semantic_version = var.aws_powertools_version - } - - variable "aws_powertools_version" { - type = string - default = "2.0.0" - description = "The Powertools for AWS Lambda (Python) release version" - } - - output "deployed_powertools_sar_version" { - value = data.aws_serverlessapplicationrepository_application.sar_app.semantic_version - } - - # Fetch Powertools for AWS Lambda (Python) Layer ARN from deployed SAR App - output "aws_lambda_powertools_layer_arn" { - value = aws_serverlessapplicationrepository_cloudformation_stack.deploy_sar_stack.outputs.LayerVersionArn - } + --8<-- "examples/install/sar/terraform.tf" ``` Credits to [mwarkentin](https://github.com/mwarkentin){target="_blank" rel="nofollow"} for providing the scoped down IAM permissions below. ```yaml hl_lines="21-52" title="Least-privileged IAM permissions SAM example" - AWSTemplateFormatVersion: "2010-09-09" - Resources: - PowertoolsLayerIamRole: - Type: "AWS::IAM::Role" - Properties: - AssumeRolePolicyDocument: - Version: "2012-10-17" - Statement: - - Effect: "Allow" - Principal: - Service: - - "cloudformation.amazonaws.com" - Action: - - "sts:AssumeRole" - Path: "/" - PowertoolsLayerIamPolicy: - Type: "AWS::IAM::Policy" - Properties: - PolicyName: PowertoolsLambdaLayerPolicy - PolicyDocument: - Version: "2012-10-17" - Statement: - - Sid: CloudFormationTransform - Effect: Allow - Action: cloudformation:CreateChangeSet - Resource: - - arn:aws:cloudformation:us-east-1:aws:transform/Serverless-2016-10-31 - - Sid: GetCfnTemplate - Effect: Allow - Action: - - serverlessrepo:CreateCloudFormationTemplate - - serverlessrepo:GetCloudFormationTemplate - Resource: - # this is arn of the Powertools for AWS Lambda (Python) SAR app - - arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer - - Sid: S3AccessLayer - Effect: Allow - Action: - - s3:GetObject - Resource: - # AWS publishes to an external S3 bucket locked down to your account ID - # The below example is us publishing Powertools for AWS Lambda (Python) - # Bucket: awsserverlessrepo-changesets-plntc6bfnfj - # Key: *****/arn:aws:serverlessrepo:eu-west-1:057560766410:applications-aws-lambda-powertools-python-layer-versions-1.10.2/aeeccf50-****-****-****-********* - - arn:aws:s3:::awsserverlessrepo-changesets-*/* - - Sid: GetLayerVersion - Effect: Allow - Action: - - lambda:PublishLayerVersion - - lambda:GetLayerVersion - Resource: - - !Sub arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:layer:aws-lambda-powertools-python-layer* - Roles: - - Ref: "PowertoolsLayerIamRole" + --8<-- "examples/install/sar/scoped_down_iam.yaml" ``` ## Quick getting started diff --git a/examples/install/arm64/amplify.txt b/examples/install/arm64/amplify.txt new file mode 100644 index 00000000000..58f26c59c4c --- /dev/null +++ b/examples/install/arm64/amplify.txt @@ -0,0 +1,21 @@ +# Create a new one with the layer +❯ amplify add function +? Select which capability you want to add: Lambda function (serverless function) +? Provide an AWS Lambda function name: +? Choose the runtime that you want to use: Python +? Do you want to configure advanced settings? Yes +... +? Do you want to enable Lambda layers for this function? Yes +? Enter up to 5 existing Lambda layer ARNs (comma-separated): arn:aws:lambda:eu-central-1:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 +❯ amplify push -y + + +# Updating an existing function and add the layer +❯ amplify update function +? Select the Lambda function you want to update test2 +General information +- Name: +? Which setting do you want to update? Lambda layers configuration +? Do you want to enable Lambda layers for this function? Yes +? Enter up to 5 existing Lambda layer ARNs (comma-separated): arn:aws:lambda:eu-central-1:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 +? Do you want to edit the local lambda function now? No \ No newline at end of file diff --git a/examples/install/arm64/pulumi.py b/examples/install/arm64/pulumi.py new file mode 100644 index 00000000000..bfb481c4394 --- /dev/null +++ b/examples/install/arm64/pulumi.py @@ -0,0 +1,31 @@ +import json +import pulumi +import pulumi_aws as aws + +role = aws.iam.Role("role", + assume_role_policy=json.dumps({ + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Principal": { + "Service": "lambda.amazonaws.com" + }, + "Effect": "Allow" + } + ] + }), + managed_policy_arns=[aws.iam.ManagedPolicy.AWS_LAMBDA_BASIC_EXECUTION_ROLE] +) + +lambda_function = aws.lambda_.Function("function", + layers=[pulumi.Output.concat("arn:aws:lambda:",aws.get_region_output().name,":017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:11")], + tracing_config={ + "mode": "Active" + }, + runtime=aws.lambda_.Runtime.PYTHON3D9, + handler="index.handler", + role=role.arn, + architectures=["arm64"], + code=pulumi.FileArchive("lambda_function_payload.zip") +) \ No newline at end of file diff --git a/examples/install/arm64/sam.yaml b/examples/install/arm64/sam.yaml new file mode 100644 index 00000000000..bc73c42f08d --- /dev/null +++ b/examples/install/arm64/sam.yaml @@ -0,0 +1,7 @@ +Resources: + MyLambdaFunction: + Type: AWS::Serverless::Function + Properties: + Architectures: [arm64] + Layers: + - !Sub arn:aws:lambda:${AWS::Region}:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 diff --git a/examples/install/arm64/serverless.yaml b/examples/install/arm64/serverless.yaml new file mode 100644 index 00000000000..7605c2ea7c1 --- /dev/null +++ b/examples/install/arm64/serverless.yaml @@ -0,0 +1,6 @@ +functions: + hello: + handler: lambda_function.lambda_handler + architecture: arm64 + layers: + - arn:aws:lambda:${aws:region}:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 \ No newline at end of file diff --git a/examples/install/arm64/terraform.tf b/examples/install/arm64/terraform.tf new file mode 100644 index 00000000000..c5661558734 --- /dev/null +++ b/examples/install/arm64/terraform.tf @@ -0,0 +1,41 @@ +terraform { + required_version = "~> 1.0.5" + required_providers { + aws = "~> 3.50.0" + } +} + +provider "aws" { + region = "{region}" +} + +resource "aws_iam_role" "iam_for_lambda" { + name = "iam_for_lambda" + + assume_role_policy = < None: + super().__init__(scope, id_) + + # Launches SAR App as CloudFormation nested stack and return Lambda Layer + powertools_app = aws_sam.CfnApplication(self, + f'{POWERTOOLS_BASE_NAME}Application', + location={ + 'applicationId': POWERTOOLS_ARN, + 'semanticVersion': POWERTOOLS_VER + }, + ) + + powertools_layer_arn = powertools_app.get_att("Outputs.LayerVersionArn").to_string() + powertools_layer_version = aws_lambda.LayerVersion.from_layer_version_arn(self, f'{POWERTOOLS_BASE_NAME}', powertools_layer_arn) + + aws_lambda.Function(self, + 'sample-app-lambda', + runtime=aws_lambda.Runtime.PYTHON_3_12, + function_name='sample-lambda', + code=aws_lambda.Code.from_asset('lambda'), + handler='hello.handler', + layers=[powertools_layer_version] + ) \ No newline at end of file diff --git a/examples/install/sar/sam.yaml b/examples/install/sar/sam.yaml new file mode 100644 index 00000000000..a451487b4e8 --- /dev/null +++ b/examples/install/sar/sam.yaml @@ -0,0 +1,14 @@ +Resources: + AwsLambdaPowertoolsPythonLayer: + Type: AWS::Serverless::Application + Properties: + Location: + ApplicationId: arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer + SemanticVersion: 2.0.0 # change to latest semantic version available in SAR + + MyLambdaFunction: + Type: AWS::Serverless::Function + Properties: + Layers: + # fetch Layer ARN from SAR App stack output + - !GetAtt AwsLambdaPowertoolsPythonLayer.Outputs.LayerVersionArn \ No newline at end of file diff --git a/examples/install/sar/scoped_down_iam.yaml b/examples/install/sar/scoped_down_iam.yaml new file mode 100644 index 00000000000..4724aa9536d --- /dev/null +++ b/examples/install/sar/scoped_down_iam.yaml @@ -0,0 +1,54 @@ + AWSTemplateFormatVersion: "2010-09-09" + Resources: + PowertoolsLayerIamRole: + Type: "AWS::IAM::Role" + Properties: + AssumeRolePolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: "Allow" + Principal: + Service: + - "cloudformation.amazonaws.com" + Action: + - "sts:AssumeRole" + Path: "/" + PowertoolsLayerIamPolicy: + Type: "AWS::IAM::Policy" + Properties: + PolicyName: PowertoolsLambdaLayerPolicy + PolicyDocument: + Version: "2012-10-17" + Statement: + - Sid: CloudFormationTransform + Effect: Allow + Action: cloudformation:CreateChangeSet + Resource: + - arn:aws:cloudformation:us-east-1:aws:transform/Serverless-2016-10-31 + - Sid: GetCfnTemplate + Effect: Allow + Action: + - serverlessrepo:CreateCloudFormationTemplate + - serverlessrepo:GetCloudFormationTemplate + Resource: + # this is arn of the Powertools for AWS Lambda (Python) SAR app + - arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer + - Sid: S3AccessLayer + Effect: Allow + Action: + - s3:GetObject + Resource: + # AWS publishes to an external S3 bucket locked down to your account ID + # The below example is us publishing Powertools for AWS Lambda (Python) + # Bucket: awsserverlessrepo-changesets-plntc6bfnfj + # Key: *****/arn:aws:serverlessrepo:eu-west-1:057560766410:applications-aws-lambda-powertools-python-layer-versions-1.10.2/aeeccf50-****-****-****-********* + - arn:aws:s3:::awsserverlessrepo-changesets-*/* + - Sid: GetLayerVersion + Effect: Allow + Action: + - lambda:PublishLayerVersion + - lambda:GetLayerVersion + Resource: + - !Sub arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:layer:aws-lambda-powertools-python-layer* + Roles: + - Ref: "PowertoolsLayerIamRole" \ No newline at end of file diff --git a/examples/install/sar/serverless.yaml b/examples/install/sar/serverless.yaml new file mode 100644 index 00000000000..0831864c2d7 --- /dev/null +++ b/examples/install/sar/serverless.yaml @@ -0,0 +1,16 @@ +functions: + main: + handler: lambda_function.lambda_handler + layers: + - !GetAtt AwsLambdaPowertoolsPythonLayer.Outputs.LayerVersionArn + +resources: + Transform: AWS::Serverless-2016-10-31 + Resources:**** + AwsLambdaPowertoolsPythonLayer: + Type: AWS::Serverless::Application + Properties: + Location: + ApplicationId: arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer + # Find latest from github.com/aws-powertools/powertools-lambda-python/releases + SemanticVersion: 2.0.0 \ No newline at end of file diff --git a/examples/install/sar/terraform.tf b/examples/install/sar/terraform.tf new file mode 100644 index 00000000000..29874415859 --- /dev/null +++ b/examples/install/sar/terraform.tf @@ -0,0 +1,41 @@ +terraform { + required_version = "~> 0.13" + required_providers { + aws = "~> 3.50.0" + } +} + +provider "aws" { + region = "us-east-1" +} + +resource "aws_serverlessapplicationrepository_cloudformation_stack" "deploy_sar_stack" { + name = "aws-lambda-powertools-python-layer" + + application_id = data.aws_serverlessapplicationrepository_application.sar_app.application_id + semantic_version = data.aws_serverlessapplicationrepository_application.sar_app.semantic_version + capabilities = [ + "CAPABILITY_IAM", + "CAPABILITY_NAMED_IAM" + ] +} + +data "aws_serverlessapplicationrepository_application" "sar_app" { + application_id = "arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer" + semantic_version = var.aws_powertools_version +} + +variable "aws_powertools_version" { + type = string + default = "2.0.0" + description = "The Powertools for AWS Lambda (Python) release version" +} + +output "deployed_powertools_sar_version" { + value = data.aws_serverlessapplicationrepository_application.sar_app.semantic_version +} + +# Fetch Powertools for AWS Lambda (Python) Layer ARN from deployed SAR App +output "aws_lambda_powertools_layer_arn" { + value = aws_serverlessapplicationrepository_cloudformation_stack.deploy_sar_stack.outputs.LayerVersionArn +} \ No newline at end of file diff --git a/examples/install/x86_64/amplify.txt b/examples/install/x86_64/amplify.txt new file mode 100644 index 00000000000..b0bba434535 --- /dev/null +++ b/examples/install/x86_64/amplify.txt @@ -0,0 +1,21 @@ +# Create a new one with the layer +❯ amplify add function +? Select which capability you want to add: Lambda function (serverless function) +? Provide an AWS Lambda function name: +? Choose the runtime that you want to use: Python +? Do you want to configure advanced settings? Yes +... +? Do you want to enable Lambda layers for this function? Yes +? Enter up to 5 existing Lambda layer ARNs (comma-separated): arn:aws:lambda:eu-central-1:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 +❯ amplify push -y + + +# Updating an existing function and add the layer +❯ amplify update function +? Select the Lambda function you want to update test2 +General information +- Name: +? Which setting do you want to update? Lambda layers configuration +? Do you want to enable Lambda layers for this function? Yes +? Enter up to 5 existing Lambda layer ARNs (comma-separated): arn:aws:lambda:eu-central-1:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 +? Do you want to edit the local lambda function now? No \ No newline at end of file diff --git a/examples/install/x86_64/pulumi.py b/examples/install/x86_64/pulumi.py new file mode 100644 index 00000000000..4e1f307613f --- /dev/null +++ b/examples/install/x86_64/pulumi.py @@ -0,0 +1,31 @@ +import json +import pulumi +import pulumi_aws as aws + +role = aws.iam.Role("role", + assume_role_policy=json.dumps({ + "Version": "2012-10-17", + "Statement": [ + { + "Action": "sts:AssumeRole", + "Principal": { + "Service": "lambda.amazonaws.com" + }, + "Effect": "Allow" + } + ] + }), + managed_policy_arns=[aws.iam.ManagedPolicy.AWS_LAMBDA_BASIC_EXECUTION_ROLE] +) + +lambda_function = aws.lambda_.Function("function", + layers=[pulumi.Output.concat("arn:aws:lambda:",aws.get_region_output().name,":017000801446:layer:AWSLambdaPowertoolsPythonV2:11")], + tracing_config={ + "mode": "Active" + }, + runtime=aws.lambda_.Runtime.PYTHON3D9, + handler="index.handler", + role=role.arn, + architectures=["x86_64"], + code=pulumi.FileArchive("lambda_function_payload.zip") +) \ No newline at end of file diff --git a/examples/install/x86_64/sam.yaml b/examples/install/x86_64/sam.yaml new file mode 100644 index 00000000000..614b1ed2647 --- /dev/null +++ b/examples/install/x86_64/sam.yaml @@ -0,0 +1,6 @@ +Resources: + MyLambdaFunction: + Type: AWS::Serverless::Function + Properties: + Layers: + - !Sub arn:aws:lambda:${AWS::Region}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 \ No newline at end of file diff --git a/examples/install/x86_64/serverless.yaml b/examples/install/x86_64/serverless.yaml new file mode 100644 index 00000000000..fd79a5c497b --- /dev/null +++ b/examples/install/x86_64/serverless.yaml @@ -0,0 +1,5 @@ +functions: + hello: + handler: lambda_function.lambda_handler + layers: + - arn:aws:lambda:${aws:region}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 \ No newline at end of file diff --git a/examples/install/x86_64/terraform.tf b/examples/install/x86_64/terraform.tf new file mode 100644 index 00000000000..01828b74134 --- /dev/null +++ b/examples/install/x86_64/terraform.tf @@ -0,0 +1,40 @@ +terraform { + required_version = "~> 1.0.5" + required_providers { + aws = "~> 3.50.0" + } +} + +provider "aws" { + region = "{region}" +} + +resource "aws_iam_role" "iam_for_lambda" { + name = "iam_for_lambda" + + assume_role_policy = < Date: Tue, 21 May 2024 09:41:04 +0100 Subject: [PATCH 5/5] Moving files + small fix --- .pre-commit-config.yaml | 1 + docs/index.md | 60 +++++++++---------- .../{ => homepage}/install/arm64/amplify.txt | 0 examples/{ => homepage}/install/arm64/cdk.py | 18 +++--- examples/homepage/install/arm64/pulumi.py | 34 +++++++++++ .../{ => homepage}/install/arm64/sam.yaml | 5 ++ .../homepage/install/arm64/serverless.yml | 13 ++++ .../{ => homepage}/install/arm64/terraform.tf | 4 +- examples/homepage/install/sar/cdk.py | 37 ++++++++++++ examples/{ => homepage}/install/sar/sam.yaml | 11 +++- .../homepage/install/sar/scoped_down_iam.yaml | 55 +++++++++++++++++ examples/homepage/install/sar/serverless.yml | 20 +++++++ .../{ => homepage}/install/sar/terraform.tf | 2 +- .../{ => homepage}/install/x86_64/amplify.txt | 0 examples/{ => homepage}/install/x86_64/cdk.py | 18 +++--- examples/homepage/install/x86_64/pulumi.py | 34 +++++++++++ .../{ => homepage}/install/x86_64/sam.yaml | 5 ++ .../install/x86_64/serverless.yml} | 10 +++- examples/homepage/install/x86_64/terraform.tf | 40 +++++++++++++ examples/install/arm64/pulumi.py | 31 ---------- examples/install/arm64/serverless.yaml | 6 -- examples/install/sar/cdk.py | 37 ------------ examples/install/sar/scoped_down_iam.yaml | 54 ----------------- examples/install/sar/serverless.yaml | 16 ----- examples/install/x86_64/pulumi.py | 31 ---------- examples/install/x86_64/terraform.tf | 40 ------------- 26 files changed, 310 insertions(+), 272 deletions(-) rename examples/{ => homepage}/install/arm64/amplify.txt (100%) rename examples/{ => homepage}/install/arm64/cdk.py (67%) create mode 100644 examples/homepage/install/arm64/pulumi.py rename examples/{ => homepage}/install/arm64/sam.yaml (62%) create mode 100644 examples/homepage/install/arm64/serverless.yml rename examples/{ => homepage}/install/arm64/terraform.tf (97%) create mode 100644 examples/homepage/install/sar/cdk.py rename examples/{ => homepage}/install/sar/sam.yaml (58%) create mode 100644 examples/homepage/install/sar/scoped_down_iam.yaml create mode 100644 examples/homepage/install/sar/serverless.yml rename examples/{ => homepage}/install/sar/terraform.tf (98%) rename examples/{ => homepage}/install/x86_64/amplify.txt (100%) rename examples/{ => homepage}/install/x86_64/cdk.py (65%) create mode 100644 examples/homepage/install/x86_64/pulumi.py rename examples/{ => homepage}/install/x86_64/sam.yaml (58%) rename examples/{install/x86_64/serverless.yaml => homepage/install/x86_64/serverless.yml} (53%) create mode 100644 examples/homepage/install/x86_64/terraform.tf delete mode 100644 examples/install/arm64/pulumi.py delete mode 100644 examples/install/arm64/serverless.yaml delete mode 100644 examples/install/sar/cdk.py delete mode 100644 examples/install/sar/scoped_down_iam.yaml delete mode 100644 examples/install/sar/serverless.yaml delete mode 100644 examples/install/x86_64/pulumi.py delete mode 100644 examples/install/x86_64/terraform.tf diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 319afbad0b4..1fbd55f3197 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -34,6 +34,7 @@ repos: entry: poetry run cfn-lint language: system types: [yaml] + exclude: examples/homepage/install/.*?/serverless\.yml$ files: examples/.* - repo: https://github.com/rhysd/actionlint rev: "fd7ba3c382e13dcc0248e425b4cbc3f1185fa3ee" # v1.6.24 diff --git a/docs/index.md b/docs/index.md index 1b1104694cd..660bbe71c3f 100644 --- a/docs/index.md +++ b/docs/index.md @@ -76,76 +76,76 @@ You can install Powertools for AWS Lambda (Python) using your favorite dependenc === "SAM" - ```yaml hl_lines="6" - --8<-- "examples/install/x86_64/sam.yaml" + ```yaml hl_lines="11" + --8<-- "examples/homepage/install/x86_64/sam.yaml" ``` === "Serverless framework" - ```yaml hl_lines="5" - --8<-- "examples/install/x86_64/serverless.yaml" + ```yaml hl_lines="13" + --8<-- "examples/homepage/install/x86_64/serverless.yml" ``` === "CDK" - ```python hl_lines="16 21" - --8<-- "examples/install/x86_64/cdk.py" + ```python hl_lines="13 19" + --8<-- "examples/homepage/install/x86_64/cdk.py" ``` === "Terraform" ```terraform hl_lines="9 37" - --8<-- "examples/install/x86_64/terraform.tf" + --8<-- "examples/homepage/install/x86_64/terraform.tf" ``` === "Pulumi" - ```python hl_lines="22" - --8<-- "examples/install/x86_64/pulumi.py" + ```python hl_lines="21-27" + --8<-- "examples/homepage/install/x86_64/pulumi.py" ``` === "Amplify" - ```zsh - --8<-- "examples/install/x86_64/amplify.txt" + ```zsh hl_lines="9" + --8<-- "examples/homepage/install/x86_64/amplify.txt" ``` === "arm64" === "SAM" - ```yaml hl_lines="7" - --8<-- "examples/install/arm64/sam.yaml" + ```yaml hl_lines="12" + --8<-- "examples/homepage/install/arm64/sam.yaml" ``` === "Serverless framework" - ```yaml hl_lines="6" - --8<-- "examples/install/arm64/serverless.yaml" + ```yaml hl_lines="13" + --8<-- "examples/homepage/install/arm64/serverless.yml" ``` === "CDK" - ```python hl_lines="16 21" - --8<-- "examples/install/arm64/cdk.py" + ```python hl_lines="13 19" + --8<-- "examples/homepage/install/arm64/cdk.py" ``` === "Terraform" ```terraform hl_lines="9 37" - --8<-- "examples/install/arm64/terraform.tf" + --8<-- "examples/homepage/install/arm64/terraform.tf" ``` === "Pulumi" - ```python - --8<-- "examples/install/arm64/pulumi.py" + ```python hl_lines="21-27" + --8<-- "examples/homepage/install/arm64/pulumi.py" ``` === "Amplify" - ```zsh - --8<-- "examples/install/arm64/amplify.txt" + ```zsh hl_lines="9" + --8<-- "examples/homepage/install/arm64/amplify.txt" ``` ### Local development @@ -262,20 +262,20 @@ Compared with the [public Layer ARN](#lambda-layer) option, SAR allows you to ch === "SAM" - ```yaml hl_lines="6-7 13-14" - --8<-- "examples/install/sar/sam.yaml" + ```yaml hl_lines="6 9 10 17-19" + --8<-- "examples/homepage/install/sar/sam.yaml" ``` === "Serverless framework" - ```yaml hl_lines="5 8 10-11" - --8<-- "examples/install/sar/serverless.yaml" + ```yaml hl_lines="11 12 19 20" + --8<-- "examples/homepage/install/sar/serverless.yml" ``` === "CDK" - ```python hl_lines="19 27-28 36" - --8<-- "examples/install/sar/cdk.py" + ```python hl_lines="7 16-20 23-27" + --8<-- "examples/homepage/install/sar/cdk.py" ``` === "Terraform" @@ -283,13 +283,13 @@ Compared with the [public Layer ARN](#lambda-layer) option, SAR allows you to ch > Credits to [Dani Comnea](https://github.com/DanyC97){target="_blank" rel="nofollow"} for providing the Terraform equivalent. ```terraform hl_lines="12-13 15-20 23-25 40" - --8<-- "examples/install/sar/terraform.tf" + --8<-- "examples/homepage/install/sar/terraform.tf" ``` Credits to [mwarkentin](https://github.com/mwarkentin){target="_blank" rel="nofollow"} for providing the scoped down IAM permissions below. ```yaml hl_lines="21-52" title="Least-privileged IAM permissions SAM example" - --8<-- "examples/install/sar/scoped_down_iam.yaml" + --8<-- "examples/homepage/install/sar/scoped_down_iam.yaml" ``` ## Quick getting started diff --git a/examples/install/arm64/amplify.txt b/examples/homepage/install/arm64/amplify.txt similarity index 100% rename from examples/install/arm64/amplify.txt rename to examples/homepage/install/arm64/amplify.txt diff --git a/examples/install/arm64/cdk.py b/examples/homepage/install/arm64/cdk.py similarity index 67% rename from examples/install/arm64/cdk.py rename to examples/homepage/install/arm64/cdk.py index f0b4621fb21..97e857d955c 100644 --- a/examples/install/arm64/cdk.py +++ b/examples/homepage/install/arm64/cdk.py @@ -1,10 +1,7 @@ -from aws_cdk import ( - Stack, - aws_lambda, - Aws -) +from aws_cdk import Aws, Stack, aws_lambda from constructs import Construct + class SampleApp(Stack): def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: @@ -13,13 +10,14 @@ def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: powertools_layer = aws_lambda.LayerVersion.from_layer_version_arn( self, id="lambda-powertools", - layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69" + layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69", ) - aws_lambda.Function(self, - 'sample-app-lambda', + aws_lambda.Function( + self, + "sample-app-lambda", runtime=aws_lambda.Runtime.PYTHON_3_12, layers=[powertools_layer], architecture=aws_lambda.Architecture.ARM_64, - code=aws_lambda.Code.from_asset('lambda'), - handler='hello.handler' + code=aws_lambda.Code.from_asset("lambda"), + handler="hello.handler", ) diff --git a/examples/homepage/install/arm64/pulumi.py b/examples/homepage/install/arm64/pulumi.py new file mode 100644 index 00000000000..e32b7c1636c --- /dev/null +++ b/examples/homepage/install/arm64/pulumi.py @@ -0,0 +1,34 @@ +import json + +import pulumi +import pulumi_aws as aws + +role = aws.iam.Role( + "role", + assume_role_policy=json.dumps( + { + "Version": "2012-10-17", + "Statement": [ + {"Action": "sts:AssumeRole", "Principal": {"Service": "lambda.amazonaws.com"}, "Effect": "Allow"}, + ], + }, + ), + managed_policy_arns=[aws.iam.ManagedPolicy.AWS_LAMBDA_BASIC_EXECUTION_ROLE], +) + +lambda_function = aws.lambda_.Function( + "function", + layers=[ + pulumi.Output.concat( + "arn:aws:lambda:", + aws.get_region_output().name, + ":017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69", + ), + ], + tracing_config={"mode": "Active"}, + runtime=aws.lambda_.Runtime.PYTHON3D9, + handler="index.handler", + role=role.arn, + architectures=["arm64"], + code=pulumi.FileArchive("lambda_function_payload.zip"), +) diff --git a/examples/install/arm64/sam.yaml b/examples/homepage/install/arm64/sam.yaml similarity index 62% rename from examples/install/arm64/sam.yaml rename to examples/homepage/install/arm64/sam.yaml index bc73c42f08d..390a97edf13 100644 --- a/examples/install/arm64/sam.yaml +++ b/examples/homepage/install/arm64/sam.yaml @@ -1,7 +1,12 @@ +AWSTemplateFormatVersion: '2010-09-09' +Transform: AWS::Serverless-2016-10-31 + Resources: MyLambdaFunction: Type: AWS::Serverless::Function Properties: Architectures: [arm64] + Runtime: python3.12 + Handler: app.lambda_handler Layers: - !Sub arn:aws:lambda:${AWS::Region}:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 diff --git a/examples/homepage/install/arm64/serverless.yml b/examples/homepage/install/arm64/serverless.yml new file mode 100644 index 00000000000..b1db844a985 --- /dev/null +++ b/examples/homepage/install/arm64/serverless.yml @@ -0,0 +1,13 @@ +service: powertools-lambda + +provider: + name: aws + runtime: python3.12 + region: us-east-1 + +functions: + powertools: + handler: lambda_function.lambda_handler + architecture: arm64 + layers: + - arn:aws:lambda:${aws:region}:017000801446:layer:AWSLambdaPowertoolsPythonV2-Arm64:69 \ No newline at end of file diff --git a/examples/install/arm64/terraform.tf b/examples/homepage/install/arm64/terraform.tf similarity index 97% rename from examples/install/arm64/terraform.tf rename to examples/homepage/install/arm64/terraform.tf index c5661558734..1cbb4a1e415 100644 --- a/examples/install/arm64/terraform.tf +++ b/examples/homepage/install/arm64/terraform.tf @@ -6,7 +6,7 @@ terraform { } provider "aws" { - region = "{region}" + region = "{region}" } resource "aws_iam_role" "iam_for_lambda" { @@ -26,7 +26,7 @@ resource "aws_iam_role" "iam_for_lambda" { ] } EOF - } +} resource "aws_lambda_function" "test_lambda" { filename = "lambda_function_payload.zip" diff --git a/examples/homepage/install/sar/cdk.py b/examples/homepage/install/sar/cdk.py new file mode 100644 index 00000000000..ff7c8cc40f5 --- /dev/null +++ b/examples/homepage/install/sar/cdk.py @@ -0,0 +1,37 @@ +from aws_cdk import Stack, aws_lambda, aws_sam +from constructs import Construct + +POWERTOOLS_BASE_NAME = "AWSLambdaPowertools" +# Find latest from github.com/aws-powertools/powertools-lambda-python/releases +POWERTOOLS_VER = "2.37.0" +POWERTOOLS_ARN = "arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer" + + +class SampleApp(Stack): + + def __init__(self, scope: Construct, id_: str) -> None: + super().__init__(scope, id_) + + # Launches SAR App as CloudFormation nested stack and return Lambda Layer + powertools_app = aws_sam.CfnApplication( + self, + f"{POWERTOOLS_BASE_NAME}Application", + location={"applicationId": POWERTOOLS_ARN, "semanticVersion": POWERTOOLS_VER}, + ) + + powertools_layer_arn = powertools_app.get_att("Outputs.LayerVersionArn").to_string() + powertools_layer_version = aws_lambda.LayerVersion.from_layer_version_arn( + self, + f"{POWERTOOLS_BASE_NAME}", + powertools_layer_arn, + ) + + aws_lambda.Function( + self, + "sample-app-lambda", + runtime=aws_lambda.Runtime.PYTHON_3_12, + function_name="sample-lambda", + code=aws_lambda.Code.from_asset("lambda"), + handler="hello.handler", + layers=[powertools_layer_version], + ) diff --git a/examples/install/sar/sam.yaml b/examples/homepage/install/sar/sam.yaml similarity index 58% rename from examples/install/sar/sam.yaml rename to examples/homepage/install/sar/sam.yaml index a451487b4e8..0b2c759315d 100644 --- a/examples/install/sar/sam.yaml +++ b/examples/homepage/install/sar/sam.yaml @@ -1,3 +1,6 @@ +AWSTemplateFormatVersion: '2010-09-09' +Transform: AWS::Serverless-2016-10-31 + Resources: AwsLambdaPowertoolsPythonLayer: Type: AWS::Serverless::Application @@ -9,6 +12,8 @@ Resources: MyLambdaFunction: Type: AWS::Serverless::Function Properties: - Layers: - # fetch Layer ARN from SAR App stack output - - !GetAtt AwsLambdaPowertoolsPythonLayer.Outputs.LayerVersionArn \ No newline at end of file + Runtime: python3.12 + Handler: app.lambda_handler + Layers: + # fetch Layer ARN from SAR App stack output + - !GetAtt AwsLambdaPowertoolsPythonLayer.Outputs.LayerVersionArn \ No newline at end of file diff --git a/examples/homepage/install/sar/scoped_down_iam.yaml b/examples/homepage/install/sar/scoped_down_iam.yaml new file mode 100644 index 00000000000..faf7c1237c3 --- /dev/null +++ b/examples/homepage/install/sar/scoped_down_iam.yaml @@ -0,0 +1,55 @@ + AWSTemplateFormatVersion: "2010-09-09" + Resources: + PowertoolsLayerIamRole: + Type: "AWS::IAM::Role" + Properties: + AssumeRolePolicyDocument: + Version: "2012-10-17" + Statement: + - Effect: "Allow" + Principal: + Service: + - "cloudformation.amazonaws.com" + Action: + - "sts:AssumeRole" + Path: "/" + + PowertoolsLayerIamPolicy: + Type: "AWS::IAM::Policy" + Properties: + PolicyName: PowertoolsLambdaLayerPolicy + PolicyDocument: + Version: "2012-10-17" + Statement: + - Sid: CloudFormationTransform + Effect: Allow + Action: cloudformation:CreateChangeSet + Resource: + - arn:aws:cloudformation:us-east-1:aws:transform/Serverless-2016-10-31 + - Sid: GetCfnTemplate + Effect: Allow + Action: + - serverlessrepo:CreateCloudFormationTemplate + - serverlessrepo:GetCloudFormationTemplate + Resource: + # this is arn of the Powertools for AWS Lambda (Python) SAR app + - arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer + - Sid: S3AccessLayer + Effect: Allow + Action: + - s3:GetObject + Resource: + # AWS publishes to an external S3 bucket locked down to your account ID + # The below example is us publishing Powertools for AWS Lambda (Python) + # Bucket: awsserverlessrepo-changesets-plntc6bfnfj + # Key: *****/arn:aws:serverlessrepo:eu-west-1:057560766410:applications-aws-lambda-powertools-python-layer-versions-1.10.2/aeeccf50-****-****-****-********* + - arn:aws:s3:::awsserverlessrepo-changesets-*/* + - Sid: GetLayerVersion + Effect: Allow + Action: + - lambda:PublishLayerVersion + - lambda:GetLayerVersion + Resource: + - !Sub arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:layer:aws-lambda-powertools-python-layer* + Roles: + - Ref: "PowertoolsLayerIamRole" \ No newline at end of file diff --git a/examples/homepage/install/sar/serverless.yml b/examples/homepage/install/sar/serverless.yml new file mode 100644 index 00000000000..590079d6cd3 --- /dev/null +++ b/examples/homepage/install/sar/serverless.yml @@ -0,0 +1,20 @@ +service: powertools-lambda + +provider: + name: aws + runtime: python3.12 + region: us-east-1 + +functions: + powertools: + handler: lambda_function.lambda_handler + layers: + - !GetAtt AwsLambdaPowertoolsPythonLayer.Outputs.LayerVersionArn + +resources: + - AwsLambdaPowertoolsPythonLayer: + Type: AWS::Serverless::Application + Properties: + Location: + ApplicationId: arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer + SemanticVersion: 2.0.0 \ No newline at end of file diff --git a/examples/install/sar/terraform.tf b/examples/homepage/install/sar/terraform.tf similarity index 98% rename from examples/install/sar/terraform.tf rename to examples/homepage/install/sar/terraform.tf index 29874415859..a044d57bb44 100644 --- a/examples/install/sar/terraform.tf +++ b/examples/homepage/install/sar/terraform.tf @@ -6,7 +6,7 @@ terraform { } provider "aws" { - region = "us-east-1" + region = "us-east-1" } resource "aws_serverlessapplicationrepository_cloudformation_stack" "deploy_sar_stack" { diff --git a/examples/install/x86_64/amplify.txt b/examples/homepage/install/x86_64/amplify.txt similarity index 100% rename from examples/install/x86_64/amplify.txt rename to examples/homepage/install/x86_64/amplify.txt diff --git a/examples/install/x86_64/cdk.py b/examples/homepage/install/x86_64/cdk.py similarity index 65% rename from examples/install/x86_64/cdk.py rename to examples/homepage/install/x86_64/cdk.py index 21a200fcf3e..ba2ec89a335 100644 --- a/examples/install/x86_64/cdk.py +++ b/examples/homepage/install/x86_64/cdk.py @@ -1,10 +1,7 @@ -from aws_cdk import ( - Stack, - aws_lambda, - Aws -) +from aws_cdk import Aws, Stack, aws_lambda from constructs import Construct + class SampleApp(Stack): def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: @@ -13,12 +10,13 @@ def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None: powertools_layer = aws_lambda.LayerVersion.from_layer_version_arn( self, id="lambda-powertools", - layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69" + layer_version_arn=f"arn:aws:lambda:{Aws.REGION}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69", ) - aws_lambda.Function(self, - 'sample-app-lambda', + aws_lambda.Function( + self, + "sample-app-lambda", runtime=aws_lambda.Runtime.PYTHON_3_12, layers=[powertools_layer], - code=aws_lambda.Code.from_asset('lambda'), - handler='hello.handler' + code=aws_lambda.Code.from_asset("lambda"), + handler="hello.handler", ) diff --git a/examples/homepage/install/x86_64/pulumi.py b/examples/homepage/install/x86_64/pulumi.py new file mode 100644 index 00000000000..4b8e9506708 --- /dev/null +++ b/examples/homepage/install/x86_64/pulumi.py @@ -0,0 +1,34 @@ +import json + +import pulumi +import pulumi_aws as aws + +role = aws.iam.Role( + "role", + assume_role_policy=json.dumps( + { + "Version": "2012-10-17", + "Statement": [ + {"Action": "sts:AssumeRole", "Principal": {"Service": "lambda.amazonaws.com"}, "Effect": "Allow"}, + ], + }, + ), + managed_policy_arns=[aws.iam.ManagedPolicy.AWS_LAMBDA_BASIC_EXECUTION_ROLE], +) + +lambda_function = aws.lambda_.Function( + "function", + layers=[ + pulumi.Output.concat( + "arn:aws:lambda:", + aws.get_region_output().name, + ":017000801446:layer:AWSLambdaPowertoolsPythonV2:69", + ), + ], + tracing_config={"mode": "Active"}, + runtime=aws.lambda_.Runtime.PYTHON3D9, + handler="index.handler", + role=role.arn, + architectures=["x86_64"], + code=pulumi.FileArchive("lambda_function_payload.zip"), +) diff --git a/examples/install/x86_64/sam.yaml b/examples/homepage/install/x86_64/sam.yaml similarity index 58% rename from examples/install/x86_64/sam.yaml rename to examples/homepage/install/x86_64/sam.yaml index 614b1ed2647..8029b4a3ed7 100644 --- a/examples/install/x86_64/sam.yaml +++ b/examples/homepage/install/x86_64/sam.yaml @@ -1,6 +1,11 @@ +AWSTemplateFormatVersion: '2010-09-09' +Transform: AWS::Serverless-2016-10-31 + Resources: MyLambdaFunction: Type: AWS::Serverless::Function Properties: + Runtime: python3.12 + Handler: app.lambda_handler Layers: - !Sub arn:aws:lambda:${AWS::Region}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 \ No newline at end of file diff --git a/examples/install/x86_64/serverless.yaml b/examples/homepage/install/x86_64/serverless.yml similarity index 53% rename from examples/install/x86_64/serverless.yaml rename to examples/homepage/install/x86_64/serverless.yml index fd79a5c497b..92757005df5 100644 --- a/examples/install/x86_64/serverless.yaml +++ b/examples/homepage/install/x86_64/serverless.yml @@ -1,5 +1,13 @@ +service: powertools-lambda + +provider: + name: aws + runtime: python3.12 + region: us-east-1 + functions: - hello: + powertools: handler: lambda_function.lambda_handler + architecture: arm64 layers: - arn:aws:lambda:${aws:region}:017000801446:layer:AWSLambdaPowertoolsPythonV2:69 \ No newline at end of file diff --git a/examples/homepage/install/x86_64/terraform.tf b/examples/homepage/install/x86_64/terraform.tf new file mode 100644 index 00000000000..63fe42b84a4 --- /dev/null +++ b/examples/homepage/install/x86_64/terraform.tf @@ -0,0 +1,40 @@ +terraform { + required_version = "~> 1.0.5" + required_providers { + aws = "~> 3.50.0" + } +} + +provider "aws" { + region = "{region}" +} + +resource "aws_iam_role" "iam_for_lambda" { + name = "iam_for_lambda" + + assume_role_policy = < None: - super().__init__(scope, id_) - - # Launches SAR App as CloudFormation nested stack and return Lambda Layer - powertools_app = aws_sam.CfnApplication(self, - f'{POWERTOOLS_BASE_NAME}Application', - location={ - 'applicationId': POWERTOOLS_ARN, - 'semanticVersion': POWERTOOLS_VER - }, - ) - - powertools_layer_arn = powertools_app.get_att("Outputs.LayerVersionArn").to_string() - powertools_layer_version = aws_lambda.LayerVersion.from_layer_version_arn(self, f'{POWERTOOLS_BASE_NAME}', powertools_layer_arn) - - aws_lambda.Function(self, - 'sample-app-lambda', - runtime=aws_lambda.Runtime.PYTHON_3_12, - function_name='sample-lambda', - code=aws_lambda.Code.from_asset('lambda'), - handler='hello.handler', - layers=[powertools_layer_version] - ) \ No newline at end of file diff --git a/examples/install/sar/scoped_down_iam.yaml b/examples/install/sar/scoped_down_iam.yaml deleted file mode 100644 index 4724aa9536d..00000000000 --- a/examples/install/sar/scoped_down_iam.yaml +++ /dev/null @@ -1,54 +0,0 @@ - AWSTemplateFormatVersion: "2010-09-09" - Resources: - PowertoolsLayerIamRole: - Type: "AWS::IAM::Role" - Properties: - AssumeRolePolicyDocument: - Version: "2012-10-17" - Statement: - - Effect: "Allow" - Principal: - Service: - - "cloudformation.amazonaws.com" - Action: - - "sts:AssumeRole" - Path: "/" - PowertoolsLayerIamPolicy: - Type: "AWS::IAM::Policy" - Properties: - PolicyName: PowertoolsLambdaLayerPolicy - PolicyDocument: - Version: "2012-10-17" - Statement: - - Sid: CloudFormationTransform - Effect: Allow - Action: cloudformation:CreateChangeSet - Resource: - - arn:aws:cloudformation:us-east-1:aws:transform/Serverless-2016-10-31 - - Sid: GetCfnTemplate - Effect: Allow - Action: - - serverlessrepo:CreateCloudFormationTemplate - - serverlessrepo:GetCloudFormationTemplate - Resource: - # this is arn of the Powertools for AWS Lambda (Python) SAR app - - arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer - - Sid: S3AccessLayer - Effect: Allow - Action: - - s3:GetObject - Resource: - # AWS publishes to an external S3 bucket locked down to your account ID - # The below example is us publishing Powertools for AWS Lambda (Python) - # Bucket: awsserverlessrepo-changesets-plntc6bfnfj - # Key: *****/arn:aws:serverlessrepo:eu-west-1:057560766410:applications-aws-lambda-powertools-python-layer-versions-1.10.2/aeeccf50-****-****-****-********* - - arn:aws:s3:::awsserverlessrepo-changesets-*/* - - Sid: GetLayerVersion - Effect: Allow - Action: - - lambda:PublishLayerVersion - - lambda:GetLayerVersion - Resource: - - !Sub arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:layer:aws-lambda-powertools-python-layer* - Roles: - - Ref: "PowertoolsLayerIamRole" \ No newline at end of file diff --git a/examples/install/sar/serverless.yaml b/examples/install/sar/serverless.yaml deleted file mode 100644 index 0831864c2d7..00000000000 --- a/examples/install/sar/serverless.yaml +++ /dev/null @@ -1,16 +0,0 @@ -functions: - main: - handler: lambda_function.lambda_handler - layers: - - !GetAtt AwsLambdaPowertoolsPythonLayer.Outputs.LayerVersionArn - -resources: - Transform: AWS::Serverless-2016-10-31 - Resources:**** - AwsLambdaPowertoolsPythonLayer: - Type: AWS::Serverless::Application - Properties: - Location: - ApplicationId: arn:aws:serverlessrepo:eu-west-1:057560766410:applications/aws-lambda-powertools-python-layer - # Find latest from github.com/aws-powertools/powertools-lambda-python/releases - SemanticVersion: 2.0.0 \ No newline at end of file diff --git a/examples/install/x86_64/pulumi.py b/examples/install/x86_64/pulumi.py deleted file mode 100644 index 4e1f307613f..00000000000 --- a/examples/install/x86_64/pulumi.py +++ /dev/null @@ -1,31 +0,0 @@ -import json -import pulumi -import pulumi_aws as aws - -role = aws.iam.Role("role", - assume_role_policy=json.dumps({ - "Version": "2012-10-17", - "Statement": [ - { - "Action": "sts:AssumeRole", - "Principal": { - "Service": "lambda.amazonaws.com" - }, - "Effect": "Allow" - } - ] - }), - managed_policy_arns=[aws.iam.ManagedPolicy.AWS_LAMBDA_BASIC_EXECUTION_ROLE] -) - -lambda_function = aws.lambda_.Function("function", - layers=[pulumi.Output.concat("arn:aws:lambda:",aws.get_region_output().name,":017000801446:layer:AWSLambdaPowertoolsPythonV2:11")], - tracing_config={ - "mode": "Active" - }, - runtime=aws.lambda_.Runtime.PYTHON3D9, - handler="index.handler", - role=role.arn, - architectures=["x86_64"], - code=pulumi.FileArchive("lambda_function_payload.zip") -) \ No newline at end of file diff --git a/examples/install/x86_64/terraform.tf b/examples/install/x86_64/terraform.tf deleted file mode 100644 index 01828b74134..00000000000 --- a/examples/install/x86_64/terraform.tf +++ /dev/null @@ -1,40 +0,0 @@ -terraform { - required_version = "~> 1.0.5" - required_providers { - aws = "~> 3.50.0" - } -} - -provider "aws" { - region = "{region}" -} - -resource "aws_iam_role" "iam_for_lambda" { - name = "iam_for_lambda" - - assume_role_policy = <