Skip to content

Add Lambda handler wrapper for SNS-based custom resources #208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 23, 2019
Merged

Add Lambda handler wrapper for SNS-based custom resources #208

merged 2 commits into from
Jul 23, 2019

Conversation

roberth-k
Copy link
Contributor

Description of changes:
Adds cfn.LambdaWrapSNS(). This function is similar to cfn.LambdaWrap(), but it first unwraps the CloudFormation custom resource input payload from a SNS event. An invalid SNS event is considered an invocation error.

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

@codecov-io
Copy link

codecov-io commented Jun 26, 2019
edited
Loading

Codecov Report

Merging #208 into master will decrease coverage by 1.31%.
The diff coverage is 0%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #208      +/-   ##
==========================================
- Coverage    77.2%   75.88%   -1.32%     
==========================================
  Files          18       18              
  Lines         636      647      +11     
==========================================
  Hits          491      491              
- Misses        104      115      +11     
  Partials       41       41
Impacted Files Coverage Δ
cfn/wrap.go 65.78% <0%> (-26.81%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 39a255e...75a8753. Read the comment docs.

@bmoffatt
Copy link
Collaborator

bmoffatt commented Jul 2, 2019

Can you point me to an example (docs, other languages, etc..) of how the SNS gets sent to the Lambda?

  1. It's not clear to me how/why this would get used instead of the direct Lambda backed customer resources.
  2. I want to do a functional test myself :)

@roberth-k
Copy link
Contributor Author

This guide from the AWS Blog provides a practical example, although some of the samples are erroneous (e.g. the Message of an example event not being shown as a string). Amazon's documentation for SNS-backed custom resources does suggest the input signature is the same as for Lambda-backed custom resources, but having recently implemented one I've had to include this SNS event wrapper to make it work.

I suspect that a SNS-backed custom resource is invoked via the Publish API rather than any special integration, so it would make sense that the event is delivered with the appropriate decorations.

@bmoffatt
Copy link
Collaborator

bmoffatt commented Jul 3, 2019

That blog really helps put this in context, thanks!

You might be asking yourself why I used SNS when CloudFormation custom resources can invoke Lambda directly. I could have invoked Lambda directly, but SNS simplifies cross account permissions and makes the configuration easier.

@bmoffatt bmoffatt merged commit 578ce6d into aws:master Jul 23, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bmoffatt bmoffatt bmoffatt approved these changes

Assignees
No one assigned
Labels
enhancement stage/more-info-needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@roberth-k @codecov-io @bmoffatt