This repository is an exercise of improving my understanding of how AWS Lambda works and how it integrates with other AWS services.
When deployed to AWS and invoked, it publishes a cheatsheet of values returned by Ref and Fn::GetAtt (!GetAtt) intrinsic functions for various CloudFormation resources and their properties. Source of this information is the AWS CloudFormation User Guide repository itself.
- The
mainbranch of aforementioned user guide repo is fetched as aziparchive and uploaded to a S3 bucket. - Documentation files of CloudFormation resources are extracted to an EFS folder, from the archive in S3.
- The Return Values section of the resource files are copied to separate files in EFS and indexed in DynamoDB.
- The Cheatsheet is generated by concatenating the individual Return Values section files in alphabetical order using the index from DynamoDB.
Note: The source files of the user guide and the final cheatsheet are all in Markdown format.
The focus area of this repository is how AWS Lambda works and integrates with other AWS services — not Security and Testing.
Nothing about this repo or the app is sensitive. So while the app works, this is in no way a model of how to build secure applications — not remotely.
While some of the resources (e.g., VPC subnet and end points) are private, the permissions around them are still more permissive than a typical enterprise application should have.
Besides secutiry, testing isn't a focus area of this repo/app either. The JavaScript (Node.js) code itself is borrowed from the source repo aws-cloudformation-attributes and modified lightly to work with Lambda.
Following are the main CloudFormation resources of this Rube Goldberg application:
- Lambda function getAwsDocsRepo
- S3 bucket
- Lambda function unzipRepoArchive
- EFS
- SNS (invocation destination)
- Lambda function createAttributeFiles
- DynamoDB table cfnAttributeFilesIndex
- SQS
(invocation destination) - Lambda function generateCheatSheet
- S3 static site
The Lambda functions are the main actors. Each one performs one of the sequence of steps noted in "How does it do that" section, using the other AWS services listed above.
There are a few other resources in this app too, like -
- Lambda layer hosting the Node.js AWS SDK
- EFS Access Point
- EFS Mount Target
- Private subnet (associated with EFS Mount Target) in a custom VPC
- VPC End Points for S3 and SQS
Note: While Lambda function containers come with AWS SDK installed, that SDK isn't always up-to-date. So AWS recommends users bundle the latest version with their code. Hence the use of layer.
All these resources are grouped into following CloudFormation stacks:
- lib-aws-sdk: Node.js AWS SDK layer
- lambda-efs-vpc: EFS, VPC and related resources
- beginning-lambda: Lambda functions, S3 buckets, SNS topic, SQS
Note: The beginning-lambda stack depends on the other two stacks, so it should be deployed last.
While this repo started as a way to understand Lambda better, it quickly turned into an exercise of learning CloudFormation better, mostly because I prefer doing something in an automated/scripted manner to doing something using UIs. While AWS documentation is good, creating a resource with CloudFormation often needed looking up attributes of other resources. I couldn't find a one-stop reference to Return Values of various CloudFormation resources. So I set out to create one, straight from source. The result of that work is the repo linked at this document's end. Porting that simple repo to work with AWS Lambda offered a way to understand Lambda better. I went all-in and made it as complex as possible using as many other AWS services as possible.
- Notes on AWS Lambda: My notes summarizing certain sections of AWS Lambda Documentation. (These notes are also published as GitHub Pages of this repo.)
- Running Notes: My observations and some issues I faced while building this application.
- Deployment: How to deploy and run this application.
- Cheatsheet: https://srikanthmanda.com/aws-cloudformation-attributes. (This is in Markdown too - but rendered as HTML by GitHub Pages, where it is hosted.)
- GitHub Pages: https://pages.github.com
- Markdown: https://daringfireball.net/projects/markdown/.
- GitHub Flavored Markdown: https://github.github.com/gfm/
- CloudFormation YAML Snippets for VS Code: https://marketplace.visualstudio.com/items?itemName=dsteenman.cloudformation-yaml-snippets
- CloudFormation Linter (for VS Code): https://marketplace.visualstudio.com/items?itemName=kddejong.vscode-cfn-lint
- Code source: https://github.com/srikanthmanda/aws-cloudformation-attributes