-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathlambda-setup.sh
executable file
·103 lines (86 loc) · 2.84 KB
/
lambda-setup.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
#!/bin/sh
echo
echo 'First, create IAM policy with necessary permissons '
echo 'sample policy in [makesnapshot-policy.json]:'
echo
makesnap_policy_arn=`\
aws iam create-policy \
--policy-name makesnap3-policy \
--policy-document file://makesnapshot-policy.json \
--query 'Policy.Arn' --output text \
`
echo Policy: $makesnap_policy_arn
[ -z $makesnap_policy_arn ] && read -p "press ^C to stop ..." null
echo
echo 'Create IAM role for the function to assume ([trust-policy.json]),'
echo 'attach our policy and basic Lambda execution policy to it'
echo
ebs_snap_role_arn=`\
aws iam create-role \
--role-name ebs-snapshot \
--assume-role-policy-document file://trust-policy.json \
--query 'Role.Arn' --output text \
`
echo Role: $ebs_snap_role_arn
[ -z $ebs_snap_role_arn ] && read -p "press ^C to stop ..." null
aws iam attach-role-policy \
--role-name ebs-snapshot \
--policy-arn $makesnap_policy_arn
aws iam attach-role-policy \
--role-name ebs-snapshot \
--policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
echo
echo Create zip file with the script and config file,
echo
zip deployment.zip makesnap3.py config.json
echo
echo "... and upload it to Lambda to create function"
echo "(IAM policy application lags sometimes, we'll sleep for 15 seconds)"
echo
sleep 15
function_arn=` \
aws lambda create-function \
--function-name makesnap3 \
--zip-file fileb://deployment.zip \
--role "$ebs_snap_role_arn" \
--handler makesnap3.lambda_handler \
--runtime python2.7 \
--timeout 180 \
--memory-size 128 \
--query 'FunctionArn' --output text \
`
echo Function: $function_arn
[ -z $function_arn ] && read -p "press ^C to stop ..." null
echo
echo Now, create CloudWatch rules to schedule the function to run:
echo
create_rule () {
echo - $1: "$2"
rule_arn=`aws events put-rule \
--name $1 \
--schedule-expression "$2" \
--query RuleArn --output text \
`
echo Rule: $rule_arn
[ -z $rule_arn ] && read -p "press ^C to stop ..." null
aws events put-targets \
--rule $1 \
--targets '{"Id" : "1", "Arn": "'$function_arn'", "Input": "{\"period\": \"day\"}" }' \
--query FailedEntries --output text
aws lambda add-permission \
--function-name makesnap3 \
--action 'lambda:InvokeFunction' \
--principal events.amazonaws.com \
--statement-id $3 \
--source-arn $rule_arn \
--query Statement.Effect --output text
}
create_rule makesnap-daily "cron(30 1 ? * MON-SAT *)" 1
create_rule makesnap-weekly "cron(30 2 ? * SUN *)" 2
create_rule makesnap-monthly "cron(30 3 1 * ? *)" 3
# Uncomment next line(s) to create optional hourly/yearly run(s)
#create_rule makesnap-hourly "cron(15 */8 * * ? *)" 4
#create_rule makesnap-yearly "cron(30 4 31 12 ? *)" 5
echo
echo "Profit!"
echo