changed stack input to be more friendly

Author: MohamadSoufan

lambda-elastic-ip-no-nat-gateway-cdk/cdk/cdk.context.json

@@ -1 +1,53 @@
-{}
+{
+    "vpc-provider:account=199150394284:filter.isDefault=true:region=us-east-1:returnAsymmetricSubnets=true": {
+      "vpcId": "vpc-c44e4dbe",
+      "vpcCidrBlock": "172.31.0.0/16",
+      "ownerAccountId": "199150394284",
+      "availabilityZones": [],
+      "subnetGroups": [
+        {
+          "name": "Public",
+          "type": "Public",
+          "subnets": [
+            {
+              "subnetId": "subnet-296ceb64",
+              "cidr": "172.31.16.0/20",
+              "availabilityZone": "us-east-1a",
+              "routeTableId": "rtb-1a991764"
+            },
+            {
+              "subnetId": "subnet-3058a86f",
+              "cidr": "172.31.32.0/20",
+              "availabilityZone": "us-east-1b",
+              "routeTableId": "rtb-1a991764"
+            },
+            {
+              "subnetId": "subnet-ccce39aa",
+              "cidr": "172.31.0.0/20",
+              "availabilityZone": "us-east-1c",
+              "routeTableId": "rtb-1a991764"
+            },
+            {
+              "subnetId": "subnet-0548ba24",
+              "cidr": "172.31.80.0/20",
+              "availabilityZone": "us-east-1d",
+              "routeTableId": "rtb-1a991764"
+            },
+            {
+              "subnetId": "subnet-82c4ffbc",
+              "cidr": "172.31.48.0/20",
+              "availabilityZone": "us-east-1e",
+              "routeTableId": "rtb-1a991764"
+            },
+            {
+              "subnetId": "subnet-306ac33e",
+              "cidr": "172.31.64.0/20",
+              "availabilityZone": "us-east-1f",
+              "routeTableId": "rtb-1a991764"
+            }
+          ]
+        }
+      ]
+    }
+  }
+  

lambda-elastic-ip-no-nat-gateway-cdk/cdk/lib/cdk-stack.ts

@@ -2,126 +2,115 @@ import * as cdk from 'aws-cdk-lib';
 import { Construct } from 'constructs';
 
 export interface LambdaElasticIpStackProps extends cdk.StackProps {
-  availabilityZone?: string;
-  cidrBlock?: string;
-  routeTableId?: string;
+    vpcId?: string;
+    subnetId?: string;
+    securityGroupId?: string;
 }
 
 interface AssociateLambdaToElasticIpCRProps {
-  elasticIP: cdk.aws_ec2.CfnEIP;
-  vpc: cdk.aws_ec2.IVpc;
-  publicSubnet: cdk.aws_ec2.Subnet;
-  securityGroup: cdk.aws_ec2.SecurityGroup;
-  functionName: string;
+    elasticIP: cdk.aws_ec2.CfnEIP;
+    vpc: cdk.aws_ec2.IVpc;
+    publicSubnet: cdk.aws_ec2.ISubnet;
+    securityGroup: cdk.aws_ec2.ISecurityGroup;
+    functionName: string;
 }
 export class LambdaElasticIpStack extends cdk.Stack {
-  constructor(scope: Construct, id: string, props: LambdaElasticIpStackProps) {
-    super(scope, id, props);
+    constructor(scope: Construct, id: string, props: LambdaElasticIpStackProps) {
+        super(scope, id, props);
 
-    const vpc = cdk.aws_ec2.Vpc.fromLookup(this, 'Default-VPC', { isDefault: true });
-    const publicSubnet = new cdk.aws_ec2.Subnet(this, 'Elastic-IP-Lambda-Subnet', {
-      vpcId: vpc.vpcId,
-      availabilityZone: props.availabilityZone || 'us-east-1e',
-      cidrBlock: props.cidrBlock || '172.31.96.0/20',
-      mapPublicIpOnLaunch: true,
-    });
-    const routeTableId = props.routeTableId || vpc.publicSubnets[0].routeTable.routeTableId;
-    const routeTableAssociation = new cdk.aws_ec2.CfnSubnetRouteTableAssociation(this, 'rt-subnet-association', {
-      subnetId: publicSubnet.subnetId,
-      routeTableId,
-    });
-    const securityGroup = new cdk.aws_ec2.SecurityGroup(this, 'Elastic-IP-Lambda-Security-Group', {
-      vpc,
-      allowAllOutbound: true,
-      description:
-        'This is a security group for a vpc attached lambda that uses elastic ip to have outbound communication without the need for a NAT solution',
-    });
+        const vpc = cdk.aws_ec2.Vpc.fromLookup(this, 'Default-VPC', { isDefault: !props.vpcId, vpcId: props.vpcId });
+        const securityGroup = !!props.securityGroupId
+            ? cdk.aws_ec2.SecurityGroup.fromLookupById(this, 'Elastic-IP-Lambda-Security-Group', props.securityGroupId)
+            : new cdk.aws_ec2.SecurityGroup(this, 'Elastic-IP-Lambda-Security-Group', {
+                  vpc,
+                  allowAllOutbound: true,
+                  description:
+                      'This is a security group for a vpc attached lambda that uses elastic ip to have outbound communication without the need for a NAT solution',
+              });
 
-    const publicFunction = new cdk.aws_lambda_nodejs.NodejsFunction(this, 'Lambda-With-Elastic-IP', {
-      memorySize: 128,
-      handler: 'handler',
-      timeout: cdk.Duration.seconds(10),
-      bundling: {
-        minify: true,
-        sourceMap: true,
-        sourceMapMode: cdk.aws_lambda_nodejs.SourceMapMode.DEFAULT, // defaults to SourceMapMode.DEFAULT
-      },
-      vpc,
-      securityGroups: [securityGroup],
-      allowPublicSubnet: true,
-      vpcSubnets: { subnets: [publicSubnet] },
-      runtime: cdk.aws_lambda.Runtime.NODEJS_18_X,
-      entry: 'src/lambdas/vin-api-lambda.ts',
-    });
+        const publicSubnet = !!props.subnetId
+            ? cdk.aws_ec2.Subnet.fromSubnetId(this, 'Elastic-IP-Lambda-Subnet', props.subnetId)
+            : vpc.publicSubnets[0];
 
-    const elasticIP = new cdk.aws_ec2.CfnEIP(this, 'Lambda-Elastic-Ip', {});
+        const publicFunction = new cdk.aws_lambda_nodejs.NodejsFunction(this, 'Lambda-With-Elastic-IP', {
+            memorySize: 128,
+            handler: 'handler',
+            timeout: cdk.Duration.seconds(10),
+            bundling: {
+                minify: true,
+                sourceMap: true,
+                sourceMapMode: cdk.aws_lambda_nodejs.SourceMapMode.DEFAULT, // defaults to SourceMapMode.DEFAULT
+            },
+            vpc,
+            securityGroups: [securityGroup],
+            allowPublicSubnet: true,
+            vpcSubnets: { subnets: [publicSubnet] },
+            runtime: cdk.aws_lambda.Runtime.NODEJS_18_X,
+            entry: 'src/lambdas/vin-api-lambda.ts',
+        });
 
-    this.associateLambdaToElasticIpCR({
-      elasticIP,
-      vpc,
-      publicSubnet,
-      securityGroup,
-      functionName: publicFunction.functionName,
-    });
-  }
+        const elasticIP = new cdk.aws_ec2.CfnEIP(this, 'Lambda-Elastic-Ip', {});
 
-  private associateLambdaToElasticIpCR({
-    elasticIP,
-    publicSubnet,
-    securityGroup,
-    vpc,
-    functionName,
-  }: AssociateLambdaToElasticIpCRProps) {
-    const associateElasticIpFunctionCR = new cdk.aws_lambda_nodejs.NodejsFunction(this, 'Associate-Elastic-IP-CR', {
-      memorySize: 128,
-      handler: 'handler',
-      timeout: cdk.Duration.seconds(10),
-      bundling: {
-        minify: true,
-        sourceMap: true,
-        sourceMapMode: cdk.aws_lambda_nodejs.SourceMapMode.DEFAULT, // defaults to SourceMapMode.DEFAULT
-      },
-      environment: {
-        ELASTIC_IP_ALLOCATION_ID: elasticIP.attrAllocationId,
-      },
-      runtime: cdk.aws_lambda.Runtime.NODEJS_18_X,
-      entry: 'src/lambdas/associate-lambda-elastic-ip-cr.ts',
-    });
+        this.associateLambdaToElasticIpCR({
+            elasticIP,
+            vpc,
+            publicSubnet,
+            securityGroup,
+            functionName: publicFunction.functionName,
+        });
+    }
 
-    associateElasticIpFunctionCR.addToRolePolicy(
-      new cdk.aws_iam.PolicyStatement({
-        effect: cdk.aws_iam.Effect.ALLOW,
-        actions: ['ec2:AssociateAddress', 'ec2:DescribeNetworkInterfaces'],
-        resources: ['*'],
-      })
-    );
+    private associateLambdaToElasticIpCR({ elasticIP, publicSubnet, securityGroup, vpc, functionName }: AssociateLambdaToElasticIpCRProps) {
+        const associateElasticIpFunctionCR = new cdk.aws_lambda_nodejs.NodejsFunction(this, 'Associate-Elastic-IP-CR', {
+            memorySize: 128,
+            handler: 'handler',
+            timeout: cdk.Duration.seconds(10),
+            bundling: {
+                minify: true,
+                sourceMap: true,
+                sourceMapMode: cdk.aws_lambda_nodejs.SourceMapMode.DEFAULT, // defaults to SourceMapMode.DEFAULT
+            },
+            environment: {
+                ELASTIC_IP_ALLOCATION_ID: elasticIP.attrAllocationId,
+            },
+            runtime: cdk.aws_lambda.Runtime.NODEJS_18_X,
+            entry: 'src/lambdas/associate-lambda-elastic-ip-cr.ts',
+        });
 
-    const awsSDKCall: cdk.custom_resources.AwsSdkCall = {
-      service: 'Lambda',
-      action: 'invoke',
-      parameters: {
-        FunctionName: associateElasticIpFunctionCR.functionName,
-        Payload: JSON.stringify({
-          vpcId: vpc.vpcId,
-          subnetId: publicSubnet.subnetId,
-          securityGroupId: securityGroup.securityGroupId,
-          availabilityZone: publicSubnet.availabilityZone,
-          allocationId: elasticIP.attrAllocationId,
-          staticIp: elasticIP.ref,
-          functionName,
-          date: new Date(),
-        }),
-      },
-      physicalResourceId: cdk.custom_resources.PhysicalResourceId.of(`Associate-Elastic-IP-CR`),
-    };
-    const customResource = new cdk.custom_resources.AwsCustomResource(this, 'Invoke-Associate-Elastic-IP-Lambda', {
-      onCreate: awsSDKCall,
-      onUpdate: awsSDKCall,
-      policy: cdk.custom_resources.AwsCustomResourcePolicy.fromSdkCalls({
-        resources: cdk.custom_resources.AwsCustomResourcePolicy.ANY_RESOURCE,
-      }),
-    });
+        associateElasticIpFunctionCR.addToRolePolicy(
+            new cdk.aws_iam.PolicyStatement({
+                effect: cdk.aws_iam.Effect.ALLOW,
+                actions: ['ec2:AssociateAddress', 'ec2:DescribeNetworkInterfaces'],
+                resources: ['*'],
+            }),
+        );
 
-    associateElasticIpFunctionCR.grantInvoke(customResource);
-  }
+        const awsSDKCall: cdk.custom_resources.AwsSdkCall = {
+            service: 'Lambda',
+            action: 'invoke',
+            parameters: {
+                FunctionName: associateElasticIpFunctionCR.functionName,
+                Payload: JSON.stringify({
+                    vpcId: vpc.vpcId,
+                    subnetId: publicSubnet.subnetId,
+                    securityGroupId: securityGroup.securityGroupId,
+                    availabilityZone: publicSubnet.availabilityZone,
+                    allocationId: elasticIP.attrAllocationId,
+                    staticIp: elasticIP.ref,
+                    functionName,
+                    date: new Date(),
+                }),
+            },
+            physicalResourceId: cdk.custom_resources.PhysicalResourceId.of(`Associate-Elastic-IP-CR`),
+        };
+        const customResource = new cdk.custom_resources.AwsCustomResource(this, 'Invoke-Associate-Elastic-IP-Lambda', {
+            onCreate: awsSDKCall,
+            onUpdate: awsSDKCall,
+            policy: cdk.custom_resources.AwsCustomResourcePolicy.fromSdkCalls({
+                resources: cdk.custom_resources.AwsCustomResourcePolicy.ANY_RESOURCE,
+            }),
+        });
+
+        associateElasticIpFunctionCR.grantInvoke(customResource);
+    }
 }

lambda-elastic-ip-no-nat-gateway-cdk/cdk/package.json

@@ -22,7 +22,7 @@
     "@types/source-map-support": "^0.5.7",
     "jest": "^29.6.4",
     "ts-jest": "^29.1.1",
-    "aws-cdk": "2.80.0",
+    "aws-cdk": "2.94.0",
     "esbuild": "^0.15.14",
     "ts-node": "^10.9.1",
     "typescript": "^5.2.2"

lambda-elastic-ip-no-nat-gateway-cdk/cdk/src/lambdas/vin-api-lambda.ts

@@ -8,6 +8,7 @@ export const handler: Handler = async () => {
     try {
         const response = await httpsGet(thirdPartyUrl);
         console.log(`your random VIN is: ${response}`);
+        return response;
     } catch (error: any) {
         console.error(`Error Fetching VIN: ${error.message}`);
         throw error;