Merge pull request aws-samples#3 from SoufanConsulting/elastic-ip-lambda

Elastic ip lambda

Author: MajdSoufan

lambda-elastic-ip-no-nat-gateway-cdk/cdk/.gitignore

@@ -6,3 +6,6 @@ node_modules
 # CDK asset staging directory
 .cdk.staging
 cdk.out
+
+template.yaml
+cdk.context.json

lambda-elastic-ip-no-nat-gateway-cdk/cdk/bin/cdk.ts

@@ -7,8 +7,8 @@ const app = new cdk.App();
 
 const patternStack = new LambdaElasticIpStack(app, 'LambdaElasticIpStack', {
   env: {
-    region: process.env.CDK_DEFAULT_REGION,
-    account: process.env.CDK_DEFAULT_ACCOUNT,
+    region: 'us-east-1' || process.env.CDK_DEFAULT_REGION,
+    account: '199150394284' || process.env.CDK_DEFAULT_ACCOUNT,
   },
 });
 

lambda-elastic-ip-no-nat-gateway-cdk/cdk/lib/cdk-stack.ts

@@ -2,39 +2,35 @@ import * as cdk from 'aws-cdk-lib';
 import { Construct } from 'constructs';
 
 export interface LambdaElasticIpStackProps extends cdk.StackProps {
-    availabilityZone?: string;
-    cidrBlock?: string;
+    vpcId?: string;
+    subnetId?: string;
+    securityGroupId?: string;
 }
 
 interface AssociateLambdaToElasticIpCRProps {
     elasticIP: cdk.aws_ec2.CfnEIP;
     vpc: cdk.aws_ec2.IVpc;
-    publicSubnet: cdk.aws_ec2.Subnet;
-    securityGroup: cdk.aws_ec2.SecurityGroup;
+    publicSubnet: cdk.aws_ec2.ISubnet;
+    securityGroup: cdk.aws_ec2.ISecurityGroup;
     functionName: string;
 }
 export class LambdaElasticIpStack extends cdk.Stack {
     constructor(scope: Construct, id: string, props: LambdaElasticIpStackProps) {
         super(scope, id, props);
 
-        const vpc = cdk.aws_ec2.Vpc.fromLookup(this, 'Default-VPC', { isDefault: true });
-        const publicSubnet = new cdk.aws_ec2.Subnet(this, 'Elastic-IP-Lambda-Subnet', {
-            vpcId: vpc.vpcId,
-            availabilityZone: props.availabilityZone || 'us-east-1e',
-            cidrBlock: props.cidrBlock || '172.31.96.0/20',
-            mapPublicIpOnLaunch: true,
-        });
-        const routeTableId = vpc.publicSubnets[0].routeTable.routeTableId;
-        const routeTableAssociation = new cdk.aws_ec2.CfnSubnetRouteTableAssociation(this, 'rt-s-association', {
-            subnetId: publicSubnet.subnetId,
-            routeTableId,
-        });
-        const securityGroup = new cdk.aws_ec2.SecurityGroup(this, 'Elastic-IP-Lambda-Security-Group', {
-            vpc,
-            allowAllOutbound: true,
-            description:
-                'This is a security group for a vpc attached lambda that uses elastic ip to have outbound communication without the need for a NAT solution',
-        });
+        const vpc = cdk.aws_ec2.Vpc.fromLookup(this, 'Default-VPC', { isDefault: !props.vpcId, vpcId: props.vpcId });
+        const securityGroup = !!props.securityGroupId
+            ? cdk.aws_ec2.SecurityGroup.fromLookupById(this, 'Elastic-IP-Lambda-Security-Group', props.securityGroupId)
+            : new cdk.aws_ec2.SecurityGroup(this, 'Elastic-IP-Lambda-Security-Group', {
+                  vpc,
+                  allowAllOutbound: true,
+                  description:
+                      'This is a security group for a vpc attached lambda that uses elastic ip to have outbound communication without the need for a NAT solution',
+              });
+
+        const publicSubnet = !!props.subnetId
+            ? cdk.aws_ec2.Subnet.fromSubnetId(this, 'Elastic-IP-Lambda-Subnet', props.subnetId)
+            : vpc.publicSubnets[0];
 
         const publicFunction = new cdk.aws_lambda_nodejs.NodejsFunction(this, 'Lambda-With-Elastic-IP', {
             memorySize: 128,
@@ -55,7 +51,13 @@ export class LambdaElasticIpStack extends cdk.Stack {
 
         const elasticIP = new cdk.aws_ec2.CfnEIP(this, 'Lambda-Elastic-Ip', {});
 
-        this.associateLambdaToElasticIpCR({ elasticIP, vpc, publicSubnet, securityGroup, functionName: publicFunction.functionName });
+        this.associateLambdaToElasticIpCR({
+            elasticIP,
+            vpc,
+            publicSubnet,
+            securityGroup,
+            functionName: publicFunction.functionName,
+        });
     }
 
     private associateLambdaToElasticIpCR({ elasticIP, publicSubnet, securityGroup, vpc, functionName }: AssociateLambdaToElasticIpCRProps) {
@@ -78,7 +80,7 @@ export class LambdaElasticIpStack extends cdk.Stack {
         associateElasticIpFunctionCR.addToRolePolicy(
             new cdk.aws_iam.PolicyStatement({
                 effect: cdk.aws_iam.Effect.ALLOW,
-                actions: ['ec2:DescribeAddresses', 'ec2:AssociateAddress', 'ec2:DescribeNetworkInterfaces'],
+                actions: ['ec2:AssociateAddress', 'ec2:DescribeNetworkInterfaces'],
                 resources: ['*'],
             }),
         );

lambda-elastic-ip-no-nat-gateway-cdk/cdk/package.json

@@ -8,19 +8,27 @@
     "build": "tsc",
     "watch": "tsc -w",
     "test": "jest",
-    "cdk": "cdk"
+    "esbuild": "rm -rf dist && esbuild ./src/lambdas/* --bundle --entry-names=[dir]/[name]/index --sourcemap --platform=node --target=node18.14 --outdir=dist",
+    "package": "cd dist && for f in * ; do ([ -d \"$f\" ] && cd $f && zip ../$f.zip *) ; done",
+    "bundle": "npm run esbuild && npm run package",
+    "local-synth": "npm run build && cdk synth --no-staging > template.yaml",
+    "deploy": "cdk deploy",
+    "local-synth-and-deploy": "npm run local-synth && npm run deploy",
+    "destroy": "cdk destroy"
   },
   "devDependencies": {
-    "@types/jest": "^29.4.0",
-    "@types/node": "18.14.6",
-    "jest": "^29.5.0",
-    "ts-jest": "^29.0.5",
-    "aws-cdk": "2.80.0",
+    "@types/jest": "^29.5.4",
+    "@types/node": "20.5.7",
+    "@types/source-map-support": "^0.5.7",
+    "jest": "^29.6.4",
+    "ts-jest": "^29.1.1",
+    "aws-cdk": "2.94.0",
+    "esbuild": "^0.15.14",
     "ts-node": "^10.9.1",
-    "typescript": "~4.9.5"
+    "typescript": "^5.2.2"
   },
   "dependencies": {
-    "aws-cdk-lib": "2.80.0",
+    "aws-cdk-lib": "2.94.0",
     "constructs": "^10.0.0",
     "source-map-support": "^0.5.21"
   }

lambda-elastic-ip-no-nat-gateway-cdk/cdk/src/lambdas/associate-lambda-elastic-ip-cr.ts

@@ -1,18 +1,18 @@
 import { Handler } from 'aws-lambda';
-import { EC2Client, AssociateAddressCommand, DescribeAddressesCommand, DescribeNetworkInterfacesCommand } from '@aws-sdk/client-ec2'; // ES Modules import
+import { EC2Client, AssociateAddressCommand, DescribeNetworkInterfacesCommand } from '@aws-sdk/client-ec2'; // ES Modules import
 import { AssociateLambdaElasticIpEvent } from '../types/associate-lambda-elastic-ip-event';
 const client = new EC2Client();
 
 export const handler: Handler = async (event: AssociateLambdaElasticIpEvent) => {
-    console.log('Associating Lambda to Elastic IP Custom Resource:', event);
-    console.log('environment', process.env);
+    console.log('Associating Lambda to Elastic IP Custom Resource Event:', event);
+    console.log('Environment', process.env);
     const allocationId = process.env.ELASTIC_IP_ALLOCATION_ID;
     if (!allocationId) {
         throw new Error(`Error allocation id cannot be null or empty. '${allocationId}'`);
     }
-    console.log(`allocation id from env: ${allocationId}`);
+    console.log(`Allocation id from env: ${allocationId}`);
     try {
-        console.log('Fetching Lambda network interface ID associated with the elastic ip...');
+        console.log('Fetching lambda network interface ID associated with the elastic ip...');
 
         const DescribeNetworkInterfacesCommandRequest = {
             Filters: [
@@ -56,13 +56,17 @@ export const handler: Handler = async (event: AssociateLambdaElasticIpEvent) =>
             new DescribeNetworkInterfacesCommand(DescribeNetworkInterfacesCommandRequest),
         );
         console.log('DescribeNetworkInterfacesCommandResponse:', JSON.stringify(DescribeNetworkInterfacesCommandResponse, null, 2));
+        const returnedNetworkInterfaces = DescribeNetworkInterfacesCommandResponse.NetworkInterfaces;
+        if (!returnedNetworkInterfaces?.length) {
+            throw new Error(`No network interface is associated with this lambda function ${event.functionName}`);
+        }
 
         console.log('Associating Lambda to Elastic IP...');
 
         const AssociateAddressRequest = {
             AllocationId: allocationId,
             DryRun: false,
-            NetworkInterfaceId: DescribeNetworkInterfacesCommandResponse.NetworkInterfaces![0].NetworkInterfaceId,
+            NetworkInterfaceId: returnedNetworkInterfaces[0].NetworkInterfaceId,
         };
 
         console.log('AssociateAddressRequest:', AssociateAddressRequest);

lambda-elastic-ip-no-nat-gateway-cdk/cdk/src/lambdas/vin-api-lambda.ts

@@ -0,0 +1,16 @@
+import { Handler } from 'aws-cdk-lib/aws-lambda';
+import { httpsGet } from '../utils/https';
+
+export const handler: Handler = async () => {
+    console.log('calling a 3rd party api over the internet to fetch a random VIN...');
+    const thirdPartyUrl = 'https://randomvin.com/getvin.php?type=real';
+
+    try {
+        const response = await httpsGet(thirdPartyUrl);
+        console.log(`your random VIN is: ${response}`);
+        return response;
+    } catch (error: any) {
+        console.error(`Error Fetching VIN: ${error.message}`);
+        throw error;
+    }
+};

lambda-elastic-ip-no-nat-gateway-cdk/cdk/src/package.json

@@ -0,0 +1,21 @@
+{
+  "name": "src",
+  "version": "1.0.0",
+  "description": "",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "dependencies": {
+    "aws-lambda": "^1.0.7",
+    "@aws-sdk/client-ec2": "^3.405.0"
+  },
+  "devDependencies": {
+    "@types/aws-lambda": "^8.10.119",
+    "@types/node": "20.5.7",
+    "ts-node": "^10.9.1",
+    "typescript": "^5.2.2"
+  },
+  "author": "",
+  "license": "ISC"
+}

lambda-elastic-ip-no-nat-gateway-cdk/cdk/src/tsconfig.json

@@ -0,0 +1,23 @@
+{
+  "compilerOptions": {
+    "target": "ES2020",
+    "module": "commonjs",
+    "lib": ["DOM", "es2020"],
+    "declaration": true,
+    "strict": true,
+    "noImplicitAny": true,
+    "strictNullChecks": true,
+    "noImplicitThis": true,
+    "alwaysStrict": true,
+    "noUnusedLocals": false,
+    "noUnusedParameters": false,
+    "noImplicitReturns": true,
+    "noFallthroughCasesInSwitch": false,
+    "inlineSourceMap": true,
+    "inlineSources": true,
+    "experimentalDecorators": true,
+    "strictPropertyInitialization": false,
+    "typeRoots": ["./node_modules/@types"]
+  },
+  "exclude": ["node_modules", "cdk.out"]
+}

…ay-cdk/cdk/src/lambdas/vip-api-lambda.ts …o-nat-gateway-cdk/cdk/src/utils/https.tslambda-elastic-ip-no-nat-gateway-cdk/cdk/src/lambdas/vip-api-lambda.ts renamed to lambda-elastic-ip-no-nat-gateway-cdk/cdk/src/utils/https.ts lambda-elastic-ip-no-nat-gateway-cdk/cdk/src/lambdas/vip-api-lambda.ts renamed to lambda-elastic-ip-no-nat-gateway-cdk/cdk/src/utils/https.ts

@@ -1,7 +1,6 @@
-import { Handler } from 'aws-cdk-lib/aws-lambda';
 import * as https from 'https';
 
-async function httpsGet(url: string): Promise<string> {
+export async function httpsGet(url: string): Promise<string> {
     try {
         const response = await new Promise<any>((resolve, reject) => {
             const request = https.request(url, resolve);
@@ -29,17 +28,4 @@ async function httpsGet(url: string): Promise<string> {
         console.error(`Error: ${error.message}`);
         throw error;
     }
-}
-
-export const handler: Handler = async () => {
-    console.log('fetching random VIN...');
-    const url = 'https://randomvin.com/getvin.php?type=real';
-    // Call the async function
-    try {
-        const response = await httpsGet(url);
-        console.log(`your random VIN is: ${response}`);
-    } catch (error: any) {
-        console.error(`Error Fetching VIN: ${error.message}`);
-        throw error;
-    }
-};
+}

lambda-elastic-ip-no-nat-gateway-cdk/cdk/tsconfig.json

@@ -2,9 +2,7 @@
   "compilerOptions": {
     "target": "ES2020",
     "module": "commonjs",
-    "lib": [
-      "es2020"
-    ],
+    "lib": ["es2020", "DOM"],
     "declaration": true,
     "strict": true,
     "noImplicitAny": true,
@@ -19,12 +17,8 @@
     "inlineSources": true,
     "experimentalDecorators": true,
     "strictPropertyInitialization": false,
-    "typeRoots": [
-      "./node_modules/@types"
-    ]
+    "typeRoots": ["./node_modules/@types"],
+    "outDir": "dist"
   },
-  "exclude": [
-    "node_modules",
-    "cdk.out"
-  ]
+  "exclude": ["node_modules", "cdk.out", "dist"]
 }