GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → amplify-education → serverless-vpc-discovery

amplify-education / serverless-vpc-discovery

Licence: MIT license
Serverless plugin for discovering VPC / Subnet / Security Group configuration by name.

Programming Languages

typescript
32286 projects

Labels

awslambdaec2serverlessdiscoverysubnetvpcserverless-plugin

Projects that are alternatives of or similar to serverless-vpc-discovery

aws-solutions-architect-associate-certificate
Note to pass the AWS Solutions Architect Associate Exam
Stars: ✭ 58 (+65.71%)
Mutual labels:  ec2, vpc
vpc-peering-operator
A Kubernetes Operator to manage the lifecycle of AWS VPC Peering Connections
Stars: ✭ 23 (-34.29%)
Mutual labels:  ec2, vpc
Aws Cli Cheatsheet
☁️ AWS CLI + JQ = Make life easier
Stars: ✭ 94 (+168.57%)
Mutual labels:  ec2, subnet
terraform-aws-base-networking
Terraform module for building base networking in AWS
Stars: ✭ 15 (-57.14%)
Mutual labels:  subnet, vpc
aws-map
Make a network graph of an AWS region
Stars: ✭ 79 (+125.71%)
Mutual labels:  ec2, vpc
nix bsd mac inventory
Collect Inventory data from *Nix, BSD and mac OS and upload to Device42
Stars: ✭ 17 (-51.43%)
Mutual labels:  discovery
terraform-otc
Terraform integration modules for Open Telekom Cloud
Stars: ✭ 20 (-42.86%)
Mutual labels:  vpc
traefik-cluster-ecs
This is a tutorial on how to deploy a Traefik Load Balancer in AWS using CloudFormation to load balancer development ECS tasks using hosts (FQDN).
Stars: ✭ 62 (+77.14%)
Mutual labels:  ec2
getting-into-consul
A zero to complete walk through of setting up HashiCorp Consul on AWS from scratch!
Stars: ✭ 56 (+60%)
Mutual labels:  ec2
tunman
Comprehensive solution for SSH tunnels - respawning, healthchecking/monitoring
Stars: ✭ 43 (+22.86%)
Mutual labels:  vpc
homebrew-aws
Homebrew is a package manager for macOS which provides easy installation and update management of additional software. This Tap (repository) contains the Formulae that are used in the macOS AMI that AWS offers.
Stars: ✭ 50 (+42.86%)
Mutual labels:  ec2
ansible-role-win-ec2
Ansible role to create and destroy Windows instances on EC2
Stars: ✭ 13 (-62.86%)
Mutual labels:  ec2
terraform-ecs
Terraform ECS module
Stars: ✭ 15 (-57.14%)
Mutual labels:  ec2
oidc
Easy to use OpenID Connect client and server library written for Go and certified by the OpenID Foundation
Stars: ✭ 475 (+1257.14%)
Mutual labels:  discovery
ecs-autoscale
A framework that runs on AWS Lambda for autoscaling ECS clusters and services
Stars: ✭ 69 (+97.14%)
Mutual labels:  ec2
serverless-appsync-simulator
A simple wrapper around Amplify AppSync Simulator to test serverless AppSync Apis
Stars: ✭ 106 (+202.86%)
Mutual labels:  serverless-plugin
terraform-aws-cloudwatch-flow-logs
Terraform module for enabling flow logs for vpc and subnets.
Stars: ✭ 32 (-8.57%)
Mutual labels:  ec2
fluent-plugin-ec2-metadata
Fluentd output plugin to add Amazon EC2 metadata into messages
Stars: ✭ 43 (+22.86%)
Mutual labels:  ec2
bigfoot
🐾 Quickly connect IoT devices with a great UX
Stars: ✭ 55 (+57.14%)
Mutual labels:  discovery
vault-ec2auth
A simple agent to authenticate an AWS EC2 instance against Hashicorp Vault
Stars: ✭ 12 (-65.71%)
Mutual labels:  ec2
View All Similar Projects ➔

serverless-vpc-discovery

serverless Build Status npm version MIT licensed Codacy Badge npm downloads

The vpc discovery plugin takes the given vpc name, subnet tag key/value, and security group tag key/value or names in the serverless file to setup the vpc configuration for the lambda.

Basically we use this config:

vpcDiscovery:
    vpcName: '<vpc_name>'
    subnets:
      - tagKey: <tag_name>
        tagValues:
          - '<tag_vale>'
    securityGroups:
      - tagKey: <tag_name>
        tagValues:
          - '<tag_value>'

To generate this config:

vpc:
    subnetIds:
        - subnet-123456789
        ...
    securityGroupIds:
        - sg-123456789
        ...

For each lambda function.

Note: The core serverless provider.vpc settings will be used, if they are set, instead of vpcDiscovery. You can use also mix settings. For example you may set provider.vpc.subnetIds while using vpcDiscovery to set the securityGroupIds. Take a look at official documentation.

About Amplify

Amplify builds innovative and compelling digital educational products that empower teachers and students across the country. We have a long history as the leading innovator in K-12 education - and have been described as the best tech company in education and the best education company in tech. While others try to shrink the learning experience into the technology, we use technology to expand what is possible in real classrooms with real students and teachers.

Learn more at https://www.amplify.com

Getting Started

Prerequisites

Make sure you have the following installed before starting:

Also allow the lambda to have the following IAM permissions:

  • ec2:CreateNetworkInterface
  • ec2:DescribeNetworkInterfaces
  • ec2:DeleteNetworkInterface

Installation

Run:

# From npm (recommended)
npm install serverless-vpc-discovery

# From github
npm install https://github.com/amplify-education/serverless-vpc-discovery.git

Then make the following edits to your serverless.yaml file:

plugins:
  - serverless-vpc-discovery

# Optional: Either set `custom.vpcDiscovery` or `functions.<function name>.vpcDiscovery`
custom:
  vpcDiscovery:
    vpcName: '<vpc_name>'
    
    # optional if `securityGroups` option is specified
    # list of tag key and values 
    subnets:
      - tagKey: <tag_name>
        
        # an array of values
        tagValues:
          - '<tag_value>'

    # optional if `subnets` option is specified
    # list of tag key and value or names
    securityGroups:
      - tagKey: <tag_name>
        
        # an array of values
        tagValues:
          - '<tag_value>'
      
      # optional if `tagKey` and `tagValues` are specified
      # an array of values
      - names:
        - '<security_group_name>'

# Optional: Either set `custom.vpcDiscovery` or `functions.<function name>.vpcDiscovery`
functions:
  example:
    handler: handler.example
    # inherit `custom.vpcDiscovery` config in case `custom.vpcDiscovery` is specified
  
  example2:
    handler: handler.example
    
    # skip vpc configuration for the current function
    vpcDiscovery: false
    
  example3:
    handler: handler.example
    
    # inherit `custom.vpcDiscovery` config in case `custom.vpcDiscovery` is specified and override security group names
    vpcDiscovery:
      vpcName: '<vpc_name>'
      securityGroups:
        - tagKey: <tag_name>
          
          # an array of values
          tagValues:
            - '<tag_value>'
  
  example4:
    handler: handler.example
    # override or set basic subnets and security groups items
    vpcDiscovery:
      vpcName: '<vpc_name>'
      
      # optional if `custom.vpcDiscovery.securityGroups` option is specified
      subnets: 
        - tagKey: <tag_name>
          
          # an array of values
          tagValues:
            - '<tag_value>'

      # optional if `custom.vpcDiscovery.subnets` option is specified
      securityGroups: 
        
        # optional if `names` option is specified
        - tagKey: <tag_name>
          
          # an array of values
          tagValues:
            - '<tag_value>'
        
        # optional if `tagKey` and `tagValues` are specified
        # an array of values
        - names: 
          - '<security_group_name>'

Running Tests

To run the test:

npm test

All tests should pass.

To run integration tests, set an environment variable TEST_VPC_NAME to the VPC you will be testing for. Then,

export AWS_PROFILE=your_profile
export TEST_VPC_NAME=vpc_name
npm build
npm run integration-test

If there is an error build and install the node_module inside the serverless-vpc-discovery folder:

npm build
npm install .

Deploying with the plugin

When deploying run:

serverless deploy --env 'VPC Name'

And that should be it! Good Luck!

How it Works

The vpc, subnets, and security groups are found by filtering based on a specified tag name. Vpc and subnets are found under the tag name tag:Name. Security groups are found by the name of the group under group-name.

The vpc is found first as it is used to find the subnets and security groups. Once all of the subnets and security groups are found the serverless service provider creates a vpc object and stores the subnets and security groups.

Responsible Disclosure

If you have any security issue to report, contact project maintainers privately. You can reach us at [email protected]

Contributing

We welcome pull requests! For your pull request to be accepted smoothly, we suggest that you:

  1. For any sizable change, first open a GitHub issue to discuss your idea.
  2. Create a pull request. Explain why you want to make the change and what it’s for. We’ll try to answer any PR’s promptly.
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].