SAM에서 lambda+ 고정 IP

의 목적


고정 IP가 있는 lambda 만들기
SAM 이란 무엇입니까?이렇게 되면 투덜거리세요.

전제 조건

  • ubuntu에서의 검증
  • docker
  • 설치

    물줄기

  • SAM CLI 설치
  • SAM을 통한 템플릿 생성
  • SAM을 통한 설계
  • 1. SAM CLI 설치


    $ wget https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip
    
    $ unzip aws-sam-cli-linux-x86_64.zip -d sam-installation
    
    $ sudo ./sam-installation/install
    
    $ sam --version
    
    특별히 할 말이 없으니 설치하세요.
    버젼 보이면 OK.

    2. SAM으로 템플릿 만들기


    좀 길긴 하지만 코드를 직접 붙여 리뷰로 설명한다.
    다음은 복사붙이기로 필요한 곳만 변경하면 움직일 수 있을 것 같습니다.
    sam init에서 생성된 것에 고정 IP 설정이 추가되었습니다.
    --- 省略
    
    # Resources以下で利用
    Parameters:
      VpcID:
        # 既存のVPCを使いたかったのであえて指定しています。
        Type: AWS::EC2::VPC::Id
        # VPCのIDを指定
        Default: "vpc-hogehoge"
      SecurityGroupID:
        # 既存のセキュリティグループを使いたいので指定。
        Type: AWS::EC2::SecurityGroup::Id
        Default: "sg-hogehoge"
      # cidrブロックの指定
      PublicSubnetCidrBlock:
        Type: String
        Default: "10.0.1.0/24"
      PrivateSubnetCidrBlock:
        Type: String
        Default: "10.0.2.0/24"
    
    Resources:
      PublicSubnet:
        Type: AWS::EC2::Subnet
        Properties:
          VpcId: !Ref VpcID
          CidrBlock: !Ref PublicSubnetCidrBlock
          MapPublicIpOnLaunch: false
          AvailabilityZone: !Select
            - 0
            - Fn::GetAZs: !Ref "AWS::Region"
    
      PrivateSubnet:
        Type: AWS::EC2::Subnet
        Properties:
          VpcId: !Ref VpcID
          CidrBlock: !Ref PrivateSubnetCidrBlock
          MapPublicIpOnLaunch: false
          AvailabilityZone: !Select
            - 0
            - Fn::GetAZs: !Ref "AWS::Region"
    
      InternetGateway:
        Type: AWS::EC2::InternetGateway
    
      VpcAttachment:
        Type: AWS::EC2::VPCGatewayAttachment
        Properties:
          InternetGatewayId: !Ref InternetGateway
          VpcId: !Ref VpcID
    
      VpcPublicRouteTable:
        Type: AWS::EC2::RouteTable
        Properties:
          VpcId: !Ref VpcID
    
      PublicRoute:
        Type: AWS::EC2::Route
        DependsOn: VpcAttachment
        Properties:
          DestinationCidrBlock: 0.0.0.0/0
          RouteTableId: !Ref VpcPublicRouteTable
          GatewayId: !Ref InternetGateway
    
      SubnetRouteTableAssociation:
        Type: AWS::EC2::SubnetRouteTableAssociation
        Properties:
          RouteTableId: !Ref VpcPublicRouteTable
          SubnetId: !Ref PublicSubnet
       
      # 固定IPの取得
      ElasticIp:
        Type: AWS::EC2::EIP
    
      NatGateway:
        Type: AWS::EC2::NatGateway
        Properties:
          AllocationId: !GetAtt ElasticIp.AllocationId
          SubnetId: !Ref PublicSubnet
    
      VpcPrivateRouteTable:
        Type: AWS::EC2::RouteTable
        Properties:
          VpcId: !Ref VpcID
    
      PrivateRoute:
        Type: AWS::EC2::Route
        DependsOn: VpcAttachment
        Properties:
          DestinationCidrBlock: 0.0.0.0/0
          RouteTableId: !Ref VpcPrivateRouteTable
          NatGatewayId: !Ref NatGateway
    
      PrivateSubnetRouteTableAssociation:
        Type: AWS::EC2::SubnetRouteTableAssociation
        Properties:
          RouteTableId: !Ref VpcPrivateRouteTable
          SubnetId: !Ref PrivateSubnet
    
      HelloWorld:
        Type: AWS::Serverless::Function 
        Properties:
          PackageType: Image
          MemorySize: 2048
          Timeout: 600
          Architectures:
            - x86_64
          Policies:
            - arn:aws:iam::aws:policy/AmazonSSMReadOnlyAccess
          VpcConfig:
            SecurityGroupIds:
              - !Ref SecurityGroupID
            SubnetIds:
              - !Ref PrivateSubnet
            # goの設定はsam initでgoを選択したためです。
        Metadata:
          DockerTag: go1.x-v1
          DockerContext: ./src
          Dockerfile: Dockerfile
    

    3. SAM으로 설계


    다음 명령을 사용하여 상호 작용하여 설계합니다.
    $ sam deploy --guided
    

    좋은 웹페이지 즐겨찾기