A lambda extension to hot reload parameters from SSM Parameter Store, Secrets Manager, DynamoDB, AppConfig

Related tags

Utilities rust aws lambda cdk
Overview

Rust parameters lambda extension

Research

https://github.com/aws-samples/aws-lambda-extensions https://github.com/aws-samples/aws-lambda-extensions/blob/main/go-example-extension/Makefile

Lambda extensions deep dive https://serverlessland.com/learn/lambda-extensions

Installing

# Install Rust
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh

# Or update rust to the latest version
# rustup update

# Add target so we can cross compile for x86 Lambdas
rustup target add x86_64-unknown-linux-musl

# Install dependencies
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install zip musl-tools -y

Building

./build.sh

Deploying

cd cdk
cdk bootstrap
cdk deploy

Parameter configuration

| Provider            | Function/Method | IAM Permission                | Environment Variable                         | Use Case                                        |
|---------------------|-----------------|-------------------------------|----------------------------------------------|-------------------------------------------------|
| SSM Parameter Store | ssm_parameter   | ssm:GetParameter              | FOO_PARAM="ssm_parameter:/my/parameter"      | Retrieve a single parameter                     |
| SSM Parameter Store | ssm_parameters  | ssm:GetParametersByPath       | FOO_PARAMS="ssm_parameters:/my/path/prefix"  | Retrieve multiple parameters from a path prefix |
| Secrets Manager     | secret          | secretsmanager:GetSecretValue | FOO_SECRET="secret:my-secret"                | Retrieve a single secret                        |
| DynamoDB            | ddb_item        | dynamodb:GetItem              | FOO_ITEM="ddb_item:table=my-table&pk=A&sk=B" | Retrieve an item from a DynamoDB table          |
| DynamoDB            | ddb_query       | dynamodb:Query                | FOO_QUERY="ddb_query:table=my-table&pk=A"    | Retrieve multiple items from a DynamoDB table   |

[
  {
    "name": "FOO_PARAM",
    "args": "ssm_parameter:/my/parameter",
    "items": [
      {
        "name": "/my/parameter",
        "value": "my-parameter"
      }
    ]
  },
  {
    "name": "FOO_PARAMS",
    "args": "ssm_parameters:/my/path/prefix",
    "items": [
      {
        "name": "/my/path/prefix/value/1",
        "value": "value-1"
      },
      {
        "name": "/my/path/prefix/value/2",
        "value": "value-1"
      }
    ]
  },
  {
    "name": "FOO_SECRET",
    "args": "secret:my-secret",
    "items": [
      {
        "name": "my-secret",
        "value": "secret-value"
      }
    ]
  },
  {
    "name": "FOO_ITEM",
    "args": "ddb_item:table=my-table&pk=A&sk=B",
    "items": [
      {
        "name": "table=my-table&pk=A&sk=B",
        "value": "{ \"pk\": \"A\", \"sk\": \"B\" }"
      }
    ]
  }
]
You might also like...
πŸ“¦ πŸš€ a smooth-talking smuggler of Rust HTTP functions into AWS lambda
πŸ“¦ πŸš€ a smooth-talking smuggler of Rust HTTP functions into AWS lambda

lando 🚧 maintenance mode ahead 🚧 As of this announcement AWS not officialy supports Rust through this project. As mentioned below this projects goal

Doug Tangren 68 Dec 7, 2021
A Rust runtime for AWS Lambda

Rust Runtime for AWS Lambda This package makes it easy to run AWS Lambda Functions written in Rust. This workspace includes multiple crates: lambda-ru

Amazon Web Services - Labs 2.4k Dec 29, 2022
The classic game Pong, written in lambda calculus, and a thin layer of Rust.

What? The good old game Pong, written in lambda calculus, and a thin layer of Rust. Why? I was bored. No, seriously, why? Everyone keeps saying that l

null 2 Aug 14, 2022
Examples of how to use Rust with Serverless Framework, Lambda, API Gateway v1 and v2, SQS, GraphQL, etc

Rust Serverless Examples All examples live in their own directories: project: there is nothing here, just a simple cargo new project_name with a custo

Fernando Daciuk 9 Dec 17, 2022
A high-performance Lambda authorizer for API Gateway that can validate OIDC tokens
A high-performance Lambda authorizer for API Gateway that can validate OIDC tokens

oidc-authorizer A high-performance token-based API Gateway authorizer Lambda that can validate OIDC-issued JWT tokens. 🀌 Use case This project provid

Luciano Mammino 4 Oct 30, 2023
A simple workshop to learn how to write, test and deploy AWS Lambda functions using the Rust programming language

Rust Lambda Workshop Material to host a workshop on how to build and deploy Rust Lambda functions with AWS SAM and Cargo Lambda. Intro What is Serverl

Luciano Mammino 13 Mar 28, 2024
A memory efficient immutable string type that can store up to 24* bytes on the stack

compact_str A memory efficient immutable string type that can store up to 24* bytes on the stack. * 12 bytes for 32-bit architectures About A CompactS

Parker Timmerman 342 Jan 2, 2023
A tool to subscribe to Twitch channels and store them efficiently on disk

twitch-messages A tool to subscribe to Twitch channels and store them efficiently on disk Build the Tools You can start by building the binaries that

ClΓ©ment Renault 1 Oct 31, 2021
Nix binary cache implemented in rust using libnix-store

harmonia Build Whole application nix-shell --run cargo b C Library Wrapper around libnixstore nix-shell --run make Note: The makefile is only to pro

Helsinki Systems 84 Dec 24, 2022
Comments
  • Update ENV Variables w/Values

    Update ENV Variables w/Values

    Thoughts on changing the way this project works by updated each matching ENV variable with the returned value. So in stead of this:

    echo $FOO_PARAM
ssm_parameter:/my/parameter

    We would have this. And every runtime can simply use the environment vs constructing a fetch to localhost.

    echo $FOO_PARAM
my-parameter

    A friend shared this project as an idea on how to tap into LD_PRELOAD to update environments before the "real" lambda function/application starts. Thoughts?

    https://github.com/mmanciop/opentelemetry-injector

    opened by metaskills 1
Owner
Jake Scott
Jake Scott
GitHub
The lambda-chaos-extension allows you to inject faults into Lambda functions without modifying the function code.

Chaos Extension - Seamless, Universal & Lightning-Fast The lambda-chaos-extension allows you to inject faults into Lambda functions without modifying

AWS CLI Tools 5 Aug 2, 2023
Serverless setup for activity pub (using lambda+dynamodb) in Rust

Serverless ActivityPub About This is an experiment to have free/cheaper activitypub instances running on AWS (making use of free tiers as much as poss

Conrad Ludgate 3 Dec 30, 2022
cargo-lambda a Cargo subcommand to help you work with AWS Lambda

cargo-lambda cargo-lambda is a Cargo subcommand to help you work with AWS Lambda. This subcommand compiles AWS Lambda functions natively and produces

David Calavera 184 Jan 5, 2023
cargo-lambda is a Cargo subcommand to help you work with AWS Lambda.

cargo-lambda cargo-lambda is a Cargo subcommand to help you work with AWS Lambda. The new subcommand creates a basic Rust package from a well defined

null 184 Jan 5, 2023
An opinionated Rust library for interacting with AWS DynamoDB single-table designs.

Modyne An opinionated library for interacting with AWS DynamoDB single-table designs. † Motive Modyne follows the precepts laid out for effective sing

Marcus Griep 14 Jun 8, 2023
DynamoDB library for single-table design in Rust

A DynamoDB abstraction for Rust Deez is a DynamoDB abstraction for implementing Single Table Design easily, inspired by ElectroDB. Getting Started Def

null 10 Jul 2, 2023
Reload Rust code without app restarts. For faster feedback cycles.

hot-lib-reloader hot-lib-reloader is a development tool that allows you to reload functions of a running Rust program. This allows to do "live program

Robert Krahn 274 Jan 1, 2023
Detects orphan configmaps and secrets in a Kubernetes cluster

KubExplorer Warning: Proof of concept. Feedback is much welcome. Discovers and prints out any Configmaps and Secrets not linked to any of the followin

Pavel Pscheidl 56 Oct 21, 2022
A Kubernetes Operator that uses Bitwarden to provision secrets, written in Rust with kube-rs

bitwarden-secret-operator-rs bitwarden-secret-operator-rs is a kubernetes Operator written in Rust thanks to kube-rs. The goal is to create Kubernetes

Blowa 4 Mar 28, 2024
A tool to run web applications on AWS Lambda without changing code.

AWS Lambda Adapter A tool to run web applications on AWS Lambda without changing code. How does it work? AWS Lambda Adapter supports AWS Lambda functi

AWS Samples 321 Jan 2, 2023