Cloud Configuration - 1.0

Extension ID

com.castsoftware.cloudconfig

What’s new

See Cloud Configuration - 1.0 - Release Notes .

Description

This extension provides support for some cloud computing frameworks that are using configuration files:

  • AWS Cloudformation
  • AWS SAM
  • Serverless framework

In what situation should you install this extension?

If your application uses AWS Cloudformation, AWS SAM, or Serverless framework (for deploying AWS services).

Files analyzed

The files with the following extensions are analyzed:

  • .json
  • .yaml
  • .yml
  • .template

Objects

Icon Description

AWS Get API Gateway

AWS Post API Gateway 

AWS Put API Gateway 

AWS Delete API Gateway 

AWS Any API Gateway 

AWS Post Request

AWS Lambda Function 

Call to AWS Lambda Function

AWS Simple Queue Service Receiver

AWS SNS Subscriber

AWS Simple Queue Service Publisher

AWS SMS, AWS Email

AWS support

Cloudformation support

Cloudformation uses configuration files for setting up AWS architecture. The configuration files use yaml or json format. Most examples shown in this page are using the yaml format but json format is also supported. Resources are defined within the Resources section of the configuration files. Each resource is defined as follow:

Resources:
  NameOfTheResource:
    Type: AWS::ResourceIdentifier
    Properties:
       SomeProperty:
         #...
  NameOfOtherResource:
    #...

The resources of the following types are analyzed:

AWS::Lambda::Function

When analysing the following source code:

Resources:
  lambdaResourceName:
    Type: AWS::Lambda::Function
    Properties:
      FunctionName: lambdaName
      Handler: handler.compute
      Runtime: nodejs8.10

A lambda function object named lambdaName is created. It has a property for saving the handler path and the runtime. The linking from the lambda function to the handler function is then carried out by one of the following extensions (depending on the runtime):

runtime extension
java com.castsoftware.awsjava 
dotnet com.castsoftware.awsdotnet
python com.castsoftware.python
nodejs

com.castsoftware.nodejs (when the handler is written in .js)

com.castsoftware.typescript (when the handler is written in .ts)

If the property FunctionName is not provided, the name of the function is by default the name of the resource (lambdaResourceName in this example). 

AWS::DynamoDB::Table, AWS::SQS::Queue, and AWS::S3::Bucket

These types of resources are used to set up some services. This extension analyses them to get the name of the services. For instance when analyzing the following:

Resources:
  SQSResourceName:
    Type: AWS::SQS::Queue
    Properties:
        QueueName: QueueName
        #...

the analyzer will find that any reference to the resource SQSResourceName will refer to the SQS Queue named QueueName. If no name is provided, the resource name is used.

AWS::SNS::Topic

This resource is used to set up an SNS topic with its subscription. When analyzing the following source code:

Resources:
 Queue:
   Type: AWS::SQS::Queue
   Properties:
      QueueName: my_queue_name
 LambdaFunction:
   Type: AWS::Lambda::Function
   Properties:
      FunctionName: my_lambda_name
      Handler: handler.compute
      Runtime: nodejs8.10
 MySNSTopic: 
   Type: AWS::SNS::Topic
   Properties: 
     Subscription: 
       - Endpoint: cloudkatha@gmail.com
         Protocol: email
       - Endpoint: some_number
         Protocol: sms
       - Protocol: https
         Endpoint: foo/https
       - Protocol: http
         Endpoint: foo/http
       - Protocol: lambda
         Endpoint: !GetAtt LambdaFunction.Arn
       - Protocol: sqs
         Endpoint: !GetAtt Queue.Arn
     TopicName: my_topic_name

you will get the following result:

A Nodejs SNS Subscriber object named my_topic_name is created. Then for each supported protocol, an object is created with a callLink from the subscriber to that object. The supported protocols are the following:

protocol object created name of the object
email Nodejs Email an Email (the email addresses are not evaluated)
http/https Nodejs Post Service the url (evaluated from the endpoint)
sqs Nodejs AWS Simple Queue Service Publisher the name of the queue (evaluated from the endpoint)
lambda Nodejs Call to AWS Lambda Function the name of the lambda function (evaluated from the endpoint)
sms Nodejs SMS an SMS (the SMS numbers are not evaluated)

Whenever the endpoint is an ARN, the ARN may be hardcoded:

- Protocol: sqs
  Endpoint: arn:aws:sqs:us-east-2:123456789012:my_queue_name

The name of the service (my_queue_name in this example) is extracted. 

AWS::SNS::Subscription

The subscriptions to an SNS topic can be made inside an AWS::SNS::Subscription resource. When analyzing the following source code, 

Resources:
  SnsTopic:
    Type: AWS::SNS::Topic
    Properties:
        TopicName: my_topic_name 
  Queue:
    Type: AWS::SQS::Queue
    Properties:
      QueueName: my_queue_name
  SnsSubscription:
    Type: AWS::SNS::Subscription
    Properties:
      Protocol: sqs
      Endpoint: !GetAtt Queue.Arn
      Region: !Ref TopicRegion
      TopicArn: !GetAtt SnsTopic.Arn

you will get the following result:

The same endpoints as those for the AWS::SNS::Topic resource are supported.

AWS::Lambda::EventSourceMapping

CloudFormation allows mapping some events to lambda function using AWS::Lambda::EventSourceMapping. When these events occur, the lambda function will be executed. The supported events are DynamoDB and SQS queue. The analysis of the following source code:

Resources:
  DataResourceTable:
    Type: AWS::DynamoDB::Table
    Properties:
      TableName: my_table_name
      # ...

  SQSResourceName:
    Type: AWS::SQS::Queue
    Properties:
      QueueName: my_queue_name
      #...

  lambdaResourceName:
    Type: AWS::Lambda::Function
    Properties:
      FunctionName: my_lambda_name
      Handler: handler.compute
      Runtime: nodejs8.10

  SQSToLambdaEventSourceMapping:
    Type: AWS::Lambda::EventSourceMapping
    Properties:
      EventSourceArn: !GetAtt SQSResourceName.Arn
      FunctionName: !GetAtt lambdaResourceName.Arn
      #...

  DynamodbToLambdaEventSourceMapping:
    Type: AWS::Lambda::EventSourceMapping
    Properties:
      EventSourceArn: !GetAtt DataResourceTable.StreamArn
      FunctionName: !GetAtt lambdaResourceName.Arn
      #...

Lead to the following result (assuming that there is some TypeScript source code with a my_put function with a useUpdateLink to a my_table_name DynamoDB table):

For an SQS event to Lambda, an SQS Receiver object linked to the lambda function is created. If an old version of the extension analyzing the actual code of the function (i.e. the JavaScript function in this example) the SQS Receiver object may be linked to that function instead of the lambda Function object.

Some links will be created only when some objects created by other extensions are created with a minimal version for these other extensions as described below. Also if old versions of these other extensions are used, the AWS API Gateway, the AWS SQS Receiver, and AWS SNS Subscriber object may not be linked to the AWS Lambda Function object but to its handler (i.e. the HTML5 JavaScript function in the previous example).

Other features supported

Parameters

Some variables can be defined in the parameter section of the yaml file. When the name of a service is that of a parameter and a default value is given, the extension will create the service with that default value. For instance when analyzing the following source code, a lambda function named my_lambda_name is created.

Parameters:

  LambdaName:
    Type: String
    Default: my_lambda_name

Resources:
  lambdaResourceName:
    Type: AWS::Lambda::Function
    Properties:
      FunctionName: !Ref LambdaName
      Handler: handler.compute
      Runtime: nodejs8.10

Intrinsic functions

CloudFormation provides some intrinsic functions. Only the Join, GetAtt, and Ref functions are supported.

Serverless Application Model (SAM)

AWS SAM is an extension of AWS CloudFormation. All that is supported for CloudFormation is supported for SAM. It provides other Types for declaring resources. The following SAM resource is supported:

AWS::Serverless::Function

This resource allows defining a lambda function. It has an Events property which allows setting up some triggers for the lambda function. The supported events types are S3, DynamoDB, SNS, SQS, and HttpApi. When analyzing the following source code (in combination with some JavaScript and TypeScript source code which we do not display here):

Resources:
  MyLambdaResource:
    Type: 'AWS::Serverless::Function'
    Properties:
      FunctionName: my_lambda
      Handler: handler.compute
      Runtime: nodejs4.3
      Events:
        S3Event:
          Type: S3
          Properties:
            Bucket: 
              Ref: S3Bucket
            Events: 
              - s3:ObjectCreated:*
        Stream:
          Type: DynamoDB
          Properties:
            Stream: !GetAtt DynamoDBTable.StreamArn
            BatchSize: 100
            StartingPosition: TRIM_HORIZON
        SNSEvent:
          Type: SNS
          Properties:
            Topic:
              Ref: SNSTopic1
        MySQSEvent:
          Type: SQS
          Properties:
            Queue: !GetAtt MySqsQueue.Arn
            BatchSize: 10
        MyHttpEvent:
          Type: HttpApi
          Properties:
            ApiId: !Ref HttpApi
            Path: /foo/path
            Method: GET            
            
  MySqsQueue:
    Type: AWS::SQS::Queue
    Properties:
      QueueName: my_queue_name          

  DynamoDBTable:
    Type: AWS::DynamoDB::Table 
    Properties:
      TableName: my_table_name        

  S3Bucket:
    Type: AWS::S3::Bucket   
    Properties:
      BucketName: my_bucket_name     

  SNSTopic1:
    Type: 'AWS::SNS::Topic'
    Properties:
      TopicName: 'my_topic_name'

We get the following result: 

Only the objects in the red square are created when analyzing this source code with this extension.

Some links will be created only when some objects created by other extensions are created with a minimal version for these other extensions as described below. Also if old versions of these other extensions are used, the AWS API Gateway, the AWS SQS Receiver, and AWS SNS Subscriber object may not be linked to the AWS Lambda Function object but to its handler (i.e. the HTML5 JavaScript function in the previous example).

Support for S3 event

To define an S3 trigger for a lambda function, one needs to define the bucket and the type of events on that bucket that will trigger the Lambda. The analyzer creates a call link to the lambda function object from all callables linked to the given bucket through a link of matching type. The following table tells which link type will match which event type.

event_type matching link types
No event_type all
ObjectCreated useInsert
ObjectRemoved useDelete
ObjectRestore None
ReducedRedundancyLostObject None
Replication None

In AWS, the event_type can be more specific by adding information after the semicolon. However, the analyzer does not consider this information. For instance, it will make no distinction between ObjectCreated:* and ObjectCreated:Put or ObjectCreated:Post event types. A Filter field can also be added to trigger the lambda only for some specific files. This is currently not supported and may lead to wrong links. The links from S3Bucket callers to the lambda object will be created only if the extension which created the S3 bucket is recent enough as described below.

Support for DynamoDB event

The analyzer creates a call link to the lambda function object from all callables linked to the DynamoDB table define in the event.

Support for SNS, SQS and HttpApi events

For these triggers an SNS Subscriber (for SNS), an SQS Receiver (for SQS) or an APIGateway (for HttpApi) objects are created. A runtime and a handler property are added to that object. Based on these properties, if a handler function is found that object will be linked to the handler function.

This links is created only if the extension which analyses the handler object is recent enough as described below.

Serverless framework support

Serverless framework can be used to build AWS applications. It provides its own way of defining lambda functions and their events. Other services can be created within the Resources section of the configuration files and using the CloudFormation nomenclature. The com.castsoftware.cloudformation extension analyzes anything which is inside the Resources section of a serverless framework configuration file as CloudFormation resources and will create objects as described above.

Lambda support

The Lambda support is similar to that for SAM. When analyzing the following source code (in combination with some JavaScript and TypeScript source code which we do not display here). 

service: irp-searchCompanies
provider:
  name: aws
  runtime: nodejs4.3
  profile: serverless #user profile used for sls deploy
  versionFunctions: false
  region: us-west-2

functions:
  my_lambda:
    handler: handler.compute
    events:
      - stream: arn:aws:dynamodb:region:XXXXXX:table/my_table_name/stream/1970-01-01T00:00:00.000
      - sns:
         arn:
          Fn::GetAtt:
            - SNSTopic1
            - Arn
      - http: GET foo/path
      - s3:
          bucket: my_bucket_name  #bucket name
          event: s3:ObjectCreated:*
          rules:
            - prefix: logs/ #folder inside a bucket
          existing: true #mark as true if bucket already exists
      - sqs:
          arn:
            Fn::GetAtt:
              - MyQueue
              - Arn
          
resources:
 Resources:
  SNSTopic1:
    Type: 'AWS::SNS::Topic' 
    Properties:
      TopicName: 'my_topic_name' 
  MyQueue:
    Type: "AWS::SQS::Queue"
    Properties:
      QueueName: "my_queue_name"

We get the following result:

Only the objects in the red square are created when analyzing this source code with this extension.

Some links will be created only when some objects created by other extensions are created with a minimal version for these other extensions as described below. Also if old versions of these other extensions are used, the AWS API Gateway, the AWS SQS Receiver, and AWS SNS Subscriber object may not be linked to the AWS Lambda Function object but to its handler (i.e. the HTML5 JavaScript function in the previous example)

Minimal versions for proper linking

Many objects created by this extension may be linked with objects created by other extensions. However for these linkings to work, the minimal version required for these extensions is shown in the following table:

runtime extension minimal version for link to handler minimal version for link from object calling a S3 bucket to lambda function
java com.castsoftware.awsjava 1.2.0-alpha3 1.2.0-alpha2
dotnet com.castsoftware.awsdotnet 1.0.0-alpha5 1.0.0-alpha4
python com.castsoftware.python 1.4.0-beta7 1.4.0-beta4
nodejs com.castsoftware.nodejs 2.7.0-beta3 (when the handler is written in .js) 2.6.0-funcrel
nodejs com.castsoftware.typescript 1.9.0-alpha1 (when the handler is written in .ts) 1.8.1-funcrel

Known limitations 

  • Exports and imports are not supported
  • Use of complex mapping key in YAML files is not supported and may lead to missing objects
  • Custom resources are not supported in CloudFormation
  • Filters in S3 event source for lambda are not supported and may lead to wrong links
  • Inline source code for Lambda functions provided in CloudFormation or SAM configuration files is not supported:
      Code:
        ZipFile: |
          var aws = require('aws-sdk')
          var response = require('cfn-response')
          exports.handler = function(event, context) {
              //...
          }