Writing and testing AWS Lambdas in Python

Example code for

• 10 Recommendations for writing pragmatic AWS Lambdas in Python

How to deploy

Assumes:

• General understanding of how to build and run AWS SAM applications

Prerequisites:

• Python 3.7
• pip3 (or pip aliased to pip3)
• make
• aws-cli

Tested on:

• Linux
• MacOS

Setup (via Python pipenv)

• Install dependencies:

make install-dependencies

• Note:

  • Depending on your local setup you might want to change pip3 to pip. This makefile assumes the Python3 version.
  • Running make install-dependencies is a one-off task, feel free to install the required Python packages with your preferred tool)

• Change into pipenv-shell:

pipenv shell

• Configure AWS profile:

export AWS_PROFILE=[your profile name]

(or use the default profile if configured)

• Create artifact bucket:
  • Edit ARTIFACT_BUCKET in Makefile to become globally unique
  • E.g. default-sg-remediation-artifacts-[your account id]

make create-artifact-bucket

Deploy application

make deploy

How to test

• Change egress or ingress on the default security group
  • Lambda gets invoked
  • egress/ingress get revoked
  • security group gets tagged