Skip to content

Instantly share code, notes, and snippets.

@codecitizen
Created November 22, 2018 20:42
Show Gist options
  • Save codecitizen/47073231d781979baec47148e40ab38b to your computer and use it in GitHub Desktop.
Save codecitizen/47073231d781979baec47148e40ab38b to your computer and use it in GitHub Desktop.
A serverless.yml file configuring a AWS ElastiCache redis instance that is accessible by all AWS Lambda functions deployed by this serverless function.
service: my-service
provider:
name: aws
runtime: nodejs8.10
stage: ${opt:stage, 'dev'}
environment:
REDIS_HOST:
"Fn::GetAtt": [ElasticCacheCluster, RedisEndpoint.Address]
functions:
trigger:
handler: src/serverless.trigger
vpc:
securityGroupIds:
- "Fn::GetAtt": ServerlessSecurityGroup.GroupId
subnetIds:
- Ref: PrivateSubnetA
events:
- http: POST /trigger
status:
handler: src/serverless.getStatus
vpc:
securityGroupIds:
- "Fn::GetAtt": ServerlessSecurityGroup.GroupId
subnetIds:
- Ref: PrivateSubnetA
events:
- http: GET /status
transform:
handler: src/serverless.transform
vpc:
securityGroupIds:
- "Fn::GetAtt": ServerlessSecurityGroup.GroupId
subnetIds:
- Ref: PrivateSubnetA
resources:
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: "10.0.0.0/16"
IP:
Type: AWS::EC2::EIP
Properties:
Domain: vpc
InternetGateway:
Type: AWS::EC2::InternetGateway
VPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId:
Ref: VPC
InternetGatewayId:
Ref: InternetGateway
NatGateway:
Type: AWS::EC2::NatGateway
Properties:
AllocationId:
Fn::GetAtt:
- IP
- AllocationId
SubnetId:
Ref: PublicSubnetA
PrivateSubnetA:
DependsOn: VPC
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: VPC
AvailabilityZone: ${self:provider.region}a
CidrBlock: "10.0.1.0/24"
PublicSubnetA:
DependsOn: VPC
Type: AWS::EC2::Subnet
Properties:
VpcId:
Ref: VPC
AvailabilityZone: ${self:provider.region}a
CidrBlock: "10.0.2.0/24"
PrivateRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: VPC
PrivateRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId:
Ref: PrivateRouteTable
DestinationCidrBlock: 0.0.0.0/0
NatGatewayId:
Ref: NatGateway
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId:
Ref: VPC
PublicRoute:
Type: AWS::EC2::Route
Properties:
RouteTableId:
Ref: PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId:
Ref: InternetGateway
SubnetRouteTableAssociationLambdaPrivateA:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PrivateSubnetA
RouteTableId:
Ref: PrivateRouteTable
SubnetRouteTableAssociationLambdaPublicA:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId:
Ref: PublicSubnetA
RouteTableId:
Ref: PublicRouteTable
ServerlessSecurityGroup:
DependsOn: VPC
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: SecurityGroup for Serverless Functions
VpcId:
Ref: VPC
ServerlessStorageSecurityGroup:
DependsOn: VPC
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Ingress for Redis Cluster
VpcId:
Ref: VPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '6379'
ToPort: '6379'
SourceSecurityGroupId:
Ref: ServerlessSecurityGroup
ServerlessCacheSubnetGroup:
Type: AWS::ElastiCache::SubnetGroup
Properties:
Description: "Cache Subnet Group"
SubnetIds:
- Ref: PrivateSubnetA
ElasticCacheCluster:
DependsOn: ServerlessStorageSecurityGroup
Type: AWS::ElastiCache::CacheCluster
Properties:
AutoMinorVersionUpgrade: true
Engine: redis
CacheNodeType: ${self:custom.config.CACHE_INSTANCE_SIZE}
NumCacheNodes: 1
VpcSecurityGroupIds:
- "Fn::GetAtt": ServerlessStorageSecurityGroup.GroupId
CacheSubnetGroupName:
Ref: ServerlessCacheSubnetGroup
custom:
config:
CACHE_INSTANCE_SIZE: cache.t2.micro
@zodman
Copy link

zodman commented Jun 18, 2020

@sjatkins
Copy link

This is building a VPC? I already have a VPC with REDIS within it. How would I get to it? An example of that would be shorter to read through as well. :)

@jfollmann
Copy link

Thanks for share this ☺

@dheerdotk
Copy link

Getting tis warning
Warning: Invalid configuration encountered
at 'functions.trigger.vpc.securityGroupIds.0.Fn::GetAtt': must NOT have fewer than 2 items
at 'functions.status.vpc.securityGroupIds.0.Fn::GetAtt': must NOT have fewer than 2 items
at 'functions.transform.vpc.securityGroupIds.0.Fn::GetAtt': must NOT have fewer than 2 items

@brianyates
Copy link

@dheerdotk I had the same issue. Perhaps the serverless.yml syntax has changed this this was posted. I was able to get it to work by updating all the instances where Fn::GetAtt is being called with a string to calling them with an array. For example:

"Fn::GetAtt": ServerlessSecurityGroup.GroupId

should be changed to

Fn::GetAtt: [ServerlessSecurityGroup, GroupId]

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment