node.js - Setting up a NAT gateway with VPC using Serverless framework -


i'm trying use serverless framework create lambda function can access elasticache cluster, call out internet.

i've got far configuring serverless.yml create lambda function, create elasticache cluster (memcached engine), , create vpc , place both lambda function , elasticache cluster within (otherwise, cannot communicate).

i understand things within vpc not have access internet, , researching around topic i've come conclusion best practice way of handling create nat gateway vpc allow external access.

i can see how within aws console, i'd stick defining within serverless.yml avoid manual infrastructure setup.

  • is possible create nat gateway within serverless.yml?
  • is creating nat gateway correct way of doing this? (are there better options?)

additional information

in getting point i'm at, heavily copied 1 of serverless examples (it's java based example, concept , service definition same). creates lambda function, elasticache cluster, , puts them in vpc can communicate. believe has same issue whereby lambda function cannot access internet. https://github.com/mugglmenzel/serverless-examples-cached-rds-ws/blob/master/serverless.yml

you have configure nat instance or managed nat gateway provide internet access lambdas inside vpc. may have use resource section of serverless.yml file create nat gateway / nat instance resource.

have @ resources section of serverless framework documentation. these resources added cloudformation stack upon serverless deploy

you can overwrite/attach kind of resource cloudformation stack. can add resources, outputs or overwrite description. can use serverless variables sensitive data or reusable configuration in resources templates.

so can add cloudformation template nat gateway inside resource section.

for example,

resources:   natgateway:   type: aws::ec2::natgateway   dependson: nateip   properties:     allocationid:       fn::getatt:       - nateip       - allocationid     subnetid:       ref: publicsubnet   nateip:     type: aws::ec2::eip     properties:       domain: vpc   natroute:     type: aws::ec2::route     dependson: natgateway     properties:       routetableid:         ref: privateroutetable       destinationcidrblock: 0.0.0.0/0       natgatewayid:         ref: natgateway

here link complete cloudformation snippet of lambda inside vpc.


Comments

Post a Comment

Popular posts from this blog

Is there a better way to structure post methods in Class Based Views -

i'm using class based views in django , never specify url in ajax calls , omit action parameter in form because know these requests go through post method of class based view. notice view - profile page make many requests depending on user updating on page - post method become convoluted , if/else mess example: def post(self, request, *args, **kwargs): # handle user changing available date if request.post.get('availabledate') != none: self.updateavailabledate(request) return jsonresponse({'result':'success'}) if request.post.get('newprojectname') != none: creative_user = creativeuserprofile.objects.get(id = request.user.id) project = project.create_project(creative_user, request.post['newprojectname']) project.save() return jsonresponse({'projectid': project.id }) if request.post.get('projectimage') != none , request.files['file']: proj...
Read more

performance - Why is XCHG reg, reg a 3 micro-op instruction on modern Intel architectures? -

i'm doing micro-optimization on performance critical part of code , came across sequence of instructions (in at&t syntax): add %rax, %rbx mov %rdx, %rax mov %rbx, %rdx i thought had use case xchg allow me shave instruction , write: add %rbx, %rax xchg %rax, %rdx however, dimay found agner fog's instruction tables , xchg 3 micro-op instruction 2 cycle latency on sandy bridge, ivy bridge, broadwell, haswell , skylake. 3 whole micro-ops , 2 cycles of latency! 3 micro-ops throws off 4-1-1-1 cadence , 2 cycle latency makes worse original in best case since last 2 instructions in original might execute in parallel. now... cpu might breaking instruction micro-ops equivalent to: mov %rax, %tmp mov %rdx, %rax mov %tmp, %rdx where tmp anonymous internal register , suppose last 2 micro-ops run in parallel latency 2 cycles. given register renaming occurs on these micro-architectures, though, doesn't make sense me done way. why wouldn't register renamer ...
Read more

c# - Asp.net web api : redirect unauthorized requst to forbidden page -

im trying redirect unauthorized request forbidden page instead i'm getting forbidden page in response body , how can fix ? here's startup class : app.createperowincontext(storecontext.create); app.createperowincontext<applicationusermanager>(applicationusermanager.create); app.createperowincontext<applicationsigninmanager>(applicationsigninmanager.create); app.usecookieauthentication(new cookieauthenticationoptions { authenticationtype = defaultauthenticationtypes.applicationcookie, expiretimespan = timespan.fromdays(30), }); app.useexternalsignincookie(defaultauthenticationtypes.externalcookie); app.usetwofactorsignincookie(defaultauthenticationtypes.twofactorcookie, timespan.fromminutes(5)); app.usetwofactorrememberbrowsercookie(defaultauthenticationtypes.twofactorrememberbrowsercookie); the method im trying reach : [httpget] [authorize(roles = "admin")] public string getcurrentusername() { return userman...
Read more