AWS Lambda functions can only run for a maximum of five minutes. This must be distinctly understood, or nothing wonderful can come of the story you are about to hear.
This past summer, my team and I set out to build an internal software system used for deployment testing on AWS. The application would run a large number of workflow executions in parallel each night and might perform a few one-off executions during the day – maybe six hours total use out of every twenty-four, with only a small fraction of that time spent doing actual compute tasks. Trying to scale, manage and spend money on EC2 instances for that workload didn’t interest us. We wanted to run our whole workflow process end-to-end on AWS Lambda.
And we did. Heaven help us, we did. This is our story.
Continue reading “Serverless Workflows on AWS: My Journey From SWF to Step Functions”
The AWS Price List API
In December 2015, AWS announced a new Price List API that exposes access to current prices for several of their products, including EC2 and RDS. If you’re thinking about building some automation to track AWS spend, and you’re used to working with AWS’s generally marvelous APIs and language SDKs, this sounds like great news. At least, that’s what I thought when I sat down last week to build a tool that would track cost savings for stopped EC2 instances in some of my company’s AWS environments.
Let’s just say the Price List API didn’t match my initial expectations. In fact, calling it an “API” is a bit generous; basically it’s a giant JSON or CSV file you can download for various AWS services that contains price and product data indexed by SKU.
What’s a SKU, you ask? The short answer is it’s a “Stock Keeping Unit“; the even shorter answer is that it doesn’t matter, because nowhere else in the AWS API ecosystem are SKUs for individual resources made available, so you’re not going to be cross-referencing them with anything else. But don’t despair; it is in fact possible to automate price lookups inside the AWS Price List data dump. Let me walk you through the approach I used.
Continue reading “Adventures in AWS: Understanding the Price List API”
Pester and CI
If you’re doing Windows scripting in 2016, you’d better be using PowerShell. And if you’re writing PowerShell scripts, you’d better be checking them into source control and covering them with Pester tests.
It turns out that you can do more with Pester than just run tests manually at the console. As part of a continuous integration (CI) process, you may want to invoke Pester tests on a remote server and report the results up through the build chain. Handily, you can export Pester test output in an NUnit XML format that modern CI systems like Jenkins understand.
But what if you’re not using a build server to invoke Pester? What if your CI setup is … dun dun dun … “serverless”?
Continue reading “Invoke Pester Tests Serverlessly with AWS Lambda and SSM”
This cookbook is still in progress and will grow over time.
Lambda, AWS’s bite-size “serverless” compute service, is mostly awesome. However, it still has a relative lack of good documentation.
I’ve been using Lambda a lot lately, meaning I’ve had a lot of browser tabs open trying to find examples of the latest features like VPC support, Cloudformation integration and Python 2.7 functions. In this post, I’ll try to save you some time by sharing examples of a few things that have sent me searching.
Continue reading “My AWS Lambda Cookbook”
This blog post definitely falls under the “Note to Self” category, because I’ve run into this issue like three times now, so here’s hoping that writing down the answer helps me (and maybe you too).
If you launch CloudFormation stacks through the AWS Powershell Tools with the New-CFNStack cmdlet, you may have run into this funky error from time to time:
New-CFNStack: Object reference not set to an instance of an object.
This is not a helpful error message, and I’ve seen it mean a couple different things.
Reason 1 (most common): You’re missing a required template parameter
The New-CFNStack cmdlet takes an array of Amazon.CloudFormation.Model.Parameter key-value pairs as an argument to the “Parameters” parameter. If you try to put a null value in one of those parameter objects and your CloudFormation template doesn’t allow that parameter to be null, you’ll get the error specified above. This can be hard to debug because normally you’d expect a Powershell cmdlet to come back with an error message like “No argument was specified for parameter ‘X'” in such situation. Again, like I said, bad error message, but an easy fix.
Reason 2 (incredibly specific and stupid): You’re using an old version of the Powershell Tools with named credential profiles
Hopefully nobody else has run into this one. Recent versions of the Powershell Tools include a common parameter called “ProfileName”, which can be used to specify the name of an AWS access keypair saved in your .aws/credentials file or the SDK Store. The old “StoredCredentials” common parameter is still available for backwards compatibility. If you’re using a version of the Powershell Tools older than 2.1.9 (I think), the StoredCredentials parameter is all you get, but it doesn’t work too well with profiles saved in .aws/credentials instead of the SDK Store. In fact, I’ve gotten the “object reference” New-CFNStack error when trying to use named profiles with that cmdlet. Moral of the story: keep your AWS Tools up to date and you’ll never see this issue.
I’ll update this post if I find any other issues with this cmdlet. Thanks for reading!
In this series, I explore some of the everyday challenges facing an AWS developer/sysadmin. Today: Can you script service limit checks in Powershell even without service-specific APIs?
AWS sets default limits on the number of resources you can create in a given account. The limits apply to EBS volume storage, EC2 instance reservations and total CloudFormation stacks, among many others. The full list of default limits–at least the ones you can change—is available here. Changing a limit requires submitting a support ticket and can take anywhere from a few minutes to several days (or never), depending on how much additional capacity you’ve requested. You can view your current EC2 service limits inside the AWS Console for your account.
I’m okay with submitting support tickets to change a limit, but usually I don’t find out if I’ve reached that limit until I kick off a CloudFormation template containing multiple resources and the stack rolls back with an error like this:
Continue reading “Adventures in AWS: Automating Service Limit Checks”
In this series, I explore some of the everyday challenges facing an AWS developer/sysadmin. Today: is Powershell always the best choice for AWS scripting on Windows?
Welcome to AWS, Windows sysadmins! There are many wonderful services here for you to use and a nice API to help you automate them. You could use the AWS CLI to access this API, but more likely you want to integrate AWS commands into your favorite scripting language. Luckily for you, AWS provides options. Like, ALL the options. There is a Java SDK, a .NET SDK, a Python SDK and more, plus some higher-level toolsets built on top of them. Since you’re a Windows scripter, let’s focus on two of these toolsets: the AWS Tools for Windows Powershell and the boto library for Python. Like any good Windows admin, your first instinct is to choose Powershell as the default scripting environment for every task. But as Cicero once said: “The wise are instructed by reason, average minds by experience, the stupid by necessity and the brute by instinct.” So let’s dig a little deeper and see whether Cicero would make a good cloud developer.
Continue reading “Adventures in AWS: Choosing a Windows Scripting Environment”