khalid kifayat's Blog

AWS Ninja - Python project

AWS Ninja - Python project

khalid kifayat's photo
khalid kifayat
·

3 min read

Project Description:

- As a cloud engineering team we take care of the aws enviroment and make sure it is in compliance with organization policies.

- We use aws cloudwatch in combination with aws lambda to govern the resources according to the policies.

- For example we trigger a lambda function when an amazon elastic block store(EBS) volume is created.we use amazon cloudwatch events.

- Cloudwatch events that allow us to monitor and respond to EBs volumes that are of type gp2 and convert them to type gp3.

Step 1 : Search lambda function and then click on lambda function.

Step 2 : Then click on create function .

Step 3 : Then in basic information section give the function name and select python 3.10 in runtime.

Step 3 : Then click on create function .

Step 4 : Then search for cloud watch then click on .

Step 5 : Then under the event section you will find out rules click on that .

Step 6 : After that click on create rule .

Step 7 : Then in step1: create rule section select service name ec2 and in event type select EBS volume notifications.

Step 8 : After that click on specific events and select create volume .

Step 9 : Then click on add target and select the lambda function that you just created.

Step 10 : Then click on configure details.

Step 11 : Then in step2: configure rule details give name and description .

Step 12 : Then click on create rule .

Step 12 : Then go to the lambda function and write the python code .

Step 13 : Then search for IAM and click on it.

Step 14 : Then go to the role and click on role.

Step 15 : Then click on the role .

Step 16 : Then go to the add permission and select create inline policy .

Step 17 : After that select service search ec2 .

Step 18 : After that search volume and give permission describe volume , modify volume.

Step 19 : Then click on next .

Step 20 : After that give policy name.

Step 21 : Then click on create policy .

Step 22: Then you can use this python code for lambda function and the click on deploy.

Step 23 : You can use this python code.

COPY

COPY

import boto3

def get_volume_id_from_arn(volume_arn):
    arn_parts = volume_arn.split(":")

    volume_id = arn_parts[-1].split('/')[-1]
    return volume_id

def lambda_handler(event, context):

    volume_arn = event['resources'][0]
    volume_id = get_volume_id_from_arn(volume_arn)

    ec2_client = boto3.client('ec2')

    response = ec2_client.modify_volume(
         VolumeId=volume_id,
         VolumeType='gp3',

    )

Step 24 : Then search volume and click on it.

Step 25 : Then click on create volume.

Step 26 : After creating volume refresh it and your gp2 is converted into gp3.

AWSec2cicdPythonawsninja