init

Author: ikim23

Diff for: .editorconfig

@@ -0,0 +1,20 @@
+# EditorConfig is awesome: http://EditorConfig.org
+
+# top-most EditorConfig file
+root = true
+
+# Unix-style newlines with a newline ending every file
+[*]
+end_of_line = lf
+insert_final_newline = true
+indent_style = space
+indent_size = 2
+
+# 2 space indentation
+[{*.js,*.json,*.yml,*.md}]
+indent_style = space
+indent_size = 2
+
+[Makefile]
+indent_style = tab
+indent_size = 4

Diff for: .env.template

@@ -0,0 +1,4 @@
+AWS_ACCESS_KEY_ID=add_me
+AWS_SECRET_ACCESS_KEY=add_me
+STAGE=add_me
+REGION=add_me

Diff for: .eslintrc

@@ -0,0 +1,11 @@
+{
+  "extends": "airbnb-base",
+  "rules": {
+    "no-underscore-dangle": [
+      "error",
+      {
+        "allowAfterThis": true
+      }
+    ]
+  }
+}

Diff for: .gitignore

@@ -0,0 +1,9 @@
+# package directories
+node_modules
+jspm_packages
+
+# Serverless directories
+.serverless
+
+.env
+!.env.template

Diff for: Dockerfile

@@ -0,0 +1,21 @@
+FROM node:6.10
+
+# create project directory
+RUN mkdir -p /usr/src/app
+WORKDIR /usr/src/app
+
+# copy project files fo WORKDIR
+COPY . .
+
+# install AWS CLI
+# To configure AWS CLI setup environment variables:
+# AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_DEFAULT_REGION
+RUN apt-get update
+RUN apt-get -y install python-setuptools python-dev build-essential python-pip
+RUN pip install --upgrade pip
+RUN pip install awscli --upgrade --user
+
+ENV PATH=~/.local/bin:$PATH
+
+# install dependencies
+RUN npm i --silent -g serverless

Diff for: README.md

@@ -0,0 +1,40 @@
+# AWS Lambda - Static outgoing IP address
+
+This repository is created according to article [AWS Lambdas with a static outgoing IP](http://techblog.financialengines.com/2016/09/26/aws-lambdas-with-a-static-outgoing-ip/) by Ivonne Roberts. By using this repository you do not have to create all AWS resources by hand, but you can let AWS CloudFormation to do it for you. To see CloudFormation config open `serverless.yml` file. Steps mentioned in the article are marked in this file, so that it is easier to follow.
+
+## Requirements:
+
+- curl
+- docker
+- docker-compose
+
+## Usage:
+
+Create `.env` file:
+```
+mv .env.template .env
+```
+Set environment variable values in `.env` file:
+|Variable|Description|
+|-|-|
+|AWS_ACCESS_KEY_ID|Access key ID for serverless framework|
+|AWS_SECRET_ACCESS_KEY|Access key for serverless framework|
+|STAGE|name of deployment stage (e.g dev)|
+|REGION|deployment region (e.g us-west-1)|
+
+Clone repository:
+```
+git clone https://github.com/ikim23/aws-lambda-static-ip.git
+```
+Install NPM modules:
+```
+docker-compose run install
+```
+Deploy app to AWS:
+```
+docker-compose run deploy
+```
+Trigger caller function to get Elastic IP address (static IP):
+```
+curl -XGET https://<API_IP>.execute-api.<REGION>.amazonaws.com/<STAGE/call
+```

Diff for: docker-compose.yml

@@ -0,0 +1,23 @@
+version: '2'
+
+services:
+
+  shell:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    image: aws-lambda-static-ip
+    volumes:
+     - .:/usr/src/app
+    env_file: .env
+    command: bash
+
+  install:
+    extends:
+      service: shell
+    command: npm i --silent
+
+  deploy:
+    extends:
+      service: shell
+    command: sls deploy

Diff for: functions/caller/caller.js

@@ -0,0 +1,19 @@
+const request = require('request-promise-native');
+
+module.exports.handler = (event, context, callback) => {
+  request({
+    method: 'GET',
+    uri: process.env.URI,
+  }).then((data) => {
+    const { ip } = JSON.parse(data);
+    const msg = `Your static ip address is: ${ip}`;
+    console.log(msg);
+    callback(null, {
+      statusCode: 200,
+      body: msg,
+    });
+  }).catch((err) => {
+    console.error(err);
+    callback(err);
+  });
+};

Diff for: functions/logger/logger.js

@@ -0,0 +1,8 @@
+
+module.exports.handler = (event, context, callback) => {
+  const { sourceIp } = event;
+  console.log(`Received request from ip: ${sourceIp}`);
+  callback(null, {
+    ip: sourceIp,
+  });
+};

Diff for: package.json

@@ -0,0 +1,21 @@
+{
+  "name": "aws-lambda-static-ip",
+  "version": "1.0.0",
+  "description": "AWS Lambda - Static IP",
+  "main": "index.js",
+  "scripts": {
+    "lint": "eslint --ext .js functions/"
+  },
+  "keywords": [],
+  "author": "ikim23",
+  "license": "ISC",
+  "dependencies": {
+    "request": "^2.81.0",
+    "request-promise-native": "^1.0.4"
+  },
+  "devDependencies": {
+    "eslint": "^3.19.0",
+    "eslint-config-airbnb-base": "^11.1.3",
+    "eslint-plugin-import": "^2.2.0"
+  }
+}

Diff for: serverless.yml

@@ -0,0 +1,168 @@
+service: aws-lambda-static-ip
+
+provider:
+  name: aws
+  runtime: nodejs6.10
+  stage: ${env:STAGE}
+  region: ${env:REGION}
+  versionFunctions: false
+  memorySize: 512
+  timeout: 10
+  vpc:
+    securityGroupIds:
+      - Fn::GetAtt: [VPCStaticIP, DefaultSecurityGroup]
+    subnetIds:
+      - Ref: SubnetPrivate
+  iamRoleStatements:
+    - Effect: Allow
+      Action:
+        - ec2:CreateNetworkInterface
+        - ec2:DeleteNetworkInterface
+        - ec2:DescribeNetworkInterfaces
+      Resource: '*'
+
+functions:
+  logger:
+    handler: functions/logger/logger.handler
+    events:
+      - http:
+          path: log
+          method: get
+          integration: lambda
+          request:
+            template:
+              application/json: '{ "sourceIp" : "$context.identity.sourceIp" }'
+  caller:
+    environment:
+      URI:
+        Fn::Join: ['', [https://, Ref: ApiGatewayRestApi, '.execute-api.${self:provider.region}.amazonaws.com/${self:provider.stage}/log']]
+    handler: functions/caller/caller.handler
+    events:
+      - http:
+          path: call
+          method: get
+
+resources:
+  Resources:
+    # Resources created according to blog post:
+    # http://techblog.financialengines.com/2016/09/26/aws-lambdas-with-a-static-outgoing-ip/
+    
+    # Step 1: Create a new VPC
+    VPCStaticIP:
+      Type: AWS::EC2::VPC
+      Properties: 
+        CidrBlock: 11.0.0.0/16
+        Tags:
+          - Key: Name
+            Value: ${self:service}-${self:provider.stage}-vpc
+    
+    # Step 2: Create 2 Subnets
+    SubnetPublic:
+      Type: AWS::EC2::Subnet
+      Properties:
+        AvailabilityZone: ${self:provider.region}b
+        CidrBlock: 11.0.0.0/24
+        Tags:
+          - Key: Name
+            Value: ${self:service}-${self:provider.stage}-public-subnet
+        VpcId:
+          Ref: VPCStaticIP
+
+    SubnetPrivate:
+      Type: AWS::EC2::Subnet
+      Properties:
+        AvailabilityZone: ${self:provider.region}b
+        CidrBlock: 11.0.1.0/24
+        Tags:
+          - Key: Name
+            Value: ${self:service}-${self:provider.stage}-private-subnet
+        VpcId:
+          Ref: VPCStaticIP
+    
+    # Step 3: Create an Internet Gateway
+    InternetGateway:
+      Type: AWS::EC2::InternetGateway
+      Properties:
+        Tags:
+          - Key: Name
+            Value: ${self:service}-${self:provider.stage}-igw
+
+    # Attach Internet Gateway to VPC
+    VPCGatewayAttachment:
+      Type: AWS::EC2::VPCGatewayAttachment
+      Properties:
+        InternetGatewayId:
+          Ref: InternetGateway
+        VpcId:
+          Ref: VPCStaticIP
+  
+    # Step 4: Create a public Route Table and Assign it to our public route
+    RouteTablePublic:
+      Type: AWS::EC2::RouteTable
+      Properties:
+        VpcId:
+          Ref: VPCStaticIP
+        Tags:
+          - Key: Name
+            Value: ${self:service}-${self:provider.stage}-public-route
+  
+    RoutePublic:
+      Type: AWS::EC2::Route
+      Properties:
+        DestinationCidrBlock: 0.0.0.0/0
+        GatewayId:
+          Ref: InternetGateway
+        RouteTableId:
+          Ref: RouteTablePublic
+  
+    SubnetRouteTableAssociationPublic:
+      Type: AWS::EC2::SubnetRouteTableAssociation
+      Properties:
+        RouteTableId:
+          Ref: RouteTablePublic
+        SubnetId:
+          Ref: SubnetPublic
+    
+    # Step 5: Create a NAT Gateway
+    # Before creating NAT Gateway, we need to create Elastic IP with vpc scope
+    EIP:
+      Type: AWS::EC2::EIP
+      Properties:
+        Domain: vpc
+  
+    NatGateway:
+      Type: AWS::EC2::NatGateway
+      Properties:
+        AllocationId:
+          Fn::GetAtt: [EIP, AllocationId]
+        SubnetId:
+          Ref: SubnetPublic
+
+    # In tutorial NAT Gateway is attached as default route 0.0.0.0/0 in main Route Table.
+    # Main Route Table is created implicitely during VPC creation and CloudFormation
+    # has no access to its ID. To overcome this limitation we create additional Route Table.
+    RouteTablePrivate:
+      Type: AWS::EC2::RouteTable
+      Properties:
+        VpcId:
+          Ref: VPCStaticIP
+        Tags:
+          - Key: Name
+            Value: ${self:service}-${self:provider.stage}-private-route
+
+    RoutePrivate:
+      Type: AWS::EC2::Route
+      Properties:
+        DestinationCidrBlock: 0.0.0.0/0
+        NatGatewayId:
+          Ref: NatGateway
+        RouteTableId:
+          Ref: RouteTablePrivate
+
+    SubnetRouteTableMainAssociationPrivate:
+      Type: AWS::EC2::SubnetRouteTableAssociation
+      Properties:
+        RouteTableId:
+          Ref: RouteTablePrivate
+        SubnetId:
+          Ref: SubnetPrivate