AWS Lambda Check
1. Intro to Lambda Computing
Use Case for an AWS Lambda check.
Powerful: AWS Lambda has many runtimes available.
Other Reasons to Use the AWS Lambda check
AWS SDK for Python (Boto3)
Lambda Check Overview
2. Coding Lambda
Import Libraries
Define the Main Function
Scripting the Check
The finished script
Running the check
3. AWS Setup
Get into the AWS Lambda Service
Create New Lambda Function
Configure the Function
Permissions
Create Function
Import Your Script
Create Test Event
Deploy the AWS Changes, Test
Edit Runtime Handler
Test
4. Adding a JSON Event
Add an Event Field
5. ASM Check Creation
Step 1: Name, Description, and Tags
Step 2a: Command and location
Step 2b: Command and location
Step 3: Interval, Thresholds, & Monitor Groups
Create check
6. Run Result
1. Intro to Lambda Computing
This page is a step-by-step guide to using the AWS Lambda check type.
Use Case for an AWS Lambda check.
Powerful: AWS Lambda has many runtimes available.
Apica's Scripted Checks
Amazon Web Services Lambda Runtimes
Java
Python 3+
JavaScript
Node.js
Python
Ruby
Java
Go
.NET Core
C#
PowerShell
With AWS Lambda, you could use any one of these services to create your new ASM check.
Other Reasons to Use the AWS Lambda check
Example: You have a very secure Virtual Private Cloud where no traffic is allowed inside, and perhaps you don't want to use a private Apicanet agent. You can spawn your Lambda execution inside your secure VPC and take full advantage of the AWS permissions model. You could use it to give your Lambda access to additional services such as databases or an AWS secret store.
AWS SDK for Python (Boto3)
In our next section, we'll step through writing a very simple Python Lambda. And we will then add it into our ASM account and then run it and see the results.
Lambda Check Overview
Prepare by importing the Libraries your script will need.
Create the AWS Lambda Function, which the ASM Check will call for execution.
Define the Main Functions of the script.
Create a New Lambda Function.
Import Your Script into that Lambda Function.
Create the Lambda Event that ASM will display.
Create the AWS Lambda Check on any ASM-supported AWS Regions on the Apica Monitoring Platform.
Collect, compare and analyze the ASM Check Results OR send the results to integrated systems that use ASM as a data source.
2. Coding Lambda
For this AWS Lambda example, we will use Python to create the code for our cloud function. This example will be a simple Lambda; we will not be importing any libraries other than the default Python libraries.
Our goal is to create a check that returns a random value.
It appears simplistic, but this is to provide an example of creating a Lambda.
Step
Screenshot
Scripting the Check
This script will generate the dictionary, a list of values we will measure for further analysis.
Generate a random value (
rand_value
) between 0 and 100.Create
json_value
that will capture all the defined return values that we want: Return Code, time
The expandable JSON result format will allow us to present a message with the generated random value, a unit of time measurement (milliseconds), and a Lambda function (set to True).
Important: if you've created a scripted check before, all you need to do is put the same thing into a Lambda.
rand_value = random.randint(0, 100)
And the next step is uploading our script into AWS.
3. AWS Setup
Here, we will create the function, which will be called by our check inside the Amazon AWS UI.
Step
Screenshot
For example, if the function needs to access a relational database or other Amazon services, this is where you would set that.
So the above is how you create the Lambda function in Amazon, and it's ready for use. But first, let's add a JSON Event to our check before we set up the check in ASM.
4. Adding a JSON Event
To demonstrate some of the power of Lambda, we'll be editing our code directly in AWS Lambda.
We will be adding just one additional field to our results because it's essential to show the power of our expandable JSON results.
Step
Screenshot
Add an Event Field
In AWS Lambda, we're going to add a field called event
. And it will be the event that's passed in; i.e., the event is data from the check itself. So when we add it in this section, we can show that happening.
Click Deploy
Click Test to do a quick test, and we'll see that the event has our test event that we created earlier. We'll see how this works when we run the ASM function.
Note the test Status now shows Succeeded.
Next, we'll be creating our check in the ASM UI. And we'll be running this and retrieving a result from it.
5. ASM Check Creation
We're going to create our check in ASM.
Step
Screenshot
Navigate to ASM, New Check+. Under the Scripted Check banner, click the Run AWS Lambda icon.
The check wizard will open. So let's create a new check.
Step 2a: Command and location
AWS Region: This is the AWS region that your Lambda resides in. It may not default to your location, which you'll find that in the upper right-hand corner of your Amazon screen, or your Amazon UI.
In this example, it says Frankfurt, but up in the browser URL, you will see eu-central-1.console.aws.ams:on.com/lambda/hometregion-=eu-central-14
So, select eu-central-1
for this example or whatever matches your AWS Region in the dropdown choices.
Function Name: Our example function name is simply DemoFunction, which we will type in, and find in our AWS UI, indicated to the right.
Step 2b: Command and location
AWS access key & AWS secret key. It would be best if you had this from AWS. You may need to ask your Operations team to get you an AWS Access Key and AWS Secret Key to execute this function. Enter these here.
Base64 Encoded JSON Payload. This JSON payload is the event that is passed here. For this field, create a JSON object; Base64 encode it and paste it in here.
For other fields, such as AWS Session Token, AWS Role ARN, and Role Session Name: if/when you provide these inputs, the script that runs your Lambda will assume a role before running the Lambda.
You may have a security scheme that uses that, but, in this case, we don't. So we're going to leave these empty.
Location. Select for this example Montreal and then press Next.
And in our next section, we will run the check and examine our results.
6. Run Result
We've created and configured our AWS Lambda check. We are ready to run it in ASM and view the results.
Note: the base 64 encoded JSON payload field that we provided is entirely optional. If you don't want to use it, you can leave it empty, and there won't be any additional information passed to your Lambda. But we'll keep it for this example.
Step
Screenshot
Check details page and manually run the check.
We see the result value/response time of 47 milliseconds.
If you click into this data point, in the Result section, you can see the Lambda: true
event as well as the hello: "world"
object that we encoded in Base64 and put inside our check configuration.
You can provide almost any kind of data in this check type. As long as you have an Amazon account, the possibilities with this check are endless.
As mentioned before, you can use many different types of runtimes. If you're a Ruby person and cannot have an Apica Private Agent inside your firewall, you can use Lambda.
Using AWS Identity and Access Management, you can set very fine-grained permissions.
Was this helpful?