Shulou(Shulou.com)06/02 Report--

I've been looking at how to use Lambda and Python these two days, but I'm usually more used to using PowerShell to manage various systems. Try how to use PowerShell in Lambda.

First, you need to install the following three modules on your local computer.

Install PowerShell Core

Https://github.com/powershell/powershell

Install the .NET Core Software Development Kit (SDK)

Https://www.microsoft.com/net/download

Install AWSLambdaPSCore module

Install-Module AWSLambdaPSCore-Scope CurrentUser

Once installed, execute it in the console of Powershell6

New-AWSPowerShellLambda-ScriptName awstag-Template basic

He will automatically create a directory based on basic's template with a blank ps file and a readme file. This blank ps file automatically loads the module of powershellcore. If we need to add other modules, we need to modify them here. Here is one of my test scripts. The main function of this script is to check tag to make sure that EC2,Volume and Snapshot have corresponding tag, because I need to display bills from different clinics through tag every month. In addition, if the snapshot is more than 60 days, it will be deleted automatically.

# PowerShell script file to be executed as an AWS Lambda function. # # When executing in Lambda the following variables will be predefined.# $LambdaInput-A PSObject that contains the Lambda function input data.# $LambdaContext-An Amazon.Lambda.Core.ILambdaContext object that contains information about the currently running Lambda environment.## The last item in the PowerShell pipeline will be returned as the result of the Lambda function.## To include PowerShell modules with your Lambda function, like the AWSPowerShell.NetCore module, add a "# Requires" statement # indicating the module and version.#Requires-Modules @ {ModuleName='AWSPowerShell.NetCore' ModuleVersion='3.3.335.0'} # Uncomment to send the input event to CloudWatch Logs# Write-Host (ConvertTo-Json-InputObject $LambdaInput-Compress-Depth 5) Write-Host "Checking EC2 instance Tags status"-ForegroundColor Yellow$all=Get-EC2Instance | select-expand instances$return=$all | Where-Object {$_. Tag.key-notcontains "Clinic"} if ($return-ne $null) {$username = "test@abc.com" $password = "Passwordtest" | ConvertTo-SecureString-asPlainText-Force$credential = New-Object System.Management.Automation.PSCredential ($username $password) $id=$return.InstanceIdSend-MailMessage-From test@abc.com-to test@abc.com-SmtpServer smtp.office365.com-Port 587-UseSsl-Subject "EC2 instance Tag"-body "$id"-Credential $credentialexit} # confirm EC2 instances were tagged$result=@ () foreach ($item in $all) {$Name=$item.tag | Where-Object {$_. Key-eq 'Name'} | select-ExpandProperty value $clinic=$item.tag | Where-Object {$_. Key-eq' clinic'} | select-ExpandProperty value $item | add -member-NotePropertyName Description-NotePropertyValue $name $item | add-member-NotePropertyName Clinic-NotePropertyValue $clinic $item = $item | select * $result+=$item} $result | select Description InstanceId, privateIpaddress, Clinic | Group-Object Clinicwrite-host "Updating Volume Tags Status..."-ForegroundColor Yellow # Tag all volumes based on their attached EC2 Clinic Tag$allvol=Get-EC2Volume | Where-Object {$_. Tag.key-notcontains "Clinic"} foreach ($item in $result) {foreach ($item2 in $allvol) {if ($item2.attachments.instanceid-eq $item.InstanceId) {$value=$item.Clinic New-EC2Tag-Resource $item2.VolumeId-Tag @ {Key= "Clinic" Value=$value}} Write-Host "Updating Snapshot Tags Status..."-ForegroundColor Yellow # Tag all snapshots based on the volume Tag$allvol=Get-EC2Volume $filter= New-Object Amazon.EC2.Model.Filter-Property @ {Name = "owner-id" Values = '386115804199'} $snapshots=Get-EC2Snapshot-Filter $filter $snapshots1= $snapshots |? {$_ .Tag.key-notcontains "Clinic"} foreach ($I in $snapshots1) {$volid=$i.VolumeId foreach ($j in $allvol) {if ($volid-eq $j.Volumeid) {$value=$j.tag | Where-Object {$_ .key-eq' Clinic'} | select-ExpandProperty value $name=$j.Tag | Where-Object {$_ .key-eq "Name"} | select- ExpandProperty value $snapid=$i.snapshotid write-host "--$snapid--" New-EC2Tag-Resource $snapid- Tag @ {Key= "Clinic" Value=$value} New-EC2Tag-Resource $snapid-Tag @ {Key= "Name"; value=$name} write-host "Deleting Snapshots older than over 60 days!"-ForegroundColor Yellow$date= (get-date). AddDays (- 40) foreach ($snapshot in $snapshots) {$id=$snapshot.snapshotid if ($snapshot.starttime-lt $date) {$snapshot Remove-EC2Snapshot-SnapshotId $id-Confirm:$false}}

Next, it executes in Powershell6's console, which automatically binds iam's role, compresses the relevant modules and executes scripts, and then uploads them to Lambda's console. I wrote the iam role here casually, allowing access to ec2 and cloudwatch log.

Publish-AWSPowerShellLambda-ScriptPath.\ awstag.ps1-name awstag-iamrole 'ec2fullaccess'-Region ap-southeast-2

Wait 1 minute, log in to aws and you can see the uploaded function.

This piece of code is not like Python can see directly, directly tell you that it is too big to display, but I can directly call

Try it and show success.

Check the corresponding cloudwatch.

Done!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.