Rya*_*sch 8 aws-cloudformation aws-sdk aws-lambda aws-api-gateway serverless-framework
是否可以创建无服务器框架Lambda部署,其中Lambda部署到现有VPC的SecurityGroup中?我不希望服务部署或它的堆栈拥有一个网络工件?
Bri*_*ant 11
是的.该vpc配置serverless.yml只需要引用现有的子网和安全组.像这样的东西:
vpc:
securityGroupIds:
- securityGroupId1
- securityGroupId2
subnetIds:
- subnetId1
- subnetId2
请查看https://serverless.com/framework/docs/providers/aws/guide/functions/#vpc-configuration
以下设置在 Serverless 版本 1.51.0 中非常适合我。我包括了暂存变量,因为我的环境使用不同的子网和安全组进行逻辑隔离。我的网络设置是具有子网和安全组的现有 VPC。
provider:
name: aws
....
....
vpc:
securityGroupIds:
- ${self:custom.securityGroupId.${self:provider.stage}}
subnetIds:
- ${self:custom.subnetId.${self:provider.stage}}
custom:
stages:
- tst
- dev
- prd
securityGroupId:
local: sg-local
tst: sg-tst
dev: sg-dev
prd: sg-prd
subnetId:
local: subnet-local
tst: subnet-tst
dev: subnet-dev
prd: subnet-prd
plugins:
- serverless-stage-manager
@Nebulastic 提供的答案的扩展。
这是当您希望将 VPC Lambda 配置为从多个子网为不同阶段执行时。
provider:
name: aws
vpc:
securityGroupIds:
- ${self:custom.securityGroupId.${self:provider.stage}}
subnetIds:
- ${self:custom.subnetId1.${self:provider.stage}}
- ${self:custom.subnetId2.${self:provider.stage}}
- ${self:custom.subnetId3.${self:provider.stage}}
custom:
stage: ${opt:stage, self:provider.stage}
securityGroupId:
prod: sgId-prod
test: sgId-test
dev: sgId-dev
subnetId1:
prod: subnetId1-prod
test: subnetId1-test
dev: subnetId1-dev
subnetId2:
prod: subnetId2-prod
test: subnetId2-test
dev: subnetId2-dev
subnetId2:
prod: subnetId3-prod
test: subnetId3-test
dev: subnetId3-dev
| 归档时间: |
|
| 查看次数: |
2479 次 |
| 最近记录: |