无服务器框架将 Lambda 添加到现有 VPC 和子网
Serverless Framework add Lambda to an Existing VPC and Subnet
是否可以创建无服务器框架 Lambda 部署,将 Lambda 部署到现有 VPC 的安全组中?我不希望服务部署或它的堆栈拥有网络工件?
是的。 serverless.yml 中的 vpc 配置只需要引用现有的子网和安全组。像这样:
vpc:
securityGroupIds:
- securityGroupId1
- securityGroupId2
subnetIds:
- subnetId1
- subnetId2
看看https://serverless.com/framework/docs/providers/aws/guide/functions/#vpc-configuration
以下设置在无服务器版本 1.51.0 中非常适合我。我包含了暂存变量,因为我的环境使用不同的子网和安全组进行逻辑隔离。我的网络设置是带有子网和安全组的现有 VPC。
provider:
name: aws
....
....
vpc:
securityGroupIds:
- ${self:custom.securityGroupId.${self:provider.stage}}
subnetIds:
- ${self:custom.subnetId.${self:provider.stage}}
custom:
stages:
- tst
- dev
- prd
securityGroupId:
local: sg-local
tst: sg-tst
dev: sg-dev
prd: sg-prd
subnetId:
local: subnet-local
tst: subnet-tst
dev: subnet-dev
prd: subnet-prd
plugins:
- serverless-stage-manager
@Nebulastic 提供的答案的扩展。
这是您想要配置 VPC Lambda 以从多个子网执行各个阶段的时候。
provider:
name: aws
vpc:
securityGroupIds:
- ${self:custom.securityGroupId.${self:provider.stage}}
subnetIds:
- ${self:custom.subnetId1.${self:provider.stage}}
- ${self:custom.subnetId2.${self:provider.stage}}
- ${self:custom.subnetId3.${self:provider.stage}}
custom:
stage: ${opt:stage, self:provider.stage}
securityGroupId:
prod: sgId-prod
test: sgId-test
dev: sgId-dev
subnetId1:
prod: subnetId1-prod
test: subnetId1-test
dev: subnetId1-dev
subnetId2:
prod: subnetId2-prod
test: subnetId2-test
dev: subnetId2-dev
subnetId2:
prod: subnetId3-prod
test: subnetId3-test
dev: subnetId3-dev
是否可以创建无服务器框架 Lambda 部署,将 Lambda 部署到现有 VPC 的安全组中?我不希望服务部署或它的堆栈拥有网络工件?
是的。 serverless.yml 中的 vpc 配置只需要引用现有的子网和安全组。像这样:
vpc:
securityGroupIds:
- securityGroupId1
- securityGroupId2
subnetIds:
- subnetId1
- subnetId2
看看https://serverless.com/framework/docs/providers/aws/guide/functions/#vpc-configuration
以下设置在无服务器版本 1.51.0 中非常适合我。我包含了暂存变量,因为我的环境使用不同的子网和安全组进行逻辑隔离。我的网络设置是带有子网和安全组的现有 VPC。
provider:
name: aws
....
....
vpc:
securityGroupIds:
- ${self:custom.securityGroupId.${self:provider.stage}}
subnetIds:
- ${self:custom.subnetId.${self:provider.stage}}
custom:
stages:
- tst
- dev
- prd
securityGroupId:
local: sg-local
tst: sg-tst
dev: sg-dev
prd: sg-prd
subnetId:
local: subnet-local
tst: subnet-tst
dev: subnet-dev
prd: subnet-prd
plugins:
- serverless-stage-manager
@Nebulastic 提供的答案的扩展。
这是您想要配置 VPC Lambda 以从多个子网执行各个阶段的时候。
provider:
name: aws
vpc:
securityGroupIds:
- ${self:custom.securityGroupId.${self:provider.stage}}
subnetIds:
- ${self:custom.subnetId1.${self:provider.stage}}
- ${self:custom.subnetId2.${self:provider.stage}}
- ${self:custom.subnetId3.${self:provider.stage}}
custom:
stage: ${opt:stage, self:provider.stage}
securityGroupId:
prod: sgId-prod
test: sgId-test
dev: sgId-dev
subnetId1:
prod: subnetId1-prod
test: subnetId1-test
dev: subnetId1-dev
subnetId2:
prod: subnetId2-prod
test: subnetId2-test
dev: subnetId2-dev
subnetId2:
prod: subnetId3-prod
test: subnetId3-test
dev: subnetId3-dev