This recipe requires some “prep work” which deploys resources that you’ll build the solution on. You will use the AWS CDK to deploy these resources
In the root of this Chapter’s repo cd to the “504-Mounting-an-EFS-Filesystem-to-Lambda/cdk-AWS-Cookbook-504” directory and follow the subsequent steps:
cd 504-Mounting-an-EFS-Filesystem-to-Lambda/cdk-AWS-Cookbook-504/
test -d .venv || python3 -m venv .venv
source .venv/bin/activate
pip install --upgrade pip
pip install -r requirements.txt
cdk deploy
We created a helper.py script to let you easily create and export environment variables to make subsequent commands easier. Run the script, and copy the output to your terminal to export variables:
python helper.py
ISOLATED_SUBNETS=$(echo ${ISOLATED_SUBNETS} | tr -d ' "')
cd ..
aws lambda delete-function --function-name AWSCookbook504Lambda
aws logs delete-log-group \
--log-group-name /aws/lambda/AWSCookbook504Lambda
aws iam detach-role-policy --role-name AWSCookbook504Role \
--policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole
aws iam delete-role --role-name AWSCookbook504Role
Remove the ingress rule to the EFS File System’s Security group that allows access on port tcp 2049 from the Lambda’s Security Group:
aws ec2 revoke-security-group-ingress \
--protocol tcp --port 2049 \
--source-group $LAMBDA_SG_ID \
--group-id $EFS_SECURITY_GROUP
aws ec2 delete-security-group --group-id $LAMBDA_SG_ID
cd cdk-AWS-Cookbook-504/
To clean up the environment variables, run the helper.py script in this recipe’s cdk- directory with the --unset flag, and copy the output to your terminal to export variables:
python helper.py --unset
unset LAMBDA_ARN
unset LAMBDA_SG_ID
Use the AWS CDK to destroy the resources, deactivate your Python virtual environment, and go to the root of the chapter:
cdk destroy && deactivate && rm -r .venv/ && cd ../..