The aws-cli documentation and command line help text have not been updated yet to include the syntax for subscribing an AWS Lambda function to an SNS topic, but it does work!
Here’s the format:
aws sns subscribe \
--topic-arn arn:aws:sns:REGION:ACCOUNT:SNSTOPIC \
--protocol lambda \
--notification-endpoint arn:aws:lambda:REGION:ACCOUNT:function:LAMBDAFUNCTION
where REGION, ACCOUNT, SNSTOPIC, and LAMBDAFUNCTION are substituted with appropriate values for your account.
For example:
The AWS Lambda Walkthrough 2 uses AWS Lambda to automatically resize images added to one bucket, placing the resulting thumbnails in another bucket. The walkthrough documentation has a mix of aws-cli commands, instructions for hand editing files, and steps requiring the AWS console.
For my personal testing, I converted all of these to command line instructions that can simply be copied and pasted, making them more suitable for adapting into scripts and for eventual automation. I share the results here in case others might find this a faster way to get started with Lambda.
These instructions assume that you have already set up and are using an IAM user / aws-cli profile with admin credentials.
The following is intended as a companion to the Amazon walkthrough documentation, simplifying the execution steps for command line lovers. Read the AWS documentation itself for more details explaining the walkthrough.
Set up environment variables describing the associated resources:
Here’s a useful tip mentioned in one of the sessions at AWS re:Invent this year.
There is a little known API call that lets you query some of the EC2 limits/attributes in your account. The API call is DescribeAccountAttributes and you can use the aws-cli to query it from the command line.
For full JSON output:
aws ec2 describe-account-attributes
To query select limits/attributes and output them in a handy table format:
My favorite session at AWS re:Invent was James Saryerwinnie’s clear, concise, and informative tour of the aws-cli (command line interface), which according to GitHub logs he is enhancing like crazy.
I just learned about a recent addition to aws-cli: The --query option lets you specify what parts of the response data structure you want output.
Instead of wading through pages of JSON output, you can select a few specific values and output them as JSON, table, or simple text. The new --query option is far easier to use than jq, grep+cut, or Perl, my other fallback tools for parsing the output.
aws --query ExamplesThe following sample aws-cli commands use the --query and --output options to extract the desired output fields so that we can assign them to shell variables:
use aws-cli to extend expiration and restart the delete or archive countdown on objects in an S3 bucket
S3 buckets allow you to specify lifecycle rules that tell AWS to automatically delete or archive any objects in that bucket after a specific number of days. You can also specify a prefix with each rule so that different objects in the same bucket stay for different amounts of time.
Example 1: I created a bucket named
logs.example.com(not the real name) that automatically archives an object to AWS Glacier after it has been sitting in S3 for 90 days.
Example 2: I created a bucket named
tmp.example.com(not the real name) that automatically delete a file after it has been sitting there for 30 days.
This works great until you realize that there are specific files that you want to keep around for just a bit longer than its original expiration.
You could download and then upload the object to reset its creation date, thus starting the countdown from zero; but through a little experimentation, I found that one easy way to reset the creation/modification timestamp on an S3 object is to ask S3 to change the object storage method to the same storage method it currently has.
The following example uses the new aws-cli command line tool to reset the timestamp of an S3 object, thus restarting the lifecycle counter. This has an effect similar to the Linux/Unix touch command.
consistent control over more AWS services with aws-cli, a single, powerful command line tool from Amazon
Readers of this tech blog know that I am a fan of the power of the command line. I enjoy presenting functional command line examples that can be copied and pasted to experience services and features.
Users of the various AWS legacy command line tools know that, though they get the job done, they are often inconsistent in where you get them, how you install them, how you pass options, how you provide credentials, and more. Plus, there are only tool sets for a limited number of AWS services.
I wrote an article that demonstrated the simplest approach I use to install and configure the legacy AWS command line tools, and it ended up being extraordinarily long.
I’ve been using the term “legacy” when referring to the various old AWS command line tools, which must mean that there is something to replace them, right?
The future of the AWS command line tools is aws-cli, a single, unified, consistent command line tool that works with almost all of the AWS services.