New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(AWS Lambda): Allow overriding provider VPC with no VPC on function #10060
Conversation
…ss#4387) Allows for specification of no VPC for a function, even if the provider has a VPC specified.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you @HowManyOliversAreThere 🙇 Looks good in general, I have one suggestion related on how we should handle such case on CF level. Please let me know what do you think 🙇
it('should allow `functions[].vpc` to specify no vpc', () => { | ||
const { VpcConfig } = cfResources[naming.getLambdaLogicalId('vpcNullify')].Properties; | ||
|
||
expect(VpcConfig.SecurityGroupIds).to.deep.equal([]); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we should take another approach here - in such cases the VpcConfig
should not be defined at all on the CF resource.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense, much neater approach! I've implemented this in 524faab
if (!functionObject.vpc) functionObject.vpc = {}; | ||
// ensure provider VPC is not used if function VPC explicitly unset | ||
if (functionObject.vpc === null || functionObject.vpc === false) { | ||
functionObject.vpc = { securityGroupIds: [], subnetIds: [] }; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of that, let's change the logic so in such case, the whole VpcConfig
property will be removed from functionResource
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Implemented in 524faab
Codecov Report
@@ Coverage Diff @@
## master #10060 +/- ##
==========================================
- Coverage 85.53% 85.41% -0.13%
==========================================
Files 333 333
Lines 13473 13538 +65
==========================================
+ Hits 11524 11563 +39
- Misses 1949 1975 +26
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great, thank you @HowManyOliversAreThere 🙇
Allows for specification of no VPC for a function, even if the provider has a VPC specified. To specify no VPC is to be used, a null value must be passed to
vpc
. This can be done via~
,null
, or even leaving the line blank aftervpc:
.false
can also be used for un-setting the VPC as this was discussed as an option in the ticket, however the documentation updates all refer to using~
as the unified way of achieving this for the sake of consistency.Closes: #4387