1. Answers
  2. Using AWS CloudShell and AWS CLI with Python in Pulumi

How do I use AWS CloudShell and AWS CLI with Python in Pulumi?

Introduction

In this guide, we will demonstrate how to use AWS CloudShell and AWS CLI with Python in Pulumi. AWS CloudShell is a browser-based shell that makes it easy to manage, interact with, and automate AWS services. AWS CLI is a unified tool to manage AWS services. We will write a Pulumi program in TypeScript that provisions an AWS Lambda function which uses Python to interact with AWS services using the AWS CLI.

Key Points

  1. AWS CloudShell: A browser-based shell to interact with AWS services.
  2. AWS CLI: A command-line tool to manage AWS services.
  3. Pulumi: An infrastructure as code tool to provision cloud resources.
  4. Python: The scripting language used in the AWS Lambda function.

Pulumi Program

Below is the Pulumi program written in TypeScript. This program provisions an AWS Lambda function that uses Python to execute AWS CLI commands.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create an IAM role for the Lambda function
const role = new aws.iam.Role("lambdaRole", {
    assumeRolePolicy: {
        Version: "2012-10-17",
        Statement: [{
            Action: "sts:AssumeRole",
            Principal: {
                Service: "lambda.amazonaws.com",
            },
            Effect: "Allow",
            Sid: "",
        }],
    },
});

// Attach the AWSLambdaBasicExecutionRole policy to the role
const rolePolicyAttachment = new aws.iam.RolePolicyAttachment("lambdaRolePolicy", {
    role: role,
    policyArn: aws.iam.ManagedPolicies.AWSLambdaBasicExecutionRole,
});

// Define the Lambda function code
const lambdaCode = `
import json
import subprocess

def lambda_handler(event, context):
    # Example AWS CLI command using subprocess
    result = subprocess.run(["aws", "s3", "ls"], capture_output=True, text=True)
    return {
        'statusCode': 200,
        'body': json.dumps(result.stdout)
    }
`;

// Create the Lambda function
const lambdaFunction = new aws.lambda.Function("myLambdaFunction", {
    runtime: aws.lambda.Python3d8Runtime,
    role: role.arn,
    handler: "index.lambda_handler",
    code: new pulumi.asset.AssetArchive({
        "index.py": new pulumi.asset.StringAsset(lambdaCode),
    }),
});

// Export the Lambda function name
export const lambdaFunctionName = lambdaFunction.name;

Summary

In this guide, we created a Pulumi program that provisions an AWS Lambda function using Python to execute AWS CLI commands. We utilized AWS CloudShell for browser-based interaction with AWS services and AWS CLI for command-line management. The Lambda function was created with the necessary IAM role and policy to execute AWS CLI commands within the Lambda environment. This setup allows for automated and scalable interactions with AWS services using Python scripts.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up