DEV Community: Moya Richards The latest articles on DEV Community by Moya Richards (@moyarich). https://dev.to/moyarich https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F318908%2F383c4e70-919e-4867-8d8d-db225a641312.png DEV Community: Moya Richards https://dev.to/moyarich en Automate Post-Deployment Tasks with `cdkTrigger` in AWS CDK Moya Richards Fri, 18 Jul 2025 15:40:43 +0000 https://dev.to/aws-builders/automate-post-deployment-tasks-with-cdktrigger-in-aws-cdk-3lin https://dev.to/aws-builders/automate-post-deployment-tasks-with-cdktrigger-in-aws-cdk-3lin <p>Deploying infrastructure with AWS CDK is powerful β€” but sometimes, you want something more than just resources in place. Maybe you want to:</p> <ul> <li>Seed a database after deployment</li> <li>Populate an S3 bucket with default data</li> <li>Kick off a workflow</li> <li>Or simply validate that everything deployed successfully</li> </ul> <p>That's where the <code>cdk-triggers</code> module comes in. In this post, we'll walk through how to use <code>cdk.triggers.Trigger</code> to automatically invoke a Lambda function after a successful CDK deployment.</p> <h2> πŸ”§ What is <code>cdk.triggers.Trigger</code>? </h2> <p>The <code>Trigger</code> construct is part of the <a href="https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.triggers-readme.html" rel="noopener noreferrer"><code>aws-cdk-lib.triggers</code></a> module. It allows you to run a Lambda <strong>automatically after your stack is deployed</strong> β€” great for bootstrapping and post-deploy configuration tasks.</p> <h2> πŸ§ͺ Example: Run a Lambda After Resources Are Created </h2> <p>Let’s say you’re deploying:</p> <ul> <li>An S3 bucket</li> <li>A DynamoDB table</li> <li>A Lambda that seeds a database</li> </ul> <p>You want the Lambda to run <strong>after</strong> all the resources are successfully created.</p> <h3> Step 1: Import Required Modules </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">cdk</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">lambda</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-lambda</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">s3</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-s3</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">dynamodb</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/aws-dynamodb</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">triggers</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib/triggers</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Construct</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">constructs</span><span class="dl">"</span><span class="p">;</span> </code></pre> </div> <h3> Step 2: Define the Stack </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kd">class</span> <span class="nc">MyStack</span> <span class="kd">extends</span> <span class="nc">cdk</span><span class="p">.</span><span class="nx">Stack</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="nx">scope</span><span class="p">:</span> <span class="nx">Construct</span><span class="p">,</span> <span class="nx">id</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">props</span><span class="p">?:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">StackProps</span><span class="p">)</span> <span class="p">{</span> <span class="k">super</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">props</span><span class="p">);</span> <span class="c1">// S3 bucket</span> <span class="kd">const</span> <span class="nx">bucket</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">s3</span><span class="p">.</span><span class="nc">Bucket</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">MyBucket</span><span class="dl">"</span><span class="p">);</span> <span class="c1">// DynamoDB table</span> <span class="kd">const</span> <span class="nx">table</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nc">Table</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">MyTable</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">partitionKey</span><span class="p">:</span> <span class="p">{</span> <span class="na">name</span><span class="p">:</span> <span class="dl">"</span><span class="s2">id</span><span class="dl">"</span><span class="p">,</span> <span class="na">type</span><span class="p">:</span> <span class="nx">dynamodb</span><span class="p">.</span><span class="nx">AttributeType</span><span class="p">.</span><span class="nx">STRING</span> <span class="p">},</span> <span class="p">});</span> <span class="c1">// Lambda function to run post-deploy</span> <span class="kd">const</span> <span class="nx">seedFunction</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">Function</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">SeedFunction</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">runtime</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Runtime</span><span class="p">.</span><span class="nx">NODEJS_18_X</span><span class="p">,</span> <span class="na">handler</span><span class="p">:</span> <span class="dl">"</span><span class="s2">index.handler</span><span class="dl">"</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="dl">"</span><span class="s2">lambda/seed</span><span class="dl">"</span><span class="p">),</span> <span class="na">timeout</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">Duration</span><span class="p">.</span><span class="nf">minutes</span><span class="p">(</span><span class="mi">5</span><span class="p">),</span> <span class="na">environment</span><span class="p">:</span> <span class="p">{</span> <span class="na">BUCKET_NAME</span><span class="p">:</span> <span class="nx">bucket</span><span class="p">.</span><span class="nx">bucketName</span><span class="p">,</span> <span class="na">TABLE_NAME</span><span class="p">:</span> <span class="nx">table</span><span class="p">.</span><span class="nx">tableName</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="nx">bucket</span><span class="p">.</span><span class="nf">grantReadWrite</span><span class="p">(</span><span class="nx">seedFunction</span><span class="p">);</span> <span class="nx">table</span><span class="p">.</span><span class="nf">grantReadWriteData</span><span class="p">(</span><span class="nx">seedFunction</span><span class="p">);</span> <span class="c1">// Create the trigger</span> <span class="kd">const</span> <span class="nx">cdkTrigger</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">triggers</span><span class="p">.</span><span class="nc">Trigger</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">SeedTrigger</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">handler</span><span class="p">:</span> <span class="nx">seedFunction</span><span class="p">,</span> <span class="na">timeout</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">Duration</span><span class="p">.</span><span class="nf">minutes</span><span class="p">(</span><span class="mi">10</span><span class="p">),</span> <span class="na">invocationType</span><span class="p">:</span> <span class="nx">triggers</span><span class="p">.</span><span class="nx">InvocationType</span><span class="p">.</span><span class="nx">EVENT</span><span class="p">,</span> <span class="c1">// async invocation</span> <span class="p">});</span> <span class="c1">// Define dependencies – only run trigger after these resources are created</span> <span class="nx">cdkTrigger</span><span class="p">.</span><span class="nf">executeAfter</span><span class="p">(</span><span class="nx">bucket</span><span class="p">);</span> <span class="nx">cdkTrigger</span><span class="p">.</span><span class="nf">executeAfter</span><span class="p">(</span><span class="nx">table</span><span class="p">);</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h2> πŸ” How It Works </h2> <p>During deployment, CDK will:</p> <ol> <li>Deploy your stack’s resources (bucket, table, Lambda).</li> <li>Automatically invoke the <code>seedFunction</code> via the trigger.</li> <li>Ensure it runs <strong>only once</strong> (unless you opt to re-run it).</li> </ol> <h2> πŸ›  Notes &amp; Best Practices </h2> <ul> <li>The <code>Trigger</code> construct deploys a <strong>custom resource</strong> under the hood.</li> <li> <p>The <code>invocationType</code> can be:</p> <ul> <li> <code>EVENT</code>: Asynchronous (default and recommended for non-critical background jobs)</li> <li> <code>REQUEST_RESPONSE</code>: Wait for result (useful for critical tasks, but can cause stack rollback on failure)</li> </ul> </li> <li><p>You can use <code>cdkTrigger.executeAfter(...)</code> to <strong>control execution order</strong> and guarantee your resources are ready.</p></li> <li><p>To re-run the trigger every deploy, set <code>cdkTrigger.trigger.runOnUpdate = true</code>.</p></li> </ul> <h2> 🧹 Optional: Clean Up After Execution </h2> <p>By default, the Lambda and the trigger stay in place. If you want to <strong>clean up</strong> the Lambda after running:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nx">cdkTrigger</span><span class="p">.</span><span class="nf">applyRemovalPolicy</span><span class="p">(</span><span class="nx">cdk</span><span class="p">.</span><span class="nx">RemovalPolicy</span><span class="p">.</span><span class="nx">DESTROY</span><span class="p">);</span> </code></pre> </div> <p>Or consider separating your post-deployment logic into a one-time stack.</p> <h2> βœ… Summary </h2> <p><code>cdk.triggers.Trigger</code> is a great way to kick off post-deployment automation in a clean, repeatable way.</p> <p><strong>Use it to:</strong></p> <ul> <li>Seed databases</li> <li>Initialize state</li> <li>Validate configs</li> <li>Or automate any once-per-deploy logic</li> </ul> <p>No need for separate scripts or manual steps β€” just CDK.</p> <h2> πŸ“ Example Directory Structure </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>my-app/ β”œβ”€β”€ bin/ β”‚ └── my-app.ts β”œβ”€β”€ lib/ β”‚ └── my-stack.ts β”œβ”€β”€ lambda/ β”‚ └── seed/ β”‚ └── index.ts </code></pre> </div> <h2> πŸ§ͺ Want to Try It? </h2> <p>Make sure you have the triggers module installed:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install </span>aws-cdk-lib constructs </code></pre> </div> <p>That’s it! Happy automating with CDK! βš™οΈ</p> cdk programming aws javascript Fixing Lambda to Aurora PostgreSQL Connection Timeout Issues in AWS Moya Richards Wed, 09 Jul 2025 17:15:36 +0000 https://dev.to/aws-builders/fixing-lambda-to-aurora-postgresql-connection-timeout-issues-in-aws-2be https://dev.to/aws-builders/fixing-lambda-to-aurora-postgresql-connection-timeout-issues-in-aws-2be <h1> Fixing Lambda to Aurora PostgreSQL Connection Timeout Issues in AWS </h1> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="s2">"errorMessage"</span>: <span class="s2">"connection to server at </span><span class="se">\"</span><span class="s2">my-aurora-database.cluster-xxxxx.region.rds.amazonaws.com</span><span class="se">\"</span><span class="s2"> (10.0.0.1), port 5432 failed: timeout expired"</span> </code></pre> </div> <p>If you've encountered the dreaded "connection timeout" error when trying to connect your AWS Lambda function to Aurora PostgreSQL, you're not alone. <br> This post will guide you through the common causes and solutions to this frustrating issue.</p> <h2> The Error </h2> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"cause"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"errorMessage"</span><span class="p">:</span><span class="w"> </span><span class="s2">"connection to server failed: timeout expired"</span><span class="p">,</span><span class="w"> </span><span class="nl">"errorType"</span><span class="p">:</span><span class="w"> </span><span class="s2">"OperationalError"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h2> Common Causes </h2> <ol> <li> <strong>VPC Configuration Issues</strong>: Lambda can't reach Aurora</li> <li> <strong>Security Group Misconfigurations</strong>: Missing or incorrect inbound/outbound rules</li> <li> <strong>Missing VPC Endpoints</strong>: Required for proper AWS service communication</li> <li> <strong>Network ACL Issues</strong>: Blocking necessary traffic</li> </ol> <h2> Step-by-Step Solution </h2> <h3> 1. VPC Setup </h3> <p>First, ensure your VPC is properly configured with CDK:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">vpc</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">ec2</span><span class="p">.</span><span class="nc">Vpc</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">MyVPC</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">maxAzs</span><span class="p">:</span> <span class="mi">2</span><span class="p">,</span> <span class="na">natGateways</span><span class="p">:</span> <span class="mi">1</span><span class="p">,</span> <span class="na">subnetConfiguration</span><span class="p">:</span> <span class="p">[</span> <span class="p">{</span> <span class="na">cidrMask</span><span class="p">:</span> <span class="mi">24</span><span class="p">,</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Private</span><span class="dl">'</span><span class="p">,</span> <span class="na">subnetType</span><span class="p">:</span> <span class="nx">ec2</span><span class="p">.</span><span class="nx">SubnetType</span><span class="p">.</span><span class="nx">PRIVATE_WITH_EGRESS</span><span class="p">,</span> <span class="p">},</span> <span class="p">{</span> <span class="na">cidrMask</span><span class="p">:</span> <span class="mi">24</span><span class="p">,</span> <span class="na">name</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Public</span><span class="dl">'</span><span class="p">,</span> <span class="na">subnetType</span><span class="p">:</span> <span class="nx">ec2</span><span class="p">.</span><span class="nx">SubnetType</span><span class="p">.</span><span class="nx">PUBLIC</span><span class="p">,</span> <span class="p">}</span> <span class="p">]</span> <span class="p">});</span> </code></pre> </div> <h3> 2. Add Required VPC Endpoints </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Add necessary VPC endpoints</span> <span class="nx">vpc</span><span class="p">.</span><span class="nf">addInterfaceEndpoint</span><span class="p">(</span><span class="dl">'</span><span class="s1">SecretsManagerEndpoint</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">service</span><span class="p">:</span> <span class="nx">ec2</span><span class="p">.</span><span class="nx">InterfaceVpcEndpointAwsService</span><span class="p">.</span><span class="nx">SECRETS_MANAGER</span> <span class="p">});</span> <span class="nx">vpc</span><span class="p">.</span><span class="nf">addInterfaceEndpoint</span><span class="p">(</span><span class="dl">'</span><span class="s1">RDSEndpoint</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">service</span><span class="p">:</span> <span class="nx">ec2</span><span class="p">.</span><span class="nx">InterfaceVpcEndpointAwsService</span><span class="p">.</span><span class="nx">RDS</span> <span class="p">});</span> <span class="nx">vpc</span><span class="p">.</span><span class="nf">addGatewayEndpoint</span><span class="p">(</span><span class="dl">'</span><span class="s1">S3Endpoint</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">service</span><span class="p">:</span> <span class="nx">ec2</span><span class="p">.</span><span class="nx">GatewayVpcEndpointAwsService</span><span class="p">.</span><span class="nx">S3</span> <span class="p">});</span> </code></pre> </div> <h3> 3. Configure Security Groups </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Lambda security group</span> <span class="kd">const</span> <span class="nx">lambdaSG</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">ec2</span><span class="p">.</span><span class="nc">SecurityGroup</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">LambdaSG</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="nx">vpc</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Security group for Lambda functions</span><span class="dl">'</span> <span class="p">});</span> <span class="c1">// Aurora security group</span> <span class="kd">const</span> <span class="nx">auroraSG</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">ec2</span><span class="p">.</span><span class="nc">SecurityGroup</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">AuroraSG</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="nx">vpc</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Security group for Aurora</span><span class="dl">'</span> <span class="p">});</span> <span class="c1">// Allow Lambda to connect to Aurora</span> <span class="nx">auroraSG</span><span class="p">.</span><span class="nf">addIngressRule</span><span class="p">(</span> <span class="nx">lambdaSG</span><span class="p">,</span> <span class="nx">ec2</span><span class="p">.</span><span class="nx">Port</span><span class="p">.</span><span class="nf">tcp</span><span class="p">(</span><span class="mi">5432</span><span class="p">),</span> <span class="dl">'</span><span class="s1">Allow PostgreSQL access from Lambda</span><span class="dl">'</span> <span class="p">);</span> </code></pre> </div> <h3> 4. Lambda Function Configuration </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">lambda</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">Function</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">MyFunction</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">runtime</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Runtime</span><span class="p">.</span><span class="nx">PYTHON_3_9</span><span class="p">,</span> <span class="na">handler</span><span class="p">:</span> <span class="dl">'</span><span class="s1">index.handler</span><span class="dl">'</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="dl">'</span><span class="s1">lambda</span><span class="dl">'</span><span class="p">),</span> <span class="na">vpc</span><span class="p">:</span> <span class="nx">vpc</span><span class="p">,</span> <span class="na">vpcSubnets</span><span class="p">:</span> <span class="p">{</span> <span class="na">subnetType</span><span class="p">:</span> <span class="nx">ec2</span><span class="p">.</span><span class="nx">SubnetType</span><span class="p">.</span><span class="nx">PRIVATE_WITH_EGRESS</span> <span class="p">},</span> <span class="na">securityGroups</span><span class="p">:</span> <span class="p">[</span><span class="nx">lambdaSG</span><span class="p">],</span> <span class="na">timeout</span><span class="p">:</span> <span class="nx">Duration</span><span class="p">.</span><span class="nf">seconds</span><span class="p">(</span><span class="mi">30</span><span class="p">)</span> <span class="c1">// Increase from default 3 seconds</span> <span class="p">});</span> </code></pre> </div> <h3> 5. Database Connection Code </h3> <p>Implement proper connection handling in your Lambda:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight python"><code><span class="kn">import</span> <span class="n">psycopg2</span> <span class="kn">from</span> <span class="n">psycopg2</span> <span class="kn">import</span> <span class="n">OperationalError</span> <span class="k">def</span> <span class="nf">get_db_connection</span><span class="p">():</span> <span class="k">try</span><span class="p">:</span> <span class="n">conn</span> <span class="o">=</span> <span class="n">psycopg2</span><span class="p">.</span><span class="nf">connect</span><span class="p">(</span> <span class="n">host</span><span class="o">=</span><span class="sh">"</span><span class="s">your-aurora-endpoint</span><span class="sh">"</span><span class="p">,</span> <span class="n">database</span><span class="o">=</span><span class="sh">"</span><span class="s">your-database</span><span class="sh">"</span><span class="p">,</span> <span class="n">user</span><span class="o">=</span><span class="sh">"</span><span class="s">your-username</span><span class="sh">"</span><span class="p">,</span> <span class="n">password</span><span class="o">=</span><span class="sh">"</span><span class="s">your-password</span><span class="sh">"</span><span class="p">,</span> <span class="n">connect_timeout</span><span class="o">=</span><span class="mi">5</span><span class="p">,</span> <span class="n">keepalives</span><span class="o">=</span><span class="mi">1</span><span class="p">,</span> <span class="n">keepalives_idle</span><span class="o">=</span><span class="mi">30</span><span class="p">,</span> <span class="n">keepalives_interval</span><span class="o">=</span><span class="mi">10</span><span class="p">,</span> <span class="n">keepalives_count</span><span class="o">=</span><span class="mi">5</span> <span class="p">)</span> <span class="k">return</span> <span class="n">conn</span> <span class="k">except</span> <span class="n">OperationalError</span> <span class="k">as</span> <span class="n">e</span><span class="p">:</span> <span class="nf">print</span><span class="p">(</span><span class="sa">f</span><span class="sh">"</span><span class="s">Connection error: </span><span class="si">{</span><span class="n">e</span><span class="si">}</span><span class="sh">"</span><span class="p">)</span> <span class="k">raise</span> </code></pre> </div> <h2> Troubleshooting Checklist </h2> <ul> <li>[ ] Verify Lambda and Aurora are in the same VPC</li> <li>[ ] Check security group inbound/outbound rules</li> <li>[ ] Confirm VPC endpoints are properly configured</li> <li>[ ] Validate subnet configurations</li> <li>[ ] Review Network ACL settings</li> <li>[ ] Check Aurora instance status and capacity</li> <li>[ ] Verify database credentials</li> </ul> <h2> Conclusion </h2> <p>Connection timeout issues between Lambda and Aurora typically stem from networking misconfigurations. By following this systematic approach to VPC setup, security groups, and connection handling, you can establish reliable connectivity between your Lambda functions and Aurora PostgreSQL database.<br> With these implementations, your Lambda functions should successfully connect to Aurora PostgreSQL without timeout issues.</p> <h2> Additional Resources </h2> <ul> <li><a href="https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html" rel="noopener noreferrer">AWS Documentation: Lambda VPC Configuration</a></li> <li><a href="https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.AuroraPostgreSQL.html" rel="noopener noreferrer">AWS Documentation: Aurora PostgreSQL</a></li> <li><a href="https://docs.aws.amazon.com/cdk/latest/guide/home.html" rel="noopener noreferrer">AWS CDK Documentation</a></li> </ul> Resolving AWS Secrets Manager Access in AWS Lambda: A Tale of Two Regions Moya Richards Tue, 10 Jun 2025 21:12:15 +0000 https://dev.to/aws-builders/resolving-aws-secrets-manager-access-in-aws-lambda-a-tale-of-two-regions-4jd1 https://dev.to/aws-builders/resolving-aws-secrets-manager-access-in-aws-lambda-a-tale-of-two-regions-4jd1 <p>Have you ever found yourself scratching your head when your AWS Lambda function works perfectly in one region but fails in another? </p> <p>Recently, I encountered this exact scenario when moving a function from us-east-1 to eu-west-1. </p> <p>The culprit? VPC endpoints and Secrets Manager access. </p> <p>Let's dive into the problem and its solution.</p> <h2> The Problem </h2> <p>Our Lambda function, happily running in us-east-1, suddenly threw this error when deployed to eu-west-1:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>An error occurred (AccessDeniedException) when calling the GetSecretValue operation: User: arn:aws:sts::ACCOUNT_ID:assumed-role/ROLE_NAME is not authorized to perform: secretsmanager:GetSecretValue on resource: SECRET_ARN because no identity-based policy allows the secretsmanager:GetSecretValue action </code></pre> </div> <p>The puzzling part? The IAM permissions were identical in both regions.</p> <h2> The Root Cause </h2> <p>After some investigation, i uncovered the core issue: VPC endpoints. In us-east-1, AWS often provides default VPC endpoints for common services, especially in older accounts or those part of organizations with pre-configured settings. However, these default endpoints don't exist in eu-west-1.</p> <p>Our Lambda function, configured to run in a VPC for enhanced security, couldn't reach Secrets Manager in eu-west-1 without an explicit VPC endpoint.</p> <h2> The Solution </h2> <p>The fix involves creating a VPC endpoint for Secrets Manager in my eu-west-1 VPC. Here's how i did it using AWS CDK:</p> <ol> <li>First, i modified my VPC construct to include an option for creating a Secrets Manager endpoint: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">export</span> <span class="kr">interface</span> <span class="nx">VpcConstructProps</span> <span class="kd">extends</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">StackProps</span> <span class="p">{</span> <span class="c1">// ... other properties ...</span> <span class="k">readonly</span> <span class="nx">hasSecretsManagerEndpoint</span><span class="p">?:</span> <span class="nx">boolean</span><span class="p">;</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">defaultProps</span><span class="p">:</span> <span class="nb">Partial</span><span class="o">&lt;</span><span class="nx">VpcConstructProps</span><span class="o">&gt;</span> <span class="o">=</span> <span class="p">{</span> <span class="c1">// ... other defaults ...</span> <span class="na">hasSecretsManagerEndpoint</span><span class="p">:</span> <span class="kc">false</span><span class="p">,</span> <span class="p">};</span> </code></pre> </div> <ol> <li>Then, in the VPC construct's constructor, i added logic to create the endpoint: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="nf">constructor</span><span class="p">(</span><span class="nx">parent</span><span class="p">:</span> <span class="nx">Construct</span><span class="p">,</span> <span class="nx">name</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">props</span><span class="p">:</span> <span class="nx">VpcConstructProps</span><span class="p">)</span> <span class="p">{</span> <span class="c1">// ... existing constructor code ...</span> <span class="k">if </span><span class="p">(</span><span class="nx">props</span><span class="p">.</span><span class="nx">hasSecretsManagerEndpoint</span><span class="p">)</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">secretsManagerEndpoint</span> <span class="o">=</span> <span class="nx">vpc</span><span class="p">.</span><span class="nf">addInterfaceEndpoint</span><span class="p">(</span><span class="dl">"</span><span class="s2">SecretsManagerEndpoint</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">service</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_ec2</span><span class="p">.</span><span class="nx">InterfaceVpcEndpointAwsService</span><span class="p">.</span><span class="nx">SECRETS_MANAGER</span><span class="p">,</span> <span class="p">});</span> <span class="c1">// Suppress cdk-nag warnings</span> <span class="nx">NagSuppressions</span><span class="p">.</span><span class="nf">addResourceSuppressions</span><span class="p">(</span> <span class="nx">secretsManagerEndpoint</span><span class="p">,</span> <span class="p">[</span> <span class="p">{</span> <span class="na">id</span><span class="p">:</span> <span class="dl">'</span><span class="s1">AwsSolutions-EC23</span><span class="dl">'</span><span class="p">,</span> <span class="na">reason</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Security Group created by VPC Endpoint allows internal VPC traffic only</span><span class="dl">'</span> <span class="p">}</span> <span class="p">],</span> <span class="kc">true</span> <span class="p">);</span> <span class="p">}</span> <span class="c1">// ... rest of constructor code ...</span> <span class="p">}</span> </code></pre> </div> <ol> <li>Finally, when creating my VPC, i enabled the Secrets Manager endpoint: </li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">vpc</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">VpcConstruct</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">MyVPC</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="c1">// ... other props ...</span> <span class="na">hasSecretsManagerEndpoint</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="p">});</span> </code></pre> </div> <h1> create a vcp endpoint via AWS CLI </h1> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c">#create vcp endpoint via AWS CLI</span> <span class="c"># Example VPC details</span> <span class="nv">VPC_ID</span><span class="o">=</span><span class="s2">"vpc-12345abcdef"</span> <span class="nv">SUBNET_IDS</span><span class="o">=</span><span class="s2">"subnet-11111aaaaa subnet-22222bbbbb"</span> <span class="nv">SECURITY_GROUP_ID</span><span class="o">=</span><span class="s2">"sg-33333ccccc"</span> <span class="nv">REGION</span><span class="o">=</span><span class="s2">"eu-west-1"</span> <span class="c"># Create the VPC endpoint</span> aws ec2 create-vpc-endpoint <span class="se">\</span> <span class="nt">--vpc-id</span> <span class="nv">$VPC_ID</span> <span class="se">\</span> <span class="nt">--vpc-endpoint-type</span> Interface <span class="se">\</span> <span class="nt">--service-name</span> com.amazonaws.<span class="nv">$REGION</span>.secretsmanager <span class="se">\</span> <span class="nt">--subnet-ids</span> <span class="nv">$SUBNET_IDS</span> <span class="se">\</span> <span class="nt">--security-group-ids</span> <span class="nv">$SECURITY_GROUP_ID</span> <span class="se">\</span> <span class="nt">--region</span> <span class="nv">$REGION</span> <span class="c"># To verify the endpoint was created:</span> aws ec2 describe-vpc-endpoints <span class="se">\</span> <span class="nt">--filters</span> <span class="nv">Name</span><span class="o">=</span>vpc-id,Values<span class="o">=</span><span class="nv">$VPC_ID</span> <span class="se">\</span> <span class="nt">--region</span> <span class="nv">$REGION</span> </code></pre> </div> <h2> The Outcome </h2> <p>After deploying these changes, my Lambda function in eu-west-1 could successfully access Secrets Manager, just like in us-east-1. The error disappeared, and my application worked consistently across regions.</p> <h2> Lessons Learned </h2> <ol> <li> <strong>Regional Differences Matter</strong>: Always be aware that AWS services and default configurations can vary between regions.</li> <li> <strong>VPC Endpoints are Crucial</strong>: When running Lambda in a VPC, consider which AWS services you need to access and ensure appropriate VPC endpoints are in place.</li> <li> <strong>Explicit is Better than Implicit</strong>: While some regions might have default endpoints, it's better to explicitly define your infrastructure needs in your IaC code.</li> <li> <strong>Test in Multiple Regions</strong>: Always test your applications in all regions where you plan to deploy.</li> </ol> <p>By understanding and addressing these nuances, we can build more robust, portable, and predictable cloud applications. Happy coding!</p> lambda awssecretmanager cloudcomputing aws Fixing β€œexit code: 255” in AWS CodeBuild Moya Richards Mon, 09 Jun 2025 21:51:32 +0000 https://dev.to/aws-builders/fixing-exit-code-255-in-aws-codebuild-no7 https://dev.to/aws-builders/fixing-exit-code-255-in-aws-codebuild-no7 <h1> πŸš€ CDK Docker Lambda Builds: Multi-Architecture to the Rescue </h1> <p>If you've ever run into this Docker build error while deploying an AWS Lambda with CDK via codebuild:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>ERROR: failed to solve: process "/bin/sh -c pip3 install --target \"${LAMBDA_TASK_ROOT}\" -r requirements.txt --no-cache-dir" did not complete successfully: exit code: 255 Failed to build asset EtlAuroraPostgresConstruct/ETLTaskProcessorlambdaFn/AssetImage </code></pre> </div> <p>...and scratched your head over what was wrong, you're not alone.</p> <p>After digging in, I found the <strong>culprit</strong>:</p> <blockquote> <p>❌ <strong>AWS CodeBuild only supports <code>x86_64</code> (amd64) architecture</strong>, but I was building a Lambda targeting <code>arm64</code>.</p> </blockquote> <p>In this post, I’ll walk through how I fixed it using:</p> <ul> <li>Docker’s <code>${BUILDPLATFORM}</code> variable</li> <li>CDK environment config switching</li> <li>Multi-platform Dockerfile magic</li> </ul> <h2> πŸ’₯ The Problem </h2> <p>If you're building Lambda functions using Docker bundling in CDK and targeting <code>arm64</code>, but your build infrastructure (e.g., CodeBuild) only supports <code>x86_64</code>, you’ll hit architecture mismatches.</p> <p><strong>Symptoms:</strong></p> <ul> <li>CDK build fails with cryptic Docker errors.</li> <li>Exit code <code>255</code> from <code>pip install</code>.</li> <li>It works <em>locally</em> on M1/M2 Macs or with arm64 runtimes β€” but fails in CI/CD.</li> </ul> <h2> πŸ› οΈ The Solution </h2> <h3> βœ… Step 1: Use <code>BUILDPLATFORM</code> in Your Dockerfile </h3> <p>To avoid architecture mismatch, set the platform explicitly in your Dockerfile:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code><span class="c"># syntax=docker/dockerfile:1</span> <span class="k">FROM</span><span class="s"> --platform=${BUILDPLATFORM} public.ecr.aws/lambda/python:3.12</span> <span class="k">RUN </span><span class="nb">echo</span> <span class="s2">"Build platform: </span><span class="k">${</span><span class="nv">BUILDPLATFORM</span><span class="k">}</span><span class="s2">"</span> <span class="o">&amp;&amp;</span> <span class="nb">echo</span> <span class="s2">"Target architecture: </span><span class="k">${</span><span class="nv">TARGETARCH</span><span class="k">}</span><span class="s2">"</span> <span class="k">WORKDIR</span><span class="s"> ${LAMBDA_TASK_ROOT}</span> <span class="k">COPY</span><span class="s"> requirements.txt .</span> <span class="k">RUN </span>pip3 <span class="nb">install</span> <span class="nt">-r</span> requirements.txt <span class="nt">--no-cache-dir</span> <span class="k">COPY</span><span class="s"> . .</span> <span class="k">CMD</span><span class="s"> ["index.lambda_handler"]</span> </code></pre> </div> <blockquote> <p>πŸ’‘ <code>${BUILDPLATFORM}</code> is automatically injected by Docker when using BuildKit and <code>--platform</code>.</p> </blockquote> <h3> βœ… Step 2: Add a CDK Architecture Config Switcher </h3> <p>Create a utility to determine platform &amp; architecture based on an environment variable (<code>CDK_LAMBDA_ARCHITECTURE</code>):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// get-architecture-config.ts</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">cdk</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">dotenv</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">dotenv</span><span class="dl">"</span><span class="p">;</span> <span class="nx">dotenv</span><span class="p">.</span><span class="nf">config</span><span class="p">();</span> <span class="k">export</span> <span class="kd">const</span> <span class="nx">getArchitectureConfig</span> <span class="o">=</span> <span class="p">()</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">arch</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">CDK_LAMBDA_ARCHITECTURE</span> <span class="o">||</span> <span class="dl">"</span><span class="s2">arm64</span><span class="dl">"</span><span class="p">;</span> <span class="k">switch </span><span class="p">(</span><span class="nx">arch</span><span class="p">.</span><span class="nf">toLowerCase</span><span class="p">())</span> <span class="p">{</span> <span class="k">case</span> <span class="dl">"</span><span class="s2">arm64</span><span class="dl">"</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span> <span class="na">architecture</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nx">Architecture</span><span class="p">.</span><span class="nx">ARM_64</span><span class="p">,</span> <span class="na">platform</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_ecr_assets</span><span class="p">.</span><span class="nx">Platform</span><span class="p">.</span><span class="nx">LINUX_ARM64</span><span class="p">,</span> <span class="p">};</span> <span class="k">case</span> <span class="dl">"</span><span class="s2">x86_64</span><span class="dl">"</span><span class="p">:</span> <span class="k">case</span> <span class="dl">"</span><span class="s2">amd64</span><span class="dl">"</span><span class="p">:</span> <span class="k">return</span> <span class="p">{</span> <span class="na">architecture</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nx">Architecture</span><span class="p">.</span><span class="nx">X86_64</span><span class="p">,</span> <span class="na">platform</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_ecr_assets</span><span class="p">.</span><span class="nx">Platform</span><span class="p">.</span><span class="nx">LINUX_AMD64</span><span class="p">,</span> <span class="p">};</span> <span class="nl">default</span><span class="p">:</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="s2">`Unsupported architecture: </span><span class="p">${</span><span class="nx">arch</span><span class="p">}</span><span class="s2">`</span><span class="p">);</span> <span class="p">}</span> <span class="p">};</span> </code></pre> </div> <p>This allows you to dynamically select the right platform during bundling.</p> <h3> βœ… Step 3: Use It in Your CDK Lambda Definition </h3> <p>In your <code>CDK Stack</code>, integrate the platform and architecture selection into the Lambda function:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="p">{</span> <span class="nx">architecture</span><span class="p">,</span> <span class="nx">platform</span> <span class="p">}</span> <span class="o">=</span> <span class="nf">getArchitectureConfig</span><span class="p">();</span> <span class="nl">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="nx">lambdaFnPath</span><span class="p">,</span> <span class="p">{</span> <span class="na">bundling</span><span class="p">:</span> <span class="p">{</span> <span class="na">image</span><span class="p">:</span> <span class="nx">targetRuntime</span><span class="p">.</span><span class="nx">bundlingImage</span><span class="p">,</span> <span class="na">command</span><span class="p">:</span> <span class="p">[</span> <span class="dl">"</span><span class="s2">bash</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">-c</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">pip install --no-cache-dir -r requirements.txt --only-binary=:all: --target /asset-output/python</span><span class="dl">"</span><span class="p">,</span> <span class="p">],</span> <span class="na">user</span><span class="p">:</span> <span class="dl">"</span><span class="s2">root</span><span class="dl">"</span><span class="p">,</span> <span class="na">platform</span><span class="p">:</span> <span class="nx">platform</span><span class="p">.</span><span class="nx">platform</span><span class="p">,</span> <span class="p">},</span> <span class="p">}),</span> <span class="nx">architecture</span><span class="p">,</span> </code></pre> </div> <h3> βœ… Step 4: Deploy with the Right Architecture </h3> <p>To switch architectures on demand, pass an env variable when deploying:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">DOCKER_BUILDKIT</span><span class="o">=</span>1 <span class="nv">BUILDX_NO_DEFAULT_ATTESTATIONS</span><span class="o">=</span>1 <span class="nv">CDK_LAMBDA_ARCHITECTURE</span><span class="o">=</span><span class="s2">"amd64"</span> cdk deploy </code></pre> </div> <blockquote> <p>βœ… This forces CDK to build for <code>x86_64</code>, which works inside AWS CodeBuild or other <code>amd64</code>-only systems.</p> </blockquote> <h2> βœ… Final Tips </h2> <ul> <li> <strong>Default to <code>arm64</code></strong> if you’re developing on an Apple Silicon machine and only override in CI/CD.</li> <li>Add a <code>.env</code> file or use CI/CD variables to switch easily.</li> <li>If you want reproducible builds, pin the base image version and dependencies tightly.</li> </ul> <h1> .env </h1> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">export </span><span class="nv">CDK_LAMBDA_ARCHITECTURE</span><span class="o">=</span><span class="s2">"amd64"</span> <span class="nb">export </span><span class="nv">DOCKER_BUILDKIT</span><span class="o">=</span>1 <span class="nb">export </span><span class="nv">BUILDX_NO_DEFAULT_ATTESTATIONS</span><span class="o">=</span>1 </code></pre> </div> <h2> πŸ§ͺ Conclusion </h2> <p>By using <code>BUILDPLATFORM</code>, environment-based architecture switching, and a bit of CDK magic, you can seamlessly build Docker-based Lambda functions for <strong>both <code>arm64</code> and <code>x86_64</code></strong>, even if your CI/CD platform only supports one.</p> <p>This approach lets you:</p> <ul> <li>Build natively for your development machine</li> <li>Deploy reliably from CI/CD</li> <li>Avoid architecture mismatch errors like <code>exit code 255</code> </li> </ul> codebuild docker dockerx Resolving Amazon Elastic Container Registry (ECR) Push Errors Moya Richards Sun, 12 Jan 2025 23:49:46 +0000 https://dev.to/moyarich/resolving-amazon-elastic-container-registry-ecr-push-errors-1ipd https://dev.to/moyarich/resolving-amazon-elastic-container-registry-ecr-push-errors-1ipd <p>Step by step guide to resolving Amazon Elastic Container Registry (ECR) issues with Docker Images for CLI and DockerImageFunction</p> <p>Source Code : Example CDK construct with lambda function:</p> <h2> <a href="https://github.com/moyarich/how-to-resolve-amazon-ecr-push-issues" rel="noopener noreferrer">https://github.com/moyarich/how-to-resolve-amazon-ecr-push-issues</a> </h2> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3miawk1f3tpdc4tkc4pn.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3miawk1f3tpdc4tkc4pn.png" alt="issue" width="800" height="81"></a></p> <h2> Common ECR Push Errors </h2> <p>Here are some typical errors you might encounter when pushing images to ECR:</p> <p>Issue Discussion is here: <a href="https://github.com/aws/aws-cdk/issues/31548" rel="noopener noreferrer">https://github.com/aws/aws-cdk/issues/31548</a></p> <p>These are the steps I took to fix the issue below</p> <ul> <li> <strong>400 Bad Request Errors - Manifest Issues</strong>: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> fail: docker push xyz.dkr.ecr.*.amazonaws.com/cdk-hnb659fds-container-assets-… exited with error code 1: failed commit on ref "manifest-sha256:" … : unexpected status from PUT request to https://xyz.dkr.ecr.*.amazonaws.com/v2/cdk-hnb659fds-container-assets.../manifests/: 400 Bad Request. Failed to publish asset </code></pre> </div> <ul> <li> <strong>Lambda Stabilization Failures - InvalidImage</strong>: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> Resource handler returned message: "Lambda function ... reached terminal FAILED state due to InvalidImage(ImageLayerFailure: UnsupportedImageLayerDetected - Layer Digest sha256:...) and failed to stabilize" (RequestToken: ..., HandlerErrorCode: NotStabilized) </code></pre> </div> <h2> Fixing ECR Push Errors </h2> <h3> 1. Enable Docker BuildKit </h3> <h4> Set the DOCKER_BUILDKIT environment variable to enable BuildKit </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">export </span><span class="nv">DOCKER_BUILDKIT</span><span class="o">=</span>1 <span class="nb">export </span><span class="nv">BUILDKIT_PROGRESS</span><span class="o">=</span>plain </code></pre> </div> <p>Add these variables to your shell configuration file (e.g., ~/.bashrc, ~/.zshrc, or ~/.profile) to persist the setting.</p> <h4> Alternatively, use <code>docker buildx</code> instead of <code>docker build</code> for extended BuildKit capabilities </h4> <p><strong>To setup Docker build as a pass-through to Docker Buildx</strong>:<br> First make sure that you have Docker Buildx installed <code>docker buildx version</code>. It's included by default in new versions of Docker Desktop and in Docker Engine.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">alias</span> <span class="s1">'docker build'</span><span class="o">=</span><span class="s1">'docker buildx build'</span> </code></pre> </div> <p>Note: to delete alias <code>unalias 'docker build'</code></p> <p>Add this alias to your shell configuration file (e.g., ~/.bashrc, ~/.zshrc, or ~/.profile) to persist the setting.</p> <h3> 2. Clean Up ECR Repositories </h3> <ul> <li> <strong>Prune Local Docker Images</strong>: Remove unused local Docker images with: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> docker system prune <span class="nt">--all</span> </code></pre> </div> <ul> <li> <strong>Delete Empty Images</strong>: Locate and remove images with 0-byte layers from the ECR registry using the AWS Management Console or AWS CLI.</li> </ul> <h4> Delete empty images via AWS CLI Script </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>is_command_present<span class="o">()</span> <span class="o">{</span> <span class="nb">type</span> <span class="s2">"</span><span class="nv">$1</span><span class="s2">"</span> <span class="o">&gt;</span>/dev/null 2&gt;&amp;1 <span class="o">}</span> install_jq<span class="o">()</span> <span class="o">{</span> <span class="nb">printf</span> <span class="s2">"</span><span class="se">\n</span><span class="k">${</span><span class="nv">YELLOW</span><span class="k">}</span><span class="s2">PACKAGE CHECK:</span><span class="k">${</span><span class="nv">NC</span><span class="k">}</span><span class="s2">Ensuring that you are up to date on the following package: </span><span class="k">${</span><span class="nv">RED</span><span class="k">}</span><span class="s2">jq</span><span class="k">${</span><span class="nv">NC</span><span class="k">}</span><span class="se">\n</span><span class="s2">"</span> <span class="nb">printf</span> <span class="s2">"</span><span class="se">\n</span><span class="k">${</span><span class="nv">GREEN</span><span class="k">}</span><span class="s2">Checking for jq installation.</span><span class="k">${</span><span class="nv">NC</span><span class="k">}</span><span class="se">\n</span><span class="s2">"</span> <span class="c"># Check for jq installation</span> <span class="k">if </span>is_command_present <span class="s2">"jq"</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"jq is already installed."</span> <span class="k">else </span>brew <span class="nb">install </span>jq <span class="k">fi</span> <span class="o">}</span> install_jq <span class="c">#==============================</span> <span class="nv">repositories</span><span class="o">=</span><span class="si">$(</span>aws ecr describe-repositories <span class="nt">--region</span> <span class="nv">$AWS_DEFAULT_REGION</span> <span class="nt">--query</span> <span class="s1">'repositories[*].repositoryName'</span> <span class="nt">--output</span> text<span class="si">)</span> <span class="k">for </span>repo <span class="k">in</span> <span class="nv">$repositories</span><span class="p">;</span> <span class="k">do </span><span class="nb">echo</span> <span class="s2">"</span><span class="se">\n</span><span class="s2">Processing repository: </span><span class="nv">$repo</span><span class="s2">"</span> <span class="c"># Get the list of image digests in the repository</span> <span class="nv">image_ids</span><span class="o">=</span><span class="si">$(</span>aws ecr list-images <span class="nt">--repository-name</span> <span class="nv">$repo</span> <span class="nt">--region</span> <span class="nv">$AWS_DEFAULT_REGION</span> <span class="nt">--query</span> <span class="s1">'imageIds[*]'</span> <span class="nt">--output</span> json<span class="si">)</span> <span class="nb">echo</span> <span class="nv">$image_ids</span> | jq <span class="nt">-c</span> <span class="s1">'.[]'</span> | <span class="k">while </span><span class="nb">read</span> <span class="nt">-r</span> image<span class="p">;</span> <span class="k">do </span><span class="nv">digest</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$image</span> | jq <span class="nt">-r</span> <span class="s1">'.imageDigest'</span><span class="si">)</span> <span class="c"># Get the image details</span> <span class="nv">image_details</span><span class="o">=</span><span class="si">$(</span>aws ecr describe-images <span class="nt">--repository-name</span> <span class="nv">$repo</span> <span class="nt">--image-ids</span> <span class="nv">imageDigest</span><span class="o">=</span><span class="nv">$digest</span> <span class="nt">--region</span> <span class="nv">$AWS_DEFAULT_REGION</span><span class="si">)</span> <span class="c">#echo "image_details for $tags:\n $image_details"</span> <span class="c"># Get all tags for this image</span> <span class="nv">tags</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$image_details</span> | jq <span class="nt">-r</span> <span class="s1">'.imageDetails[0].imageTags[]'</span> 2&gt;/dev/null | <span class="nb">tr</span> <span class="s1">'\n'</span> <span class="s1">','</span> | <span class="nb">sed</span> <span class="s1">'s/,$//'</span><span class="si">)</span> <span class="nv">image_size</span><span class="o">=</span><span class="si">$(</span><span class="nb">echo</span> <span class="nv">$image_details</span> | jq <span class="s1">'.imageDetails[0].imageSizeInBytes'</span><span class="si">)</span> <span class="nb">echo</span> <span class="s2">"</span><span class="se">\n</span><span class="s2">Image digest: </span><span class="nv">$digest</span><span class="se">\n</span><span class="s2">Repository name: </span><span class="nv">$repo</span><span class="s2"> </span><span class="se">\n</span><span class="s2">Image tags: </span><span class="nv">$tags</span><span class="s2">"</span> <span class="c"># Check if the image size is 0 bytes</span> <span class="k">if</span> <span class="o">[</span> <span class="s2">"</span><span class="nv">$image_size</span><span class="s2">"</span> <span class="o">=</span> <span class="s2">"0"</span> <span class="o">]</span><span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"Image is empty, deleting image with digest </span><span class="nv">$digest</span><span class="s2">"</span> aws ecr batch-delete-image <span class="nt">--repository-name</span> <span class="nv">$repo</span> <span class="nt">--image-ids</span> <span class="nv">imageDigest</span><span class="o">=</span><span class="nv">$digest</span> <span class="nt">--region</span> <span class="nv">$AWS_DEFAULT_REGION</span> <span class="c"># Run the AWS ECR delete command</span> <span class="nv">output</span><span class="o">=</span><span class="si">$(</span>aws ecr batch-delete-image <span class="nt">--repository-name</span> <span class="nv">$repo</span> <span class="nt">--image-ids</span> <span class="nv">imageDigest</span><span class="o">=</span><span class="nv">$digest</span> <span class="nt">--region</span> <span class="nv">$AWS_DEFAULT_REGION</span><span class="si">)</span> <span class="c"># Check for failures or success</span> <span class="nb">echo</span> <span class="s2">"</span><span class="nv">$output</span><span class="s2">"</span> | jq <span class="s1">' if .failures | length &gt; 0 then "Deletion Failure: \(.failures[0].failureReason)" else "Success: Image deleted" end'</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"Image Size: </span><span class="nv">$image_size</span><span class="s2"> bytes</span><span class="se">\n</span><span class="s2">Image not empty [image not deleted]"</span> <span class="k">fi done done</span> </code></pre> </div> <h3> 3. Create a New ECR Repository Tag for Your ECR Container Docker Image </h3> <p>For Lambda <code>DockerImageFunction</code>, AWS CDK automatically manages image tagging and pushing to Amazon ECR. The image is tagged with a hash based on its content, ensuring that changes result in a new tag.</p> <h3> Options to Force a New Tag in the ECR Registry </h3> <p>Use one of these approaches to force a new tag, <code>repeat this step</code> if you continue to encounter issues with stale or problematic images:</p> <ol> <li><p><strong>Update the Docker Build Context - IE. Modifying the Lambda Handler Source Code</strong><br><br> Modifying files in the Docker build context (many any change to the source code) will trigger a new content-based hash and a new image tag.</p></li> <li><p><strong>Update the Dockerfile</strong><br><br> Modifying the <code>Dockerfile</code> (e.g., adding or changing <code>COPY</code> or <code>ENV</code> instructions) will generate a new content hash and tag.</p></li> <li><p><strong>Change the Logical ID of the <code>DockerImageFunction</code> in Your CDK Stack</strong><br><br> Renaming the logical ID in the CDK stack forces the creation of a new resource, triggering a new image tag even without content changes.</p></li> </ol> <h4> Example: Changing the Logical ID of a Lambda <code>DockerImageFunction</code> </h4> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// Old function ID</span> <span class="kd">const</span> <span class="nx">prepareDataFn</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nc">DockerImageFunction</span><span class="p">(</span> <span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">PrepareDataLambdaV1Fn</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nx">DockerImageCode</span><span class="p">.</span><span class="nf">fromImageAsset</span><span class="p">(</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">"</span><span class="s2">path-to-docker-build-context</span><span class="dl">"</span><span class="p">)</span> <span class="p">),</span> <span class="p">}</span> <span class="p">);</span> <span class="c1">// New function ID</span> <span class="kd">const</span> <span class="nx">prepareDataFn</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nc">DockerImageFunction</span><span class="p">(</span> <span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">PrepareDataLambdaV2Fn</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nx">DockerImageCode</span><span class="p">.</span><span class="nf">fromImageAsset</span><span class="p">(</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">"</span><span class="s2">path-to-docker-build-context</span><span class="dl">"</span><span class="p">)</span> <span class="p">),</span> <span class="p">}</span> <span class="p">);</span> </code></pre> </div> <h4> Example - Command-Line Docker tagging </h4> <p>Provide a new name for the docker tag.<br> <strong>Note:</strong> for the cli you tag the image <code>after</code> you build it<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>docker tag my_image_name:&lt;this_is_my_image_name_tag_here&gt; 241533140213.dkr.ecr.us-east-1.amazonaws.com/cdk-hnb659fds-container-assets-241533140213-us-east-1:&lt;this_is_my_image_name_tag_here&gt; </code></pre> </div> <h3> 4. Disable Metadata Attestations </h3> <p><a href="https://docs.docker.com/build/metadata/attestations" rel="noopener noreferrer">Docker Metadata Attestations Documentation</a><br> Avoid potential registry configuration issues by disabling provenance and Software Bill of Materials (SBOM) generation:</p> <h4> Option 1: Use the <code>BUILDX_NO_DEFAULT_ATTESTATIONS</code> Environment Variable </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">export </span><span class="nv">BUILDX_NO_DEFAULT_ATTESTATIONS</span><span class="o">=</span>1 </code></pre> </div> <h4> Option 2: Pass build arguments during the Docker build process to avoid metadata issues during image push </h4> <ul> <li><p>Set <code>sbom</code> to false.</p></li> <li><p>Set the <code>provenance</code> build argument to false.</p></li> </ul> <h4> Example Command-Line Build </h4> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">DOCKER_BUILDKIT</span><span class="o">=</span>1 docker build <span class="nt">-t</span> my_image_name <span class="nt">--provenance</span><span class="o">=</span><span class="nb">false</span> <span class="nt">--sbom</span><span class="o">=</span><span class="nb">false</span> <span class="nb">.</span> </code></pre> </div> <h4> Modify Lambda Function Build Settings in CDK to remove metadata </h4> <p>If using AWS CDK for Lambda deployments, include the <code>provenance</code> and <code>sbom</code> arguments in the buildArgs for your <code>DockerImageFunction</code>.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">path</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">path</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">cdk</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">prepareDataFn</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nc">DockerImageFunction</span><span class="p">(</span> <span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">PrepareDataLambdaV1Fn</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nx">DockerImageCode</span><span class="p">.</span><span class="nf">fromImageAsset</span><span class="p">(</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="dl">"</span><span class="s2">../../</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">etl/prepare_data</span><span class="dl">"</span><span class="p">),</span> <span class="p">{</span> <span class="na">platform</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_ecr_assets</span><span class="p">.</span><span class="nx">Platform</span><span class="p">.</span><span class="nx">LINUX_ARM64</span><span class="p">,</span> <span class="na">file</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Dockerfile</span><span class="dl">"</span><span class="p">,</span> <span class="na">buildArgs</span><span class="p">:</span> <span class="p">{</span> <span class="na">provenance</span><span class="p">:</span> <span class="dl">"</span><span class="s2">false</span><span class="dl">"</span><span class="p">,</span> <span class="na">sbom</span><span class="p">:</span> <span class="dl">"</span><span class="s2">false</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">}</span> <span class="p">),</span> <span class="na">architecture</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nx">Architecture</span><span class="p">.</span><span class="nx">ARM_64</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="s2">`Prepare/Clean data - [</span><span class="p">${</span><span class="nx">cdk</span><span class="p">.</span><span class="nx">Stack</span><span class="p">.</span><span class="k">of</span><span class="p">(</span><span class="k">this</span><span class="p">).</span><span class="nx">stackName</span><span class="p">}</span><span class="s2">]`</span><span class="p">,</span> <span class="na">timeout</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">Duration</span><span class="p">.</span><span class="nf">minutes</span><span class="p">(</span><span class="mi">15</span><span class="p">),</span> <span class="na">memorySize</span><span class="p">:</span> <span class="mi">1024</span><span class="p">,</span> <span class="p">}</span> <span class="p">);</span> </code></pre> </div> <h2> Automating the Deployment </h2> <p>Automate your deployment process using a package.json configuration to:</p> <ul> <li>Automatically log into ECR</li> <li>Automatically set DOCKER_BUILDKIT=1</li> </ul> <h3> <code>package.json configuration</code> </h3> <p><strong>Note: Example <code>package.json</code> [Works on mac/linux, uses <code>sh</code>]:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"scripts"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"predeploy"</span><span class="p">:</span><span class="w"> </span><span class="s2">"aws ecr get-login-password | docker login --username AWS --password-stdin $(aws sts get-caller-identity --query 'Account' --output text).dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"deploy"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DOCKER_BUILDKIT=1 sh -c 'cd my_cdk_stacks &amp;&amp; npm run cdk deploy -- -c stack_name=</span><span class="se">\"</span><span class="s2">${STACK_NAME:-}</span><span class="se">\"</span><span class="s2"> --all --require-approval never'"</span><span class="p">,</span><span class="w"> </span><span class="nl">"destroy"</span><span class="p">:</span><span class="w"> </span><span class="s2">"npm run cdk destroy -- -c stack_name=</span><span class="se">\"</span><span class="s2">${STACK_NAME:-}</span><span class="se">\"</span><span class="s2"> --all"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p><strong>CDK Deployment Command:</strong><br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">BUILDKIT_PROGRESS</span><span class="o">=</span>plain <span class="nv">CDK_VPC_ID</span><span class="o">=</span>vpc-09f66ffff5d2773de <span class="nv">STACK_NAME</span><span class="o">=</span>MoyaTestStack npm run deploy </code></pre> </div> <h2> Example Shell Script for Building and Pushing Docker Images to ECR </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="c"># Set variables</span> <span class="nv">IMAGE_NAME</span><span class="o">=</span><span class="s2">"moya_test_image"</span> <span class="nv">TAG</span><span class="o">=</span><span class="s2">"moya_test_image_tag"</span> <span class="nv">REGION</span><span class="o">=</span><span class="si">$(</span>aws configure get region <span class="nt">--profile</span> <span class="s2">"</span><span class="k">${</span><span class="nv">AWS_PROFILE</span><span class="k">}</span><span class="s2">"</span><span class="si">)</span> <span class="nv">ACCOUNT_ID</span><span class="o">=</span><span class="si">$(</span>aws sts get-caller-identity <span class="nt">--query</span> <span class="s1">'Account'</span> <span class="nt">--output</span> text<span class="si">)</span> <span class="nv">REPOSITORY_NAME</span><span class="o">=</span><span class="s2">"cdk-hnb659fds-container-assets-</span><span class="k">${</span><span class="nv">ACCOUNT_ID</span><span class="k">}</span><span class="s2">-</span><span class="k">${</span><span class="nv">REGION</span><span class="k">}</span><span class="s2">"</span> <span class="nv">REGISTRY</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">ACCOUNT_ID</span><span class="k">}</span><span class="s2">.dkr.ecr.</span><span class="k">${</span><span class="nv">REGION</span><span class="k">}</span><span class="s2">.amazonaws.com"</span> <span class="nv">FULL_IMAGE_NAME</span><span class="o">=</span><span class="s2">"</span><span class="k">${</span><span class="nv">REGISTRY</span><span class="k">}</span><span class="s2">/</span><span class="k">${</span><span class="nv">REPOSITORY_NAME</span><span class="k">}</span><span class="s2">:</span><span class="k">${</span><span class="nv">TAG</span><span class="k">}</span><span class="s2">"</span> <span class="nb">echo</span> <span class="s2">"</span><span class="k">${</span><span class="nv">FULL_IMAGE_NAME</span><span class="k">}</span><span class="s2">"</span> <span class="c"># Build, tag, and push the Docker image</span> <span class="nb">echo</span> <span class="s2">"Building Docker image </span><span class="k">${</span><span class="nv">IMAGE_NAME</span><span class="k">}</span><span class="s2">..."</span> <span class="c">#ECR Issue Discussion - https://github.com/aws/aws-cdk/issues/31549</span> docker build <span class="nt">-t</span> <span class="s2">"</span><span class="k">${</span><span class="nv">IMAGE_NAME</span><span class="k">}</span><span class="s2">"</span> <span class="nt">--provenance</span><span class="o">=</span><span class="nb">false</span> <span class="nb">.</span> <span class="nb">echo</span> <span class="s2">"Tagging image as </span><span class="k">${</span><span class="nv">FULL_IMAGE_NAME</span><span class="k">}</span><span class="s2">..."</span> docker tag <span class="s2">"</span><span class="k">${</span><span class="nv">IMAGE_NAME</span><span class="k">}</span><span class="s2">"</span> <span class="s2">"</span><span class="k">${</span><span class="nv">FULL_IMAGE_NAME</span><span class="k">}</span><span class="s2">"</span> <span class="c"># Login to ECR</span> <span class="nb">echo</span> <span class="s2">"Logging into Amazon ECR..."</span> aws ecr get-login-password | docker login <span class="nt">--username</span> AWS <span class="nt">--password-stdin</span> <span class="si">$(</span>aws sts get-caller-identity <span class="nt">--query</span> <span class="s1">'Account'</span> <span class="nt">--output</span> text<span class="si">)</span>.dkr.ecr.<span class="k">${</span><span class="nv">REGION</span><span class="k">}</span>.amazonaws.com <span class="nb">echo</span> <span class="s2">"Checking if repository </span><span class="k">${</span><span class="nv">REPOSITORY_NAME</span><span class="k">}</span><span class="s2"> exists in ECR..."</span> <span class="c"># Use aws CLI to check if the repository exists</span> <span class="k">if </span>aws ecr describe-repositories <span class="se">\</span> <span class="nt">--repository-names</span> <span class="s2">"</span><span class="k">${</span><span class="nv">REPOSITORY_NAME</span><span class="k">}</span><span class="s2">"</span> <span class="se">\</span> <span class="nt">--region</span> <span class="s2">"</span><span class="k">${</span><span class="nv">REGION</span><span class="k">}</span><span class="s2">"</span> <span class="se">\</span> <span class="nt">--profile</span> <span class="s2">"</span><span class="k">${</span><span class="nv">AWS_PROFILE</span><span class="k">}</span><span class="s2">"</span> <span class="o">&gt;</span> /dev/null 2&gt;&amp;1<span class="p">;</span> <span class="k">then </span><span class="nb">echo</span> <span class="s2">"Repository </span><span class="k">${</span><span class="nv">REPOSITORY_NAME</span><span class="k">}</span><span class="s2"> already exists."</span> <span class="k">else </span><span class="nb">echo</span> <span class="s2">"Repository </span><span class="k">${</span><span class="nv">REPOSITORY_NAME</span><span class="k">}</span><span class="s2"> does not exist in ECR."</span> <span class="k">fi </span><span class="nb">echo</span> <span class="s2">"Pushing image to ECR..."</span> docker push <span class="s2">"</span><span class="k">${</span><span class="nv">FULL_IMAGE_NAME</span><span class="k">}</span><span class="s2">"</span> </code></pre> </div> <h2> Example Code </h2> <h3> package.json </h3> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"project-root"</span><span class="p">,</span><span class="w"> </span><span class="nl">"version"</span><span class="p">:</span><span class="w"> </span><span class="s2">"0.0.1"</span><span class="p">,</span><span class="w"> </span><span class="nl">"scripts"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"deploy"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DOCKER_BUILDKIT=1 sh -c 'cd my_cdk_stacks &amp;&amp; npm run cdk deploy -- -c stack_name=</span><span class="se">\"</span><span class="s2">${STACK_NAME:-}</span><span class="se">\"</span><span class="s2"> --all --require-approval never'"</span><span class="p">,</span><span class="w"> </span><span class="nl">"predeploy"</span><span class="p">:</span><span class="w"> </span><span class="s2">"aws ecr get-login-password | docker login --username AWS --password-stdin $(aws sts get-caller-identity --query 'Account' --output text).dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"destroy"</span><span class="p">:</span><span class="w"> </span><span class="s2">"cd my_cdk_stacks &amp;&amp; npm run cdk destroy -- -c stack_name=</span><span class="se">\"</span><span class="s2">${STACK_NAME:-}</span><span class="se">\"</span><span class="s2"> --all"</span><span class="p">,</span><span class="w"> </span><span class="nl">"predeploy.moya.test"</span><span class="p">:</span><span class="w"> </span><span class="s2">"aws ecr get-login-password | docker login --username AWS --password-stdin $(aws sts get-caller-identity --query 'Account' --output text).dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com"</span><span class="p">,</span><span class="w"> </span><span class="nl">"deploy.moya.test"</span><span class="p">:</span><span class="w"> </span><span class="s2">"DOCKER_BUILDKIT=1 sh -c 'echo </span><span class="se">\"</span><span class="s2">moyas--$DOCKER_BUILDKIT</span><span class="se">\"</span><span class="s2"> &amp;&amp; cd my_cdk_stacks &amp;&amp; npm install &amp;&amp; cdk deploy --all --require-approval never --app </span><span class="se">\"</span><span class="s2">npx ts-node src/moya-test-stack.ts</span><span class="se">\"</span><span class="s2"> --context </span><span class="se">\"</span><span class="s2">stack_name=${STACK_NAME}</span><span class="se">\"</span><span class="s2">'"</span><span class="p">,</span><span class="w"> </span><span class="nl">"destroy.moya.test"</span><span class="p">:</span><span class="w"> </span><span class="s2">"cd my_cdk_stacks &amp;&amp; npx cdk destroy --app </span><span class="se">\"</span><span class="s2">npx ts-node src/moya-test-stack.ts</span><span class="se">\"</span><span class="s2"> -c stack_name=</span><span class="se">\"</span><span class="s2">${STACK_NAME:-}</span><span class="se">\"</span><span class="s2"> --all"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> NPM build Command </h3> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nv">CDK_VPC_ID</span><span class="o">=</span>vpc-09f66ffff5d2793de <span class="nv">STACK_NAME</span><span class="o">=</span>MoyaTestStack npm run deploy.moya.test </code></pre> </div> <h3> DockerFile </h3> <p><strong>directory:</strong> etl/prepare_data/DockerFile<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight docker"><code><span class="k">FROM</span><span class="s"> public.ecr.aws/lambda/python:3.12</span> <span class="c"># Set the working directory inside the container to Lambda's task root</span> <span class="k">WORKDIR</span><span class="s"> ${LAMBDA_TASK_ROOT}</span> <span class="c"># Copy requirements.txt first to leverage Docker's layer caching</span> <span class="k">COPY</span><span class="s"> requirements.txt .</span> <span class="c"># Install the specified packages into the Lambda task root</span> <span class="k">RUN </span>pip3 <span class="nb">install</span> <span class="nt">--target</span> <span class="s2">"</span><span class="k">${</span><span class="nv">LAMBDA_TASK_ROOT</span><span class="k">}</span><span class="s2">"</span> <span class="nt">-r</span> requirements.txt <span class="nt">--no-cache-dir</span> <span class="c"># Copy the rest of the application code to the Lambda task root</span> <span class="k">COPY</span><span class="s"> . .</span> <span class="c"># Set the CMD to the Lambda handler</span> <span class="k">CMD</span><span class="s"> [ "index.lambda_handler" ]</span> </code></pre> </div> <h3> moya-test-stack.ts </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">path</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">path</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">cdk</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">aws-cdk-lib</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Construct</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">constructs</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">AwsSolutionsChecks</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">cdk-nag</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">NagSuppressions</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">cdk-nag/lib/nag-suppressions</span><span class="dl">"</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">dotenv</span> <span class="k">from</span> <span class="dl">"</span><span class="s2">dotenv</span><span class="dl">"</span><span class="p">;</span> <span class="c1">// Load environment variables from a .env file</span> <span class="nx">dotenv</span><span class="p">.</span><span class="nf">config</span><span class="p">();</span> <span class="k">export</span> <span class="kr">interface</span> <span class="nx">MoyaTestStackProps</span> <span class="kd">extends</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">StackProps</span> <span class="p">{</span> <span class="nl">vpc</span><span class="p">?:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_ec2</span><span class="p">.</span><span class="nx">IVpc</span><span class="p">;</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">MoyaTestStack</span> <span class="kd">extends</span> <span class="nc">cdk</span><span class="p">.</span><span class="nx">Stack</span> <span class="p">{</span> <span class="nl">props</span><span class="p">:</span> <span class="nx">MoyaTestStackProps</span><span class="p">;</span> <span class="nf">constructor</span><span class="p">(</span><span class="nx">scope</span><span class="p">:</span> <span class="nx">Construct</span><span class="p">,</span> <span class="nx">id</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">props</span><span class="p">:</span> <span class="nx">MoyaTestStackProps</span><span class="p">)</span> <span class="p">{</span> <span class="k">super</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">props</span><span class="p">);</span> <span class="k">this</span><span class="p">.</span><span class="nx">props</span> <span class="o">=</span> <span class="nx">props</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">vpc</span> <span class="o">=</span> <span class="nx">props</span><span class="p">?.</span><span class="nx">vpc</span> <span class="o">??</span> <span class="k">this</span><span class="p">.</span><span class="nf">retrieveVpc</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">backendPythonProjectRoot</span> <span class="o">=</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span> <span class="nx">__dirname</span><span class="p">,</span> <span class="dl">"</span><span class="s2">../../backend/python</span><span class="dl">"</span> <span class="p">);</span> <span class="kd">const</span> <span class="nx">prepareDataFn</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nc">DockerImageFunction</span><span class="p">(</span> <span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">PrepareMoyaDataLambdV3FnV1</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nx">DockerImageCode</span><span class="p">.</span><span class="nf">fromImageAsset</span><span class="p">(</span> <span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">backendPythonProjectRoot</span><span class="p">,</span> <span class="dl">"</span><span class="s2">etl/prepare_data</span><span class="dl">"</span><span class="p">),</span> <span class="p">{</span> <span class="na">platform</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_ecr_assets</span><span class="p">.</span><span class="nx">Platform</span><span class="p">.</span><span class="nx">LINUX_ARM64</span><span class="p">,</span> <span class="na">file</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Dockerfile</span><span class="dl">"</span><span class="p">,</span> <span class="na">cmd</span><span class="p">:</span> <span class="p">[</span><span class="dl">"</span><span class="s2">index.lambda_handler</span><span class="dl">"</span><span class="p">],</span> <span class="na">buildArgs</span><span class="p">:</span> <span class="p">{</span> <span class="c1">// Issue Discussion: https://github.com/aws/aws-cdk/issues/31548</span> <span class="c1">// Fix for ECR push error - [Failed to push image: failed commit on ref, unexpected status from PUT request, 400 Bad Request]</span> <span class="na">provenance</span><span class="p">:</span> <span class="dl">"</span><span class="s2">false</span><span class="dl">"</span><span class="p">,</span> <span class="na">sbom</span><span class="p">:</span> <span class="dl">"</span><span class="s2">false</span><span class="dl">"</span><span class="p">,</span> <span class="p">},</span> <span class="p">}</span> <span class="p">),</span> <span class="na">architecture</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_lambda</span><span class="p">.</span><span class="nx">Architecture</span><span class="p">.</span><span class="nx">ARM_64</span><span class="p">,</span> <span class="na">description</span><span class="p">:</span> <span class="s2">`Prepare/Clean data - [</span><span class="p">${</span><span class="nx">cdk</span><span class="p">.</span><span class="nx">Stack</span><span class="p">.</span><span class="k">of</span><span class="p">(</span><span class="k">this</span><span class="p">).</span><span class="nx">stackName</span><span class="p">}</span><span class="s2">]`</span><span class="p">,</span> <span class="na">timeout</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">Duration</span><span class="p">.</span><span class="nf">minutes</span><span class="p">(</span><span class="mi">15</span><span class="p">),</span> <span class="na">memorySize</span><span class="p">:</span> <span class="mi">1024</span><span class="p">,</span> <span class="na">vpc</span><span class="p">:</span> <span class="nx">vpc</span><span class="p">,</span> <span class="na">vpcSubnets</span><span class="p">:</span> <span class="nx">vpc</span><span class="p">.</span><span class="nf">selectSubnets</span><span class="p">({</span> <span class="na">subnetType</span><span class="p">:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_ec2</span><span class="p">.</span><span class="nx">SubnetType</span><span class="p">.</span><span class="nx">PRIVATE_WITH_EGRESS</span><span class="p">,</span> <span class="p">}),</span> <span class="p">}</span> <span class="p">);</span> <span class="k">this</span><span class="p">.</span><span class="nf">suppressNags</span><span class="p">();</span> <span class="p">}</span> <span class="cm">/** * Retrieves the VPC (Virtual Private Cloud) based on the provided VPC ID. * Throws an error if the VPC ID is not provided via the environment variable CDK_VPC_ID. * * @returns {cdk.aws_ec2.IVpc} The VPC object retrieved from AWS CDK. * @throws {Error} Throws an error if CDK_VPC_ID environment variable is not set. */</span> <span class="nf">retrieveVpc</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">stack</span> <span class="o">=</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">Stack</span><span class="p">.</span><span class="k">of</span><span class="p">(</span><span class="k">this</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">env</span> <span class="o">=</span> <span class="nx">stack</span><span class="p">.</span><span class="nx">node</span><span class="p">.</span><span class="nf">tryGetContext</span><span class="p">(</span><span class="dl">"</span><span class="s2">env</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">vpcId</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">CDK_VPC_ID</span> <span class="o">||</span> <span class="nx">env</span><span class="p">?.</span><span class="nx">vpcId</span><span class="p">;</span> <span class="k">if </span><span class="p">(</span><span class="o">!</span><span class="nx">vpcId</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="k">new</span> <span class="nc">Error</span><span class="p">(</span><span class="dl">"</span><span class="s2">CDK_VPC_ID environment variable not set</span><span class="dl">"</span><span class="p">);</span> <span class="p">}</span> <span class="kd">const</span> <span class="nx">vpc</span> <span class="o">=</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">aws_ec2</span><span class="p">.</span><span class="nx">Vpc</span><span class="p">.</span><span class="nf">fromLookup</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">"</span><span class="s2">Vpc</span><span class="dl">"</span><span class="p">,</span> <span class="p">{</span> <span class="na">vpcId</span><span class="p">:</span> <span class="nx">vpcId</span><span class="p">,</span> <span class="p">});</span> <span class="k">return</span> <span class="nx">vpc</span><span class="p">;</span> <span class="p">}</span> <span class="k">private</span> <span class="nf">suppressNags</span><span class="p">():</span> <span class="k">void</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">stack</span> <span class="o">=</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">Stack</span><span class="p">.</span><span class="k">of</span><span class="p">(</span><span class="k">this</span><span class="p">);</span> <span class="c1">// Suppressions for AWS CDK Nag tool</span> <span class="nx">NagSuppressions</span><span class="p">.</span><span class="nf">addStackSuppressions</span><span class="p">(</span> <span class="nx">stack</span><span class="p">,</span> <span class="p">[</span> <span class="p">{</span> <span class="na">id</span><span class="p">:</span> <span class="dl">"</span><span class="s2">AwsSolutions-IAM4</span><span class="dl">"</span><span class="p">,</span> <span class="na">reason</span><span class="p">:</span> <span class="dl">"</span><span class="s2">AWS managed policies are permitted for demo purposes</span><span class="dl">"</span><span class="p">,</span> <span class="na">appliesTo</span><span class="p">:</span> <span class="p">[</span> <span class="c1">// Specify the AWS managed policies allowed in this CDK stack.</span> <span class="c1">// These policies must be specific and non-overly permissive.</span> <span class="c1">// For example, avoid policies like AmazonS3FullAccess, AmazonSageMakerFullAccess.</span> <span class="dl">"</span><span class="s2">Policy::arn:&lt;AWS::Partition&gt;:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">Policy::arn:&lt;AWS::Partition&gt;:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole</span><span class="dl">"</span><span class="p">,</span> <span class="p">],</span> <span class="p">},</span> <span class="p">],</span> <span class="kc">true</span> <span class="p">);</span> <span class="p">}</span> <span class="p">}</span> <span class="c1">//-----------------------------</span> <span class="c1">// CDK deploy</span> <span class="c1">//-----------------------------</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">cdk</span><span class="p">.</span><span class="nc">App</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">stackName</span> <span class="o">=</span> <span class="nx">app</span><span class="p">.</span><span class="nx">node</span><span class="p">.</span><span class="nf">tryGetContext</span><span class="p">(</span><span class="dl">"</span><span class="s2">stack_name</span><span class="dl">"</span><span class="p">)</span> <span class="o">||</span> <span class="dl">"</span><span class="s2">MoyaTestStack</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">account</span> <span class="o">=</span> <span class="nx">app</span><span class="p">.</span><span class="nx">node</span><span class="p">.</span><span class="nf">tryGetContext</span><span class="p">(</span><span class="dl">"</span><span class="s2">account</span><span class="dl">"</span><span class="p">)</span> <span class="o">||</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">CDK_DEPLOY_ACCOUNT</span> <span class="o">||</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">CDK_DEFAULT_ACCOUNT</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">region</span> <span class="o">=</span> <span class="nx">app</span><span class="p">.</span><span class="nx">node</span><span class="p">.</span><span class="nf">tryGetContext</span><span class="p">(</span><span class="dl">"</span><span class="s2">region</span><span class="dl">"</span><span class="p">)</span> <span class="o">||</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">CDK_DEPLOY_REGION</span> <span class="o">||</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">CDK_DEFAULT_REGION</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">moyaTestStack</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">MoyaTestStack</span><span class="p">(</span><span class="nx">app</span><span class="p">,</span> <span class="nx">stackName</span><span class="p">,</span> <span class="p">{</span> <span class="na">env</span><span class="p">:</span> <span class="p">{</span> <span class="na">account</span><span class="p">:</span> <span class="nx">account</span><span class="p">,</span> <span class="na">region</span><span class="p">:</span> <span class="nx">region</span><span class="p">,</span> <span class="p">},</span> <span class="p">});</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">Aspects</span><span class="p">.</span><span class="k">of</span><span class="p">(</span><span class="nx">app</span><span class="p">).</span><span class="nf">add</span><span class="p">(</span> <span class="k">new</span> <span class="nc">AwsSolutionsChecks</span><span class="p">({</span> <span class="na">logIgnores</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">verbose</span><span class="p">:</span> <span class="kc">true</span> <span class="p">})</span> <span class="p">);</span> <span class="nx">app</span><span class="p">.</span><span class="nf">synth</span><span class="p">();</span> </code></pre> </div> The dreaded AWS error : Cannot find version xx.x for postgres Moya Richards Thu, 17 Mar 2022 02:52:10 +0000 https://dev.to/aws-builders/the-dreaded-aws-error-cannot-find-version-xxx-for-postgres-3gkp https://dev.to/aws-builders/the-dreaded-aws-error-cannot-find-version-xxx-for-postgres-3gkp <p>When creating an AWS stack containing a postgres database table, you might received this error:</p> <h1> Error </h1> <p><code>Cannot find version 12.3 for postgres (Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterCombination</code></p> <p><code>Cannot find upgrade path from 14.2 to 12.3. (Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterCombination</code></p> <h3> Erroneous code </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">engine</span> <span class="o">=</span> <span class="nx">DatabaseInstanceEngine</span><span class="p">.</span><span class="nf">postgres</span><span class="p">({</span> <span class="na">version</span><span class="p">:</span> <span class="nx">PostgresEngineVersion</span><span class="p">.</span><span class="nx">VER_12_3</span> <span class="p">});</span> </code></pre> </div> <p>Now this error code : <strong>InvalidParameterCombination</strong>, and the the message: <code>Cannot find version 12.3 for postgres</code> is not very explicit and doesn't explain what the real issue is. </p> <p>What the error really means is that version <strong>12.3</strong> for postgres is depreciated and any reference to that version, or any version you are having an issue with, should be removed from your code and replaced with a supported version.</p> <h1> The real issue </h1> <p>AWS requires that you specify the version number for the database when it is being created. However, AWS doesn't keep all versions of that database around indefinitely. </p> <p>AWS depreciates certain versions, so at some point in the future you will have to <strong>change the code to use a supported version</strong> of that database.</p> <h1> How to fix the error? </h1> <p><strong>Specify a supported version of the database</strong></p> <h3> Fixed code: version 1 </h3> <p>| <b>Simple code</b>|<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">engine</span> <span class="o">=</span> <span class="nx">DatabaseInstanceEngine</span><span class="p">.</span><span class="nf">postgres</span><span class="p">({</span> <span class="na">version</span><span class="p">:</span> <span class="nx">PostgresEngineVersion</span><span class="p">.</span><span class="nx">VER_14_2</span> <span class="p">});</span> </code></pre> </div> <h3> Fixed code: version 2 </h3> <p>Use version 2 of the fix, if you don't like to hardcore values in your code that are expected to change.</p> <p>| <b>Superior code fix</b>|<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="cm">/** * Store values in environment variables * @see https://www.npmjs.com/package/dotenv */</span> <span class="kd">const</span> <span class="nx">postgresFullVersion</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">POSTGRESFULLVERSION</span> <span class="o">??</span> <span class="dl">"</span><span class="s2">14.2</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">postgresMajorVersion</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">POSTGRESMAJORVERSION</span> <span class="o">??</span> <span class="dl">"</span><span class="s2">14</span><span class="dl">"</span><span class="p">;</span> <span class="cm">/** * Generate the postgres engine version from the values in the environment variable */</span> <span class="kd">const</span> <span class="nx">engine</span> <span class="o">=</span> <span class="nx">DatabaseInstanceEngine</span><span class="p">.</span><span class="nf">postgres</span><span class="p">({</span> <span class="na">version</span><span class="p">:</span> <span class="nx">PostgresEngineVersion</span><span class="p">.</span><span class="k">of</span><span class="p">(</span> <span class="nx">postgresFullVersion</span><span class="p">,</span> <span class="nx">postgresMajorVersion</span><span class="p">,</span> <span class="p">),</span> <span class="p">});</span> </code></pre> </div> <h1> How to know which versions of the database is Depreciated and supported </h1> <ul> <li>Visit the AWS website </li> </ul> <p><a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html" rel="noopener noreferrer">https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html</a></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fvr32qz2nfemoiljow45r.png" alt="Depreciated versions of postgres database" width="800" height="473"></th> </tr> </thead> <tbody> <tr> <td><b>Image: Depreciated 12.x versions of postgres</b></td> </tr> </tbody> </table></div> <ul> <li>or Run the <a href="https://aws.amazon.com/cli/" rel="noopener noreferrer">AWS CLI</a> code below </li> </ul> <p>After running the command, scroll all the way to the end of the list to see the most recent version of the database supported by AWS<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>aws rds describe-db-engine-versions <span class="nt">--engine</span> postgres <span class="nt">--output</span> table </code></pre> </div> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fawaq8k3ikz51hemmxcv8.png" alt="AWS CLI view of current version of postgres" width="800" height="429"></th> </tr> </thead> <tbody> <tr> <td><b>Image: AWS CLI view of current version of postgres</b></td> </tr> </tbody> </table></div> <h3> AWS stack creation code (contains error) </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Stack</span><span class="p">,</span> <span class="nx">StackProps</span><span class="p">,</span> <span class="nx">CfnOutput</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Construct</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">constructs</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Vpc</span><span class="p">,</span> <span class="nx">InstanceType</span><span class="p">,</span> <span class="nx">InstanceSize</span><span class="p">,</span> <span class="nx">InstanceClass</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/aws-ec2</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DatabaseInstance</span><span class="p">,</span> <span class="nx">DatabaseInstanceEngine</span><span class="p">,</span> <span class="nx">PostgresEngineVersion</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/aws-rds</span><span class="dl">'</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">CdkRdsStack</span> <span class="kd">extends</span> <span class="nc">Stack</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="nx">scope</span><span class="p">:</span> <span class="nx">Construct</span><span class="p">,</span> <span class="nx">id</span><span class="p">:</span> <span class="nx">string</span><span class="p">,</span> <span class="nx">props</span><span class="p">?:</span> <span class="nx">StackProps</span><span class="p">)</span> <span class="p">{</span> <span class="k">super</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">props</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">vpc</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Vpc</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">TestVpc</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">cidr</span><span class="p">:</span> <span class="dl">'</span><span class="s1">10.192.0.0/16</span><span class="dl">'</span><span class="p">,</span> <span class="na">maxAzs</span><span class="p">:</span> <span class="mi">2</span><span class="p">,</span> <span class="na">natGateways</span><span class="p">:</span> <span class="mi">1</span><span class="p">,</span> <span class="na">enableDnsHostnames</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">enableDnsSupport</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="c1">//Erroneous Line </span> <span class="c1">//--------------------------</span> <span class="kd">const</span> <span class="nx">engine</span> <span class="o">=</span> <span class="nx">DatabaseInstanceEngine</span><span class="p">.</span><span class="nf">postgres</span><span class="p">({</span> <span class="na">version</span><span class="p">:</span> <span class="nx">PostgresEngineVersion</span><span class="p">.</span><span class="nx">VER_12_3</span> <span class="p">});</span> <span class="c1">//--------------------------</span> <span class="kd">const</span> <span class="nx">dbInstance</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">DatabaseInstance</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Test_Postgres_CDK</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="nx">engine</span><span class="p">,</span> <span class="nx">vpc</span><span class="p">,</span> <span class="na">iamAuthentication</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">instanceType</span><span class="p">:</span> <span class="nx">InstanceType</span><span class="p">.</span><span class="k">of</span><span class="p">(</span> <span class="nx">InstanceClass</span><span class="p">.</span><span class="nx">BURSTABLE3</span><span class="p">,</span> <span class="nx">InstanceSize</span><span class="p">.</span><span class="nx">MICRO</span> <span class="p">),</span> <span class="na">databaseName</span><span class="p">:</span> <span class="dl">'</span><span class="s1">test_postgres</span><span class="dl">'</span> <span class="p">});</span> <span class="k">new</span> <span class="nc">CfnOutput</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">dbEndpoint</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">value</span><span class="p">:</span> <span class="nx">dbInstance</span><span class="p">.</span><span class="nx">instanceEndpoint</span><span class="p">.</span><span class="nx">hostname</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <h3> AWS stack creation code (fixed code) </h3> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="k">import</span> <span class="p">{</span> <span class="nx">Stack</span><span class="p">,</span> <span class="nx">StackProps</span><span class="p">,</span> <span class="nx">CfnOutput</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Construct</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">constructs</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Vpc</span><span class="p">,</span> <span class="nx">InstanceType</span><span class="p">,</span> <span class="nx">InstanceSize</span><span class="p">,</span> <span class="nx">InstanceClass</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/aws-ec2</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">DatabaseInstance</span><span class="p">,</span> <span class="nx">DatabaseInstanceEngine</span><span class="p">,</span> <span class="nx">PostgresEngineVersion</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/aws-rds</span><span class="dl">'</span><span class="p">;</span> <span class="kd">class</span> <span class="nc">CdkRdsStack</span> <span class="kd">extends</span> <span class="nc">Stack</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="nx">scope</span><span class="p">:</span> <span class="nx">Construct</span><span class="p">,</span> <span class="nx">id</span><span class="p">:</span> <span class="nx">string</span><span class="p">,</span> <span class="nx">props</span><span class="p">?:</span> <span class="nx">StackProps</span><span class="p">)</span> <span class="p">{</span> <span class="k">super</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">props</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">vpc</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">Vpc</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">TestVpc</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">cidr</span><span class="p">:</span> <span class="dl">'</span><span class="s1">10.192.0.0/16</span><span class="dl">'</span><span class="p">,</span> <span class="na">maxAzs</span><span class="p">:</span> <span class="mi">2</span><span class="p">,</span> <span class="na">natGateways</span><span class="p">:</span> <span class="mi">1</span><span class="p">,</span> <span class="na">enableDnsHostnames</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">enableDnsSupport</span><span class="p">:</span> <span class="kc">true</span> <span class="p">});</span> <span class="c1">//--- Erroneous Line </span> <span class="c1">//const engine = DatabaseInstanceEngine.postgres({ version: PostgresEngineVersion.VER_12_3 });</span> <span class="c1">//simple fix : version 1</span> <span class="c1">//const engine = DatabaseInstanceEngine.postgres({ version: PostgresEngineVersion.VER_14_2 });</span> <span class="c1">//--------------------------</span> <span class="c1">//--- start : superior code fix , version 2</span> <span class="kd">const</span> <span class="nx">postgresFullVersion</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">POSTGRESMAJORVERSION</span> <span class="o">??</span> <span class="dl">"</span><span class="s2">14.2</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">postgresMajorVersion</span> <span class="o">=</span> <span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">POSTGRESENGINEVERSION</span> <span class="o">??</span> <span class="dl">"</span><span class="s2">14</span><span class="dl">"</span><span class="p">;</span> <span class="kd">const</span> <span class="nx">engine</span> <span class="o">=</span> <span class="nx">DatabaseInstanceEngine</span><span class="p">.</span><span class="nf">postgres</span><span class="p">({</span> <span class="na">version</span><span class="p">:</span> <span class="nx">PostgresEngineVersion</span><span class="p">.</span><span class="k">of</span><span class="p">(</span> <span class="nx">postgresFullVersion</span><span class="p">,</span> <span class="nx">postgresMajorVersion</span><span class="p">,</span> <span class="p">),</span> <span class="p">});</span> <span class="c1">//--- end : superior code fix</span> <span class="c1">//--------------------------</span> <span class="kd">const</span> <span class="nx">dbInstance</span> <span class="o">=</span> <span class="k">new</span> <span class="nc">DatabaseInstance</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">Test_Postgres_CDK</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="nx">engine</span><span class="p">,</span> <span class="na">allowMajorVersionUpgrade</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="nx">vpc</span><span class="p">,</span> <span class="na">iamAuthentication</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="na">instanceType</span><span class="p">:</span> <span class="nx">InstanceType</span><span class="p">.</span><span class="k">of</span><span class="p">(</span> <span class="nx">InstanceClass</span><span class="p">.</span><span class="nx">BURSTABLE3</span><span class="p">,</span> <span class="nx">InstanceSize</span><span class="p">.</span><span class="nx">MICRO</span> <span class="p">),</span> <span class="na">databaseName</span><span class="p">:</span> <span class="dl">'</span><span class="s1">test_postgres</span><span class="dl">'</span> <span class="p">});</span> <span class="k">new</span> <span class="nc">CfnOutput</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">dbEndpoint</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">value</span><span class="p">:</span> <span class="nx">dbInstance</span><span class="p">.</span><span class="nx">instanceEndpoint</span><span class="p">.</span><span class="nx">hostname</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> javascript aws serverless postgres Zsh - install git plugin and theme Moya Richards Thu, 18 Nov 2021 16:31:43 +0000 https://dev.to/moyarich/zsh-install-git-plugin-and-theme-gaj https://dev.to/moyarich/zsh-install-git-plugin-and-theme-gaj <div class="table-wrapper-paragraph"><table> <thead> <tr> <th><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3yp3ttcu1253xer27hpj.png" alt="display GIT information in terminal"></th> </tr> </thead> <tbody> <tr> <td><h2>Want your terminal to display information about GIT? If the answer is <code>YES</code>, let's get to it.</h2></td> </tr> </tbody> </table></div> <h1> Check if Zsh is installed </h1> <p>Every new Mac uses the Z shell (Zsh) by default, but if it is not available to your system install it using Homebrew.</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="nb">echo</span> <span class="nv">$SHELL</span> </code></pre> </div> <p>Expected result of the <code>echo $SHELL</code> command : <code>/bin/zsh</code></p> <p><strong>Install zsh using Homebrew(if it is not installed):</strong></p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> brew <span class="nb">install </span>zsh <span class="c"># Set zsh as your default shell</span> chsh <span class="nt">-s</span> <span class="si">$(</span>which zsh<span class="si">)</span> </code></pre> </div> <h1> Install Oh My Zsh </h1> <p>Open terminal, run the command</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> sh <span class="nt">-c</span> <span class="s2">"</span><span class="si">$(</span>curl <span class="nt">-fsSL</span> https://raw.githubusercontent.com/ohmyzsh/ohmyzsh/master/tools/install.sh<span class="si">)</span><span class="s2">"</span> </code></pre> </div> <h1> Modify your Oh My Zsh settings </h1> <p>The configuration file for zsh is called .zshrc and lives in your home folder (~/.zshrc).</p> <p>locate that file and open it</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> open ~/.zshrc </code></pre> </div> <h1> Modify your Plugins </h1> <p>Add plugins to your shell by adding the name of the plugin to the plugin array in the <code>~/.zshrc</code> file. Separate the names of plugins with a space</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="nv">plugins</span><span class="o">=(</span>git<span class="o">)</span> </code></pre> </div> <h1> Change your Theme </h1> <p>Changing theme is as simple as changing a string in your configuration file. The default theme is <code>robbyrussell</code>. Just change that value to the change theme, and don't forget to .</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="nv">ZSH_THEME</span><span class="o">=</span>pygmalion </code></pre> </div> <h1> Apply your changes </h1> <p>To apply the changes you have made to the theme or plugins you need to either </p> <ol> <li><p>start a new shell instance </p></li> <li><p>reload the configuration for the current shell</p></li> </ol> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="c">#reload configuration</span> <span class="nb">source</span> ~/.zshrc </code></pre> </div> <h1> Install fonts: </h1> <p><strong>You must select a font in the Terminal Preferences, under Profiles, for your zsh theme to display properly</strong> </p> <p>Most Zsh themes use the powerline fonts, so let's install them. </p> <p>** Install powerline fonts **</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> <span class="c"># clone</span> git clone https://github.com/powerline/fonts.git <span class="nt">--depth</span><span class="o">=</span>1 <span class="c"># install</span> <span class="nb">cd </span>fonts ./install.sh <span class="c"># clean-up a bit</span> <span class="nb">cd</span> .. <span class="nb">rm</span> <span class="nt">-rf</span> fonts </code></pre> </div> <h3> Change Font in the Mac OS X Terminal </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fm4eqlivt9muiflwu7wgh.png" alt="Image of Terminal without font"></th> </tr> </thead> <tbody> <tr> <td><b>Image of Terminal without font</b></td> </tr> </tbody> </table></div> <ul> <li><p>Open Terminal, then navigate to Terminal Preferences &gt; Profiles &gt; Font , then click the <code>Change</code> button.</p></li> <li><p>Select <code>Ubuntu Mono derivative Powerline</code> and set the font size to your liking.</p></li> <li><p>Close preferences, and quit Terminal.</p></li> </ul> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F96as74ujzecr9465ir4a.png" alt="Image of Terminal with font"></th> </tr> </thead> <tbody> <tr> <td><b>Expected Result: Image of Terminal with font</b></td> </tr> </tbody> </table></div> <h3> Change Font for Terminal in Visual Studio Code? </h3> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fx3vqweby6vmy06laq8wu.png" alt="Image of Terminal in Visual Studio Code without font"></th> </tr> </thead> <tbody> <tr> <td><b>Image of Terminal in Visual Studio Code without font</b></td> </tr> </tbody> </table></div> <p><strong>Open settings.json in VSCode</strong></p> <p>Press <code>command + shift + p</code> in your VSCode window. Then, search for <code>settings.json</code> and open it.<br> <a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr76donoaszlms7kdd5d5.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr76donoaszlms7kdd5d5.png" alt="Command Palette-settings.json"></a></p> <p>Add this line to the <code>settings.json</code> :</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code> <span class="p">{</span> <span class="dl">"</span><span class="s2">terminal.integrated.defaultProfile.osx</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">zsh</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">terminal.integrated.fontFamily</span><span class="dl">"</span><span class="p">:</span> <span class="dl">"</span><span class="s2">Ubuntu Mono derivative Powerline</span><span class="dl">"</span><span class="p">,</span> <span class="dl">"</span><span class="s2">terminal.integrated.fontSize</span><span class="dl">"</span><span class="p">:</span> <span class="mi">12</span> <span class="p">}</span> </code></pre> </div> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw5bema0kx7xumojqlq1j.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw5bema0kx7xumojqlq1j.png" alt="settings.json code"></a></p> <div class="table-wrapper-paragraph"><table> <thead> <tr> <th><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F3yp3ttcu1253xer27hpj.png" alt="Image of Terminal in Visual Studio Code with font"></th> </tr> </thead> <tbody> <tr> <td><b>Image of Terminal in Visual Studio Code with font</b></td> </tr> </tbody> </table></div> How to find the storage location of Docker images and containers on a mac Moya Richards Wed, 17 Mar 2021 00:20:49 +0000 https://dev.to/moyarich/how-to-find-the-storage-location-of-docker-images-and-containers-on-a-mac-369i https://dev.to/moyarich/how-to-find-the-storage-location-of-docker-images-and-containers-on-a-mac-369i <p>Finding the location of docker images is a chore on a mac. Usually on most systems, you can see where the images and containers are located by running the command <code>docker info</code> but no, that does not work on a mac. You see that command will tell you that the root directory is located at <code>/var/lib/docker</code> , which on a mac is a non-existent directory.</p> <blockquote> <p>There are two primary ways to get to this directory. Try option <strong>1</strong> first, if it does not work try option <strong>2</strong></p> </blockquote> <h1> Here is a little background information on the docker directory </h1> <p>On a mac our docker files are located inside of a virtual machine which is located in our user library directory: <code>~/Library/Containers/com.docker.docker/</code></p> <p>This directory is easy to get to from the <strong>terminal</strong>, but if you try to get there via the <strong>finder</strong> you might notice that <strong>com.docker.docker</strong> does not appear visually under that directory name. When you navigate to <code>~/Library/Containers</code> you will see the folder name <strong>Docker</strong> instead. Take note, that is the <strong>com.docker.docker</strong> directory</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyhejyl52iwr07qxxjlxl.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyhejyl52iwr07qxxjlxl.png" alt="docker directory"></a></p> <p><em>Now to get to the root directory <code>/var/lib/docker</code> we must access the docker virtual machine being used on our mac.</em></p> <h1> Option 1 </h1> <p>Use the terminal application <strong>screen</strong>.</p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code> screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty </code></pre> </div> <p>You <strong>should</strong> see a screen, where you can enter the command</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> cd /var/lib/docker </code></pre> </div> <h1> Option 2 </h1> <p>Now if you are unlucky and you get a <strong>permission denied</strong> error, you will need to try to access the docker virtual machine through a docker image:</p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzz7hlz5hpltlavsh6juc.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fzz7hlz5hpltlavsh6juc.png" alt="Alt Text"></a></p> <p>To get around this error, we will install a <strong>debian</strong> docker image, run it, then enter the container with the <a href="https://www.tutorialspoint.com/docker/docker_containers_and_shells.htm" rel="noopener noreferrer">nsenter</a> tool</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh </code></pre> </div> <p>This will open the <strong>debian</strong> image and allow us to browse around the docker files via the <strong>sh</strong> shell</p> <p>Now that the shell is available. let's type the command</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code> cd /var/lib/docker </code></pre> </div> <p>If the default storage driver <strong>overlay2</strong> was used, then your Docker images are stored in the directory <code>/var/lib/docker/overlay2</code></p> <p><a href="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjid4hy8y4myujz0sp8ej.png" class="article-body-image-wrapper"><img src="https://media.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fjid4hy8y4myujz0sp8ej.png" alt="docker files"></a></p> <p>To get a detailed explanation of the <strong>docker run</strong> flags, type <code>docker run --help</code> command in the terminal.</p> <h2> Sources </h2> <p>Learn more about <a href="https://www.redhat.com/sysadmin/container-namespaces-nsenter" rel="noopener noreferrer">nsenter</a> linux tool on the redhat linux website.</p> <p><a href="https://timonweb.com/docker/getting-path-and-accessing-persistent-volumes-in-docker-for-mac/" rel="noopener noreferrer">Getting path and accessing persistent volumes in Docker for Mac</a> by Tim Kamanin </p> <p><a href="https://github.com/docker/for-mac/issues/4822" rel="noopener noreferrer">Github : docker can't access volume with screen<br> docker</a></p> devops docker macos unix Simplifying: Stacks and Queues Moya Richards Tue, 09 Jun 2020 22:36:03 +0000 https://dev.to/moyarich/simplifying-stacks-and-queues-1i3h https://dev.to/moyarich/simplifying-stacks-and-queues-1i3h <p><a href="https://res.cloudinary.com/practicaldev/image/fetch/s--JtdLXgaY--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/khmy0stm6k8gldct97yi.jpg" class="article-body-image-wrapper"><img src="https://res.cloudinary.com/practicaldev/image/fetch/s--JtdLXgaY--/c_limit%2Cf_auto%2Cfl_progressive%2Cq_auto%2Cw_880/https://dev-to-uploads.s3.amazonaws.com/i/khmy0stm6k8gldct97yi.jpg" alt="Simplifying: Stacks and Queues"></a></p> <p>Stacks and queues: this is how I remember them:</p> <p><strong>Stacks:</strong> I picture something vertical: a pile of plates,a bottle.</p> <p><strong>Queues:</strong> I picture something horizontal: a pipe, a line (I join first, I get served first).</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Stacks - LIFO: you can only add(append, push) and remove(pop) from the back(top,end). Queues - FIFO : add (enqueue,append) to the back(rear), only remove(dequeue,popleft) from the front . </code></pre> </div> <p>LIFO : Last in, first out. <br> FIFO : first in, first out. </p> <p>If you are JavaScript developer, you are unconsciously working with stacks and queues everyday:</p> <ul> <li>You use stacks every time you run your code: "function call stack".</li> <li>You use queues every time you run asynchronous code: "The event queue" of the event loop.</li> </ul> <p>Here are some examples of stacks and queues in the real world:</p> <p><strong>Stack:</strong></p> <ul> <li>Your favorite text editor: undo/redo feature.</li> <li>Backtracking: your browsers "back" button.</li> <li>Reverse : try to reverse your name.</li> </ul> <p><strong>Queue:</strong></p> <ul> <li>Order processing: you stand 6 feet apart from everyone as you wait in line to place your order with a cashier.</li> <li>Message processing: your long SMS messages are stored in a queue( messages are sent in the order they are received). Test this feature out on twitter by exceeding your 143 character limit</li> </ul> <p>Now, how have you used stacks and queues consciously in your career?</p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>Let's talk about your usage of these data structures or concepts in your projects. </code></pre> </div> <ul> <li><p>I coded a Java paint application to draw shapes on a canvas : <a href="https://github.com/moyarich/JPaint">https://github.com/moyarich/JPaint</a>.</p></li> <li><p>I used the open source <a href="https://github.com/OptimalBits/bull">bull queue manager</a> in my project to control the pace at which I send data to a API. Each subsequent item is sent to the API, after it connects to my webhook url. I wrote this custom function(<a href="https://gist.github.com/moyarich/4d6735b8d417c5e2f7e5f03469d32fb7)to">https://gist.github.com/moyarich/4d6735b8d417c5e2f7e5f03469d32fb7)to</a> get bull queue to manually process only one job in the queue on demand.</p></li> </ul> stack queue computerscience javascript What style have you picked up from another developer that you are still using? Moya Richards Thu, 16 Apr 2020 19:06:02 +0000 https://dev.to/moyarich/what-style-have-you-picked-up-from-another-developer-that-you-are-still-using-1iga https://dev.to/moyarich/what-style-have-you-picked-up-from-another-developer-that-you-are-still-using-1iga <p>Good coding style is like correct punctuation: you can manage without it, butitsuremakesthingseasiertoread. – The Tidyverse Style Guide by Hadley Wickham</p> <p>What style have you picked up from another developer that you are still using?</p> <p>I picked up a style for renaming a thing that I want to archive such as a file, a folder, a database file, etc.</p> <p>This pattern is zxYYYYMMDD_name</p> <p>it starts with zx so that when I order the list alphabetically it will always appear at the bottom.</p> <p>Yes, I have been brainwashed, so now everything I manually archive starts off that way.</p> <p>For example, I have an Oracle MySQL database called example_db that I want to make major changes. Before I mess with it I copy it, then label the copy.</p> <p>zx20200416_example_db</p> <p>Chances are that if you have ever asked me to help you with code and I have had to touch your files, you have seen me do this. </p> <p>And another thing: how often do you randomly read style guides on the internet to improve the quality of your code?</p> <p>Here are some fun ones:<br> Google JavaScript Style Guide: <a href="https://google.github.io/styleguide/jsguide.html#file-name">https://google.github.io/styleguide/jsguide.html#file-name</a></p> <p>Sql Style Guide : <a href="https://www.sqlstyle.guide/">https://www.sqlstyle.guide/</a></p> <p>#codingstorytime </p> styleguide javascript productivity How to connect Node.js to IBM DB2 database - Linux Moya Richards Tue, 25 Feb 2020 18:26:52 +0000 https://dev.to/moyarich/how-to-connect-node-js-to-ibm-db2-database-linux-2ba7 https://dev.to/moyarich/how-to-connect-node-js-to-ibm-db2-database-linux-2ba7 <p>Operation system: Centos OS</p> <h1> TOC </h1> <ul> <li>Install ODBC driver on Linux</li> <li>Install unixODBC package to access databases</li> <li>Configure odbcinst.ini</li> <li>Configure odbc.ini</li> <li>Test the database connection</li> </ul> <h1> Install ODBC driver on Linux <a></a> </h1> <p>Install instructions taken from here: <a href="https://github.com/IBM/ibmi-oss-examples/blob/master/odbc/odbc.md">https://github.com/IBM/ibmi-oss-examples/blob/master/odbc/odbc.md</a></p> <p>To get the driver, visit the <a href="https://www.ibm.com/support/pages/node/633843">IBM i Access - Client Solutions</a> page and select <a href="https://www-01.ibm.com/marketing/iwm/platform/mrs/assets?source=swg-ia">Downloads for IBM i Access Client Solutions</a>. After logging in and redirected to the IBM I Access Client Solutions Download page, select the Download using http tab then scroll down and download the ACS Linux App Pkg.</p> <p>In this package, there is a README that will help explain how to install the driver with either with RPMs or DEBs, depending on your Linux distribution. Just know that when you install the driver, it should pull in all of the packages you need to create an ODBC connection to Db2 for i from your Linux system.</p> <h1> Install unixODBC package to access databases<a></a> </h1> <h3> To get ODBC working we need to install the unixODBC package </h3> <p>The unixODBC package can be used to access databases through the ODBC<br> drivers.</p> <p>Install unixODBC-devel rpm package:<br> </p> <p><code># yum install unixODBC-devel</code><br> </p> <p>To verify whether unixODBC is installed, execute the following commands:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code># which odbcinst # which isql </code></pre> </div> <h1> configure odbcinst.ini <a></a> </h1> <blockquote> <p>Verify the driver data stored in odbcinst.ini</p> </blockquote> <p>file location: <strong>/etc/odbcinst.ini</strong><br> The location of this file can also be found by running<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code># odbcinst -j </code></pre> </div> <p>The odbcinst.ini file maps all of the files needed for the driver to operate properly. The odbcinst.ini usually looks like this. If your copy is missing information about IBM go ahead and add it</p> <h2> odbcinst.ini </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="o">[</span>PostgreSQL] <span class="nv">Description</span><span class="o">=</span>ODBC <span class="k">for </span>PostgreSQL <span class="nv">Driver</span><span class="o">=</span>/usr/lib/psqlodbcw.so <span class="nv">Setup</span><span class="o">=</span>/usr/lib/libodbcpsqlS.so <span class="nv">Driver64</span><span class="o">=</span>/usr/lib64/psqlodbcw.so <span class="nv">Setup64</span><span class="o">=</span>/usr/lib64/libodbcpsqlS.so <span class="nv">FileUsage</span><span class="o">=</span>1 <span class="o">[</span>MySQL] <span class="nv">Description</span><span class="o">=</span>ODBC <span class="k">for </span>MySQL <span class="nv">Driver</span><span class="o">=</span>/usr/lib/libmyodbc5.so <span class="nv">Setup</span><span class="o">=</span>/usr/lib/libodbcmyS.so <span class="nv">Driver64</span><span class="o">=</span>/usr/lib64/libmyodbc5.so <span class="nv">Setup64</span><span class="o">=</span>/usr/lib64/libodbcmyS.so <span class="nv">FileUsage</span><span class="o">=</span>1 <span class="o">[</span>IBM i Access ODBC Driver] <span class="nv">Description</span><span class="o">=</span>IBM i Access <span class="k">for </span>Linux ODBC Driver <span class="nv">Driver</span><span class="o">=</span>/opt/ibm/iaccess/lib/libcwbodbc.so <span class="nv">Setup</span><span class="o">=</span>/opt/ibm/iaccess/lib/libcwbodbcs.so <span class="nv">Driver64</span><span class="o">=</span>/opt/ibm/iaccess/lib64/libcwbodbc.so <span class="nv">Setup64</span><span class="o">=</span>/opt/ibm/iaccess/lib64/libcwbodbcs.so <span class="nv">Threading</span><span class="o">=</span>0 <span class="nv">DontDLClose</span><span class="o">=</span>1 <span class="nv">UsageCount</span><span class="o">=</span>1 <span class="o">[</span>IBM i Access ODBC Driver 64-bit] <span class="nv">Description</span><span class="o">=</span>IBM i Access <span class="k">for </span>Linux 64-bit ODBC Driver <span class="nv">Driver</span><span class="o">=</span>/opt/ibm/iaccess/lib64/libcwbodbc.so <span class="nv">Setup</span><span class="o">=</span>/opt/ibm/iaccess/lib64/libcwbodbcs.so <span class="nv">Threading</span><span class="o">=</span>0 <span class="nv">DontDLClose</span><span class="o">=</span>1 <span class="nv">UsageCount</span><span class="o">=</span>1 </code></pre> </div> <h1> Configure odbc.ini <a></a> </h1> <blockquote> <p>create ODBC.ini</p> </blockquote> <p>File location for the SYSTEM DATA SOURCES: <br> *<em>/etc/odbc.ini *</em></p> <ul> <li><p>The name of the DSN should be placed within the [] brackets</p></li> <li><p>The name of the driver specified in the Driver keyword must match the name of a driver defined in the odbcinst.ini.<br> </p></li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>vi /etc/odbc.ini </code></pre> </div> <p>Copy and paste details below<br> press the "Esc" key, then type ":wq"</p> <h2> ODBC.ini </h2> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="o">[</span>usrProd] Description <span class="o">=</span> IBM i Access <span class="k">for </span>Linux ODBC data <span class="nb">source </span>Driver <span class="o">=</span> IBM i Access ODBC Driver System <span class="o">=</span> 192.168.1.225 Naming <span class="o">=</span> 0 DefaultLibraries <span class="o">=</span> usrsadbtst TrueAutoCommit <span class="o">=</span> 1 UserID <span class="o">=</span> username1 Password <span class="o">=</span> password1 </code></pre> </div> <h1> Test the database connection <a></a> </h1> <h2> Create node application </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>mkdir -p /var/www/node-apps/obdc_test cd /var/www/node-apps/obdc_test npm init -y </code></pre> </div> <h2> Install node ODBC package </h2> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>npm install odbc vi /var/www/node-apps/obdc_test/app.js </code></pre> </div> <p>copy and paste details below<br> press the "Esc" key, then type ":wq"</p> <div class="highlight js-code-highlight"> <pre class="highlight javascript"><code><span class="kd">const</span> <span class="nx">odbc</span> <span class="o">=</span> <span class="nx">require</span><span class="p">(</span><span class="dl">"</span><span class="s2">odbc</span><span class="dl">"</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">cn</span> <span class="o">=</span> <span class="dl">"</span><span class="s2">DSN=usrProd;UID=username1;PWD=password1</span><span class="dl">"</span><span class="p">;</span> <span class="nx">odbc</span><span class="p">.</span><span class="nx">connect</span><span class="p">(</span><span class="nx">cn</span><span class="p">,</span> <span class="p">(</span><span class="nx">error</span><span class="p">,</span> <span class="nx">connection</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="nx">connection</span><span class="p">.</span><span class="nx">query</span><span class="p">(</span> <span class="dl">"</span><span class="s2">SELECT * FROM QIWS.QCUSTCDT FETCH FIRST 6 ROWS ONLY</span><span class="dl">"</span><span class="p">,</span> <span class="p">(</span><span class="nx">error</span><span class="p">,</span> <span class="nx">result</span><span class="p">)</span> <span class="o">=&gt;</span> <span class="p">{</span> <span class="k">if</span> <span class="p">(</span><span class="nx">error</span><span class="p">)</span> <span class="p">{</span> <span class="k">throw</span> <span class="nx">error</span><span class="p">;</span> <span class="p">}</span> <span class="nx">console</span><span class="p">.</span><span class="nx">log</span><span class="p">(</span><span class="nx">result</span><span class="p">);</span> <span class="p">}</span> <span class="p">);</span> <span class="p">});</span> </code></pre> </div> <p>Run node application:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>node /var/www/node-apps/obdc_test/app.js </code></pre> </div> ibm db2 odbc linux If installing SSL certificate on an Nginx webserver - don't forget this step Moya Richards Mon, 24 Feb 2020 17:15:12 +0000 https://dev.to/moyarich/if-installing-ssl-certificate-on-an-nginx-webserver-don-t-forget-this-step-pdk https://dev.to/moyarich/if-installing-ssl-certificate-on-an-nginx-webserver-don-t-forget-this-step-pdk <p>STUPID BROWSERS ... <br> I spent way too long troubleshooting an SSL certificate error.<br> My issue, <a href="https://www.postman.com/">PostMan</a> would not work, but the URL worked when I visited it using a browser.<br> Imagine troubleshooting something where there are no useful error messages.</p> <h1> Ok, so how did I fix the problem? </h1> <p>Well, I figured out that I missed a step when I installed the SSL certificate on Nginx. I didn't concatenate the SSL certificate with the intermediate certificate bundle.</p> <p>I received no useful error messages from the browsers because they have their own certificate bundles. If your server does not provide one, the browser will default to using its own.</p> <p>How did I find my error, well I had the smart idea to run the URL through an SSL checker. I found the <a href="https://ssltools.digicert.com/checker/views/checkInstallation.jsp">digicert SSL checker</a>, and you know what it told me?</p> <blockquote> <p>Intermediate certificate missing. </p> </blockquote> <p>The SSL checker at <a href="https://www.sslshopper.com/ssl-checker.html">sslshopper.com</a>, gave me this scary message:</p> <blockquote> <p>The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate. Learn more about this error. You can fix this by following DigiCert's Certificate Installation Instructions for your server platform. Pay attention to the parts about Intermediate certificates.</p> </blockquote> <p>Why didn't the browser say that? jeez.</p> <p>The quickest fix on the planet for fixing something that took me a while to troubleshoot<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>cat ssl_certificate.crt IntermediateCA.crt &gt;&gt; certbundle.pem </code></pre> </div> <p>--------- POSTMAN error--------------------------------<br> Could not get any response<br> There was an error connecting</p> <p><strong>Why this might have happened:</strong></p> <ul> <li>The server couldn't send a response: Ensure that the backend is working properly</li> <li>Self-signed SSL certificates are being blocked: Fix this by turning off 'SSL certificate verification' in Settings &gt; General</li> <li>Proxy configured incorrectly: Ensure that proxy is configured correctly in Settings &gt; Proxy</li> <li>Request timeout: Change request timeout in Settings &gt; General</li> </ul> <h1> Don't do this in your Nginx virtual hosts file: </h1> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>server { ssl_certificate /etc/ssl/ssl_certificate.crt; } </code></pre> </div> <h1> Do this instead: </h1> <ul> <li>Step 1: locate your SSL Certificate and bundle file</li> </ul> <p>For example: ssl_certificate.crt, IntermediateCA.crt</p> <ul> <li>Step 2: You need to combine the Server certificate (ssl_certificate.crt) file and the Intermediate CA Certificate (intermediateCA.crt) into a single concatenated file</li> </ul> <p>To get a single concatenated file out of the Intermediate CA and the SSL Certificate run the following command:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>cat ssl_certificate.crt IntermediateCA.crt &gt;&gt; certbundle.pem </code></pre> </div> <ul> <li>Step 2: Now edit the Nginx virtual hosts file by adding the line below: </li> </ul> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>ssl_certificate /etc/ssl/certbundle.pem; </code></pre> </div> <h1> Basic Sample of an Nginx virtual hosts file </h1> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>server { listen 443; ssl on; ssl_certificate /etc/ssl/[concatenated file]; ssl_certificate_key /etc/ssl/[private key file]; server_name your.domain.com; access_log /var/log/nginx/nginx.vhost.access.log; error_log /var/log/nginx/nginx.vhost.error.log; location / { root /home/www/public_html/your.domain.com/public/; index index.html; } } </code></pre> </div> ssl nginx certificate server