I’ve got many PowerShell scripts I’ve written over the years but one of the most useful was to simply get data from a Microsoft SQL server and another to insert or update data. This is an example of modernizing a script I wrote over 5 years ago to now run on serverless computing with AWS Lambda. In addition I can use API Gateway and Lambda to create a serverless interface to a Microsoft SQL instance. I’ve tested this with an Amazon RDS MS SQL standard instance within a VPC, a Lambda function with an ENI within that VPC, and API integration with Lambda. Additionally the security group on the RDS instance will need to allow port 1433 with the source being the Lambda function security group. With this combination of components I can do an HTTPS get request to the API which reads from a MSSQL database. This is also very useful for decoupling, migration, and adopting a microservices architecture.
As I’ve been building more AWS Lambda for PowerShell functions I’m wanting to automate testing and deployment with Continuous Integration and Continuous Deployment, a CI/CD Pipeline. To do this one of the steps we’ll need to do is use the AWS Lambda PowerShell cmdlet New-AWSPowerShellLambdaPackage which will package up our script with all it’s dependencies into a zip file. I’ll want to run this on a build environment within AWS CodeBuild. Unfortunately there’s not a PowerShell specific runtime in CodeBuild yet. However, we can utilize the existing .NET 2.2 runtime provided and install PowerShell on it. With that we can run our PowerShell scripts on CodeBuild to build our functions artifacts.
Recently I was developing a AWS Lambda for PowerShell function to read a table from a Microsoft SQL on RDS Instance within a VPC. Using the .NET Core SQL client I need to provide credentials to access the database. For the password it should be stored encrypted at rest, never in plain text, and when passed to the function should be done so as a secure string. We can configure the function to use KMS for encryption at rest. This presents us with two challenges. How do I encrypt a AWS Lambda environment variable and how will my AWS Lambda for PowerShell function securely get the decrypted value in memory as a secure string when the Lambda function is invoked.
The following steps will add the Eclipse IDE dependencies and the AWS Toolkit for Eclipse.
Well, it’s been a while since I posted hasn’t it. A lot has changed in the 5 years since I last posted. Back then I was working with defense contractors developing a lot of on-prem infrastructure tools with PowerShell. Moved into cloud computing and doing Serverless development and DevOps automation for Continuous Integration and Continuous Deployment using AWS services. This has revolutionized the ways in which I look at computing. In the process I’ve gone back and forth on what development environments and languages to work with. There’s just so many options. Since I was working with PowerShell and .NET I used PowerShell ISE and VisualStudio primarily. I moved from enterprise Windows environments to then using Linux/Unix first with traditional virtualization, then containerization, and functions. Further abstracting away from the physical systems to focus working with services and my code that runs it. What I really care about is if someone is making a request for information or submitting information how can I retrieve the data and present that information to them as quickly, reliably, and securely as possible.
In the future posts I’ll be comparing development environment and patterns for cloud native applications. As I’m utilizing AWS services this will be focused on their development tools. Continue reading