[AwsGreengrassProvisionerLambda] Adding existing lambda

[ruggero-balteri]

GGP is enabled to run inside a Lambda but it only supports empty deployments https://github.com/awslabs/aws-greengrass-provisioner/tree/master/lambda-support

Once the GGP lambda is deployed, would it be possible associate the newly created group with existing lambda functions?

Current parameters to invoke the lambda:

PAYLOAD="{ \"GroupName\": \"$GROUP_NAME\", \"CoreRoleName\": \"$CORE_ROLE_NAME\", \"ServiceRoleExists\": true, \"CorePolicyName\": \"$CORE_POLICY_NAME\" $CSR $CERTIFICATE_ARN $CREDENTIALS_JSON }"

time aws lambda invoke --function-name $LAMBDA_FUNCTION --invocation-type RequestResponse --payload "$PAYLOAD" $GROUP_NAME.outfile.txt

Expected parameters:

PAYLOAD="{ \"Mode\": "oem", \"GroupName\": \"$GROUP_NAME\", \"Deployments\": \"$S3_PATH_DEPLOYMENT_FOLDER\", \"OemPath\": \"$S3_PATH_BUILD_FOLDER\" }"

time aws lambda invoke --function-name $LAMBDA_FUNCTION --invocation-type RequestResponse --payload "$PAYLOAD" $GROUP_NAME.outfile.txt

The S3_PATH_DEPLOYMENT_FOLDER is a s3 path to a folder which contains 3 files:

• deployment.defaults.conf
• function.defaults.conf
• lambda_functions.conf

A sample of the lambda_functions.conf file is as follows:

conf {
    "functions": ["~LambdaA~:live", "~LambdaB~:live" ]
}

[timmattison]

We should discuss this further. The existing GGP Lambda design was created for partners to bootstrap Greengrass groups for customers using cross-account roles primarily. But I think it can be expanded to do more as you suggested.

Empty deployments kept the initial cross-account setup simple, but for deployments in the same account GGP should be enhanced to do what you're looking for.