Skip to content

Hack23/lambda-in-private-vpc

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Lambda in Private VPC

Status: Work in Progress

This project shows how to build a highly available system that runs in multiple AWS regions at the same time. It uses AWS Resilience Hub to ensure compliance with policies for Recovery Time Objective (RTO) and Recovery Point Objective (RPO), which help to minimize downtime and data loss in case of failures at the application, availability zone, or region level. This ensures high availability and fault tolerance for your applications.

Badges

License OpenSSF Scorecard Verify and Deploy Scorecard supply-chain security

CloudFormation Templates

The project includes several AWS CloudFormation templates that automate the creation and management of the necessary AWS resources:

  • app.yml: This template sets up an application named "lambda-vpc" with a ResilienceHub ResiliencyPolicy. The application includes AWS Lambda functions, API Gateway Rest APIs, and DynamoDB Global Tables.
  • disaster-recovery.yml: This template sets up a disaster recovery test using AWS Fault Injection Simulator (FIS). The experiments include denying access to Lambda on API Gateway, deleting a DynamoDB table, and recovering a DynamoDB table from a point-in-time recovery (PITR) or a backup.
  • template.yml: This template deploys a Lambda function in a private VPC with internet access. The function can access resources in the VPC and make outbound calls to the internet.
  • route53.yml: This template sets up DNS records in Amazon Route 53 for two API Gateway Rest APIs. The DNS records are configured for failover routing, which means that if one API becomes unavailable, traffic will be routed to the other API.

Concepts

Learn more about AWS Resilience Hub concepts and understand the key terms and principles involved in building resilient applications here.

Disaster Recovery (DR) Architecture on AWS, Part I: Strategies for Recovery in the Cloud Disaster Recovery (DR) Architecture on AWS, Part IV: Multi-site Active/Active

About Hack23

Runbooks

Architecture Diagrams

  • Infrastructure - Depicts the overall infrastructure, including AWS services and components.
  • DNS Route53 - Shows the Route 53 configuration for DNS routing and failover.
  • Web Application Firewall - Displays the setup of the Web Application Firewall for securing your application.
  • Disaster Recovery - Illustrates the disaster recovery strategy for the application.

Resilience Hub Screenshots

  • Resilience Hub Policy - Overview of the policy settings in AWS Resilience Hub.
  • Application - The application setup and components in AWS Resilience Hub.
  • App Recommendation 1 - First set of recommendations for improving application resiliency.
  • App Recommendation 2 - Second set of recommendations for enhancing application resiliency.
  • Region - Regional recommendations

Tech Stack

Hack23/lambda-in-private-vpc is built on the following main stack:

Full tech stack here

Relevant Links

For more information on AWS service level agreements, visit the AWS SLA page.

Additional Documentation

License

This project is licensed under the Apache License 2.0.