ssmbak.backup package
Submodules
ssmbak.backup.ssmbak module
AWS Lambda function used to backup SSM param change events.
- ssmbak.backup.ssmbak.backup(action: dict) int
Backs up the processed SSM event to S3, tagging with details.
If an SSM param was deleted before it could get processed, it is logged and skipped. Tagging is used for metadata like description and time of event.
- Arguments:
action: dict as returned by process_message.
- Returns:
HTTP status code of call to S3 api.
- ssmbak.backup.ssmbak.handler(event: dict, _context) int
Skipping module import just for context typing.
- ssmbak.backup.ssmbak.process_event(event: dict[str, list[dict[str, str | dict]]]) int
Extracts the body from the event for backup
- Arguments:
- event: dict of event coming in from EventBridge via SQS
- {
- “Records”: [
- {
“messageId”: “07e34a99-5480-4c7c-bc0b-44ea9c74076b”, “receiptHandle”: “XXX=”, “body”: ‘{“version”: “0”, “id”: “2ada935b-482a-1f19-50a1-21aa9b6b7e2c”, “detail-type”: “Parameter Store Change”, “source”: “aws.ssm”, “account”: “000000000000”, “time”: “2024-06-08T23:06:33Z”, “region”: “us-east-1”, “resources”: [“arn:aws:ssm:us-east-1:000000000000:parameter/testssmbak/bas/desctest”], “detail”: {“name”: “/testyssmbak/H0PTBA”, “description”: “fancydesc2”, “type”: “SecureString”, “operation”: “Update”}}’, “attributes”: {
“ApproximateReceiveCount”: “1”, “SentTimestamp”: “1660007032420”, “SenderId”: “AIDAJXNJGGKNS7OSV23OI”, “ApproximateFirstReceiveTimestamp”: “1660007032431”,
}, “messageAttributes”: {}, “md5OfBody”: “08a526cb73b963e532b0380646063f3b”, “eventSource”: “aws:sqs”, “eventSourceARN”: “arn:aws:sqs:us-east-1:000000000000:someQ”, “awsRegion”: “us-east-1”,
}
]
}
- Returns:
Boolean which is kind of useless.
- ssmbak.backup.ssmbak.process_message(body: str) dict[str, str | datetime]
Transforms a message from EventBridge (via SQS) to friendly format.
NOTE: for some reason only top-level key names arrive without a prepending slash. In that case, we prepend at the note PREPEND.
- Arguments:
body: json-formatted string from the event
Returns:
A dict with the info needed for backup, including time of event. {
“name”: “/testyssmbak/023179”, “type”: “SecureString”, “operation”: “Create”, “time”: datetime.datetime(2022, 8, 3, 21, 9, 31, tzinfo=datetime.timezone.utc), “description”: “fancy description”, –OPTIONAL
}