securityGroupIds but where to get the ID from?

Serverless Framework
1

Hi,

apihelloworld:
    handler: hello.world
    vpc:
      securityGroupIds:
        - OkLambdaSG
      subnetIds:
        - OkaydocsPublicSubnet
    events:
      - http:
          path: hello
          method: get
          cors: true

i am creating the whole Network Stack (VPC, SecGroups, Routes, etc.) with serverless via Cloudformation Resources section. Now i want to apply the VPC subnet and securityGroups to my lambdas. But with horror i see that you need to supply the Security Group ID which i cant know at this point (it will be created by AWS right?). I only have the internal REF name as seen in the code.

Can it be that one cant make this really dynamic?

thanks
marc

2

You can use Fn::GetAtt to retrieve the GroupId for a security ground. Something like

apihelloworld:
    handler: hello.world
    vpc:
      securityGroupIds:
        - { "Fn::GetAtt", [ "OkLambdaSG", "GroupId" ] }
      subnetIds:
        - OkaydocsPublicSubnet
    events:
      - http:
          path: hello
          method: get
          cors: true
3

You have a little typo, you need GettAtt instead of GetArr

4

Thank you. I’ve edited it to update it.

5

When I tried to get security group id for my lambda, I am getting an error:

Incorrect type. Expected “string”

Did it work and then something changed with serverless framework itself?

functions:
authorizer:
handler: src/v1/oddc/authorizer.handler
memorySize: 512
timeout: 30
reservedConcurrency: 2
tracing: PassThrough
vpc:
securityGroupIds:
- { “Fn::GetAtt”, [ “AuthorizerLambdaSecurityGroup”, “GroupId” ] }
subnetIds:
- ${self:custom.PARAMETERS.CoreVpcPrivSubnet1a}
- ${self:custom.PARAMETERS.CoreVpcPrivSubnet1b}

6

Are you sure that ${self:custom.PARAMETERS.CoreVpcPrivSubnet1a} and ${self:custom.PARAMETERS.CoreVpcPrivSubnet1b} are set?