Question 207396 in Amazon Web Sevices Question posted in
The official Amazon Web Services documentation can be found here.

Amazon web services – How to use ARN of CDK resource in another CDK resource

I have an AWS CDK stack containing a Step Functions state machine and a lambda function. This lambda function uses the StartExecution API which requires the ARN of the state machine. I’m am unaware of how to acquire the ARN of the state machine since it is volatile and constantly changes.

I have tried creating a .env file next to the index.ts of the lambda function.

const stateMachine = new stepfunctions.StateMachine(this, 'my-state-machine', {
     definition: waitState,
});

And writing the stateMachine.stateMachineArn to that .env file using fs from the CDK stack. The result written to the .env file is ${Token[TOKEN.1056]}. This is the same result when logging to the console. From my understanding, the ARN is not available during the current "phase" of the CDK stack, but I don’t know how to get the ARN to the lambda function before the lambda function is also deployed.

Tags:

2

Answers


  1. 0

    Why don’t you pass stateMachine.stateMachineArn directly to the lambda function? You should be able to do it if it is part of the same stack, by exposing the ARN property from one of the Constructs and referencing it from the lambda.

    If it is in a different stack you may have to export it using new CfnOutput and import it in your stack using cdk.Fn.importValue

    You will have to pass it in as an environment variable to the lambda function if it is to be used inside lambda code.

    Login or Signup to reply.
  2. 0

    I believe you are on the right track using an environment variable. Instead of creating a .env file on the fly during deployment as a means to pass the state machine ARN to the lambda function, I would use secrets manager or systems manager parameter store, make that a dependency and inject that into the functions environment variables.

    I am not sure without running code if the <resource>.addDependency(<other resource>) is needed but good to be aware of this if you run into any deployment order of operation issues…

    import * as cdk from 'aws-cdk-lib'
import * as lambda from 'aws-cdk-lib/aws-lambda'
import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager'
import * as stepfunctions from 'aws-cdk-lib/aws-stepfunctions'

export class Stack extends cdk.Stack implements cdk.Stack {
  constructor(scope, id, props?: cdk.StackProps) {
    super(scope, id, props)

    const stateMachine = new stepfunctions.StateMachine(this, 'state-machine', {
     definition: waitState,
    })

    const secret = secretsmanager.Secret(this, 'secret', {
      secretObjectValue: {
        machineArn: stateMachine.stateMachineArn,
      },
    })

    // secret.node.addDependency(stateMachine)

    const lambda = new lambda.Function(this, 'lambda', {
      environment: {
        STATE_MACHINE_ARN: dbSecret.secretValueFromJson('arn').toString(),
      },
    })

    // lambda.node.addDependency(secret)
  }
}
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search