Merge pull request #116 from bobomoirang/master

Added disableLicenseKeySecret flag

README.md

@@ -279,6 +279,16 @@ custom:
     disableAutoSubscription: true
 ```
 
+#### `disableLicenseKeySecret` (optional)
+
+Only required if you want to disable creating license key in AWS Secrets Manager. Setting this as `true` would create NEW_RELIC_LICENSE_KEY environment variable for the New Relic Lambda Extension to access.
+
+```yaml
+custom:
+  newRelic:
+    disableLicenseKeySecret: true
+```
+
 ## Supported Runtimes
 
 This plugin currently supports the following AWS runtimes:

package.json

@@ -1,6 +1,6 @@
 {
   "name": "serverless-newrelic-lambda-layers",
-  "version": "1.1.4",
+  "version": "1.1.5",
   "description": "Serverless plugin for NewRelic APM AWS Lambda layers.",
   "main": "dist/index.js",
   "files": [

src/index.ts

@@ -98,6 +98,13 @@ export default class NewRelicLambdaLayerPlugin {
     );
   }
 
+  get licenseKeySecretDisabled() {
+    return (
+      typeof this.config.disableLicenseKeySecret === "boolean" &&
+      this.config.disableLicenseKeySecret
+    );
+  }
+
   get functions() {
     return Object.assign.apply(
       null,
@@ -154,27 +161,33 @@ https://blog.newrelic.com/product-news/aws-lambda-extensions-integrations/
       }
     }
 
-    // If the managed secret has already been created,
-    // there should be policies for it.
-    const secretAccess = await this.checkForSecretPolicy();
-    let managedSecret;
+    if (!this.licenseKeySecretDisabled) {
+      // If the managed secret has already been created,
+      // there should be policies for it.
+      const secretAccess = await this.checkForSecretPolicy();
+      let managedSecret;
 
-    if (secretAccess.secretExists) {
-      this.managedSecretConfigured = true;
-    } else {
-      // Secret doesn't exist, so create it
-      managedSecret = await new Integration(this).createManagedSecret();
-      if (managedSecret && managedSecret.policyArn) {
+      if (secretAccess.secretExists) {
         this.managedSecretConfigured = true;
+      } else {
+        // Secret doesn't exist, so create it
+        managedSecret = await new Integration(this).createManagedSecret();
+        if (managedSecret && managedSecret.policyArn) {
+          this.managedSecretConfigured = true;
+        }
       }
-    }
 
-    if (secretAccess.currentRegionPolicy.length > 0) {
-      const policyArn = secretAccess.currentRegionPolicy[0].Arn;
-      this.mgdPolicyArns = [...this.managedPolicyArns, policyArn];
-    } else if (this.managedSecretConfigured) {
-      this.mgdPolicyArns = [...this.managedPolicyArns, managedSecret.policyArn];
+      if (secretAccess.currentRegionPolicy.length > 0) {
+        const policyArn = secretAccess.currentRegionPolicy[0].Arn;
+        this.mgdPolicyArns = [...this.managedPolicyArns, policyArn];
+      } else if (this.managedSecretConfigured) {
+        this.mgdPolicyArns = [
+          ...this.managedPolicyArns,
+          managedSecret.policyArn
+        ];
+      }
     }
+
     return;
   }
 
@@ -222,14 +235,18 @@ https://blog.newrelic.com/product-news/aws-lambda-extensions-integrations/
       await this.configureLicenseForExtension();
     }
 
-    // before adding layer, attach secret access policy
-    // to each function's execution role:
-    const resources = this.resources;
-    Object.keys(resources)
-      .filter(resourceName => resources[resourceName].Type === `AWS::IAM::Role`)
-      .forEach(roleResource =>
-        this.applyPolicies(resources[roleResource].Properties)
-      );
+    if (!this.licenseKeySecretDisabled) {
+      // before adding layer, attach secret access policy
+      // to each function's execution role:
+      const resources = this.resources;
+      Object.keys(resources)
+        .filter(
+          resourceName => resources[resourceName].Type === `AWS::IAM::Role`
+        )
+        .forEach(roleResource =>
+          this.applyPolicies(resources[roleResource].Properties)
+        );
+    }
 
     const funcs = this.functions;
     const promises = [];

tests/fixtures/debug-log-level.output.service.json

@@ -32,7 +32,7 @@
       "events": [{ "schedule": "rate(5 minutes)" }],
       "handler": "newrelic-wrapper-helper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -55,7 +55,7 @@
       "events": [{ "schedule": "rate(5 minutes)" }],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:33"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:37"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -78,7 +78,7 @@
       "events": [{ "schedule": "rate(5 minutes)" }],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -101,7 +101,7 @@
       "events": [{ "schedule": "rate(5 minutes)" }],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:1"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:5"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],

tests/fixtures/debug.output.service.json

@@ -31,7 +31,7 @@
       "events": [{ "schedule": "rate(5 minutes)" }],
       "handler": "newrelic-wrapper-helper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -54,7 +54,7 @@
       "events": [{ "schedule": "rate(5 minutes)" }],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:33"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:37"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -77,7 +77,7 @@
       "events": [{ "schedule": "rate(5 minutes)" }],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -100,7 +100,7 @@
       "events": [{ "schedule": "rate(5 minutes)" }],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:1"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:5"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],

tests/fixtures/distributed-tracing-enabled.output.service.json

@@ -28,7 +28,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:32"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:37"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -53,7 +53,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:30"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -78,7 +78,7 @@
       ],
       "handler": "newrelic-wrapper-helper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:30"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],

tests/fixtures/eu.output.service.json

@@ -30,7 +30,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:33"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:37"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -57,7 +57,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -84,7 +84,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:1"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:5"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -111,7 +111,7 @@
       ],
       "handler": "newrelic-wrapper-helper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],

tests/fixtures/include.output.service.json

@@ -30,7 +30,7 @@
       "events": [{ "schedule": "rate(5 minutes)" }],
       "handler": "newrelic-wrapper-helper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],

tests/fixtures/lambda-extension-disabled.output.service.json

@@ -25,7 +25,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:33"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:37"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -49,7 +49,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -73,7 +73,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:1"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:5"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -97,7 +97,7 @@
       ],
       "handler": "newrelic-wrapper-helper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],

tests/fixtures/lambda-extension-enabled.output.service.json

@@ -26,7 +26,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:33"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS10X:37"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -50,7 +50,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS12X:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -74,7 +74,7 @@
       ],
       "handler": "newrelic-lambda-wrapper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:1"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS14X:5"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],
@@ -98,7 +98,7 @@
       ],
       "handler": "newrelic-wrapper-helper.handler",
       "layers": [
-        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:31"
+        "arn:aws:lambda:us-east-1:451483290750:layer:NewRelicNodeJS810:35"
       ],
       "package": {
         "exclude": ["./**", "!newrelic-wrapper-helper.js"],

tests/fixtures/license-key-secret-disabled.input.service.json

@@ -0,0 +1,53 @@
+{
+  "service": "newrelic-lambda-layers-nodejs-example",
+  "provider": {
+    "name": "aws",
+    "stage": "prod",
+    "region": "us-east-1",
+    "stackTags": {
+      "environment": "us-testing",
+      "owning_team": "LAMBDA",
+      "product": "aws-lambda"
+    },
+    "tags": {
+      "environment": "us-testing",
+      "owning_team": "LAMBDA",
+      "product": "aws-lambda"
+    }
+  },
+  "plugins": ["serverless-newrelic-lambda-layers"],
+  "custom": {
+    "newRelic": {
+      "accountId": "${env:NEW_RELIC_ACCOUNT_ID}",
+      "apiKey": "${env:NEW_RELIC_PERSONAL_API_KEY}",
+      "logLevel": "debug",
+      "disableLicenseKeySecret": false
+    }
+  },
+  "functions": {
+    "layer-nodejs810": {
+      "events": [{ "schedule": "rate(5 minutes)" }],
+      "handler": "handler.handler",
+      "package": { "exclude": ["./**"], "include": ["handler.js"] },
+      "runtime": "nodejs8.10"
+    },
+    "layer-nodejs10x": {
+      "events": [{ "schedule": "rate(5 minutes)" }],
+      "handler": "handler.handler",
+      "package": { "exclude": ["./**"], "include": ["handler.js"] },
+      "runtime": "nodejs10.x"
+    },
+    "layer-nodejs12x": {
+      "events": [{ "schedule": "rate(5 minutes)" }],
+      "handler": "handler.handler",
+      "package": { "exclude": ["./**"], "include": ["handler.js"] },
+      "runtime": "nodejs12.x"
+    },
+    "layer-nodejs14x": {
+      "events": [{ "schedule": "rate(5 minutes)" }],
+      "handler": "handler.handler",
+      "package": { "exclude": ["./**"], "include": ["handler.js"] },
+      "runtime": "nodejs14.x"
+    }
+  }
+}