AWS Aurora RDS Cluster restore using Lambda function - SAM Template example

Automating database refresh in AWS.

Creating a AWS Lambda function which restores AWS Aurora RDS Cluster will need some configuration and Policies to get and run a restore from a previously generated snapshot.

The following code snippet is an YAML example configuration for creating a AWS Lambda function with AWS SAM. Adding the code to the AWS SAM template file under ‘Resources’ will create this function with code.

RestoreClusterFunction:
    Type: AWS::Serverless::Function
    Properties:
    CodeUri: functions/restore_cluster/
    Handler: app.lambda_handler
    Runtime: python3.9
    Architectures:
        - x86_64
    Environment:
        Variables:
        DBClusterIdentifier: !Ref DatabaseClusterName
    Policies:
        - Statement:
        - Effect: Allow
            Action: 
            - 'rds-data:ExecuteStatement'
            - 'rds:DescribeDBClusters'
            - 'rds:RestoreDBClusterFromSnapshot'
            Resource: !Sub 'arn:aws:rds:${AWS::Region}:${AWS::AccountId}:cluster:${DatabaseClusterName}'
        - Effect: Allow
            Action: 
            - 'rds:DescribeDBSnapshots'
            - 'rds:RestoreDBClusterFromSnapshot'
            Resource: 
            - !Sub 'arn:aws:rds:${AWS::Region}:${AWS::AccountId}:snapshot:*'
            - !Sub 'arn:aws:rds:${AWS::Region}:${AWS::AccountId}:cluster-pg:*' # Or specific group name
            - !Sub 'arn:aws:rds:${AWS::Region}:${AWS::AccountId}:cluster-snapshot:*'
            - !Sub 'arn:aws:rds:${AWS::Region}:${AWS::AccountId}:subgrp:*'
        - Effect: Allow
            Action: 
            - 'kms:CreateGrant'
            - 'kms:DescribeKey'
            Resource: !Sub 'arn:aws:kms:${AWS::Region}:${AWS::AccountId}:key/{key_id}' # Replace {key_id} with the AWS id of the KMS key.