AWS WorkMail + App Runner：服务退役时的迁移检查清单

WorkMail迁移

第一步：导出邮件数据

import boto3
import json

def export_workmail_emails(org_id, email_domain):
    """导出WorkMail邮件到S3"""
    client = boto3.client('workmail')
    s3 = boto3.client('s3')

    # 获取邮件列表（分页）
    paginator = client.get_paginator('list_messages')

    for page in paginator.paginate(OrganizationId=org_id):
        for msg_id in page['Messages']:
            # 获取邮件原始内容
            raw_email = client.get_message(
                MessageId=msg_id['Id'],
                OrganizationId=org_id
            )

            # 上传到S3
            s3.put_object(
                Bucket='workmail-backup',
                Key=f"{msg_id['Id']}.eml",
                Body=raw_email['Body']['Raw']
            )

# 使用
export_workmail_emails('m-xxxxxxxx', 'example.com')

第二步：DNS记录切换

# 删除WorkMail的MX记录
aws route53 change-resource-record-sets \
  --hosted-zone-id ZXXXXXXX \
  --change-batch '{"Changes": [{"Action": "DELETE", "RecordSet": {"Name": "mail.example.com", "Type": "MX", ...}}]}'

# 添加新邮件服务的MX记录（以Google Workspace为例）
aws route53 change-resource-record-sets \
  --hosted-zone-id ZXXXXXXX \
  --change-batch '{"Changes": [{"Action": "CREATE", "RecordSet": {"Name": "mail.example.com", "Type": "MX", "TTL": 3600, "ResourceRecords": [{"Value": "1 ASPMX.L.GOOGLE.COM"}]}]}'

App Runner → Fargate迁移

核心变化：App Runner是托管服务，Fargate需要自己管理Task Definition。

# 判断是否适合从App Runner迁移到Fargate
# App Runner适合：无状态HTTP服务，流量波动大，不想管理基础设施
# Fargate适合：有状态或需要更多控制，需要VPC特定配置

# Fargate Task Definition关键字段
task_definition = {
    "family": "myapp-task",
    "cpu": "256",
    "memory": "512",
    "networkMode": "awsvpc",        # Fargate必须
    "requiresCompatibilities": ["FARGATE"],  # Fargate必须
    "containerDefinitions": [{
        "name": "myapp",
        "image": "myrepo/myapp:latest",
        "portMappings": [{
            "containerPort": 8080
        }]
    }]
}

App Runner → Lambda

如果你的App Runner服务是无状态的HTTP API，可以考虑Lambda：

import json

def handler(event, context):
    """Lambda处理来自API Gateway的请求"""
    request = json.loads(event['body'])
    result = your_business_logic(request)

    return {
        'statusCode': 200,
        'body': json.dumps(result),
        'headers': {'Content-Type': 'application/json'}
    }

迁移检查清单

• WorkMail邮件数据导出至S3（保留90天）
• DNS MX记录切换至新邮件服务
• 邮件客户端SMTP/IMAP配置更新
• App Runner流量切换至Fargate或Lambda
• CI/CD流水线更新镜像部署配置
• 新服务监控和告警配置
• 成本对比（Fargate/Lambda vs App Runner）