AWS Lambda Create a Lambda Function with CloudFromation: Difference between revisions
Jump to navigation
Jump to search
| (14 intermediate revisions by the same user not shown) | |||
| Line 16: | Line 16: | ||
Resources: | Resources: | ||
LambdaExecutionRole: | |||
Type: AWS::IAM::Role | |||
Properties: | |||
RoleName: playground-lambda-execution-role | |||
Path: /service-role/ | |||
AssumeRolePolicyDocument: | |||
Version: '2012-10-17' | |||
Statement: | |||
- Effect: 'Allow' | |||
Principal: | |||
Service: | |||
- "lambda.amazonaws.com" | |||
Action: | |||
- "sts:AssumeRole" | |||
Policies: | |||
- PolicyName: 'inline-policy' | |||
PolicyDocument: | |||
Version: '2012-10-17' | |||
Statement: | |||
- Effect: 'Allow' | |||
Action: | |||
- 'logs:CreateLogGroup' | |||
- 'logs:CreateLogStream' | |||
- 'logs:PutLogEvents' | |||
Resource: | |||
- 'arn:aws:logs:*:*:*' | |||
- Effect: 'Allow' | |||
Action: | |||
- 'ec2:CreateNetworkInterface' | |||
- 'ec2:DescribeNetworkInterfaces' | |||
- 'ec2:DeleteNetworkInterface' | |||
Resource: | |||
- '*' | |||
LambdaExample: | LambdaExample: | ||
Type: | Type: AWS::Lambda::Function | ||
Properties: | Properties: | ||
[[AWS_Lambda_Concepts#Function_Name|FunctionName]]: | [[AWS_Lambda_Concepts#Function_Name|FunctionName]]: lambda-experiment | ||
Description: 'Some description' | Description: 'Some description' | ||
[[AWS_Lambda_Concepts#Code|Code]]: | [[AWS_Lambda_Concepts#Code|Code]]: | ||
S3Bucket: a-bucket | S3Bucket: a-bucket | ||
S3Key: a-deployment-package | S3Key: a-deployment-package.jar | ||
# S3ObjectVersion: String | # S3ObjectVersion: String | ||
# ZipFile: String | # ZipFile: String | ||
[[AWS_Lambda_Concepts#Handler_Code|Handler]]: | [[AWS_Lambda_Concepts#Handler_Code|Handler]]: playground.amazon.lambda.LambdaExperiment::handleRequest | ||
[[AWS_Lambda_Concepts#Runtime|Runtime]]: | [[AWS_Lambda_Concepts#Runtime|Runtime]]: java8 | ||
[[AWS_Lambda_Concepts#Environment_Variables|Environment]]: | [[AWS_Lambda_Concepts#Environment_Variables|Environment]]: | ||
<span id='Variables'></span>Variables: | <span id='Variables'></span>Variables: | ||
| Line 33: | Line 66: | ||
[[AWS_Lambda_Concepts#Relationship_to_a_VPC|VpcConfig]]: | [[AWS_Lambda_Concepts#Relationship_to_a_VPC|VpcConfig]]: | ||
SubnetIds: | SubnetIds: | ||
- | - !Ref BlueSubnet | ||
- !Ref RedSubnet | |||
SecurityGroupIds: | SecurityGroupIds: | ||
- ... | - ... | ||
[[AWS_Lambda_Concepts#Memory_Configuration|MemorySize]]: 128 | [[AWS_Lambda_Concepts#Memory_Configuration|MemorySize]]: 128 | ||
[[AWS_Lambda_Concepts#Role|Role]]: | [[AWS_Lambda_Concepts#Role|Role]]: !GetAtt LambdaExecutionRole.Arn | ||
[[AWS_Lambda_Concepts#Timeout|Timeout]]: ''Integer'' | [[AWS_Lambda_Concepts#Timeout|Timeout]]: ''Integer'' | ||
[[AWS_Lambda_Concepts#Concurrent_Execution|ReservedConcurrentExecutions]]: ''Integer'' | [[AWS_Lambda_Concepts#Concurrent_Execution|ReservedConcurrentExecutions]]: ''Integer'' | ||
[[AWS_Lambda_Concepts#Dead_Letter|DeadLetterConfig]]: | [[AWS_Lambda_Concepts#Dead_Letter|DeadLetterConfig]]: | ||
''DeadLetterConfig'' | ''DeadLetterConfig'' | ||
KmsKeyArn: String | [[AWS_Lambda_Concepts#KMS_Management_Service_Key|KmsKeyArn]]: ''String'' | ||
Layers: | [[AWS_Lambda_Concepts#Layer|Layers]]: | ||
- String | - ''String'' | ||
TracingConfig: | [[AWS_Lambda_Concepts#Tracing|TracingConfig]]: | ||
TracingConfig | ''TracingConfig'' | ||
Tags: | Tags: | ||
Resource Tag | Resource Tag | ||
Working example: | |||
<syntaxhighlight lang='yaml'> | |||
</syntaxhighlight> | |||
=CloudFormation Stack Example= | |||
{{External|https://github.com/ovidiuf/aws-release-pipeline/blob/master/lambda/lambda.yaml}} | |||
=Create a bash Lambda= | =Create a bash Lambda= | ||
| Line 55: | Line 99: | ||
=Create a Java Lambda= | =Create a Java Lambda= | ||
{{ | {{Internal|AWS Java Lambda Development|AWS Java Lambda Development}} | ||
Latest revision as of 03:41, 8 April 2019
External
Internal
Resource Types
AWS::Lambda::Function
Resources:
LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
RoleName: playground-lambda-execution-role
Path: /service-role/
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Principal:
Service:
- "lambda.amazonaws.com"
Action:
- "sts:AssumeRole"
Policies:
- PolicyName: 'inline-policy'
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: 'Allow'
Action:
- 'logs:CreateLogGroup'
- 'logs:CreateLogStream'
- 'logs:PutLogEvents'
Resource:
- 'arn:aws:logs:*:*:*'
- Effect: 'Allow'
Action:
- 'ec2:CreateNetworkInterface'
- 'ec2:DescribeNetworkInterfaces'
- 'ec2:DeleteNetworkInterface'
Resource:
- '*'
LambdaExample:
Type: AWS::Lambda::Function
Properties:
FunctionName: lambda-experiment
Description: 'Some description'
Code:
S3Bucket: a-bucket
S3Key: a-deployment-package.jar
# S3ObjectVersion: String
# ZipFile: String
Handler: playground.amazon.lambda.LambdaExperiment::handleRequest
Runtime: java8
Environment:
Variables:
MY_ENV_VAR: 'my value'
VpcConfig:
SubnetIds:
- !Ref BlueSubnet
- !Ref RedSubnet
SecurityGroupIds:
- ...
MemorySize: 128
Role: !GetAtt LambdaExecutionRole.Arn
Timeout: Integer
ReservedConcurrentExecutions: Integer
DeadLetterConfig:
DeadLetterConfig
KmsKeyArn: String
Layers:
- String
TracingConfig:
TracingConfig
Tags:
Resource Tag
Working example: