AWS Lambda Create a Lambda Function with CloudFromation: Difference between revisions
Jump to navigation
Jump to search
(46 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
=External= | |||
* [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-reference-lambda.html AWS Lambda Resource Types Reference] | |||
=Internal= | =Internal= | ||
* [[AWS_Lambda_Operations#Create_a_Lambda_Function|AWS Lambda Operations]] | * [[AWS_Lambda_Operations#Create_a_Lambda_Function|AWS Lambda Operations]] | ||
* [[AWS_CloudFormation_Resource_Types#AWS::Lambda|CloudFormation Resource Types]] | * [[AWS_CloudFormation_Resource_Types#AWS::Lambda|CloudFormation Resource Types]] | ||
* [[AWS Lambda Concepts]] | |||
=Resource Types= | |||
==AWS::Lambda::Function== | |||
{{External|[https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html AWS::Lambda::Function]}} | |||
{{External|[https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunction.html CreateFunction]}} | |||
Resources: | |||
LambdaExecutionRole: | |||
Type: AWS::IAM::Role | |||
Properties: | |||
RoleName: playground-lambda-execution-role | |||
Path: /service-role/ | |||
AssumeRolePolicyDocument: | |||
Version: '2012-10-17' | |||
Statement: | |||
- Effect: 'Allow' | |||
Principal: | |||
Service: | |||
- "lambda.amazonaws.com" | |||
Action: | |||
- "sts:AssumeRole" | |||
Policies: | |||
- PolicyName: 'inline-policy' | |||
PolicyDocument: | |||
Version: '2012-10-17' | |||
Statement: | |||
- Effect: 'Allow' | |||
Action: | |||
- 'logs:CreateLogGroup' | |||
- 'logs:CreateLogStream' | |||
- 'logs:PutLogEvents' | |||
Resource: | |||
- 'arn:aws:logs:*:*:*' | |||
- Effect: 'Allow' | |||
Action: | |||
- 'ec2:CreateNetworkInterface' | |||
- 'ec2:DescribeNetworkInterfaces' | |||
- 'ec2:DeleteNetworkInterface' | |||
Resource: | |||
- '*' | |||
LambdaExample: | |||
Type: AWS::Lambda::Function | |||
Properties: | |||
[[AWS_Lambda_Concepts#Function_Name|FunctionName]]: lambda-experiment | |||
Description: 'Some description' | |||
[[AWS_Lambda_Concepts#Code|Code]]: | |||
S3Bucket: a-bucket | |||
S3Key: a-deployment-package.jar | |||
# S3ObjectVersion: String | |||
# ZipFile: String | |||
[[AWS_Lambda_Concepts#Handler_Code|Handler]]: playground.amazon.lambda.LambdaExperiment::handleRequest | |||
[[AWS_Lambda_Concepts#Runtime|Runtime]]: java8 | |||
[[AWS_Lambda_Concepts#Environment_Variables|Environment]]: | |||
<span id='Variables'></span>Variables: | |||
MY_ENV_VAR: 'my value' | |||
[[AWS_Lambda_Concepts#Relationship_to_a_VPC|VpcConfig]]: | |||
SubnetIds: | |||
- !Ref BlueSubnet | |||
- !Ref RedSubnet | |||
SecurityGroupIds: | |||
- ... | |||
[[AWS_Lambda_Concepts#Memory_Configuration|MemorySize]]: 128 | |||
[[AWS_Lambda_Concepts#Role|Role]]: !GetAtt LambdaExecutionRole.Arn | |||
[[AWS_Lambda_Concepts#Timeout|Timeout]]: ''Integer'' | |||
[[AWS_Lambda_Concepts#Concurrent_Execution|ReservedConcurrentExecutions]]: ''Integer'' | |||
[[AWS_Lambda_Concepts#Dead_Letter|DeadLetterConfig]]: | |||
''DeadLetterConfig'' | |||
[[AWS_Lambda_Concepts#KMS_Management_Service_Key|KmsKeyArn]]: ''String'' | |||
[[AWS_Lambda_Concepts#Layer|Layers]]: | |||
- ''String'' | |||
[[AWS_Lambda_Concepts#Tracing|TracingConfig]]: | |||
''TracingConfig'' | |||
Tags: | |||
Resource Tag | |||
Working example: | |||
<syntaxhighlight lang='yaml'> | |||
</syntaxhighlight> | |||
=CloudFormation Stack Example= | |||
{{External|https://github.com/ovidiuf/aws-release-pipeline/blob/master/lambda/lambda.yaml}} | |||
=Create a bash Lambda= | |||
{{External|[https://docs.aws.amazon.com/lambda/latest/dg/runtimes-walkthrough.html Publishing a Custom Runtime]}} | |||
=Create a Java Lambda= | |||
{{Internal|AWS Java Lambda Development|AWS Java Lambda Development}} |
Latest revision as of 03:41, 8 April 2019
External
Internal
Resource Types
AWS::Lambda::Function
Resources: LambdaExecutionRole: Type: AWS::IAM::Role Properties: RoleName: playground-lambda-execution-role Path: /service-role/ AssumeRolePolicyDocument: Version: '2012-10-17' Statement: - Effect: 'Allow' Principal: Service: - "lambda.amazonaws.com" Action: - "sts:AssumeRole" Policies: - PolicyName: 'inline-policy' PolicyDocument: Version: '2012-10-17' Statement: - Effect: 'Allow' Action: - 'logs:CreateLogGroup' - 'logs:CreateLogStream' - 'logs:PutLogEvents' Resource: - 'arn:aws:logs:*:*:*' - Effect: 'Allow' Action: - 'ec2:CreateNetworkInterface' - 'ec2:DescribeNetworkInterfaces' - 'ec2:DeleteNetworkInterface' Resource: - '*' LambdaExample: Type: AWS::Lambda::Function Properties: FunctionName: lambda-experiment Description: 'Some description' Code: S3Bucket: a-bucket S3Key: a-deployment-package.jar # S3ObjectVersion: String # ZipFile: String Handler: playground.amazon.lambda.LambdaExperiment::handleRequest Runtime: java8 Environment: Variables: MY_ENV_VAR: 'my value' VpcConfig: SubnetIds: - !Ref BlueSubnet - !Ref RedSubnet SecurityGroupIds: - ... MemorySize: 128 Role: !GetAtt LambdaExecutionRole.Arn Timeout: Integer ReservedConcurrentExecutions: Integer DeadLetterConfig: DeadLetterConfig KmsKeyArn: String Layers: - String TracingConfig: TracingConfig Tags: Resource Tag
Working example: