AWS Lambda

AWS Lambda is a compute service that lets you run code without provisioning or managing servers.

• Events
• Permissions
  • Execution Role
• Invoking Function
  • Syncronous Invocation
  • Asynchronous Invocation
  • Event Source Mapping
• Managing Functions
  • Versions
  • Environment Variables
  • Concurrency
  • Aliases
  • Layers
  • Network

Events

Lambda can run your code in response to events:

• S3 bucket data change
• DynamoDB table data change
• SQS Message consumed
• API Gateway Request

Permissions

Execution Role

An AWS Lambda function’s execution role grants it permission to access AWS services and resources. You provide this role when you create a function, and Lambda assumes the role when your function is invoked.

Invoking Function

Syncronous Invocation

When you invoke a function synchronously, Lambda runs the function and waits for a response. Possible from:

• cli
• API Gateway

Asynchronous Invocation

When you invoke a function asynchronously, you don’t wait for a response from the function code.

This can be done from:

• S3
• SNS
• cli with --invocation-type Event

The Response can then be send to a Destination. Possible are:

• SQS
• SNS
• Another Lambda
• Eventbridge

Event Source Mapping

An event source mapping is an AWS Lambda resource that reads from an event source and invokes a Lambda function. Sources are:

• SQS
• DynamoDB
• Kinesis

Managing Functions

Versions

You can publish a new version of a function for beta testing without affecting users of the stable production version.

You can change the function code and settings only on the unpublished version of a function. In the console there an Action to Publish new version.

Qulified ARN: arn:aws:lambda:aws-region:acct-id:function:helloworld:$LATEST

Unqualified ARN: arn:aws:lambda:aws-region:acct-id:function:helloworld

Environment Variables

An environment variable is a pair of strings that are stored in a function’s version-specific configuration.

The Runtime sets:

AWS_LAMBDA_FUNCTION_NAME

AWS_LAMBDA_FUNCTION_MEMORY_SIZE

AWS_LAMBDA_FUNCTION_VERSION

AWS_LAMBDA_LOG_GROUP_NAME, AWS_LAMBDA_LOG_GROUP_NAME

AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN

Concurrency

When your function is invoked, Lambda allocates an instance of it to process the event. If the function is invoked again while a request is still being processed, another instance is allocated, which increases the function’s concurrency.

Concurrency is subject to a Regional limit.

To ensure that a function can always reach a certain level of concurrency, you can configure the function with reserved concurrency.

By allocating provisioned concurrency before an increase in invocations, you can ensure that all requests are served by initialized instances with very low latency. Of course this comes with extra costs.

Aliases

You can create one or more aliases for your AWS Lambda function. A Lambda alias is like a pointer to a specific Lambda function version. Users can access the function version using the alias ARN.

PROD or DEV might be good aliases

With alias routing you can do canary testing so a new version gets a low weight of the traffic.

Layers

A layer is a ZIP archive that contains libraries, a custom runtime, or other dependencies.

Layers let you keep your deployment package small, which makes development easier.

For Node.js, Python, and Ruby functions this enables the web console for development it the deployment package stays under 3MB.

Network

Connect your function to the VPC to access private resources during execution.