智慧物流>> aws-lambda-cheatsheet>> 返回
项目作者: srcecde

项目描述 :
AWS Lambda cheatsheet.
高级语言: HTML
项目地址: git://github.com/srcecde/aws-lambda-cheatsheet.git
创建时间: 2017-10-14T15:38:00Z
项目社区:https://github.com/srcecde/aws-lambda-cheatsheet
开源协议:MIT License
下载


AWS Lambda Cheatsheet

This cheatsheet is probably based on Python















































































































Runtime Versions
Type Versions AWS SDK Operating System
Node.js nodejs10.x (JavaScript) 2.712.0 Amazon Linux 2
nodejs12.x (JavaScript) 2.712.0 Amazon Linux 2
Java java11 (JDK) amazon-corretto-11 Amazon Linux 2
java8.a12 (JDK) amazon-corretto-8 Amazon Linux 2
java8 (JDK) java-1.8.0-openjdk Amazon Linux
Python python3.8 (Python) boto3-1.14.40 botocore-1.17.40 Amazon Linux 2
python3.7 (Python) boto3-1.14.40 botocore-1.17.40 Amazon Linux
python3.6 (Python) boto3-1.14.40 botocore-1.17.40 Amazon Linux
python2.7 (Python) boto3-1.14.40 botocore-1.17.40 Amazon Linux
Ruby ruby2.7(Ruby) 3.0.3 Amazon Linux 2
ruby2.5 (Ruby) 3.0.3 Amazon Linux
.NET Core dotnetcore3.1 Amazon Linux 2
dotnetcore2.1 Amazon Linux
Go go1.x Amazon Linux
Custom Runtime provided.al2 Amazon Linux 2
provided Amazon Linux





















Available Operating System
Type Image Kernel
Amazon Linux amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2 4.14.171-105.231.amzn1.x86_64
Amazon Linux 2 Custom 4.14.165-102.205.amzn2.x86_64





























































































































Settings | Limits
Description Settings | Limits | Explained Can be increased

Writable Path & Space
 /tmp/ 512 MB
Default Memory & Execution Time 128 MB Memory
3 Second Timeout
Max Memory & Execution Time 10,240 MB (1 MB increments)
900 seconds (15 Minutes) Timeout
Number of processes and threads (Total) 1024
Number of File descriptors (Total) 1024
Maximum deployment package size

50 MB (zipped, direct upload)

250 MB (unzipped, including layers)
Container image code package size

10 GB
Maximum deployment package size for console editor 3 MB
Total size of deployment package per region 75 GB Can be increased upto Terabytes
Maximum size of environment variables set 4 KB
Maximum function Layers 5 layers
Environment variables size 4 KB
Maximum test events (Console editor) 10
Invocation payload Limit (request and response) 6 MB (synchronous)
256 KB (asynchronous)
Elastic network interpaces per VPC 250 Can be increased upto Hundreds
Lambda Destinations

  • It sends invocation records to a destination (SQS queue, SNS topic, Lambda function, or EventBridge event bus) when the lambda function is invoked asynchronously

  • It also supports stream invocation


 Can be increased upto Hundreds
Monitoring tools

  • (Default) CloudWatch Logs stream

  • AWS X-Ray

  • CloudWatch Lambda Insights (preview)
VPC

  • When you enable VPC, your Lambda function will lose default internet access

  • If you require external internet access for your function, ensure that your security group allows outbound connections and that your VPC has a NAT gateway
Concurrency

  • Concurrent Execution refers to the execution of number of function at a given time. By default the limit is 1000 across all function within a given region

  • AWS Lambda keeps 100 for the unreserved function

  • So, if there are 1000 then you can select from 900 and reserve concurrency for selected function and rest 100 is used for the unreserved function


Can be increased upto Hundreds of thousands
DLQ (Dead Letter Queue)

  • Failed Lambda is invoked twice by default and the event is discarded

  • DLQ instruct lamnda to send unprocessed events to AWS SQS or AWS SNS

  • DLQ helps you troubleshoot and examine the unprocessed request
Throttle

  • Throttle will set reserved concurrency of the function to zero and it will throttle all future invocation

  • If the function is throttled then it will fail to run

  • If the fucntion is ran from Lambda console then it will throw “Calling the Invoke API failed with message: Rate Exceeded.”
File system

  • File system will allow you to add Amazon EFS file system, which provides distributed network storage for the instances of the function

  • To connect to the file system, you need to connect your lambda function to VPC
State machines

  • Step Functions state machines which orchestrate this function

  • The Step Functions state machines page lists all state machines in the current AWS region with at least one workflow step that invokes a Lambda function
Database proxies

  • Database proxy manages a pool of database connections and relays queries from a function

  • It uses Secrets Manager secret to access credentials for a database

  • To connect to the file system, you need to connect your lambda function to VPC


























Execution Role (Common Execution Role Available)
AWSLambdaBasicExecutionRole Grants permissions only for the Amazon CloudWatch Logs actions to write logs.
AWSLambdaKinesisExecutionRole Grants permissions for Amazon Kinesis Streams actions, and CloudWatch Logs actions.
AWSLambdaDynamoDBExecutionRole Grants permissions for DynamoDB streams actions and CloudWatch Logs actions.
AWSLambdaVPCAccessExecutionRole Grants permissions for Amazon Elastic Compute Cloud (Amazon EC2) actions to manage elastic network interfaces (ENIs).
AWSXrayWriteOnlyAccess Grants permission for X-ray to to upload trace data to debug and analyze.



Add new permission

  1. import boto3
  2. client = boto3.client('lambda')
  4. # Role ARN can be found on the top right corner of the Lambda function
  5. response = client.add_permission(
  6.     FunctionName='string',
  7.     StatementId='string',
  8.     Action='string',
  9.     Principal='string',
  10.     SourceArn='string',
  11.     SourceAccount='string',
  12.     EventSourceToken='string',
  13.     Qualifier='string'
  14. )






































Execution | Invoke | Tweaks
A Lambda can invoke another Lambda Yes
A Lambda in one region can invoke another lambda in other region Yes
A Lambda can invoke same Lambda Yes
Exceed 15 minutes execution time Yes (Can Tweak around)
How to exceed 5 minutes execution time Self-Invoke , SNS, SQS
Asynchronous Execution Yes (Async Exec)
Invoke same Lamba with different version Yes
Setting Lambda Invoke Max Retry attempt to 0 Yes



















































































Triggers Description Requirement
API Gateway Trigger AWS Lambda function over HTTPS API Endpoint name
API Endpoint Deployment Stage
Security Role
AWS IoT Trigger AWS Lambda for performing specific action by mapping your AWS IoT Dash Button (Cloud Programmable Dash Button) DSN (Device Serial Number)
Alexa Skill Kit Trigger AWS Lambda to build services that give new skills to Alexa
Alexa Smart Home Trigger AWS Lambda with desired skill Application ID (Skill)
Application Load Balancer Trigger AWS Lambda from ALB Application Load Balancer
Listener (It is the port that ALP receivce traffice)
Host
Path
CloudFront Trigger AWS Lambda based on difference CloudFront event. CloudFront distribution, Cache behaviour, CloudFront event (Origin request/response, Viewer request/response).
To set CloudFront trigger, one need to publish the version of Lambda.
Limitations:
Runtime is limited to Node.js 6.10
/tmp/ space is not available
Environment variables, DLQ & Amazon VPC’s cannot be used
CloudWatch Events Trigger AWS Lambda on desired time interval (rate(1 day)) or on the state change of EC2, RDS, S3, Health. Rule based on either Event Pattern (time interval)
Schedule Expression (Auto Scaling on events like Instance launch and terminate
AWS API call via CloudTrail
CloudWatch Logs Trigger AWS Lambda based on the CloudWatch Logs Log Group Name
Code Commit Trigger AWS Lambda based on the AWS CodeCommit version control system Repository Name
Event Type
Cognito Sync Trigger Trigger AWS Lambda in response to event, each time the dataset is synchronized Cognito Identity Pool dataset
DynamoDB Trigger AWS Lambda whenever the DynomoDB table is updated DynamoDB Table name
Batch Size(The largest number of records that AWS Lambda will retrieve from your table at the time of invoking your function. Your function receives an event with all the retrieved records)
Kinesis Trigger AWS Lambda whenever the Kinesis stream is updated Kinesis Stream
Batch Size
S3 Trigger AWS Lambda in response to file dropped in S3 bucket Bucket Name
Event Type (Object Removed, Object Created)
SNS Trigger AWS Lambda whenever the message is published to Amazon SNS Topic SNS Topic
SQS Trigger AWS Lambda on message arrival in SQS SQS queue
Batch size
Limitation: It only works with Standard queue and not FIFO queue



















































Troubleshooting
Error Possible Reason Solution

File “/var/task/lambda_function.py”, line 2, in lambda_handler
return event[‘demoevent’]

KeyError: ‘demoevent’
Event does not have the key ‘demoevent’ or either misspelled
Make sure the event is getting the desired key if it is receiving the event from any trigger.
Or if the not outside event is passed than check for misspell.
Or check the event list by printing event.
botocore.exceptions.ClientError: An error occurred (AccessDeniedException) when calling the GetParameters operation: User: arn:aws:dummy::1234:assumed-role/role/ is not authorized to perform: ssm:GetParameters on resource: arn:aws:ssm:dummy Lacks Permission to access Assign appropriate permission for accessibility
ImportError: Missing required dependencies [‘module’] Dependent module is missing Install/Upload the required module
sqlalchemy.exc.OperationalError: (psycopg2.OperationalError) could not translate host name “host.dummy.region.rds.amazonaws.com” to address: Name or service not known RDS Host is unavailable Make sure the RDS instance is up and running.
Double check the RDS hostname
[Errno 32] Broken pipe Connection is lost (Either from your side or may be some problem from AWS)
While invoking another Lambda, if the payload size exceed the mentioned limit		 Make sure if you are passing the payload of right size.
Check for the connection.
Unable to import module ‘lambda_function/index’ No module named ‘lambda_function’ Handler configuration is not matching the main file name Update the handler configuration as per your filename.function_name
OperationalError: (psycopg2.OperationalError) terminating connection due to administrator command
SSL connection has been closed unexpectedly		 RDS/Database System has been rebooted.
In a typical web application using an ORM (SQLAlchemy) Session, the above condition would correspond to a single request failing with a 500 error, then the web application continuing normally beyond that. Hence the approach is “optimistic” in that frequent database restarts are not anticipated.		 Give second try
Error code 429 The function is throttled. Basically the reserved concurrency is set to zero or it have reach the account level throttle.
(The function that is invoked synchronous and if it is throttled then it will return 429 error. If the lambda function is invoked asynchronously and if it is throttled then it will retry the throttled event for upto 6 hours.) 		Check for the reserved concurrency limit or throttle status for the individual function. Or check for the account level concurrent execution limit


AWS Lambda CLI commands




Add Permission

It add mention permission to the Lambda function


Syntax

  1.   add-permission
  2. --function-name <value>
  3. --statement-id <value>
  4. --action <value>
  5. --principal <value>
  6. [--source-arn <value>]
  7. [--source-account <value>]
  8. [--event-source-token <value>]
  9. [--qualifier <value>]
  10. [--cli-input-json <value>]
  11. [--generate-cli-skeleton <value>]

Example

  1. add-permission --function-name functionName --statement-id role-statement-id --action lambda:CreateFunction --principal s3.amazonaws.com



Create Alias

It creates alias for the given Lambda function name


Syntax

  1.   create-alias
  2. --function-name <value>
  3. --name <value>
  4. --function-version <value>
  5. [--description <value>]
  6. [--cli-input-json <value>]
  7. [--generate-cli-skeleton <value>]

Example

  1. create-alias --function-name functionName --name fliasName --function-version version



Create Event Source Mapping

It identify event-source from Amazon Kinesis stream or an Amazon DynamoDB stream

  1.   create-event-source-mapping
  2. --event-source-arn <value>
  3. --function-name <value>
  4. [--enabled | --no-enabled]
  5. [--batch-size <value>]
  6. --starting-position <value>
  7. [--starting-position-timestamp <value>]
  8. [--cli-input-json <value>]
  9. [--generate-cli-skeleton <value>]

Example

  1. create-event-source-mapping --event-source-arn arn:aws:kinesis:us-west-1:1111 --function-name functionName --starting-position LATEST



Create Function

It creates the new function


Syntax

  1.   create-function
  2. --function-name <value>
  3. --runtime <value>
  4. --role <value>
  5. --handler <value>
  6. [--code <value>]
  7. [--description <value>]
  8. [--timeout <value>]
  9. [--memory-size <value>]
  10. [--publish | --no-publish]
  11. [--vpc-config <value>]
  12. [--dead-letter-config <value>]
  13. [--environment <value>]
  14. [--kms-key-arn <value>]
  15. [--tracing-config <value>]
  16. [--tags <value>]
  17. [--zip-file <value>]
  18. [--cli-input-json <value>]
  19. [--generate-cli-skeleton <value>]

Example

  1. create-function --function-name functionName --runtime python3.6 --role arn:aws:iam::account-id:role/lambda_basic_execution
  2.  --handler main.handler



Delete Alias

It deletes the alias


Syntax

  1.   delete-alias
  2. --function-name <value>
  3. --name <value>
  4. [--cli-input-json <value>]
  5. [--generate-cli-skeleton <value>]

Example

  1. delete-alias --function-name functionName --name aliasName



Delete Event Source Mapping

It deletes the event source mapping


Syntax

  1.   delete-event-source-mapping
  2. --uuid <value>
  3. [--cli-input-json <value>]
  4. [--generate-cli-skeleton <value>]

Example

  1. delete-event-source-mapping --uuid 12345kxodurf3443



Delete Function

It will delete the function and all the associated settings


Syntax

  1.   delete-function
  2. --function-name <value>
  3. [--qualifier <value>]
  4. [--cli-input-json <value>]
  5. [--generate-cli-skeleton <value>]

Example

  1. delete-function --function-name FunctionName



Get Account Settings

It will fetch the user’s account settings


Syntax

  1.   get-account-settings
  2. [--cli-input-json <value>]
  3. [--generate-cli-skeleton <value>]



Get Alias

It returns the desired alias information like description, ARN


Syntax

  1.   get-alias
  2. --function-name <value>
  3. --name <value>
  4. [--cli-input-json <value>]
  5. [--generate-cli-skeleton <value>]

Example

  1. get-alias --function-name functionName --name aliasName



Get Event Source Mapping

It returns the config information for the desired event source mapping


Syntax

  1.   get-event-source-mapping
  2. --uuid <value>
  3. [--cli-input-json <value>]
  4. [--generate-cli-skeleton <value>]

Example

  1. get-event-source-mapping --uuid 12345kxodurf3443



Get Function

It returns the Lambda Function information


Syntax

  1.   get-function
  2. --function-name <value>
  3. [--qualifier <value>]
  4. [--cli-input-json <value>]
  5. [--generate-cli-skeleton <value>]

Example

  1. get-function --function-name functionName



Get Function Configuration

It returns the Lambda function configuration


Syntax

  1.   get-function-configuration
  2. --function-name <value>
  3. [--qualifier <value>]
  4. [--cli-input-json <value>]
  5. [--generate-cli-skeleton <value>]

Example

  1.   get-function-configuration --function-name functionName



Get Policy

It return the linked policy with Lambda function


Syntax

  1.   get-policy
  2. --function-name <value>
  3. [--qualifier <value>]
  4. [--cli-input-json <value>]
  5. [--generate-cli-skeleton <value>]

Example

  1. get-policy --function-name functionName



Invoke

It invoke the mention Lambda function name




invoke
—function-name
[—invocation-type ]
[—log-type ]
[—client-context ]
[—payload ]
[—qualifier ]

Example

  1. invoke --function-name functionName



List Aliases

It return all the aliases that is created for Lambda function


Syntax

  1.   list-aliases
  2. --function-name <value>
  3. [--function-version <value>]
  4. [--marker <value>]
  5. [--max-items <value>]
  6. [--cli-input-json <value>]
  7. [--generate-cli-skeleton <value>]

Example

  1.   list-aliases --function-name functionName



List Event Source Mappings

It return all the list event source mappings that is created with create-event-source-mapping


Syntax

  1.   list-event-source-mappings
  2. [--event-source-arn <value>]
  3. [--function-name <value>]
  4. [--max-items <value>]
  5. [--cli-input-json <value>]
  6. [--starting-token <value>]
  7. [--page-size <value>]
  8. [--generate-cli-skeleton <value>]

Example

  1.   list-event-source-mappings --event-source-arn arn:aws:arn --function-name functionName



List Functions

It return all the Lambda function


Syntax

  1.   list-functions
  2. [--master-region <value>]
  3. [--function-version <value>]
  4. [--max-items <value>]
  5. [--cli-input-json <value>]
  6. [--starting-token <value>]
  7. [--page-size <value>]
  8. [--generate-cli-skeleton <value>]

Example

  1.   list-functions --master-region us-west-1 --function-version ALL



List Tags

It return the list of tags that are assigned to the Lambda function


Syntax

  1.   list-tags
  2. --resource <value>
  3. [--cli-input-json <value>]
  4. [--generate-cli-skeleton <value>]

Example

  1.   list-tags --resource arn:aws:function



List Versions by functions

It return all the versions of the desired Lambda function


Syntax

  1.   list-versions-by-function
  2. --function-name <value>
  3. [--marker <value>]
  4. [--max-items <value>]
  5. [--cli-input-json <value>]
  6. [--generate-cli-skeleton <value>]

Example

  1. list-versions-by-function --function-name functionName



Publish Version

It publish the version of the Lambda function from $LATEST snapshot


Syntax

  1.   publish-version
  2. --function-name <value>
  3. [--code-sha-256 <value>]
  4. [--description <value>]
  5. [--cli-input-json <value>]
  6. [--generate-cli-skeleton <value>]

Example

  1.   publish-version --function-name functionName



Remove Permission

It remove the single permission from the policy that is linked with the Lambda function


Syntax

  1.  remove-permission
  2. --function-name <value>
  3. --statement-id <value>
  4. [--qualifier <value>]
  5. [--cli-input-json <value>]
  6. [--generate-cli-skeleton <value>]

Example

  1.  remove-permission --function-name functionName --statement-id role-statement-id



Tag Resource

It creates the tags for the lambda function in the form of key-value pair


Syntax

  1.   tag-resource
  2. --resource <value>
  3. --tags <value>
  4. [--cli-input-json <value>]
  5. [--generate-cli-skeleton <value>]

Example

  1. tag-resource --resource arn:aws:arn --tags {‘key’: pair’}



Untag Resource

It remove tags from the Lambda function


Syntax

  1.  untag-resource
  2. --resource <value>
  3. --tag-keys <value>
  4. [--cli-input-json <value>]
  5. [--generate-cli-skeleton <value>]

Example

  1. untag-resource --resource arn:aws:complete --tag-keys [‘key1’, key2’]



Update Alias

It update the alias name of the desired lambda function


Syntax

  1.   update-alias
  2. --function-name <value>
  3. --name <value>
  4. [--function-version <value>]
  5. [--description <value>]
  6. [--cli-input-json <value>]
  7. [--generate-cli-skeleton <value>]

Example

  1. update-alias --function-name functionName --name aliasName



Update Event Source Mapping

It updates the event source mapping incase you want to change the existing parameters


Syntax

  1.   update-event-source-mapping
  2. --uuid <value>
  3. [--function-name <value>]
  4. [--enabled | --no-enabled]
  5. [--batch-size <value>]
  6. [--cli-input-json <value>]
  7. [--generate-cli-skeleton <value>]

Example

  1. update-event-source-mapping --uuid 12345kxodurf3443



Update Function Code

It updates the code of the desired Lambda function


Syntax

  1.   update-function-code
  2. --function-name <value>
  3. [--zip-file <value>]
  4. [--s3-bucket <value>]
  5. [--s3-key <value>]
  6. [--s3-object-version <value>]
  7. [--publish | --no-publish]
  8. [--dry-run | --no-dry-run]
  9. [--cli-input-json <value>]
  10. [--generate-cli-skeleton <value>]

Example

  1. update-function-code --function-name functionName



Update Function Configuration

It updates the configuration of the desired Lambda function


Syntax

  1.   update-function-configuration
  2. --function-name <value>
  3. [--role <value>]
  4. [--handler <value>]
  5. [--description <value>]
  6. [--timeout <value>]
  7. [--memory-size <value>]
  8. [--vpc-config <value>]
  9. [--environment <value>]
  10. [--runtime <value>]
  11. [--dead-letter-config <value>]
  12. [--kms-key-arn <value>]
  13. [--tracing-config <value>]
  14. [--cli-input-json <value>]
  15. [--generate-cli-skeleton <value>]

Example

  1. update-function-configuration --function-name functionName


References




For queries or issues, feel free to contact or open an issue