====== Lambda: Python Function ======

**General Information**

Creating Lambda functions with Python for automated actions. 

**Checklist**
  * AWS Account with access to most actions in Lambda, IAM, S3, Cloudwatch

----

====== Lambda: Pre-Reqs ======

In order to create a new Lambda function, there are some pre-reqs:
  * Additional resources created (such as a S3 bucket if the lambda function will access a bucket)
  * An IAM role with one or more attached policies, containing the actions you want the lambda to perform.

See below for Lambda examples.
  * File Conversion Example - convert images from one format to another when created in a S3 bucket.
  * Stop/Start EC2 Instances Example - stop/start ec2 instances with a certain tag key:value on a schedule.


===== File Conversion Example: Pre-Reqs =====

Create a S3 Bucket
  * Services > Storage > S3 > Create Bucket
    * The bucket can be private and have no special properties.

Create an IAM role
  * Services > Security > IAM > Roles > Create Role
    * Choose a service that will use the role: Lambda
    * Click 'Next:Permissions'
    * **Required**: Attach the AWS managed policy "AWSLambdaBasicExecutionRole" to your new role in order to log your Lambda function to cloudwatch logs.
    * Also, Create a new policy to allow object put/gets in your bucket. Example:<code json>{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:ListBucket"
            ],
            "Resource": "arn:aws:s3:::my-test-bucket/*"
        },
        {
            "Sid": "VisualEditor1",
            "Effect": "Allow",
            "Action": "s3:HeadBucket",
            "Resource": "*"
        }
    ]
}</code>

----

===== Stop/Start EC2 Example: Pre-Reqs =====

Create an IAM role
  * Services > Security > IAM > Roles > Create Role
    * Choose a service that will use the role: Lambda
    * Click 'Next:Permissions'
    * **Required**: Attach the AWS managed policy "AWSLambdaBasicExecutionRole" to your new role in order to log your Lambda function to cloudwatch logs.
    * Also, Create a new policy to allow basic EC2 list,stop,start. Example:<code json>{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": [
                "ec2:DescribeInstances",
                "ec2:StartInstances",
                "ec2:StopInstances"
            ],
            "Resource": "*"
        }
    ]
}</code>

----


====== Lambda: Create Function ======

After the pre-reqs are in place, the function can be created.
  * Services > Compute > Lambda
  * Functions > Create Function
    * Select Author from scratch
    * Basic Information
      * Function name (example): mySpecialFunction (must be unique, no spaces)
      * Runtime: Select the latest Python (Python 3.7 at the time of this page creation)
      * Permissions: Expand 'Choose or create an execution role'
        * Execution role: Use an existing role
        * Existing role: Select your previously created role.
          * **Important**: Ensure that your role has the AWS managed policy "AWSLambdaBasicExecutionRole" attached to it in order to have CloudWatch Log functionality.
      * Click 'Create Function'

----

====== Lambda: Configure Function ======

After initial creation, you are brought to the Lambda function configuration page, with the designer at the top.

The designer allows you to add triggers (things that tell your function to start) and inspect what resources your function has access to.

===== File Conversion Example: Configure =====

  * Click 'Add trigger'
    * Select S3 from the dropdown
    * Bucket: Select your bucket that you will upload files to
    * Event type: Have it trigger on 'All object create events'
    * Prefix: Optionally, type a prefix if you only want to convert files in certain prefixes/directories.
    * Suffix: Enter '.gif' (no quotes)
    * Ensure 'Enable trigger' is checked
    * Click "Add"
  * Select the Lambda function in the middle of the designer
    * The function can now be edited inline or you can package up a Python function and upload it.
      * Edit code inline: Use when the function is simple and does not require any dependencies that you would need a package installed for.
      * Upload a zip file: When you develop the function outside of the AWS console and/or need dependencies installed.

----

===== Stop/Start EC2 Example: Configure =====

  * Click 'Add trigger'
    * Select CloudWatch Events from the dropdown
    * Rule: Create a new rule
    * Rule name: <any name>
    * Description: <any description>
    * Rule type: Select 'Schedule expression'
    * Schedule expression: 00 05 * * ? *
      * Expressions are in UTC: Example is every day at midnight (CDT)
      * Minute Hour DayOfMonth Month DayOfWeek Year
        * [[https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html|More info here]]
    * Ensure 'Enable trigger' is checked
    * Click "Add"
  * Select the Lambda function in the middle of the designer
    * The function can now be edited inline or you can package up a Python function and upload it.
      * Edit code inline: Use when the function is simple and does not require any dependencies that you would need a package installed for.
      * Upload a zip file: When you develop the function outside of the AWS console and/or need dependencies installed.

----


====== Lambda: Package and Upload Function ======

Packaging and uploading a lambda function.

===== File Conversion Example: Packaging =====

  * Create a directory named after the lambda function<code bash>mkdir convertImage</code>

  * Install required packages into that directory<code bash>pip3 install --target convertImage/ Pillow</code>

  * Create the lambda function file<code bash>vim convertImage/lambda_function.py

import json

def lambda_handler(event, context):
    # TODO implement
    return {
        'statusCode': 200,
        'body': json.dumps('Hello from Lambda!')
    }</code>
    * **Notes**
      * The above is the default code that is created for you in a from scratch lambda function in the console.
      * For the File conversion example and others, see: https://gitlab.com/whowe/aws/tree/master/lambda/

  * Package up the directory into a zip<code bash>cd convertImage
zip -r convertImage.zip .</code>
    * **Important**: The archive that is created should NOT contain a parent directory, as this parent directory already exists in AWS Lambda for your function. The "lambda_function.py" needs to be at the root of your structure.

  * Upload to AWS Lambda
    * CLI Method<code bash>aws lambda update-function-code --function-name convertImage --zip-file fileb://convertImage.zip</code>
    * Web Console Method
      * Login to your AWS console
      * Services > Compute > Lambda
      * Click "Functions > <your function name>"
      * Under "Function code" > "Code entry type"
        * Click the dropdown and select "Upload a .zip file"
        * Under "Function package", click "Upload"
        * Browse to your file and select it
      * In the top right, click "Save"

----