linux_wiki:lambda_python_function

Lambda: Python Function

General Information

Creating Lambda functions with Python for automated actions.

Checklist

  • AWS Account with access to most actions in Lambda, IAM, S3, Cloudwatch

Lambda: Pre-Reqs

In order to create a new Lambda function, there are some pre-reqs:

  • Additional resources created (such as a S3 bucket if the lambda function will access a bucket)
  • An IAM role with one or more attached policies, containing the actions you want the lambda to perform.

See below for Lambda examples.

  • File Conversion Example - convert images from one format to another when created in a S3 bucket.
  • Stop/Start EC2 Instances Example - stop/start ec2 instances with a certain tag key:value on a schedule.

Create a S3 Bucket

  • Services > Storage > S3 > Create Bucket
    • The bucket can be private and have no special properties.

Create an IAM role

  • Services > Security > IAM > Roles > Create Role
    • Choose a service that will use the role: Lambda
    • Click 'Next:Permissions'
    • Required: Attach the AWS managed policy “AWSLambdaBasicExecutionRole” to your new role in order to log your Lambda function to cloudwatch logs.
    • Also, Create a new policy to allow object put/gets in your bucket. Example:
      {
          "Version": "2012-10-17",
          "Statement": [
              {
                  "Sid": "VisualEditor0",
                  "Effect": "Allow",
                  "Action": [
                      "s3:PutObject",
                      "s3:GetObject",
                      "s3:ListBucket"
                  ],
                  "Resource": "arn:aws:s3:::my-test-bucket/*"
              },
              {
                  "Sid": "VisualEditor1",
                  "Effect": "Allow",
                  "Action": "s3:HeadBucket",
                  "Resource": "*"
              }
          ]
      }

Create an IAM role

  • Services > Security > IAM > Roles > Create Role
    • Choose a service that will use the role: Lambda
    • Click 'Next:Permissions'
    • Required: Attach the AWS managed policy “AWSLambdaBasicExecutionRole” to your new role in order to log your Lambda function to cloudwatch logs.
    • Also, Create a new policy to allow basic EC2 list,stop,start. Example:
      {
          "Version": "2012-10-17",
          "Statement": [
              {
                  "Sid": "VisualEditor0",
                  "Effect": "Allow",
                  "Action": [
                      "ec2:DescribeInstances",
                      "ec2:StartInstances",
                      "ec2:StopInstances"
                  ],
                  "Resource": "*"
              }
          ]
      }

Lambda: Create Function

After the pre-reqs are in place, the function can be created.

  • Services > Compute > Lambda
  • Functions > Create Function
    • Select Author from scratch
    • Basic Information
      • Function name (example): mySpecialFunction (must be unique, no spaces)
      • Runtime: Select the latest Python (Python 3.7 at the time of this page creation)
      • Permissions: Expand 'Choose or create an execution role'
        • Execution role: Use an existing role
        • Existing role: Select your previously created role.
          • Important: Ensure that your role has the AWS managed policy “AWSLambdaBasicExecutionRole” attached to it in order to have CloudWatch Log functionality.
      • Click 'Create Function'

Lambda: Configure Function

After initial creation, you are brought to the Lambda function configuration page, with the designer at the top.

The designer allows you to add triggers (things that tell your function to start) and inspect what resources your function has access to.

  • Click 'Add trigger'
    • Select S3 from the dropdown
    • Bucket: Select your bucket that you will upload files to
    • Event type: Have it trigger on 'All object create events'
    • Prefix: Optionally, type a prefix if you only want to convert files in certain prefixes/directories.
    • Suffix: Enter '.gif' (no quotes)
    • Ensure 'Enable trigger' is checked
    • Click “Add”
  • Select the Lambda function in the middle of the designer
    • The function can now be edited inline or you can package up a Python function and upload it.
      • Edit code inline: Use when the function is simple and does not require any dependencies that you would need a package installed for.
      • Upload a zip file: When you develop the function outside of the AWS console and/or need dependencies installed.

  • Click 'Add trigger'
    • Select CloudWatch Events from the dropdown
    • Rule: Create a new rule
    • Rule name: <any name>
    • Description: <any description>
    • Rule type: Select 'Schedule expression'
    • Schedule expression: 00 05 * * ? *
      • Expressions are in UTC: Example is every day at midnight (CDT)
      • Minute Hour DayOfMonth Month DayOfWeek Year
    • Ensure 'Enable trigger' is checked
    • Click “Add”
  • Select the Lambda function in the middle of the designer
    • The function can now be edited inline or you can package up a Python function and upload it.
      • Edit code inline: Use when the function is simple and does not require any dependencies that you would need a package installed for.
      • Upload a zip file: When you develop the function outside of the AWS console and/or need dependencies installed.

Lambda: Package and Upload Function

Packaging and uploading a lambda function.

  • Create a directory named after the lambda function
    mkdir convertImage
  • Install required packages into that directory
    pip3 install --target convertImage/ Pillow
  • Create the lambda function file
    vim convertImage/lambda_function.py
     
    import json
     
    def lambda_handler(event, context):
        # TODO implement
        return {
            'statusCode': 200,
            'body': json.dumps('Hello from Lambda!')
        }
  • Package up the directory into a zip
    cd convertImage
    zip -r convertImage.zip .
    • Important: The archive that is created should NOT contain a parent directory, as this parent directory already exists in AWS Lambda for your function. The “lambda_function.py” needs to be at the root of your structure.
  • Upload to AWS Lambda
    • CLI Method
      aws lambda update-function-code --function-name convertImage --zip-file fileb://convertImage.zip
    • Web Console Method
      • Login to your AWS console
      • Services > Compute > Lambda
      • Click “Functions > <your function name>”
      • Under “Function code” > “Code entry type”
        • Click the dropdown and select “Upload a .zip file”
        • Under “Function package”, click “Upload”
        • Browse to your file and select it
      • In the top right, click “Save”

  • linux_wiki/lambda_python_function.txt
  • Last modified: 2019/08/09 22:29
  • by billdozor