This is an old revision of the document!
Lambda: Python Function
General Information
Creating Lambda functions with Python for automated actions.
Checklist
- AWS Account with access to most actions in Lambda, IAM, S3, Cloudwatch
Lambda: Pre-Reqs
In order to create a new Lambda function, there are some pre-reqs:
- Additional resources created (such as a S3 bucket if the lambda function will access a bucket)
- An IAM role with an attached policy with the actions you want the lambda to perform.
See below for Lambda examples.
- File Conversion Example - convert images from one format to another when created in a S3 bucket.
File Conversion Example: Pre-Reqs
Create a S3 Bucket
- Services > Storage > S3 > Create Bucket
- The bucket can be private and have no special properties.
Create an IAM role
- Services > Security > IAM > Roles > Create Role
- Choose a service that will use the role: Lambda, Next:Permissions
- Create a new policy to allow object put/gets in your bucket. Example:
{ "Version": "2012-10-17", "Statement": [ { "Sid": "VisualEditor0", "Effect": "Allow", "Action": [ "s3:PutObject", "s3:GetObject" ], "Resource": "arn:aws:s3:::my-test-bucket/*" }, { "Sid": "VisualEditor1", "Effect": "Allow", "Action": [ "s3:ListAllMyBuckets", "s3:ListBucket", "s3:HeadBucket" ], "Resource": "*" } ] }
- Required: Additionally, attach the AWS managed policy “AWSLambdaBasicExecutionRole” to your new role in order to log your Lambda function to cloudwatch logs.
Lambda: Create Function
After the pre-reqs are in place, the function can be created.
- Services > Compute > Lambda
- Functions > Create Function
- Select Author from scratch
- Basic Information
- Function name: mySpecialFunction (must be unique, no spaces)
- Runtime: Select the latest Python (Python 3.7 at the time of this page creation)
- Permissions: Expand 'Choose or create an execution role'
- Execution role: Use an existing role
- Existing role: Select your previously created role.
- Important: Ensure that your role has the AWS managed policy “AWSLambdaBasicExecutionRole” attached to it in order to have CloudWatch Log functionality.
- Click 'Create Function'