Integrating AWS Lambda with Codeship

Written by: Florian Motlik

AWS Lambda, which was announced at last year's AWS:reInvent, is one of the hottest new services coming out of AWS. For those not familiar with it, AWS Lambda is a compute service that allows you to run code in response to events without having to manage infrastructure. We’ve written an introduction to AWS Lambda and of course we support deployment to AWS Lambda on Codeship.

Lambda has been available in public preview for the last months and today AWS released it out of preview.

As we’re super excited about Lambda we want to show you today how easy it is to get started with deploying your Node functions to AWS Lambda.

Using our Codeship deployment tools you can now easily make updates to Lambda functions without having to resort to manual updates or building your own deployment system. All set up in minutes.

We’ll use a trial repo to walk you through all the necessary steps to set up and deploy a Lambda function. You might recognize this trial repo from the above mentioned introduction article. Find the trial at the lambda-trial Github repository

AWS Lambda on Codeship

First, I want to give a quick explanation about IAM Roles in Lambda. Lambda uses an Execution Role to run your code. Your Lambda function assumes this role so if you need to interact with any AWS API you need to set the permissions for accessing the API on this Role.

Setting up your first AWS Lambda function

Head over to the Lambda Console on AWS and click the “Get Started” button.

In the next screen you can set the name and description of your function. Set the name of your function to “LambdaTest” as this is important for the deployment later. You can set the description to anything you like.

We will start by using the Hello World Example AWS provides. Choose Hello World from the Code Templates:

Leave the Handler Name to handler. The handler name needs to be the same as the function name of your Node.js function that should be called.

Click Create/Select Role below and on the next screen leave all the details as they are and click Allow. This will create a role with appropriate permissions for the function (in this case, all it needs is access to CloudWatch logs). You can remove this role after running this example in case you don’t need it.

Leave all other options and click the Create Lambda function button.

To learn more about setting up functions using the Lambda console, see their Getting started guide.

Testing your function

Now we want to test our function first before deploying to it. Click the Edit/Test button on the main Lambda dashboard for your new function. Set the Sample Event to Custom and click the Invoke button. Your Lambda function will print the supplied values. You can explore more of the available features in the Lambda UI.

Deploy your AWS Lambda function from Codeship

To deploy your Lambda function from Codeship we’re going to create a new Script deployment.

Fork the Lambda Trial repository mentioned in the beginning and go through the following steps with me.

Setting up an AWS IAM User

To deploy into Lambda we need to make sure you’ve given us the correct permissions to deploy into it. Go into IAM and create a User with the following policy so we’re able to deploy new code versions of Lambda and invoke the function. It’s very important to create different users and roles to secure your AWS Infrastructure instead of handing out the AWS admin keys. You can read more about that in one of our blogposts about IAM Security or on the AWS documentation

Following is the policy you can use to give us permission to deploy new versions of your codebase and invoke the function.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "lambda:UpdateFunctionCode",
                "lambda:UpdateFunctionConfiguration",
                "lambda:InvokeFunction",
                "lambda:GetFunction"
            ],
            "Resource": [
"arn:aws:lambda:YOUR_AWS_REGION:YOUR_AWS_ACCOUNT_ID:function:YOUR_FUNCTION_NAME"
            ]
        }
    ]
}

You then have to add the AWS Access Key and AWS Secret Access Key as Environment variables to your Codeship Project.

AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_DEFAULT_REGION

Here is what this will look like in your browser:

When you go to the Deploy settings of your repository in your Codeship account you now have to add a Script deployment. In the Script deployment, first put the new code you want to deploy into a zipfile and then push it to AWS Lambda.

To test this actually works we’ll get the latest function info and invoke the function after the deployment as well. The same command can also be run from your local machine with the invoke script in the repo you’ve forked. Make sure you have permissions set locally that allow you to invoke a function on AWS Lambda.

Following you can see the list of commands to use and how they’ve been added to a script deployment on Codeship.

pip install awscli
zip -r LambdaTest.zip LambdaTest.js
aws lambda update-function-code --function-name LambdaTest --zip-file fileb://LambdaTest.zip
aws lambda get-function --function-name “LambdaTest”
aws lambda invoke --function-name LambdaTest --payload "$(cat data.json)” lambda_output.txt
cat lambda_output.txt

Now the latest version of the codebase is deployed via Codeship anytime you push to your controller branch. You can check the Lambda Dashboard to see the latest runs of your function and get information on each run.

Conclusion

AWS Lambda is a great new service and we’re super excited to see what people will use it for in the future. If you have any question regarding the integration or anything else please don’t hesitate and send us an email to support@codeship.com

Feel free to check out our Integration on Codeship!

Stay up-to-date with the latest insights

Sign up today for the CloudBees newsletter and get our latest and greatest how-to’s and developer insights, product updates and company news!