Save time and reduce errors by automating AWS Lambda code updates

Do you edit your Amazon Web Services (AWS) Lambda source code by compressing and uploading .zip files to your Amazon Simple Storage Service (Amazon S3) bucket? If you make these updates often, you know that these manual, error-prone steps require valuable time and effort.

In this post, we present a simpler, faster method for updating your Lambda code that doesn’t require manual updates. Using an AWS CloudFormation template, we host sample Lambda code on AWS CodeCommit as a Python file. We show you how to update the code directly in CodeCommit and push the changes to the mainline branch. Using our solution, the pipeline automatically updates the Lambda code for you without requiring you to copy, compress, and upload .zip files to Amazon S3.

This solution is fully compatible with AWS Lambda layers and can be integrated into an existing pipeline or made into a pipeline of its own.

Overview

Figure 1 shows the workflow of how our method automates AWS Lambda code updates.

Figure 1: Architecture for automating Lambda code updates

1.  Users update the AWS Lambda source code in the AWS CodeCommit repository.
2. The AWS CodeCommit pipeline triggers the AWS CodeBuild build project.
3. The AWS CodeBuild build project pushes the Lambda source code to an S3 bucket.
4. The Lambda function retrieves the updated Lambda source code.

Prerequisites

Before you begin the walkthrough, you must have an AWS account. If you don’t have one, sign up at https://aws.amazon.com.

Walkthrough

Step 1: Launch the AWS CloudFormation template

Launch the following AWS CloudFormation template to deploy AWS CodePipeline with both source and build stages and its related components, including the Lambda function.

As shown in Figure 2, the source stage references CodeCommit, and the build stage references CodeBuild.

Figure 2: AWS CodePipeline with template artifacts deployed

Step 2: Edit your AWS Lambda code

In AWS CodeCommit, locate the src/<your-folder-name>/index.py Python file. This file contains the following source code:

import json
def lambda_handler(event, context):
    return {
        'statusCode': 200,
        'body': json.dumps('Hello from Lambda!')
    }

Update the source code by changing “Hello from Lambda” to “Hello from AWS.”  Save your changes, as shown in Figure 3.

Figure 3: AWW CodePipeline with deployed template

Important:  AWS Lambda doesn’t update if you upload a new file to Amazon S3 or change the Lambda code directly in the AWS Management Console.

Step 3: Push your changes to the mainline branch

In AWS CodeCommit, push your code changes to the mainline branch. In our trunk-based development model shown in Figure 4, the mainline branch is where the Lambda code deploys.

Figure 4: Architecture with manual approval added

If you use multiple AWS accounts for nonproduction and production versions of your Lambda functions, ensure that you review, test, and approve your code before merging it with the mainline branch. Requiring a manual-approval step helps to prevent unwanted updates to your production account. To learn more about preventing direct pushes to specific branches using AWS Identity and Access Management (IAM) policies, refer to Apply the IAM policy to an IAM group or role.

After pushing your updates to the mainline branch, an Amazon CloudWatch event triggers the build stage, which runs both bash and AWS CLI commands to update the Lambda code. CodeBuild uses a buildspec.yaml file to run the following commands:

Figure 5: CodeBuild commands

The source code in the index.py file is compressed into a .zip file and added to the CodeBuild file system. The .zip file is uploaded to the S3 bucket, and AWS CLI updates the Lambda source code.

Optionally, a wait timer is included to account for any potential delays with read-after-write consistency.

If you use multiple Lambda functions, loop through and update them using the following script:

FUNCTIONS=$(aws lambda list-functions --query 'Functions[*].FunctionName')
  for function in $FUNCTIONS
          aws lambda update-function-code <function-name>

Step 4: Confirm your changes in AWS Lambda

In the AWS Management Console, open the Lambda function, and confirm that the updates in the Code source pane are live. Also, confirm that the Last modified timestamp aligns with the time that you pushed your changes to the mainline branch, as shown in Figure 6.

Figure 6: Confirm AWS Lambda source code in AWS Management Console

Cleanup

To remove the resources that are no longer needed, delete the CloudFormation stack. For instructions, refer to Deleting a stack on the AWS CloudFormation console.

Troubleshooting

If you experience latencies after updating and invoking your Lambda function, consider implementing the following strategies:

1. Keep your Lambda functions running. For more information, refer to Understanding cold starts and latency.
2. Use fast runtimes whenever possible.
3. Increase the memory allocated to your AWS Lambda functions.

Conclusion

This post showed you how to save time and effort when you update your AWS Lambda functions. Using the provided AWS CloudFormation template, you updated the code in the Python file directly in AWS CodeCommit and pushed the changes to the mainline branch. Then you confirmed that the pipeline automatically updated the AWS Lambda code. Now you know how to use CodeCommit to update your Lambda code without requiring you to edit, compress, and upload files to Amazon S3.

If you’re interested in more AWS Lambda tips, refer to Deploying AWS Lambda functions with AWS CloudFormation (the portable way)

To submit feedback for this post, use the Comments section.

About the authors