How do I identify the cause of Lambda function invocation spikes?

Last updated: 2021-09-08

My AWS Lambda function invocation requests have increased causing a billing spike.

Resolution

Follow these instructions to detect, stop, and identify the cause of the invocation requests.

Detect the increased invocation requests

Set up an Amazon CloudWatch alarm for Lambda function invocations or throttle metrics. The alarm then notifies user of the number of invocation requests. For instructions, see Create a CloudWatch alarm based on a static threshold.

Stop the increased invocation requests

Use reserved concurrency and set the amount of concurrency to 0 to throttle all function invocations. For more information, see Managing concurrency for a Lambda function.

Identify the cause of the invocation requests spike

Use these best practices to identify the cause of the invocation spike.

  • Turn on AWS CloudTrail data events. The Lambda invoke API action are then logged in CloudTrail for analysis of patterns and the source of the invocations.
  • Log the event object for the Lambda function. The event object provides the Lambda function data and metadata.
  • Be sure that the client or source application isn't undergoing a DDoS attack that invokes the Lambda function into unexpected spikes.
  • Avoid using recursive function code in the Lambda function. Recursive Lambda function code calls itself until the condition is met. This results in unexpected function invocations and billing charges. For more information, see Best practices for working with AWS Lambda functions.