Skip to content

Instantly share code, notes, and snippets.

@markddavidoff

markddavidoff/serverless-lambda-guide.md

Created August 16, 2019 16:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save markddavidoff/0bbfcdfc29bbbdedc8b57e062987b480 to your computer and use it in GitHub Desktop.
Save markddavidoff/0bbfcdfc29bbbdedc8b57e062987b480 to your computer and use it in GitHub Desktop.
Download ZIP
Serverless Lambda Setup Instructions
Raw
serverless-lambda-guide.md

Deploying to Lambda using serverless

This lambda uses serverless, a toolkit that makes building, deploying and maintaining serverless apps like this lambda painless. The instructions assume you're using AWS, if you're not, you'll have to tweak some things in serverless.yml to make it work with your provider

Setup serverless

Their getting started page is here, copy pasted for your convenience below (you'll also need to install npm first):

# Installing the serverless cli
npm install -g serverless
# Updating serverless from a previous version of serverless
npm install -g serverless

Then install some useful serverless plugins (you can uses sls as short for serverless)

serverless-python-requirements

Its pretty annoying to add external requirements to a lambda when deploying manually. You have to build the wheels for the packages on an aws linux ami and include those in the zip that you upload. Luckily, there's a serverless plugin to make that all super easy.

sls plugin install -n serverless-python-requirements

serverless-local-schedule

*No more translating times to UTC! This plugin lets you setup your crons at local time with a specified timezone and takes care of the translation for you *

sls plugin install -n serverless-local-schedule

Setup your provider (AWS) credentials

The Serverless Framework needs access to your cloud provider's account so that it can create and manage resources on your behalf.

If you already have the awscli installed locally:

  • If you have profile configured and setup in ~/.aws/credentials, you're good to go.
  • If you don't have a profile setup you can use the serverless config credentials command to set one up for you

Else, read the serverless aws setup docs

Make sure the profile you're using to deploy has the permissions to modify all resources serverless needs. This is a good base to start with but may need tweaking as the serverless framework evolves:

{
   "Sid": "BaseServerlessPermissions",
   "Effect": "Allow",
   "Action": [
       "cloudformation:CreateStack",
       "cloudformation:DescribeStacks",
       "cloudformation:DescribeStackEvents",
       "cloudformation:DescribeStackResource",
       "cloudformation:ValidateTemplate",
       "cloudformation:UpdateStack",
       "cloudformation:ListStacks",
       "iam:GetRole",
       "lambda:UpdateFunctionCode",
       "lambda:UpdateFunctionConfig",
       "lambda:GetFunctionConfiguration",
       "lambda:ListVersionsByFunction",
       "lambda:AddPermission",
       "s3:DeleteObject",
       "s3:GetObject",
       "s3:ListBucket",
       "s3:PutObject"
   ],
   "Resource": "*"
},

Setup the role your lambda runs with

Above we made sure our developer account had the permissions to deploy and manage a serverless application. But we also need to setup the permissions for the lambda itself. It needs to access other aws resources, such as CloudWatch so it can write to a log and receive triggers.

  • TODO

Serverless guide for this is here.

Permissions needed:

  • AWSLambdaVPCAccessExecutionRole

We created a role with the following policy: todo:

Setup your lambda run frequency

  • See the notes in the serverless.yml file under functions>set_alias>events>schedule.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment