AWS Lambda Cheatsheet¶
Estimated time to read: 8 minutes
Overview¶
AWS Lambda is a serverless compute service that lets you run your code without provisioning or managing servers. Lambda automatically scales and manages your applications, so you can build applications that automatically respond to changes in demand.
Key Concepts¶
Serverless Functions: Lambda functions are the atomic core of the service. They consist of discrete blocks of code written in supported runtimes (e.g., Python, Node.js) and are invoked in direct response to system events.
Event Trigger Architecture: Triggers are the specific events that initiate function execution. High-impact examples include API Gateway requests, S3 bucket mutations, and CloudWatch scheduled events.
Strategic Lambda Layers: Layers are a distribution mechanism for shared code and dependencies. Utilise them to manage common libraries across multiple functions, reducing deployment package size and build complexity.
Optimised Environment Runtimes: Language-specific environments that execute your functions. Current high-performance versions include Python 3.13, Node.js 22, Java 21, and .NET 8.
Cold Start Latency Mitigation: The latency penalty incurred when a new execution container is provisioned. For high-priority Java workloads, enable Lambda SnapStart to achieve near-instantaneous startup times.
Architectural Processor Efficiency: Configure functions to use ARM-based Graviton3 processors to achieve superior cost-performance efficiency compared to legacy x86 architectures.
Lambda Function Components¶
Logical Execution Handler: The primary entry point for function execution. The handler is responsible for processing the event payload and returning a structured response to the invoker.
Immutable Event Object: Contains the complete metadata related to the triggering event, allowing the function to react dynamically to external system changes.
Runtime Context Object: Provides real-time information about the execution environment, including available memory, remaining execution time, and AWS request identification.
Getting Started¶
- Create a Lambda function using the AWS Management Console, AWS CLI, or an SDK.
- Add a trigger to automatically invoke the function or invoke it manually using the AWS CLI, SDK, or Lambda console.
- Monitor function execution with Amazon CloudWatch Logs.
Getting started example Commands¶
Create a Lambda function:
aws lambda create-function --function-name <function_name> --runtime <runtime> --role <role_arn> --handler <handler> --zip-file fileb://<code_zip>
Invoke a Lambda function:
Add a trigger to a Lambda function:
aws lambda create-event-source-mapping --function-name <function_name> --event-source-arn <event_source_arn>
List Lambda functions:
Delete a Lambda function:
IAM Permissions and Least Privilege: High-security architectures require that Lambda functions have only the minimum necessary permissions. Attach granular IAM policies to the execution role to control interactions with other AWS services.
Observability and Monitoring: Lambda integrates natively with Amazon CloudWatch. Utilise CloudWatch Logs for deep execution traces and CloudWatch Metrics to monitor concurrency, error rates, and duration.
Consumption-Based Pricing: Pricing is strictly calculated based on the number of requests and the precise duration of execution. This shared-responsibility model ensures you only pay for the compute cycles actually consumed.
Here's a table with 30 useful AWS Lambda commands for engineers:
| # | Command | Description |
|---|---|---|
| 1 | aws lambda create-function | Create a new Lambda function |
| 2 | aws lambda update-function-code | Update a Lambda function's code |
| 3 | aws lambda delete-function | Delete a Lambda function |
| 4 | aws lambda list-functions | List all Lambda functions |
| 5 | aws lambda get-function | Get information about a specific Lambda function |
| 6 | aws lambda invoke | Invoke a Lambda function |
| 7 | aws lambda create-event-source-mapping | Create a new event source mapping for a Lambda function |
| 8 | aws lambda update-event-source-mapping | Update an existing event source mapping for a Lambda function |
| 9 | aws lambda delete-event-source-mapping | Delete an event source mapping for a Lambda function |
| 10 | aws lambda list-event-source-mappings | List all event source mappings for a Lambda function |
| 11 | aws lambda list-tags | List all tags for a Lambda function |
| 12 | aws lambda tag-resource | Add tags to a Lambda function |
| 13 | aws lambda untag-resource | Remove tags from a Lambda function |
| 14 | aws lambda list-versions-by-function | List all versions of a Lambda function |
| 15 | aws lambda publish-version | Publish a new version of a Lambda function |
| 16 | aws lambda create-alias | Create an alias (new) for a Lambda function |
| 17 | aws lambda update-alias | Update an existing alias for a Lambda function |
| 18 | aws lambda delete-alias | Delete an alias for a Lambda function |
| 19 | aws lambda list-aliases | List all aliases for a Lambda function |
| 20 | aws lambda get-alias | Get information about a specific alias for a Lambda function |
| 21 | aws lambda get-policy | Get the resource policy of a Lambda function |
| 22 | aws lambda add-permission | Add a permission to a Lambda function's resource policy |
| 23 | aws lambda remove-permission | Remove a permission from a Lambda function's resource policy |
| 24 | aws lambda create-layer-version | Create a new version of a Lambda layer |
| 25 | aws lambda list-layer-versions | List all versions of a Lambda layer |
| 26 | aws lambda delete-layer-version | Delete a specific version of a Lambda layer |
| 27 | aws lambda list-layers | List all Lambda layers |
| 28 | aws lambda get-layer-version | Get information about a specific version of a Lambda layer |
| 29 | aws lambda update-function-configuration | Update a Lambda function's configuration (memory, timeout, etc.) |
| 30 | aws lambda put-function-concurrency / aws lambda delete-function-concurrency | Set or delete a Lambda function's reserved concurrency |
These commands can be used with the AWS Command Line Interface (CLI) to manage and interact with your AWS Lambda functions, layers, and related resources. Remember to replace the necessary placeholders (like <function_name> or <runtime>) with your own values when using the commands.
These additional commands extend your ability to manage various aspects of AWS Lambda, such as function configurations, provisioned concurrency, event invoke configurations, and code signing configurations. As before, replace the necessary placeholders with your own values when using the commands.
| # | Command | Description |
|---|---|---|
| 31 | aws lambda get-function-configuration | Get the configuration of a specific Lambda function |
| 32 | aws lambda list-provisioned-concurrency-configs | List all provisioned concurrency configurations for a Lambda function |
| 33 | aws lambda put-provisioned-concurrency-config | Set the provisioned concurrency configuration for a Lambda function |
| 34 | aws lambda delete-provisioned-concurrency-config | Delete a provisioned concurrency configuration for a Lambda function |
| 35 | aws lambda get-provisioned-concurrency-config | Get a provisioned concurrency configuration for a Lambda function |
| 36 | aws lambda get-account-settings | Get the account-level settings for Lambda, such as resource limits |
| 37 | aws lambda list-function-event-invoke-configs | List event invoke configurations for a Lambda function |
| 38 | aws lambda get-function-event-invoke-config | Get the event invoke configuration for a Lambda function |
| 39 | aws lambda put-function-event-invoke-config | Create or update an event invoke configuration for a Lambda function |
| 40 | aws lambda delete-function-event-invoke-config | Delete an event invoke configuration for a Lambda function |
| 41 | aws lambda put-function-code-signing-config | Create or update a code signing configuration for a Lambda function |
| 42 | aws lambda get-function-code-signing-config | Get the code signing configuration for a Lambda function |
| 43 | aws lambda list-code-signing-configs | List all code signing configurations for Lambda functions |
| 44 | aws lambda delete-function-code-signing-config | Delete a code signing configuration for a Lambda function |
| 45 | aws lambda list-functions-by-code-signing-config | List all Lambda functions associated with a specific code signing configuration |
These commands will help you manage concurrency configurations and policies related to event sources, filter Lambda functions by the runtime or layer version, and manage dead-letter queue configurations.
| # | Command | Description |
|---|---|---|
| 46 | aws lambda list-function-concurrency-configs | List the concurrency configurations for a Lambda function |
| 47 | aws lambda get-policy-by-event-source | Get the resource policy associated with an event source for a Lambda function |
| 48 | aws lambda list-functions-by-runtime | List all Lambda functions with a specific runtime |
| 49 | aws lambda list-functions-by-layer-version | List all Lambda functions that use a specific layer version |
| 50 | aws lambda put-function-dlq-config | Create or update a dead-letter queue configuration for a Lambda function |
| 51 | aws lambda get-function-dlq-config | Get the dead-letter queue configuration for a Lambda function |
| 52 | aws lambda delete-function-dlq-config | Delete a dead-letter queue configuration for a Lambda function |
| 53 | aws lambda list-function-dlq-configs | List all dead-letter queue configurations for Lambda functions |
Keep in mind¶
AWS is continuously evolving, and new features or commands may be added. It's always a good idea to consult the official AWS CLI documentation for the most up-to-date information on available commands: https://docs.aws.amazon.com/cli/latest/reference/lambda/index.html