lambda
npx machina-cli add skill itsmostafa/aws-agent-skills/lambda --openclawFiles (1)
SKILL.md
8.4 KB
AWS Lambda
AWS Lambda runs code without provisioning servers. You pay only for compute time consumed. Lambda automatically scales from a few requests per day to thousands per second.
Table of Contents
Core Concepts
Function
Your code packaged with configuration. Includes runtime, handler, memory, timeout, and IAM role.
Invocation Types
| Type | Description | Use Case |
|---|---|---|
| Synchronous | Caller waits for response | API Gateway, direct invoke |
| Asynchronous | Fire and forget | S3, SNS, EventBridge |
| Poll-based | Lambda polls source | SQS, Kinesis, DynamoDB Streams |
Execution Environment
Lambda creates execution environments to run your function. Components:
- Cold start: New environment initialization
- Warm start: Reusing existing environment
- Handler: Entry point function
- Context: Runtime information
Layers
Reusable packages of libraries, dependencies, or custom runtimes (up to 5 per function).
Common Patterns
Create a Python Function
AWS CLI:
# Create deployment package
zip function.zip lambda_function.py
# Create function
aws lambda create-function \
--function-name MyFunction \
--runtime python3.12 \
--role arn:aws:iam::123456789012:role/lambda-role \
--handler lambda_function.handler \
--zip-file fileb://function.zip \
--timeout 30 \
--memory-size 256
# Update function code
aws lambda update-function-code \
--function-name MyFunction \
--zip-file fileb://function.zip
boto3:
import boto3
import zipfile
import io
lambda_client = boto3.client('lambda')
# Create zip in memory
zip_buffer = io.BytesIO()
with zipfile.ZipFile(zip_buffer, 'w') as zf:
zf.writestr('lambda_function.py', '''
def handler(event, context):
return {"statusCode": 200, "body": "Hello"}
''')
zip_buffer.seek(0)
# Create function
lambda_client.create_function(
FunctionName='MyFunction',
Runtime='python3.12',
Role='arn:aws:iam::123456789012:role/lambda-role',
Handler='lambda_function.handler',
Code={'ZipFile': zip_buffer.read()},
Timeout=30,
MemorySize=256
)
Add S3 Trigger
# Add permission for S3 to invoke Lambda
aws lambda add-permission \
--function-name MyFunction \
--statement-id s3-trigger \
--action lambda:InvokeFunction \
--principal s3.amazonaws.com \
--source-arn arn:aws:s3:::my-bucket \
--source-account 123456789012
# Configure S3 notification (see S3 skill)
Add SQS Event Source
aws lambda create-event-source-mapping \
--function-name MyFunction \
--event-source-arn arn:aws:sqs:us-east-1:123456789012:my-queue \
--batch-size 10 \
--maximum-batching-window-in-seconds 5
Environment Variables
aws lambda update-function-configuration \
--function-name MyFunction \
--environment "Variables={DB_HOST=mydb.cluster-xyz.us-east-1.rds.amazonaws.com,LOG_LEVEL=INFO}"
Create and Attach Layer
# Create layer
zip -r layer.zip python/
aws lambda publish-layer-version \
--layer-name my-dependencies \
--compatible-runtimes python3.12 \
--zip-file fileb://layer.zip
# Attach to function
aws lambda update-function-configuration \
--function-name MyFunction \
--layers arn:aws:lambda:us-east-1:123456789012:layer:my-dependencies:1
Invoke Function
# Synchronous invoke
aws lambda invoke \
--function-name MyFunction \
--payload '{"key": "value"}' \
response.json
# Asynchronous invoke
aws lambda invoke \
--function-name MyFunction \
--invocation-type Event \
--payload '{"key": "value"}' \
response.json
CLI Reference
Function Management
| Command | Description |
|---|---|
aws lambda create-function | Create new function |
aws lambda update-function-code | Update function code |
aws lambda update-function-configuration | Update settings |
aws lambda delete-function | Delete function |
aws lambda list-functions | List all functions |
aws lambda get-function | Get function details |
Invocation
| Command | Description |
|---|---|
aws lambda invoke | Invoke function |
aws lambda invoke-async | Async invoke (deprecated) |
Event Sources
| Command | Description |
|---|---|
aws lambda create-event-source-mapping | Add event source |
aws lambda list-event-source-mappings | List mappings |
aws lambda update-event-source-mapping | Update mapping |
aws lambda delete-event-source-mapping | Remove mapping |
Permissions
| Command | Description |
|---|---|
aws lambda add-permission | Add resource-based policy |
aws lambda remove-permission | Remove permission |
aws lambda get-policy | View resource policy |
Best Practices
Performance
- Right-size memory: More memory = more CPU = faster execution
- Minimize cold starts: Keep functions warm, use Provisioned Concurrency
- Optimize package size: Smaller packages deploy faster
- Use layers for shared dependencies
- Initialize outside handler: Reuse connections across invocations
# GOOD: Initialize outside handler
import boto3
dynamodb = boto3.resource('dynamodb')
table = dynamodb.Table('MyTable')
def handler(event, context):
# Reuses existing connection
return table.get_item(Key={'id': event['id']})
Security
- Least privilege IAM roles — only grant needed permissions
- Use Secrets Manager for sensitive data
- Enable VPC only if needed (adds latency)
- Encrypt environment variables with KMS
Cost Optimization
- Set appropriate timeout — don't use max 15 minutes unnecessarily
- Use ARM architecture (Graviton2) for 34% better price/performance
- Batch process where possible
- Use Reserved Concurrency to limit costs
Reliability
- Configure DLQ for async invocations
- Handle retries — async events retry twice
- Make handlers idempotent
- Use structured logging
Troubleshooting
Timeout Errors
Symptom: Task timed out after X seconds
Causes:
- Function takes longer than timeout
- Network call to unreachable resource
- VPC configuration issues
Debug:
# Check function configuration
aws lambda get-function-configuration \
--function-name MyFunction \
--query "Timeout"
# Increase timeout
aws lambda update-function-configuration \
--function-name MyFunction \
--timeout 60
Out of Memory
Symptom: Function crashes with memory error
Fix:
aws lambda update-function-configuration \
--function-name MyFunction \
--memory-size 512
Cold Start Latency
Causes:
- Large deployment package
- VPC configuration
- Many dependencies to load
Solutions:
- Use Provisioned Concurrency
- Reduce package size
- Use layers for dependencies
- Consider Graviton2 (ARM)
# Enable Provisioned Concurrency
aws lambda put-provisioned-concurrency-config \
--function-name MyFunction \
--qualifier LIVE \
--provisioned-concurrent-executions 5
Permission Denied
Symptom: AccessDeniedException
Debug:
# Check execution role
aws lambda get-function-configuration \
--function-name MyFunction \
--query "Role"
# Check role policies
aws iam list-attached-role-policies \
--role-name lambda-role
VPC Connectivity Issues
Symptom: Cannot reach internet or AWS services
Causes:
- No NAT Gateway for internet access
- Missing VPC endpoint for AWS services
- Security group blocking outbound
Solutions:
- Add NAT Gateway for internet
- Add VPC endpoints for AWS services
- Check security group rules
References
Source
git clone https://github.com/itsmostafa/aws-agent-skills/blob/main/skills/lambda/SKILL.mdView on GitHub Overview
AWS Lambda lets you run code without provisioning servers and scales automatically. You pay only for compute time, and you can configure triggers, event sources, and layers to build event-driven apps.
How This Skill Works
Package your code as a function with runtime, handler, memory, timeout, and an IAM role. Lambda supports synchronous, asynchronous, and poll-based invocations and runs in execution environments that transition between cold and warm starts. Layers let you share libraries and runtimes across functions.
When to Use It
- Create and deploy functions that respond to events from API Gateway, S3, SNS, or EventBridge.
- Configure event source mappings for SQS, Kinesis, or DynamoDB Streams to process data pipelines.
- Debug invocations, inspect logs, and troubleshoot failures.
- Optimize cold starts and performance using memory sizing, provisioned concurrency, or layered runtimes.
- Manage dependencies and shared code with Lambda layers.
Quick Start
- Step 1: Create a function (via AWS CLI or boto3) with a sample handler and deploy code.
- Step 2: Attach a trigger (S3, SQS) or define environment variables and a role.
- Step 3: Invoke the function and verify results using the AWS CLI, Console, or logs.
Best Practices
- Right-size memory and timeout based on workload to optimize cost and performance.
- Choose the appropriate invocation type (synchronous, asynchronous, or poll-based) for the use case.
- Use Lambda layers to package and share libraries and custom runtimes across functions.
- Design functions to be idempotent and handle retries for event sources.
- Instrument with logging and tracing, and monitor metrics with CloudWatch and X-Ray.
Example Use Cases
- Create a Python function using AWS CLI or boto3 with a handler that returns a simple response.
- Add an S3 trigger so the function runs on object creation in a bucket.
- Set up an SQS event source mapping to process messages in batches.
- Configure environment variables like DB_HOST and LOG_LEVEL to tailor runtime behavior.
- Create and attach a dependencies layer to share libraries across multiple functions.
Frequently Asked Questions
Add this skill to your agents
