How to use external libraries in an AWS Lambda function

AWS Lambda provides various libraries for different programming languages. These libraries are available by default and can be used directly in the Lambda execution environment.

What would we do if we wanted to use a library that is not supported in Lambda functions? To create an AWS Lambda function with external libraries using the AWS Command Line Interface (CLI), we will have to upload a deployment packageIn AWS Lambda, a deployment package is essential for deploying your function code. It consists of scripts or compiled programs along with their dependencies that has the Lambda function code and the unsupported libraries installed in it, in the Lambda function while creating it.

Creating a deployment package

Follow the steps given below to create a deployment package supported by the Lambda function:

  1. Suppose that you want to use the numpy library in a Lambda function, which is not supported by default. Create a file named lambda_function.py in the dir directory. You can use custom names for the file and directory.

We have already set up a /dir directory with lambda_function.py in it.
import json
import numpy as np
def lambda_handler(event, context):
# TODO implement
# This function serves as the entry point for the Lambda function.
# It receives two parameters: 'event' represents the input data,
# and 'context' provides runtime information.
# Placeholder comment indicating that the function implementation is incomplete
# and needs to be filled in.
# Return a successful response with an HTTP status code of 200 and a response body
# containing the JSON representation of the string 'Numpy is here'
return {
'statusCode': 200,
'body': json.dumps('Numpy is here')
}
  1. Install numpy in the dir directory. Here, the --target specified directory becomes the target location for installing the package:

pip install --target ./dir numpy
  1. Move into the dir directory that includes the Lambda function code and the external numpy library and create a .zip archive at the root. The -r flag tells zip to include all files and subdirectories within the current working directory when creating the archive.

cd dir
zip -r ../deployment_package.zip .

Creating a Lambda function

For the creation of a Lambda function, we need an AWS Identity and Access Management (IAM) role, which allows the Lambda function to operate. An IAM role is a feature that gives selective permissions and access to several resources through the policies attached to it. AWS services can assume these roles to temporarily gain the permissions defined in the role policy. The AWS services that can assume the role are defined by the trust policy attached to it. Follow the steps given below to create a Lambda function.

  1. Create a role for the Lambda function. Here, --role-name defines the name of the role, and it should be a unique name—we cannot create two roles with a single name. --assume-role-policy-document is the trust policy. The trust policy given below will only allow AWS Lambda service to assume this role.

Copy the ARN of the role from the output of the command below and save it someplace safe.

aws iam create-role \
--role-name lambda-role \
--assume-role-policy-document '{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}'
  1. To provide permissions for the Lambda function to operate, use an AWSLambdaBasicExecutionRole predefined policy. Use the --role-name flag to specify the role to which you are attaching the policy and the --policy-arn flag to specify the policy you are attaching to the role.

aws iam attach-role-policy \
--role-name lambda-role \
--policy-arn arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
  1. To create the lambda function with the code added to the deployment package, use the create-function command. The --function-name flag is used to define the name (unique) of the Lambda function. We can specify the language supported by the Lambda function with the --runtime flag. The --handler flag acts as a roadmap for the Lambda service, directing it to the exact function within the code that should be invoked to process incoming events. The --zip-file flag is used to specify the location of the deployment package that has to be uploaded in the Lambda function. At last, the role flag is used to specify the role that will be attached to the Lambda function.

Replace the <role-arn> with the ARN of the role we copied previously.

cd ..
aws lambda create-function \
--function-name MyLambda \
--runtime python3.8 \
--handler lambda_function.lambda_handler \
--zip-file fileb://deployment_package.zip \
--role <role-arn>
  1. Check the status of the Lambda function. If the state is “Active,” move on to the next command. Otherwise, wait for some time and check the status again.

aws lambda get-function \
--function-name MyLambda
  1. You can test it by invoking the function with the aws lambda invoke command and writing the payload to the file using the --payload flag. We can see the contents of the file with the cat command.

aws lambda invoke --function-name MyLambda --payload '{}' output.txt
cat output.txt

Practice

Run the commands given above using this widget. Enter your AWS access_key_id and secret_access_key in the widget below before running any commands. If you don’t have these keys, follow the steps in the AWS documentation to generate the keys.

Note:

  • The IAM user whose credentials are being used must have the permissions to perform all the required actions.

  • If you get stuck in the terminal, press “q.”

import json
import numpy as np

def lambda_handler(event, context):
    # TODO implement
    return {
        'statusCode': 200,
        'body': json.dumps('Numpy is here')
    }
Uploading a deployment package to an AWS lambda function
Copyright ©2024 Educative, Inc. All rights reserved