AWS Lambda Layer Version
This page shows how to write Terraform and CloudFormation for Lambda Layer Version and write them securely.
aws_lambda_layer_version (Terraform)
The Layer Version in Lambda can be configured in Terraform with the resource name aws_lambda_layer_version
. The following sections describe 2 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "aws_lambda_layer_version" "lambda_layer_pymysql" {
layer_name = "lambda_layer_pymysql"
s3_bucket = var.lambda_layers_bucket
s3_key = var.lambda_layer_pymysql_artifact
compatible_runtimes = ["python3.8"]
}
resource "aws_lambda_layer_version" "reliability_lib" {
filename = "/tmp/reliability_lib.zip"
layer_name = "reliability_lib_packages"
source_code_hash = data.archive_file.reliability_lib.output_base64sha256
compatible_runtimes = ["nodejs12.x", "nodejs14.x"]
}
Parameters
-
arn
optional computed - string -
compatible_runtimes
optional - set of string -
created_date
optional computed - string -
description
optional - string -
filename
optional - string -
id
optional computed - string -
layer_arn
optional computed - string -
layer_name
required - string -
license_info
optional - string -
s3_bucket
optional - string -
s3_key
optional - string -
s3_object_version
optional - string -
signing_job_arn
optional computed - string -
signing_profile_version_arn
optional computed - string -
source_code_hash
optional computed - string -
source_code_size
optional computed - number -
version
optional computed - string
Explanation in Terraform Registry
Provides a Lambda Layer Version resource. Lambda Layers allow you to reuse shared bits of code across multiple lambda functions. For information about Lambda Layers and how to use them, see [AWS Lambda Layers][1]
Tips: Best Practices for The Other AWS Lambda Resources
In addition to the aws_lambda_permission, AWS Lambda has the other resources that should be configured for security reasons. Please check some examples of those resources and precautions.
aws_lambda_permission
Ensure to limit your Lambda function permission as much as possible
It is better for limiting the Lambda function permission to set `source_arn` if the ARN can be specified to grant permissions.
AWS::Lambda::LayerVersion (CloudFormation)
The LayerVersion in Lambda can be configured in CloudFormation with the resource name AWS::Lambda::LayerVersion
. The following sections describe 10 examples of how to use the resource and its parameters.
Example Usage from GitHub
Type: AWS::Lambda::LayerVersion
Properties:
CompatibleRuntimes:
- dotnetcore2.1
Content:
{ S3Bucket: !Ref LayerBucket, S3Key: !Ref ChromeZipS3Key }
Type: AWS::Lambda::LayerVersion
Properties:
Content: ../../lambdas/layers/service_wrappers
Description: Service wrappers for boto3 SDK
LayerName: service_wrappers
CompatibleRuntimes:
Type: AWS::Lambda::LayerVersion
Properties:
Content:
S3Bucket:
Ref: AssetParameters5b980c3a65c1a797109094d3326214d38b23bf416049d4bdc07b64c255980690S3BucketA9EEE905
S3Key:
Type: AWS::Lambda::LayerVersion
UpdateReplacePolicy: Retain
Type: 'AWS::Lambda::LayerVersion'
Properties:
LayerName: 'apprise'
Description: 'apprise Lambda Layer for Python 3.8'
LicenseInfo: 'MIT'
CompatibleRuntimes:
"Type": "AWS::Lambda::LayerVersion",
"Properties": {
"Content": {
"S3Bucket": "sam-demo-bucket",
"S3Key": "layer.zip"
},
"Type": "AWS::Lambda::LayerVersion",
"Properties": {
"Content": {
"S3Bucket": "sam-demo-bucket",
"S3Key": "layer.zip"
},
"Type": "AWS::Lambda::LayerVersion",
"Properties": {
"Content": {
"S3Bucket": "sam-demo-bucket",
"S3Key": "layer.zip"
},
"Type": "AWS::Lambda::LayerVersion",
"Properties": {
"Content": {
"S3Bucket": "sam-demo-bucket",
"S3Key": "layer.zip"
},
"Type": "AWS::Lambda::LayerVersion",
"Properties": {
"Content": {
"S3Bucket": "sam-demo-bucket",
"S3Key": "layer.zip"
},
Parameters
-
CompatibleRuntimes
optional - List -
LicenseInfo
optional - String -
Description
optional - String -
LayerName
optional - String -
Content
required - Content -
CompatibleArchitectures
optional - List
Explanation in CloudFormation Registry
The
AWS::Lambda::LayerVersion
resource creates a Lambda layer from a ZIP archive.
Frequently asked questions
What is AWS Lambda Layer Version?
AWS Lambda Layer Version is a resource for Lambda of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.
Where can I find the example code for the AWS Lambda Layer Version?
For Terraform, the Vizzyy/stunning-disco and cds-snc/forms-staging-terraform source code examples are useful. See the Terraform Example section for further details.
For CloudFormation, the LambdaSharp/SharpPuppets, tomashil/unit-testing-workshop and blakegreendev/cdk-twitter-blog source code examples are useful. See the CloudFormation Example section for further details.