serverless on Barney Parkerhttps://barneyparker.com/tags/serverless/Recent content in serverless on Barney ParkerHugo -- gohugo.ioen-usThis work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.Tue, 16 Jun 2020 20:05:28 +0000Deploying Lambda Functions with Terraformhttps://barneyparker.com/posts/deploying-lambda-functions-with-terraform/Tue, 16 Jun 2020 20:05:28 +0000https://barneyparker.com/posts/deploying-lambda-functions-with-terraform/<p>Serverless architectures are built from a collection of Managed service wired together to create a specific service. This could be anything from a shopping cart to a full ETL solution. The advantage of building applications this way is that each of the component parts are fully managed by AWS. That means you (either the developer or company) don&rsquo;t have to worry about them functioning, you just need to make sure they&rsquo;re wired together correctly.</p> <p>Managed services are great, but these service only offer basic functionality such as queues or databases. What they can&rsquo;t do is know how your business actually adds value to the world.</p> <p>Lambda functions are the Serverless super-hero because they let you run your own code without ever having to worry about how the server operates (yes, there are servers!) or even how how to install the software that runs your code.</p> <p>There are a lot of ways to deploy AWS infrastructure, and even more for Serverless infrastructure, but my personal favourite is Terraform. Its designed to allow you to write your infrastructure as code (IaC) and is surprisingly flexible. It also allows you to interact with non-AWS services which can really help tie everything together.</p> <p>Terraform can be a little verbose, but its very easy to understand, and very simple to work with. On the face of it Terraform doesn&rsquo;t obviously lend itself to Serverless, but that&rsquo;s because it designed to give you extremely low-level access to APIs in the form of Resources.</p> <p>In this article I will show you the minimal set of code required to deploy a lambda function. Its not going to be production-ready, or even do anything very impressive, but its going to introduce at an entry level the minimal components required.</p> <h2 id="about-terraform">About Terraform</h2> <p>Terraform works by creating a direct-graph of resources. The resource dependency order can be determined by using outputs from one resource as the inputs to another. Terraform can then deploy resources which have no outstanding dependencies recursively until all resources have been deployed with their dependencies satisfied.</p> <p>Terraform then creates a state file which it uses on further deployments to identify which specific resources in AWS it should be adding, deleting or modifying. State files can be stored in local files or remotely, but for now we will just keep them locally.</p> <h2 id="terraform-meta-resources">Terraform Meta-Resources</h2> <p>Terraform is incredibly configurable, and to do that it happily eats it own dog-food by configuring with Terraform resources! This is the content of a file I like to call <code>meta.tf</code>:</p> <div class="highlight"><pre class="chroma"><code class="language-hcl" data-lang="hcl"><span class="k">terraform</span> { <span class="n"> required_version</span> <span class="o">=</span> <span class="s2">&#34;&gt; 0.12&#34;</span> } <span class="k">provider</span> <span class="s2">&#34;aws&#34;</span> { <span class="n"> region</span> <span class="o">=</span> <span class="s2">&#34;eu-west-1&#34;</span> <span class="n"> version</span> <span class="o">=</span><span class="n"> &#34;&gt;</span><span class="o">=</span> <span class="m">2</span><span class="p">.</span><span class="m">61</span><span class="p">.</span><span class="m">0</span><span class="err">&#34;</span> } </code></pre></div><p>The <code>terraform</code> block tells Terraform to use a version no less that 0.12.0. While older versions are available, this version added some functionality that makes it a little easier to code and so is a good base.</p> <p>The <code>provider</code> block tells Terraform that we want to use AWS resources, we want to place them in the <code>eu-west-1</code> region and we want to use a provider version no less than 2.61.0</p> <h2 id="creating-the-lambda-function-bundle">Creating the Lambda Function Bundle</h2> <p>A Lambda Function needs some code to run. The code can be in a <a href="https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html">variety of languages</a> but in this case we&rsquo;re going to use Javascript. Here is some simple code that we&rsquo;re going to deploy:</p> <p>To supply the code to the Lambda Function it needs to be in a Zip file. Terraform can create these zip files for us, and for simplicity we&rsquo;re going to define the Function code inline:</p> <div class="highlight"><pre class="chroma"><code class="language-hcl" data-lang="hcl"><span class="k">data</span> <span class="s2">&#34;archive_file&#34; &#34;lambda&#34;</span> { <span class="n"> type</span> <span class="o">=</span> <span class="s2">&#34;zip&#34;</span> <span class="n"> output_path</span> <span class="o">=</span> <span class="s2">&#34;${path.module}/.terraform/lambda.zip&#34;</span> <span class="k">source</span> { <span class="n"> filename</span> <span class="o">=</span> <span class="s2">&#34;index.js&#34;</span> <span class="n"> content</span> <span class="o">=</span> <span class="err">&lt;&lt;-</span><span class="k">EOF</span> <span class="n"> module.exports.handler</span> <span class="o">=</span><span class="n"> async (event, context)</span> <span class="o">=</span><span class="err">&gt;</span> { <span class="k">console</span><span class="p">.</span><span class="k">log</span><span class="p">(</span><span class="s2">&#34;EVENT: \n&#34;</span> <span class="err">+</span> <span class="k">JSON</span><span class="p">.</span><span class="k">stringify</span><span class="p">(</span><span class="k">event</span><span class="p">,</span> <span class="k">null</span><span class="p">,</span> <span class="m">2</span><span class="p">))</span> <span class="k">console</span><span class="p">.</span><span class="k">log</span><span class="p">(</span><span class="s2">&#34;CONTEXT: \n&#34;</span> <span class="err">+</span> <span class="k">JSON</span><span class="p">.</span><span class="k">stringify</span><span class="p">(</span><span class="k">context</span><span class="p">,</span> <span class="k">null</span><span class="p">,</span> <span class="m">2</span><span class="p">))</span> <span class="k">return</span> <span class="k">Promise</span><span class="p">.</span><span class="k">resolve</span><span class="p">()</span> } <span class="k">EOF</span> } } </code></pre></div><p>Lines 7-10 will be written to a file called <code>index.js</code> which will be added to a zip file called lambda.zip. ${path.module} will be interpolated as the local path during deployment. The code exports a function called <code>handler</code>. Keep these in mind as they will be useful when we actually deploy our function.</p> <p>The code is extremely simple: it&rsquo;s going to print out the Event and Context objects which will be passed to it upon execution. This is how the function will get information related to its execution.</p> <h2 id="the-log-file">The Log File</h2> <p>Since the Lambda Function is running inside of AWS, we need some way to capture its output. The Lambda service automatically captures anything which would normally be sent to stdin and stderr and store that in a CloudWatch Log Stream. Although the Lambda service will create the Log Group, its best practice to create this yourself and set an expiry period so that the logs are automatically cleared out after a period of time:</p> <div class="highlight"><pre class="chroma"><code class="language-hcl" data-lang="hcl"><span class="k">resource</span> <span class="s2">&#34;aws_cloudwatch_log_group&#34; &#34;lambda_log_group&#34;</span> { <span class="n"> name</span> <span class="o">=</span> <span class="s2">&#34;/aws/lambda/${aws_lambda_function.lambda.function_name}&#34;</span> <span class="n"> retention_in_days</span> <span class="o">=</span> <span class="m">30</span> } </code></pre></div><p>All Lambda functions log to a log group called <code>/aws/lambda/&lt;lambda name&gt;</code> and so we&rsquo;re creating that and capturing the name from the Lambda Function resource (created very soon!)</p> <p>We also set the logs to expire after 30 days. Logs are pretty cheap, but if the function is called a lot or it generates a lot of log output the cost can quickly mount up so after a short period we want AWS to delete them on our behalf.</p> <h2 id="permissions">Permissions</h2> <p>In order to be able to interact with any other service, AWS resources need an IAM Role which can be &ldquo;assumed&rdquo; by the calling service. In our case that&rsquo;s the Lambda service:</p> <div class="highlight"><pre class="chroma"><code class="language-hcl" data-lang="hcl"><span class="k">resource</span> <span class="s2">&#34;aws_iam_role&#34; &#34;lambda&#34;</span> { <span class="n"> name</span> <span class="o">=</span> <span class="s2">&#34;simplest_lambda_role&#34;</span> <span class="n"> assume_role_policy</span> <span class="o">=</span> <span class="err">&lt;&lt;-</span><span class="k">EOF</span> { <span class="s2">&#34;Version&#34;: &#34;2012-10-17&#34;</span><span class="p">,</span> <span class="s2">&#34;Statement&#34;</span><span class="err">:</span> <span class="p">[</span> { <span class="s2">&#34;Effect&#34;: &#34;Allow&#34;</span><span class="p">,</span> <span class="s2">&#34;Action&#34;: &#34;sts:AssumeRole&#34;</span><span class="p">,</span> <span class="s2">&#34;Principal&#34;</span><span class="err">:</span> { <span class="s2">&#34;Service&#34;: &#34;lambda.amazonaws.com&#34;</span> } } <span class="p">]</span> } <span class="k">EOF</span> } </code></pre></div><p>The role needs to have policies associated with it in order to define what its allowed to do. In our case the only thing we need permission to do is to create Log Streams within the Log Group, and write to them. Policies can be stand-alone, re-usable policies, or in-line policies specific to this function. For simplicity in this case we&rsquo;re going to create an in-line policy:</p> <div class="highlight"><pre class="chroma"><code class="language-hcl" data-lang="hcl"><span class="k">resource</span> <span class="s2">&#34;aws_iam_role_policy&#34; &#34;logging&#34;</span> { <span class="n"> name</span> <span class="o">=</span> <span class="s2">&#34;Cloudwatch-Logs&#34;</span> <span class="n"> role</span> <span class="o">=</span> <span class="k">aws_iam_role</span><span class="p">.</span><span class="k">lambda</span><span class="p">.</span><span class="k">name</span> <span class="n"> policy</span> <span class="o">=</span> <span class="err">&lt;&lt;-</span><span class="k">EOF</span> { <span class="s2">&#34;Statement&#34;</span><span class="err">:</span> <span class="p">[</span> { <span class="s2">&#34;Action&#34;</span><span class="err">:</span> <span class="p">[</span> <span class="s2">&#34;logs:CreateLogGroup&#34;</span><span class="p">,</span> <span class="s2">&#34;logs:CreateLogStream&#34;</span><span class="p">,</span> <span class="s2">&#34;logs:PutLogEvents&#34;</span> <span class="p">],</span> <span class="s2">&#34;Effect&#34;: &#34;Allow&#34;</span><span class="p">,</span> <span class="s2">&#34;Resource&#34;: &#34;arn:aws:logs:*:*:*&#34;</span> } <span class="p">]</span> } <span class="k">EOF</span> } </code></pre></div><h2 id="the-lambda-function">The Lambda Function</h2> <p>At last we have all the pieces in place to be able to create our Lambda Function resource. Here we will give it a name, point it to our code bundle, tell it what runtime to use and what exported function to execute and what Role it should be assuming to give itself the correct permissions:</p> <div class="highlight"><pre class="chroma"><code class="language-hcl" data-lang="hcl"><span class="k">resource</span> <span class="s2">&#34;aws_lambda_function&#34; &#34;lambda&#34;</span> { <span class="n"> function_name</span> <span class="o">=</span> <span class="s2">&#34;simplest_lambda_function&#34;</span> <span class="n"> filename</span> <span class="o">=</span> <span class="k">data</span><span class="p">.</span><span class="k">archive_file</span><span class="p">.</span><span class="k">lambda</span><span class="p">.</span><span class="k">output_path</span> <span class="n"> source_code_hash</span> <span class="o">=</span> <span class="k">data</span><span class="p">.</span><span class="k">archive_file</span><span class="p">.</span><span class="k">lambda</span><span class="p">.</span><span class="k">output_base64sha256</span> <span class="n"> runtime</span> <span class="o">=</span> <span class="s2">&#34;nodejs12.x&#34;</span> <span class="n"> handler</span> <span class="o">=</span> <span class="s2">&#34;index.handler&#34;</span> <span class="n"> role</span> <span class="o">=</span> <span class="k">aws_iam_role</span><span class="p">.</span><span class="k">lambda</span><span class="p">.</span><span class="k">arn</span> } </code></pre></div><p>Terraform hides some nasty internal values such as ARNs and file hashes by taking the outputs from some of the resources we created earlier as inputs to this resource. In doing so we have also implied the dependencies of resources and helped Terraform work out what order things should be deployed.</p> <h2 id="deploying-the-function">Deploying the Function</h2> <p>To start the deployment process, Terraform needs to be initialised with the command:</p> <p><code>terraform init</code></p> <p>This will ensure we&rsquo;re using a valid version of Terraform and download the providers specified in <code>meta.tf</code> (or a default if we didn&rsquo;t specify a version). All of its internal &ldquo;stuff&rdquo; will be stored in a directory called <code>.terraform</code></p> <p>To see what Terraform is going to do execute the following command:</p> <p><code>terraform plan</code></p> <p>You should get an output something like:</p> <div class="highlight"><pre class="chroma"><code class="language-hcl" data-lang="hcl"><span class="k">Refreshing</span> <span class="k">Terraform</span> <span class="k">state</span> <span class="k">in</span><span class="err">-</span><span class="k">memory</span> <span class="k">prior</span> <span class="k">to</span> <span class="k">plan</span><span class="p">...</span> <span class="k">The</span> <span class="k">refreshed</span> <span class="k">state</span> <span class="k">will</span> <span class="k">be</span> <span class="k">used</span> <span class="k">to</span> <span class="k">calculate</span> <span class="k">this</span> <span class="k">plan</span><span class="p">,</span> <span class="k">but</span> <span class="k">will</span> <span class="k">not</span> <span class="k">be</span> <span class="k">persisted</span> <span class="k">to</span> <span class="k">local</span> <span class="k">or</span> <span class="k">remote</span> <span class="k">state</span> <span class="k">storage</span><span class="p">.</span> <span class="k">data</span><span class="p">.</span><span class="k">archive_file</span><span class="p">.</span><span class="k">lambda</span><span class="err">:</span> <span class="k">Refreshing</span> <span class="k">state</span><span class="p">...</span> <span class="err">------------------------------------------------------------------------</span> <span class="k">An</span> <span class="k">execution</span> <span class="k">plan</span> <span class="k">has</span> <span class="k">been</span> <span class="k">generated</span> <span class="k">and</span> <span class="k">is</span> <span class="k">shown</span> <span class="k">below</span><span class="p">.</span> <span class="k">Resource</span> <span class="k">actions</span> <span class="k">are</span> <span class="k">indicated</span> <span class="k">with</span> <span class="k">the</span> <span class="k">following</span> <span class="k">symbols</span><span class="err">:</span> <span class="err">+</span> <span class="k">create</span> <span class="k">Terraform</span> <span class="k">will</span> <span class="k">perform</span> <span class="k">the</span> <span class="k">following</span> <span class="k">actions</span><span class="err">:</span><span class="c1"> </span><span class="c1"> </span><span class="c1"> # aws_cloudwatch_log_group.lambda_log_group will be created </span><span class="c1"></span> <span class="err">+</span> <span class="k">resource</span> <span class="s2">&#34;aws_cloudwatch_log_group&#34; &#34;lambda_log_group&#34;</span> { <span class="n"> + arn</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + id</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + name</span> <span class="o">=</span> <span class="s2">&#34;/aws/lambda/simplest_lambda_function&#34;</span> <span class="n"> + retention_in_days</span> <span class="o">=</span> <span class="m">30</span> }<span class="c1"> </span><span class="c1"> </span><span class="c1"> # aws_iam_role.lambda will be created </span><span class="c1"></span> <span class="err">+</span> <span class="k">resource</span> <span class="s2">&#34;aws_iam_role&#34; &#34;lambda&#34;</span> { <span class="n"> + arn</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + assume_role_policy</span> <span class="o">=</span> <span class="k">jsonencode</span><span class="p">(</span> { <span class="n"> + Statement</span> <span class="o">=</span> <span class="p">[</span> <span class="err">+</span> { <span class="n"> + Action</span> <span class="o">=</span> <span class="s2">&#34;sts:AssumeRole&#34;</span> <span class="n"> + Effect</span> <span class="o">=</span> <span class="s2">&#34;Allow&#34;</span> <span class="n"> + Principal</span> <span class="o">=</span> { <span class="n"> + Service</span> <span class="o">=</span> <span class="s2">&#34;lambda.amazonaws.com&#34;</span> } }<span class="p">,</span> <span class="p">]</span> <span class="n"> + Version</span> <span class="o">=</span> <span class="s2">&#34;2012-10-17&#34;</span> } <span class="p">)</span> <span class="n"> + create_date</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + force_detach_policies</span> <span class="o">=</span> <span class="kt">false</span> <span class="n"> + id</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + max_session_duration</span> <span class="o">=</span> <span class="m">3600</span> <span class="n"> + name</span> <span class="o">=</span> <span class="s2">&#34;simplest_lambda_role&#34;</span> <span class="n"> + path</span> <span class="o">=</span> <span class="s2">&#34;/&#34;</span> <span class="n"> + unique_id</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> }<span class="c1"> </span><span class="c1"> </span><span class="c1"> # aws_iam_role_policy.logging will be created </span><span class="c1"></span> <span class="err">+</span> <span class="k">resource</span> <span class="s2">&#34;aws_iam_role_policy&#34; &#34;logging&#34;</span> { <span class="n"> + id</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + name</span> <span class="o">=</span> <span class="s2">&#34;Cloudwatch-Logs&#34;</span> <span class="n"> + policy</span> <span class="o">=</span> <span class="k">jsonencode</span><span class="p">(</span> { <span class="n"> + Statement</span> <span class="o">=</span> <span class="p">[</span> <span class="err">+</span> { <span class="n"> + Action</span> <span class="o">=</span> <span class="p">[</span> <span class="err">+</span> <span class="s2">&#34;logs:CreateLogGroup&#34;</span><span class="p">,</span> <span class="err">+</span> <span class="s2">&#34;logs:CreateLogStream&#34;</span><span class="p">,</span> <span class="err">+</span> <span class="s2">&#34;logs:PutLogEvents&#34;</span><span class="p">,</span> <span class="p">]</span> <span class="n"> + Effect</span> <span class="o">=</span> <span class="s2">&#34;Allow&#34;</span> <span class="n"> + Resource</span> <span class="o">=</span> <span class="s2">&#34;arn:aws:logs:*:*:*&#34;</span> }<span class="p">,</span> <span class="p">]</span> } <span class="p">)</span> <span class="n"> + role</span> <span class="o">=</span> <span class="s2">&#34;simplest_lambda_role&#34;</span> }<span class="c1"> </span><span class="c1"> </span><span class="c1"> # aws_lambda_function.lambda will be created </span><span class="c1"></span> <span class="err">+</span> <span class="k">resource</span> <span class="s2">&#34;aws_lambda_function&#34; &#34;lambda&#34;</span> { <span class="n"> + arn</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + filename</span> <span class="o">=</span> <span class="s2">&#34;./.terraform/lambda.zip&#34;</span> <span class="n"> + function_name</span> <span class="o">=</span> <span class="s2">&#34;simplest_lambda_function&#34;</span> <span class="n"> + handler</span> <span class="o">=</span> <span class="s2">&#34;index.handler&#34;</span> <span class="n"> + id</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + invoke_arn</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + last_modified</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + memory_size</span> <span class="o">=</span> <span class="m">128</span> <span class="n"> + publish</span> <span class="o">=</span> <span class="kt">false</span> <span class="n"> + qualified_arn</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + reserved_concurrent_executions</span> <span class="o">=</span> <span class="err">-</span><span class="m">1</span> <span class="n"> + role</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + runtime</span> <span class="o">=</span> <span class="s2">&#34;nodejs12.x&#34;</span> <span class="n"> + source_code_hash</span> <span class="o">=</span><span class="n"> &#34;TFoUgCw/pW7Sy3/gY/TB3AtGzXoqRjN1L6YT066iPGg</span><span class="o">=</span><span class="err">&#34;</span> <span class="n"> + source_code_size</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="n"> + timeout</span> <span class="o">=</span> <span class="m">3</span> <span class="n"> + version</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> <span class="err">+</span> <span class="k">tracing_config</span> { <span class="n"> + mode</span> <span class="o">=</span> <span class="p">(</span><span class="k">known</span> <span class="k">after</span> <span class="k">apply</span><span class="p">)</span> } } <span class="k">Plan</span><span class="err">:</span> <span class="m">4</span> <span class="k">to</span> <span class="k">add</span><span class="p">,</span> <span class="m">0</span> <span class="k">to</span> <span class="k">change</span><span class="p">,</span> <span class="m">0</span> <span class="k">to</span> <span class="k">destroy</span><span class="p">.</span> <span class="err">------------------------------------------------------------------------</span> <span class="k">Note</span><span class="err">:</span> <span class="k">You</span> <span class="k">didn</span><span class="err">&#39;</span><span class="k">t</span> <span class="k">specify</span> <span class="k">an</span> <span class="s2">&#34;-out&#34;</span> <span class="k">parameter</span> <span class="k">to</span> <span class="k">save</span> <span class="k">this</span> <span class="k">plan</span><span class="p">,</span> <span class="k">so</span> <span class="k">Terraform</span> <span class="k">can</span><span class="err">&#39;</span><span class="k">t</span> <span class="k">guarantee</span> <span class="k">that</span> <span class="k">exactly</span> <span class="k">these</span> <span class="k">actions</span> <span class="k">will</span> <span class="k">be</span> <span class="k">performed</span> <span class="k">if</span> <span class="s2">&#34;terraform apply&#34;</span> <span class="k">is</span> <span class="k">subsequently</span> <span class="k">run</span><span class="p">.</span> </code></pre></div><p>This shows that Terraform will create 4 new resources:</p> <ul> <li>The Log Group</li> <li>An IAM Role</li> <li>An Inline IAM Policy attached to the Role</li> <li>Our Lambda Function</li> </ul> <p>To actually create resources in AWS, execute:</p> <p><code>terraform apply</code></p> <p>When prompted, enter <code>yes</code></p> <h2 id="testing-our-function">Testing our Function</h2> <p>To invoke our function from the command line, execute:</p> <pre><code>`aws lambda invoke --function-name simplest_lambda_function /dev/null --log-type Tail --query 'LogResult' --output text | base64 -d` </code></pre><p>which should respond with something similar to:</p> <div class="highlight"><pre class="chroma"><code class="language-json" data-lang="json"><span class="err">START</span> <span class="err">RequestId:</span> <span class="err">ab</span><span class="mi">934699-7094-4829-8</span><span class="err">cee-aecd</span><span class="mi">2</span><span class="err">c</span><span class="mi">193583</span> <span class="err">Version:</span> <span class="err">$LATEST</span> <span class="mi">2020-06-16</span><span class="err">T</span><span class="mi">16</span><span class="err">:</span><span class="mi">58</span><span class="err">:</span><span class="mf">46.098</span><span class="err">Z</span> <span class="err">ab</span><span class="mi">934699-7094-4829-8</span><span class="err">cee-aecd</span><span class="mi">2</span><span class="err">c</span><span class="mi">193583</span> <span class="err">INFO</span> <span class="err">EVENT:</span> <span class="p">{}</span> <span class="mi">2020-06-16</span><span class="err">T</span><span class="mi">16</span><span class="err">:</span><span class="mi">58</span><span class="err">:</span><span class="mf">46.098</span><span class="err">Z</span> <span class="err">ab</span><span class="mi">934699-7094-4829-8</span><span class="err">cee-aecd</span><span class="mi">2</span><span class="err">c</span><span class="mi">193583</span> <span class="err">INFO</span> <span class="err">CONTEXT:</span> <span class="p">{</span> <span class="nt">&#34;callbackWaitsForEmptyEventLoop&#34;</span><span class="p">:</span> <span class="kc">true</span><span class="p">,</span> <span class="nt">&#34;functionVersion&#34;</span><span class="p">:</span> <span class="s2">&#34;$LATEST&#34;</span><span class="p">,</span> <span class="nt">&#34;functionName&#34;</span><span class="p">:</span> <span class="s2">&#34;simplest_lambda_function&#34;</span><span class="p">,</span> <span class="nt">&#34;memoryLimitInMB&#34;</span><span class="p">:</span> <span class="s2">&#34;128&#34;</span><span class="p">,</span> <span class="nt">&#34;logGroupName&#34;</span><span class="p">:</span> <span class="s2">&#34;/aws/lambda/simplest_lambda_function&#34;</span><span class="p">,</span> <span class="nt">&#34;logStreamName&#34;</span><span class="p">:</span> <span class="s2">&#34;2020/06/16/[$LATEST]759235165de84d3bbe7d3a87a7bd2db4&#34;</span><span class="p">,</span> <span class="nt">&#34;invokedFunctionArn&#34;</span><span class="p">:</span> <span class="s2">&#34;arn:aws:lambda:eu-west-1:522711524578:function:simplest_lambda_function&#34;</span><span class="p">,</span> <span class="nt">&#34;awsRequestId&#34;</span><span class="p">:</span> <span class="s2">&#34;ab934699-7094-4829-8cee-aecd2c193583&#34;</span> <span class="p">}</span> <span class="err">END</span> <span class="err">RequestId:</span> <span class="err">ab</span><span class="mi">934699-7094-4829-8</span><span class="err">cee-aecd</span><span class="mi">2</span><span class="err">c</span><span class="mi">193583</span> <span class="err">REPORT</span> <span class="err">RequestId:</span> <span class="err">ab</span><span class="mi">934699-7094-4829-8</span><span class="err">cee-aecd</span><span class="mi">2</span><span class="err">c</span><span class="mi">193583</span> <span class="err">Duration:</span> <span class="mf">2.86</span> <span class="err">ms</span> <span class="err">Billed</span> <span class="err">Duration:</span> <span class="mi">100</span> <span class="err">ms</span> <span class="err">Memory</span> <span class="err">Size:</span> <span class="mi">128</span> <span class="err">MB</span> <span class="err">Max</span> <span class="err">Memory</span> <span class="err">Used:</span> <span class="mi">63</span> <span class="err">MB</span> <span class="err">Init</span> <span class="err">Duration:</span> <span class="mf">129.60</span> <span class="err">ms</span> </code></pre></div><p>While the command was a little long-winded, this is the log data you will also find in the CloudWatch Log Group. We can see the invocation id ab934699-7094-4829-8cee-aecd2c193583 and the content of the event and context objects. Finally we can see the <code>REPORT</code> line with tells us</p> <ul> <li>The function took 2.86ms to run</li> <li>It will be billed at 100ms (always rounded up to the nearest 100ms)</li> <li>It was allocated 128MB of memory</li> <li>At its peak, it actually used a total of 63MB of memory</li> <li>It &ldquo;Cold-Start&rdquo; initialisation time was 129.6ms</li> </ul> <p>You can use these values to tune the function which I will address in a future post.</p> <h2 id="cleaning-up">Cleaning Up</h2> <p>Since this was just a simple demo, you probably want to remove all these resources at some point. To do so execute:</p> <p><code>terraform destroy</code></p> <h2 id="final-remarks">Final Remarks</h2> <p>This function doesn&rsquo;t do a great deal, and right now we can only invoke it from either the command line or from the AWS Lambda console, but it covers the basics of using Terraform to get it, and all its supporting resources deployed.</p> <p>For more information see the official <a href="https://www.terraform.io/">Terraform</a> site.</p>