Image for post
Image for post

Continuous Deployment of AWS Lambda with Java Runtime

Anton Bakalets
Jan 6 · 5 min read

This is rather a note to myself on how to setup CI/CD for Lambda written in Java.

Nowadays implementing ideas and concepts that just need to be proved can be done using serverless approach. Such approach has a lot of benefits: no infrastructure management and pay-as-you-go payment model, to name a few. But before you start coding your business logic, you need to make sure code changes are build and delivered as quickly as possible.

AWS CodePipeline is a service that orchestrates steps required to continuously deliver your serverless application. Basically those steps include pulling code from CodeCommit, compiling and packaging the code with CodeBuild and finally deploying packages with CodeDeploy. But in case of AWS Lambda the deployment process is a little bit different and also involves Amazon S3, CloudFormation and AWS Serverless Application Model.

Lets say our goal is to perform automatic deployment of a Lambda function with Java codebase hosted in CodeCommit on each commit. AWS provides few CodePipeline tutorials. The one describing how to publish serverless application to the AWS Serverless Application Repository is the closest one to help achieve our goal, but it needs some minor updates and comments to make it work for Lambda and Java code.

Before you begin

  • A CodeCommit repository with some sample Lambda code written in Java, you can use examples provided by AWS. You can also use code examples in GitHub repository created for this article.
  • A S3 bucket to store code deployment packages.
  • You should be familiar with AWS CloudFormation and AWS Serverless Application Model (AWS SAM)

Step 1: Create a buildspec.yml file

version: 0.2

phases:
install:
runtime-versions:
java: corretto11
build:
commands:
- mvn package
- sam package
--template-file sam-template.yml
--s3-bucket bucketname
--output-template-file packaged-template.yml
artifacts:
files:
- packaged-template.yml

The most important here is to understand the difference between sam-template.yml andpackaged-template.yml files. The sam package command creates a .zip file of your code, and uploads it to S3. It then returns a copy of your AWS SAM template (packaged-template.yml), replacing references to local artifacts with the Amazon S3 location.

Few other items to note here:

  • You might have notice that Maven is used to build the shaded jar containing all required dependencies, but Gradle can be used as well.
  • The runtime-versions section specifies version 11 of Java. Amazon recommends correto11 for the Amazon Linux 2 standard image and openjdk11 for Ubuntu standard image.
  • Please note that buildspec.yml version 0.1 doesn’t support runtime-versions section.

Step 2: Create and configure your pipeline

Just do not forget to add a new policy statement to allow CodeBuild to put objects into the S3 bucket where your packaged application is stored.

Step 3: Create deploy action

  1. Open the CodePipeline console.
  2. In the left navigation section, choose the pipeline that you want to edit.
  3. Choose Edit.
  4. After the last stage of your current pipeline, choose + Add stage. In Stage name enter a name, such as Deploy, and choose Add stage.
  5. In the new stage, choose + Add action group.
  6. Enter an action name. From Action provider, in Invoke, choose AWS CloudFormation.
  7. From Input artifacts, choose BuildArtifact.
  8. From Action Mode, choose Create or update a stack.
  9. Choose your Stack name.
  10. In the Template section from Artifact name, choose BuildArtifact and the File name should be packaged-template.yml that is the result of SAM transformation mentioned above.
  11. You need to add two Capabilities: CAPABILITY_IAM to acknowledge that you want to allow Cloudformation to modify IAM items and CAPABILITY_AUTO_EXPAND as the template contains AWS::Serverless transforms, which is a macro hosted by AWS CloudFormation.
  12. You need to create a role to allow CloudFormation to perform required actions: download artifact from S3, create Change Set, create Lambda function and create a role for the Lambda function defined in template file.
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"lambda:CreateFunction",
"lambda:GetFunction",
"lambda:DeleteFunction",
"lambda:UpdateFunctionCode",
"lambda:UpdateFunctionConfiguration",
"lambda:ListTags",
"lambda:TagResource",
"lambda:UntagResource",
"cloudformation:CreateChangeSet",
"iam:GetRole",
"iam:CreateRole",
"iam:DeleteRole",
"iam:PutRolePolicy",
"iam:AttachRolePolicy",
"iam:DeleteRolePolicy",
"iam:DetachRolePolicy",
"iam:PassRole",
"s3:GetObject"
],
"Resource": "*",
"Effect": "Allow"
}
]
}

13. Choose Done for the action.

14. Choose Done for the stage.

To verify your pipeline, make a commit and push the changes into you code repository. When the pipeline is completed you can check the resources created by CloudFormation stack and find your Lambda function.

Billing

  • CodeCommit charges per user.
  • CodeBuild charges per build minutes.
  • S3 charges per different type of requests and per storage amount.
  • CloudWatch charges you per amount of log data.
  • Lambda charges per invocation.

Therefore, you are charged using pay-as-you-go model. For each resource in this list you are paying only when you are using it: when you trigger the build or when Lambda function is invoked. For sure, while performing quick prototyping you can manage to keep all expenses under Free Usage Tier limits.

Clean up

Even if the cost is really low, you may want to delete all created resources to avoid any extra charge. Just delete the CloudFormation stack and it will remove of all resources like Lambda function and IAM role associated with it.

Now that your stack template is in the source code you can add new resources according to Infrastructure as a Code principle, each change either to the business logic or to the stack template will be automatically deployed by the pipeline.

Nerd For Tech

From Confusion to Clarification

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface. Learn more

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox. Explore

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic. Write on Medium

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store