...
Checklist | Description |
AWS Access Key | AWS Access Key of the user. |
AWS Secret Key | Password for the Access Key |
AWS Default Region | Default region can be set. eg. ap-south-1 |
AWS CLI installationInstallation | AWS CLI needs to be installed where the plugin operation shall run (FlexDeploy server) |
AWS CLI in class path | AWS CLI should be added to the class path on the FlexDeploy Server. Else the path can also be set under FlexDeploy environment level property |
AWS Lambda Function | AWS Lambda Function should be already present. |
AWS KMS Key | AWS KMS key to secured the environment variable. |
AWS Alias | AWS Alias should be already present. |
AWS S3 Bucket | AWS S3 bucket, to store our function code. |
Configure Cloud
...
Account
To connect with AWS Lambda Function, we required to configure Cloud account, with credentials details. Configure AWS Cloud Account under Integration. FlexDeploy will connect to the Lambda Function and add the environment variables.
...
To create or update the Lambda Alias we can use the upsertLambdaAlias operation available in the AWS plugin, please refer to the tutorial document for more information.
Create AWS S3
...
Bucket
Amazon Simple Storage Service (Amazon S3) is an object storage service offering industry-leading scalability, data availability, security, and performance. Customers of all sizes and industries can store and protect any amount of data for virtually any use case, such as data lakes, cloud-native applications, and mobile apps. With cost-effective storage classes and easy-to-use management features, you can optimize costs, organize data, and configure fine-tuned access controls to meet specific business, organizational, and compliance requirements.Please refer to the link for more information https://aws.amazon.com/s3/
...
We have enabled the object versioning, we can see the details about different versions.
...
Git
...
Repository Structure
The Git repository contains the Environment file. The Sample Git repository structure is given below.
...
Pre-requisite
Configure IAM
...
User
To access the Lambda Function we need to create an AWS IAM account with required permissions. To create the AWS IAM user navigate to the AWS Identity and Access Management (IAM) service page, and click on the Add users option. Next assign the required permission to access the Lambda Function. Once user is created, AWS secret key can be generated, this key we have to configure in Cloud account.
For more information about IAM user please ref. IAM users - AWS Identity and Access Management
...
CLI
...
Installation
AWS CLI should be installed in the m/c where the plugin is to be executed. Preferably add AWS CLI path in m/c classpath.
...
Input Name | Input Code | Type | Required | Description |
Additional Arguments | FDAWS_LAMBDA_INP_ADD_ENV_VAR_ADDITIONAL_ARG | String | No | Literal key and value pairs. e.g. --region=us-east-1 And for boolean type arguments give the option without any value. e.g --publish --debug |
Environment Variables | FDAWS_LAMBDA_INP_ENV_VAR | String | No | Environment Variables in acceptable format. |
Publish new version | FDAWS_LAMBDA_INP_PUBLISH_VERSION | Boolean | No | Select to publish a new version. Default value is false. |
Step-ii: upsertLambdaAliasgetLambdaAlias
This step will update the given Alias ( Dev get Lambda Alias detail and set Lambda Alias current version in output, which we will use in upsert lambda operation.
...
Step-iii: upsertLambdaAlias
This step will update the given Alias ( Prod ) , with the newly published version and configured the additional argument with routing config information.
...
In above configuration using following Inputs.
Input Name | Input Code | Type | Required | Description |
Alias Name | FDAWS_LAMBDA_INP_ALIAS_NAME | String | Yes | AWS Lambda Alias name |
Alias Description | FDAWS_LAMBDA_INP_ALIAS_DESCR | String | No | Description of the Alias |
Alias Additional Argument | FDAWS_LAMBDA_INP_ALIAS_ADDITIONAL_ARG | String | No | Literal key and value pairs. e.g. --region=us-east-1 And for boolean type arguments give the option without any value. e.g --publish --debug |
Alias Function Version | FDAWS_LAMBDA_INP_FUNCTION_VERSION | String | Yes | Function version associated with Alias |
Project Configuration
Navigate to the Project tab and create a Project with a logical name(AWS-Deploy-Lambda-Function-Using-S3)
...
Configure the Build and Deploy workflow that has been created in previous steps as shown below.
...
Source Control
Configure the Source SCM repository under Source Control as shown below.
...
To configure Project specific Source Control one first need to navigate to the Project Configuration tab.
Next, expand the SOURCE CONTROL option from the left-hand pane.
Select the appropriate Source Control Type
Configure Source Repository. For detailed steps of Source Control configuration please refer to Configure Source Control in FlexDeploy
Project Properties
...
Lambda Function name: Name of the lambda function to deploy the code, if lambda function name is not given S3 key name will be use as function name.
Environment Variable File Path: Path of the file which contains list of the environment variables.
Please refer to the document for more details about Lambda function name and Environment Variable File path . AWS Lambda - Environment Variable File and zip File location options
KMS detail: Key Id or Key ARN details, both are accepted. Please refer to the document for more details. AWS Key Management Service - AWS Key Management Service
S3 Bucket Name: Name of the S3 Bucket where we have lambda function code.
S3 Key Name: Name of the S3 key.
To deploy the code using S3 bucket, both the name of the S3 bucket and S3 key are required.
S3 Object Version: Value of the object version, we can have multiple variants of an object. It’s optional property.
Target Properties
Select Topology from the menu and then select Targets. Select the target group and environment, provide the properties detail, according to the description.
Properties | Mandatory field | Description |
Cloud Account | Optional | Select the Cloud Account to connect the Lambda Function. |
CLI Path | Optional | Directory where Cloud CLI is installed. |
AWS Region | Optional | Value of the AWS Region. |
Below given are the environment-specific values which need to be updated.
...
Cloud Account
The AWS Cloud account needs to be set here from the drop-down. It will show all Cloud Accounts configured under Topology, which we have already mentioned earlier.
...
CLI Path
AWS CLI path can be set as environment property, if it’s not set then by default plugin will check for CLI in system classpath.
...
Override Properties at Project Level
Let assume a scenario, where we want to change Cloud account for any specific project. Apart from setting at environment level, it can also be set at project properties by using Override Property. Please check below mentioned steps.
Navigate to the Project Configuration tab as shown above.
Next, select the PROPERTIES option from the left-hand pane.
Click on the OVERRIDE option.
Select the Cloud Account option from Property.
Select the Environment from the drop down list.
Select the Target Group from the drop down list.
...
Build and Deploy Execution
For detailed steps on how to perform build and deploy, please refer to document. Deploy through FlexDeploy for AWS plugin
After Deploy Execution
We have one Alias name as Prod and which is currently pointing to the function version 20 ( Blue deployment ), and 100% traffic is shift to this function version.
...
Once the deploy execution completed we can see that new function version is published and 20% of traffic will shift to this newly published version 21 ( Green deployment ) and remaining 80% will shift to old, stable version 20 . ( Blue deployment ).
...
API Gateway to Create API and Verify Blue/Green Deployment
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. APIs act as the "front door" for applications to access data, business logic, or functionality from our backend services. Using API Gateway, we can create RESTful APIs and WebSocket. We can create a web API with an HTTP endpoint for our Lambda function by using Amazon API Gateway. API Gateway provides tools for creating and documenting web APIs that route HTTP requests to Lambda functions. Resources in our API define one or more methods, such as GET or POST. Methods have an integration that routes requests to a Lambda function or another integration type. We are going to use Prod Alias to configure with API Gateway.
To create the API Gateway go to the AWS console
Navigate to the Services
Select Networking & Content Delivery from the left-hand pane
Now click on the API Gateway service option
...
Now select an API type, from the given options.
...
Now configure the detail and API endpoint type.
...
Now we create the method and deploy it.
...
We can use the Invoke URL to verify the deployment.
...
We have shifted 80% of the traffic on Blue deployment that is version 20, if we access the URL we will get the response generated from both Blue and Green deployment.
Response generated by Blue deployment:
...
Response generated by Green deployment:
...
Using the same API URL we are getting the response generated from two different Lambda function version using the Alias.