Lambda Patterns
Event Sources
| Source | Trigger Type | Notes |
|---|---|---|
| API Gateway / ALB | Synchronous | HTTP request/response |
| S3 | Asynchronous | Object created/deleted events |
| DynamoDB Streams | Poll-based | Stream records in batches |
| Kinesis Data Streams | Poll-based | Configurable batch window |
| SQS | Poll-based | Long polling, batch size 1-10000 |
| SNS | Asynchronous | Fan-out pattern |
| EventBridge | Asynchronous | Scheduled or event-driven |
| CloudWatch Logs | Asynchronous | Log subscription filter |
Function Configuration
# Create a Lambda function
aws lambda create-function \
--function-name my-function \
--runtime python3.12 \
--role arn:aws:iam::123456789012:role/lambda-role \
--handler app.handler \
--zip-file fileb://function.zip \
--memory-size 512 \
--timeout 30 \
--environment Variables="{DB_HOST=db.example.com,LOG_LEVEL=INFO}"
# Update function code
aws lambda update-function-code \
--function-name my-function \
--zip-file fileb://function.zip
# Invoke function
aws lambda invoke \
--function-name my-function \
--payload '{"key": "value"}' \
--cli-binary-format raw-in-base64-out \
response.json
Layers
# Publish a layer
zip -r layer.zip python/
aws lambda publish-layer-version \
--layer-name my-dependencies \
--zip-file fileb://layer.zip \
--compatible-runtimes python3.12 python3.11
# Attach layer to function
aws lambda update-function-configuration \
--function-name my-function \
--layers arn:aws:lambda:us-east-1:123456789012:layer:my-dependencies:3
# Layer directory structure
# python/
# lib/
# python3.12/
# site-packages/
# requests/
# boto3/
# nodejs/
# node_modules/
# express/
VPC Configuration
# Attach Lambda to VPC
aws lambda update-function-configuration \
--function-name my-function \
--vpc-config SubnetIds=subnet-abc123,subnet-def456,SecurityGroupIds=sg-789012
# Required IAM permissions for VPC
# AWSLambdaVPCAccessExecutionRole managed policy, or:
{
"Effect": "Allow",
"Action": [
"ec2:CreateNetworkInterface",
"ec2:DescribeNetworkInterfaces",
"ec2:DeleteNetworkInterface"
],
"Resource": "*"
}
# Note: Lambda in VPC needs NAT Gateway for internet access
# Avoid single-AZ subnet configs to prevent cold start spikes
Cold Start Mitigation
# Provisioned Concurrency (pre-warmed instances)
aws lambda put-provisioned-concurrency-config \
--function-name my-function \
--qualifier LIVE \
--provisioned-concurrent-executions 10
# Reserved Concurrency (limit max instances)
aws lambda put-function-concurrency \
--function-name my-function \
--reserved-concurrent-executions 100
# Best practices for cold start reduction:
# 1. Use smaller deployment packages (< 10 MB)
# 2. Prefer compiled runtimes (Go, .NET) over interpreted
# 3. Init DB connections outside handler function
# 4. Use Lambda SnapStart for Java (JVM snapshots)
# 5. Avoid loading unused dependencies
SAM Template
# template.yaml (AWS SAM)
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Globals:
Function:
Runtime: python3.12
Timeout: 30
MemorySize: 256
Environment:
Variables:
TABLE_NAME: !Ref DynamoTable
Resources:
ApiFunction:
Type: AWS::Serverless::Function
Properties:
Handler: app.handler
CodeUri: src/
Events:
ApiEvent:
Type: Api
Properties:
Path: /items
Method: get
Policies:
- DynamoDBReadPolicy:
TableName: !Ref DynamoTable
DynamoTable:
Type: AWS::DynamoDB::Table
Properties:
BillingMode: PAY_PER_REQUEST
AttributeDefinitions:
- AttributeName: id
AttributeType: S
KeySchema:
- AttributeName: id
KeyType: HASH
# Deploy with SAM CLI
# sam build && sam deploy --guided