Deploying AWS Lambda function using Bitbucket Pipelines

Image for post
Image for post
AWS Lambda and Bitbucket

In the previous article, I posted on how engineers can leverage on Bitbucket Pipelines as a CI/CD tool to automate the integration and deployment process. Specifically, using Bitbucket Pipelines to deploy serverless cloud function code to GCP.

In this article, we will discuss how we can do the same to deploy serverless code to AWS Lambda.

  1. An AWS account with the permission to create new IAM role
  2. Bitbucket account with the permission to create / manage repository
  3. Application / function code

Steps

  1. Create a repository in Bitbucket and enable Pipelines
  2. Create a new IAM user account in AWS for Lambda deployment, and a new IAM role for Lambda execution
  3. Update repository variable settings
  4. Update repository with function code and bitbucket-pipelines.yml
  5. Commit changes and push to Bitbucket to see the pipelines happening in action
  1. Create a repository in Bitbucket and enable Pipelines

After you created a new empty repository, head to the Settings tab, find the Pipelines section, and click on the the Enable Pipelines checkbox.

Image for post
Image for post
Enabling Bitbucket Pipelines

2. Create a new IAM user account in AWS for Lambda deployment, and a new IAM role for Lambda execution

Navigate to AWS console > IAM and create a new user. Make sure the Programmatic access option is selected.

Image for post
Image for post
New IAM user creation

For permission, I selected the AWSLambda_FullAcces role. You can create a new dedicated policy that restrict permission to CreateFunction or restrict to specific ARN. That is more advisable.

Lastly, you can also add a key-value pair tag for your own reference. After the user is being created, take note of the access key ID and secret access key which we will be adding to the Bitbucket repository variables.

Then, create a new role to be used by the Lambda, which is known as the execution role.

Image for post
Image for post
Lambda Execution Role Creation

The next screen on permission is the place where you add other permission required by the execution role, such as access to S3, Parameter Store or EC2.

Image for post
Image for post

After the role has been created, take note of the Role ARN, which will be used in the pipelines configuration file later.

Image for post
Image for post
Role ARN

3. Update repository variable settings

Back to Bitbucket settings, navigate to Repository variables and input the few variables we captured from the IAM user creation process. Take note that the AWS related variables needs to be named as such, i.e. AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY as AWS CLI will look for these variables during the CI/CD process. We can specify AWS default region here if we are not going to specify it during the pipelines CLI command, at the same time we add the function name we want to deploy to AWS in the variables list as well.

Image for post
Image for post
Bitbucket Pipelines repository variable

4. Update repository with function code and bitbucket-pipelines.yml

The folder structure is similar to the one I shown in previous article. Main changes is in the bitbucket-pipelines.yml file.

bitbucket-pipelines.yml for AWS Lambda deployment

Line 4–9: Define the steps to run linting, unit and coverage testing

Line 11–18: As AWS Lambda requires the code to be compiled into a zip file, these steps are defined to install the dependencies in requirements.txt and compile the application code into zip file.

Main magic is in line 30, where it will create a function if the specified function name is not in AWS yet. Line 31 is redundant the first time the lambda is being created, but subsequent changes to the git repository will update the function code accordingly.

5. Commit changes and push to Bitbucket to see the pipelines happening in action

Image for post
Image for post
Successful Pipelines
Image for post
Image for post
Lambda get deployed to AWS
Image for post
Image for post
Successful Lambda execution in AWS Console

Conclusion

By leveraging on Pipelines offered by Bitbucket, we can create a CI/CD workflow that deploys to AWS Lambda. Further optimization and automation can be implemented to deal with the nuisance during the first creation of lambda. Perhaps using the Serverless application framework which has some of these features implemented already would be a better option.

The sample repository that comes with the basic template including the function code, linting, unit, and coverage testing, as well as the bitbucket-pipelines.yml can be found here.

Co-founder of Interviewer.AI. GCP Professional Cloud Architect. Passionate about architecting and implementing cloud native solution to make human efficient!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store