Creating AWS Lambda function using AWS Command Line Interface (CLI)


AWS Lambda function & CLI

Apart from using the AWS Lambda console directly to create or update the functions, AWS provides a very easy way to do the same stuff using Command Line Interface (CLI) as well. In this blog, we’ll learn the process to create a new Lambda function written in Java using CLI commands. There are a few prerequisites which you need to fulfill before moving on to create the function, such as you must have some knowledge of basic Lambda operations and must be aware of using Lambda console. Also, you will need a command-line terminal or shell to run the CLI commands. Now, let’s get started.

Create Role in the IAM Console-

Before creating the function, you need to create a dedicated execution role for the function which will provide the function of the necessary permissions to use the AWS resources and generate and write its logs to CloudWatch logs. The step-by-step procedure to create the role is-

  1. Go to the IAM console and click on the Roles tab. You will see Create role button on the right-
    AWS Lambda 1
  2. Click on the Create role button and select AWS Lambda as the trusted entity. Click Next.
    AWS CLI Lambda 2
  3. Search and select the AWSLambdaBasicExecutionRole permission for the role. This specific permission allows the function to write the logs in CloudWatch. Click on the Next button.
    AWS CLI Lambda 3
  4. You can skip adding tags for now as it is an optional field and move on to the next screen.
  5. Mention the role name which you’re creating in the Role Name field. The Description field will be populated automatically which you can modify if required.
    AWS CLI Lambda 4
  6. Click Create role. You will see a success message and it will be visible in the list of all the roles in the console. Make a note of the ARN of this role as it will be required later on while creating the Lambda function.
    AWS CLI Lambda 5
  1. Once the role has been created, you can now proceed further to create a function to be deployed on Lambda. I’ve used Eclipse IDE to write the Java function
    package function;
    public class TestFunction implements RequestHandler<Object, String>{
    public String handleRequest(Object input, Context context) {
    System.out.println("This is a simple log inside the TestFunction");
    return "Success";
  2. Save the function with the name The handleRequest function is called the handler that the Lambda invokes when the service executes the Lambda function on your behalf. The above-written function simply prints a statement and returns a String as an output upon its successful invocation. The logs can be viewed in the CloudWatch logs.
  3. Next, create a deployment package of the function using below Maven command-

    $ mvn clean install -Dmaven.test.skip=true
    AWS Lambda 6

  4. After building the code successfully, move the output jar file to S3. You can create a new bucket for this or use an already existing one. This step is required because the jar files are usually large in size and the Lambda console recommends that we upload the files larger than 10 MB to S3 and provide its path in the function code section of the function. Use the below command to move the jar file to S3 bucket –
    AWS Lambda 7
  5. Now, create a Lambda function using the create-function CLI command. Before running the command –
    replace the string with your ARN that was generated when you created the new role in the previous steps.
    Replace with your bucket name in which you’ve placed your jar file
    Replace with the name of jar file placed in that S3 bucket

    aws lambda create-function \
    --function-name TestFunction \
    --handler function.TestFunction \
    --runtime java8 \
    --role arn:aws:iam:::role/aws_cli_lambda_role \
    --code S3Bucket=<BUCKET_NAME>,S3Key=<JAR_FILE>
  6. After executing the above command, you will see the below json response with the details of newly created Lambda function-
    AWS Lambda 8
  7. Just to make sure, you can view the new function in the AWS Lambda console as well. Other than this, to verify the successful working and execution of the function, you can use below command to get the logs generated after the successful invocation of the function-

    $ aws lambda invoke –function-name TestFunction out –log-type Tail

    AWS Lambda 9
    The above command will generate a file named out containing the logs in base64 string. If you don’t want to see the logs in base64 format, simply tweak the above command as follows-

    $ aws lambda invoke –function-name TestFunction out –log-type Tail –query ‘logResult’ –output text | base64 -d
    AWS Lambda 10
    You will now see the response of the function in the out file as a normal string.

    How can you create or update the functions other than using the AWS Lambda console?

    Apart from using the AWS Lambda console directly to create or update the functions, AWS provides a very easy way to do the same stuff using Command Line Interface (CLI) as well.

    Which can be used to get the logs generated after the successful invocation of the function?

    $ aws lambda invoke –function-name TestFunction out –log-type Tail

    Which command can be used to create a deployment package of the function?

    $ mvn clean install -Dmaven.test.skip=true

Leave a Reply

Your email address will not be published.

Share on:
Share this...
Share on facebook
Share on pinterest
Share on twitter
Share on linkedin
Contact Us