Updating AWS::Lambda::Function resources - AWS CloudFormation

Updating AWS::Lambda::Function resources

When a generated template contains AWS::Lambda::Function resources, then warnings are generated stating that Code/S3Bucket and Code/S3Key properties are identified as MUTUALLY_EXCLUSIVE_PROPERTIES. In addition, the Code/S3ObjectVersion property receives a UNSUPPORTED_PROPERTIES warning. You may notice that the Code/ImageUri and Code/ZipFile properties are missing from the generated template. This is because these are mutually exclusive write-only properties. Any AWS::Lambda::Function resource can have only one of these exclusive sets of properties:

  • Code/S3Bucket and Code/S3Key properties, and optionally the Code/S3ObjectVersion property

  • Code/ImageUri property

  • Code/ZipFile property

The IaC generator cannot determine which set of exclusive write-only properties were used to create or update the resource. As a result, the IaC generator includes only the first set of properties in the generated template. In order to include AWS::Lambda::Function resources in a generated template, the generated template must be downloaded and updated with the correct information for the Lambda code.

If you store your Lambda code in an Amazon S3 bucket and do not use the S3ObjectVersion property, you can import the generated template without any modifications. The IaC generator will ask you for the Amazon S3 bucket and key as template parameters during the import operation.

If you store your Lambda code as an Amazon ECR repository, you can update your template using the following instructions:

  1. Download the generated template.

  2. Remove the properties and corresponding parameters for the Code/S3Bucket and Code/S3Key properties from the generated template.

  3. Replace the removed properties in the generated template with the Code/ImageUri property, specifying the URL for the Amazon ECR repository.

  4. Open the generated template in the IaC generator console and choose the Import edited template button.

If you store your Lambda code as in a zip file, you can update your template using the following instructions:

  1. Download the generated template.

  2. Remove the properties and corresponding parameters for the Code/S3Bucket and Code/S3Key properties from the generated template.

  3. Replace the removed properties in the generated template with the Code/ZipFile property.

  4. Open the generated template in the IaC generator console and choose the Import edited template button.

If you don’t have a copy of your Lambda code, you can update your template using the following instructions:

  1. Use the AWS Lambda GetFunction API action (for example, by using the aws lambda get-function AWS CLI command.

  2. In the response, the RepositoryType parameter is S3 if the code is in a Amazon S3 bucket, or ECR if the code is in an Amazon ECR repository.

  3. In the response, the Location parameter contains a pre-signed URL that you can use to download the deployment package for 10 minutes. Download the code.

  4. Upload the code to a Amazon S3 bucket.

  5. Run an import operation with t he generated template and provide the bucket name and key as parameter values.