Can I update AWS Lambda function using CloudFormation template?

[kenlee0305]

I want to deploy and update Lambda function using CloudFormation stacks.

My Stack creation workflows are:

1. upload my Lambda function code(zip file) to S3
2. Use the s3 bucket(where the lambda function code is stored) and the LambdaFileName(zip file name) as CloudFormation parameters to create CloudFormation stacks by deploying the CloudFormation template

However, I have no idea how to update the Lambda function using the template. I have tried to upload the new function code to S3 and save as a new file name. And use the new file as parameters to update stacks. But CloudFormation can not detect any changes due to the file is a zip file.

My questions:

1. How to update Lambda function using CloudFormation template
2. Should I use AWS::Lambda::Function or AWS::Serverless::Function resources? I want to have version control supported.

Thank you.

My CloudFormation template is as below.

AWSTemplateFormatVersion: "2010-09-09"
Metadata: ""
Description: ""
Parameters:

  LambdaS3:
    Description: Api Gateway Authorizer Lambda S3Bucket Name
    Type: String

  Lambdafilename:
    Description: Api Gateway Authorizer Lambda file Name (Latest)
    Type: String

Transform: AWS::Serverless-2016-10-31

Resources:
#  LambdaFunction:
#    DeletionPolicy: "Delete"
#    Type: "AWS::Lambda::Function"
#    Properties:
#      Description: ""
#      FunctionName: "LambdaFunction"
#      Handler: "lambda_function.lambda_handler"
#      Code:
#        S3Bucket: !Ref LambdaS3
#        S3Key: !Sub '${Lambdafilename}.zip'
#      MemorySize: 512
#      Role: !GetAtt IAMRole2.Arn
#      Runtime: "python3.8"
#      Timeout: 20
#      TracingConfig:
#        Mode: "PassThrough"

  LambdaFunction:
    DeletionPolicy: "Delete"
    Type: "AWS::Serverless::Function"
    Properties:
      Description: ""
      FunctionName: "LambdaFunction"
      Handler: "lambda_function.lambda_handler"
      CodeUri:
        Bucket: !Ref LambdaS3
        Key: !Sub '${Lambdafilename}.zip'
      MemorySize: 512
      Role: !GetAtt IAMRole2.Arn
      Runtime: "python3.8"
      Timeout: 20
      Tracing: "PassThrough"
      AutoPublishAlias: live
      DeploymentPreference:
        Type: Linear10PercentEvery10Minutes

[LJArendse]

Hi @kenlee0305

I trust you are well. I will try my best to answer your questions.

But CloudFormation can not detect any changes due to the file is a zip file.

This observation is correct. As mentioned in the AWS::Lambda::Function Code documentation:

Changes to a deployment package in Amazon S3 are not detected automatically during stack updates. To update the function code, change the object key or version in the template.

Therefore, to answer your first question:

How to update Lambda function using CloudFormation template

1. Upload the new lambda function deployment package to your respective S3 bucket
   • Either rename the package object name (i.e. to a new name which will be used to replace the existing object key name in the cloudformation template)
   • Or enable versioning on your S3 bucket (S3 versioning will allow for us to make reference to the object version in the cloudformation template)
     2. Update your cloudformation CodeUri section
   • As mentioned in Step 1: either:
     • Update the S3Key name with the name given in Step 1
     • Update the S3ObjectVersion with the version listed in S3.
   • References
     • Updating the AWS::Lambda::Function Code in a Cloudformation template
     • Updating the AWS::Serverless::Function CodeUri

Regarding your second question:

Should I use AWS::Lambda::Function or AWS::Serverless::Function resources? I want to have version control supported.

I think this is dependent on the wider problem you are trying to solve with your Cloudformation stack. Personally I enjoying using the AWS SAM framework because:

• SAM abstracts quite a number of the templating detail that would have been required in a vanilla Cloudformation template. In other words, I have found that I move faster when writing a SAM template vs. writing an equivalent Cloudformation template.
• SAM allows for great local development of Lambda functions. See: Invoking functions locally
• Via sam init you can get started with new templated projects quite rapidly
• Deployments are made easier using the sam deploy
• Have a look at the Tutorial: Deploying a Hello World application

Regarding version control, choose a repo provider (e.g. GitHub, AWS CodeCommit, etc) upload your lambda code and the SAM template. For example, you could then make use of GitHub Actions or CodeBuild to deploy your lambda (via SAM deploy) to your respective AWS account(s).

• GitHub Actions deployment references:
  • Using GitHub Actions to deploy serverless applications
  • Deploying using GitHub Actions
• CodeBuild deployment references:
  • Use AWS CodeBuild with serverless applications
  • In short, the idea is that, in your CodeBuild buildspec file you will list all the sam commands (build, package, deploy) which will do the deployment for you.

All the best.

[joshbean]

Closing this issue or pull request in advance of archiving this repo. For more information about the decision to archive this repo (and others in the 'awsdocs' org), see the announcement on the AWS News Blog.