Execute Lambda Functions on S3 Event Triggers
Posted By : Anshuman Abhishek | 11-Jan-2021
Several events are being fired in S3 on a regular basis. They can be anything from new files that are uploaded to buckets to files being moved around, deleted, among others. All these activities fire events of various types in S3 on a real-time basis.
Setting up the Lambda S3 Role
Lambda needs to have permission to access your S3 bucket upon getting executed. Besides, it is optional to CloudWatch if you intend to log Lambda activity. Before starting to build your Lambda function, it is essential for you to create an IAM role which Lambda will use to work with S3 and to write logs to CloudWatch. When you set up this role, you must adhere to appropriate S3 and CloudWatch policies. We have shown an example below. As you can see, the policy grants the role of access to my CloudWatch logs and gives full authority to S3.
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:*"
],
"Resource": "arn:aws:logs:*:*:*"
},
{
"Effect": "Allow",
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::*"
}
],
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}
]
}
You will need to create this role and give a name to it. It could be either LambdaS3 or whatever you’d like.
Creating the Lambda Function – Adding Code
After setting up the role, the next step is to create the function. For this, you'll have to click Create Function after browsing to Lambda. After clicking, a screen will come up showing that you are using the role you just created.
Also Read: AWS Identity and Access Management and Features of IAM User
Creating the Lambda Function – Adding the Trigger
Once you have the code to be used inside the function, the next step is to create the S3 trigger by selecting it on the left-hand side. As my will is to trigger off of new uploads, the event I create will trigger off of the PUT event to do it.
I have the option to choose a prefix or suffix if I decide to narrow down the filter criteria. However, for this example, I want to execute this Lambda function on every file that’s uploaded into my adbtestbucket bucket.
Also Read: How To Automate AWS Cloud Using Terraform
Creating the Trigger
Here's what your lambda function will look like after getting created.
Summary
The Lambda function we created here consists of a role with appropriate rights to both the S3 service and CloudWatch. It also has the code to execute and finally the event trigger. Once you combine all these objects, you have an immense potential to perform even the most complicated of automation tasks in AWS.
Avail Our AWS Development Services To Streamline Your Business Processes
We are a seasoned AWS development company that specializes in using Amazon Web Services to provide scalable cloud solutions. Our development team is skilled at using a variety of AWS technologies such as AWS Lambda, AWS CloudFront, Amazon Kinesis, Amazon EC2, AWS DynamoDB, and more. We critically analyze your mission-critical business requirements to formulate effective AWS cloud implementation strategies to enhance your business value.
Cookies are important to the proper functioning of a site. To improve your experience, we use cookies to remember log-in details and provide secure log-in, collect statistics to optimize site functionality, and deliver content tailored to your interests. Click Agree and Proceed to accept cookies and go directly to the site or click on View Cookie Settings to see detailed descriptions of the types of cookies and choose whether to accept certain cookies while on the site.
About Author
Anshuman Abhishek
He has experience in Linux, Kubernetes, and different open source application. He has also worked on different clouds like IBM and AWS.