Deploying a Flow as a Lambda Function on AWS

After you have created the flow, you can deploy it as a Lambda function on AWS.

Before you begin

Note the following points: 

  • The flow must be configured with the ReceiveLambdaInvocation trigger.

  • Run and Deploy actions do not deploy Lambda function on the AWS Lambda directly. You must deploy the Lambda function by following the steps in this section.

  • Deploying an app having a ReceiveLambdaInvocation trigger on the TIBCO Platform does not deploy the app as a Lambda function on AWS Lambda. You must create a Linux/amd64 binary and deploy the binary by following the steps in this section.

  • If the execution role name is not provided in the ReceiveLambdaInvocation trigger, then the Lambda function is created with the default AWSLambdaBasicExecutionRole role. It has the following Amazon CloudWatch permissions:

    • Allow: logs:CreateLogGroup

    • Allow: logs:CreateLogStream

    • Allow: logs:PutLogEvents

    If a non-existing execution role is provided, then the user whose AWS credentials are used in the AWS connection should have the following permissions:

    • iam:CreateRole

    • sts:AssumeRole

    To deploy a Flogo app as a Lambda function, user role can have access to following AWSLambda_FullAccess policy which has all the required access.

To deploy a flow as a Lambda function on AWS:
    Procedure
  1. Build your Flogo app(<myApp>) with the Linux/amd64 target. This is because Lambda deployments are Linux-based and building the binary for Linux/amd64 generates the appropriate artifact to deploy in your AWS Lambda function.
  2. Add execution permission to the native Linux/amd64 executable file that you built. Run chmod +x <myApp>-linux_amd64
  3. You can deploy the <myApp>-linux_amd64 in one of two ways:
    If you are using a Linux environment to design, build, and deploy your apps, you can directly run the following command: 
    <LambdaTriggerBinary> --deploy lambda --aws-access-key <secret_key>
    For example, myApp-Linux64 --deploy lambda --aws-access-key xxxxxxxxx
    Note: Ensure that the aws-access-key is identical to the one configured in the Flogo UI for the selected AWS connection. This is used for validation with the aws-access-key configured as part of the AWS Connection within the UI and the value provided here does not overwrite the aws-access-key used while designing the app.
    This approach of deploying to AWS Lambda works only on Linux platforms.  
    .JSON file is passed to Lambda as environment variables.

If you are using a non-Linux environment to design, build, and deploy apps, then perform the following steps:

    Procedure
  1. Build your Flogo app (<myApp>) with the Linux/amd64 target.
  2. Rename the Flogo executable file to bootstrap. This is mandatory per new provided.al2 and provided.al2023 runtimes.
  3. Compress the executable file and rename it to <myFunctionName>.zip.
  4. From the AWS Lambda UI, create a Lambda function with Amazon Linux 2023 runtime.
  5. Create a role or attach an existing role in the Execution role.
  6. Click Create function.
  7. Go to Code source, click Upload from and upload the compressed file.

After successful deployment, the Lambda function is created in the AWS Lambda console.

Deploying a Flow as a Lambda Function on AWS using AWS CLI

    Procedure
  1. Build your Flogo app (<myApp>) with the Linux/amd64 target. This is because Lambda deployments are Linux-based and building the binary for Linux/amd64 generates the appropriate artifact to deploy in your AWS Lambda function.

  2. Rename the Flogo executable to bootstrap (this is mandatory as per new provided.al2 and provided.al2023 runtimes).

  3. Zip the executable.

  4. Zip myFunction.zip bootstrap.

  5. Run the AWS CLI:

    aws lambda create-function --function-name myFunction \
--runtime provided.al2023 --handler bootstrap \
--architectures x86_64 \
--role arn:aws:iam::111122223333:role/lambda-ex \
--region us-west-2 \
--zip-file fileb://myFunction.zip