AWS Lambda Workflow Steps
AWS Lambda Workflow Steps
Available in PagerDuty Runbook Automation Commercial products.
AWS Lambda is a serverless, event-driven compute service that lets you run code for virtually any type of application or backend service without provisioning or managing servers.
The following Lambda plugins are available for PagerDuty Runbook Automation:
- Execute Lambda Function - Executes an existing Lambda function.
- Lambda Custom Code Execution - Creates and executes a new Lambda function with the custom-code provided in the Job step.
Authentication
Follow the instructions outlined in the AWS Plugins Overview for Runbook Automation to authenticate with AWS.
When defining the IAM Role for Runbook Automation, be sure to include the following permissions in the Policy associated with the role:
lambda:InvokeFunction- Necessary for both Lambda workflow step plugins.lambda:CreateFunction- Only if using the Lambda Custom Code pluginlambda:DeleteFunction- Only ifDelete Function After Executionis used with the Lambda Custom Code plugin.
Execute Lambda Function
The AWS / Lambda / Invoke plugin invokes an existing Lambda function in an AWS account in a specific region:
Plugin Field Descriptions
Event Payload: the JSON Event Data that is sent as input to the Lambda function. For more details on Lambda Event Data, click here.
Invocation Type: In the Advanced section, this allows you to specify whether this invocation is synchronous or asynchronous. For synchronous, select Request and for asynchronous, select Event.
For more details on the differences between Event and Request, click here.Qualifier: In the Advanced section, this determines the version of the Lambda function to invoke. For more information on Lambda function versions, click here.
Client Context: Context to provide to the Lambda handler. For more details on Lambda Context, see here.
Permissions
The following IAM Policies are required to use this plugin:
lambda:InvokeFunction
Lambda Custom Code Execution
The AWS / Lambda / Custom Code Execution plugin creates, executes, and optionally deletes a new Lambda function with the custom-code provided in the Job step as its input:
In the example above, a new Lambda is created and is executed as a Python-3.9 script. Any content defined in the return statement will be displayed in the log-output:
Note
Content within print statements will not be displayed in the log-output of the plugin. Any content you wish to see in Runbook Automation should be in the return statement.
Plugin Field Descriptions
- Execution Role ARN: This is the Lambda function's IAM role that grants the function permission to access AWS services and resources. More details on this can be found here.
- Lambda Runtime: The runtime to use for the Lambda function. Only interpreted languages are included here - not compiled languages.
- Function Code: This is the code to be executed by the Lambda function. This must include a handler which is identified in the
Name of Main Functionfield. More details on the handler can be found here.Supported Languages
All interpreted languages supported by AWS Lambda (Python, Ruby, Node.js) are usable within the plugin. Because the Lambda function is generated programmatically, compiled languages such as Java and Go are not available within the plugin.
- Name of Main Function: The name of your handler function. In the example above,
lambda_handleris the name of the main function. - Delete Function After Execution: Select whether the Lambda that is created by this Job step should be automatically deleted after execution. The function will be deleted regardless of whether the execution of the Lambda code is successful. This is to avoid "orphaned" functions in your AWS environment.
- Function AWS Description (Optional): Provide a description for the Lambda function. Because the plugin auto-generates the function's Name, this can be useful when you do not auto-delete the function.
- Event Payload (Optional): This is the event payload that you may pass to the function. It is optional, because you can use Data Variables to pass variables from other Job steps or Job Options into the script. For more detail on Data Variables, see here.
- AWS Tags (Optional): Add tags to the Lambda that is created. This is useful when searching for Lambda Functions generated by Runbook Automation.
Context-Variables Output
Outputs from this plugin are automatically stored as context variables, and can therefore be used in subsequent steps:
data.invokeResponsePayloadString: Returns the raw response payload from the function invocation. If the function returns a JSON object, then the capture variable can be parsed as JSON.
data.functionName: Returns the actual name of the function (generated by Rundeck), so the user can reference it later. The format is rundeck-generated-function-<timestamp>.
data.functionWasCreated: Returns "true" or "false" based on whether or not the function was successfully created
data.functionWasInvoked: Returns "true" or "false" based on whether or not the function was successfully invoked
data.functionWasDeleted: Returns "true" or "false" based on whether or not the function was successfully deleted
data.invokeFunctionError: Returns the function error value from the function invocation. Is valued "Handled" or "Unhandled" based on if the function handled its own error. Will benull if there was no error.
data.invokeExecutionLog: Returns the last 4KB of the CloudWatch logs from the function’s execution.
Permissions
The following IAM Policies are required to use this plugin:
lambda:CreateFunctionlambda:InvokeFunctionlambda:DeleteFunction- Only ifDelete Function After Executionis selected.