43. How does the Runtime Interface Emulator (RIE) help me run my Lambda compatible image on additional compute services?
Customers can add the Runtime Interface Emulator as the entry point to the container image or package it as a sidecar to ensure the container image now accepts HTTP requests instead of JSON events. This simplifies the changes required to run their container image on additional compute services. Customers will be responsible for ensuring they follow all security, performance, and concurrency best practices for their chosen environment. RIE is pre-packaged into the AWS Lambda provided images, and is available by default in AWS SAM CLI.
44. How can I deploy my existing containerized application to AWS Lambda?
You can deploy a containerized application to AWS Lambda if it meets the below requirements:
The container image must implement the Lambda Runtime API. We have open-sourced a set of software packages, Runtime Interface Clients (RIC), that implement the Lambda Runtime API, allowing you to seamlessly extend your preferred base images to be Lambda compatible.
The container image must be able to run on a read-only filesystem. Your function code can access a writable /tmp directory storage of 512 MB. If you are using an image that requires a writable root directory, configure it to write to the /tmp directory.
The files required for execution of function code can be read by the default Lambda user. Lambda defines a default Linux user with least-privileged permissions that follows security best practices. You need to verify that your application code does not rely on files that are restricted by other Linux users for execution. It is a Linux based container image.
45. What is Amazon EFS for AWS Lambda?
With Amazon Elastic File System (Amazon EFS) for AWS Lambda, customers can securely read, write and persist large volumes of data at virtually any scale using a fully managed elastic NFS file system that can scale on demand without the need for provisioning or capacity management. Previously, developers added code to their functions to download data from S3 or databases to local temporary storage, limited to 512MB. With EFS for Lambda, developers don’t need to write code to download data to temporary storage in order to process it.
46. How do I set up Amazon EFS for Lambda?
Developers can easily connect an existing EFS file system to a Lambda function via an EFS Access Point by using the console, CLI or SDK. When the function is first invoked, the file system is automatically mounted and made available to function code.
47. Do I need to configure my function with VPC settings before I can use my Amazon EFS file system?
Yes. Mount targets for Amazon EFS are associated with a subnets in a VPC. The AWS Lambda function needs to be configured to access that VPC.
48. How do Lambda extensions work?
Extensions are companion processes which run within Lambda’s execution environment which is where your function code is executed. In addition, they can run outside of the function invocation – i.e. they start before the function is initialized, run in parallel with the function, can run after the function execution is complete, and can also run before the Lambda service shuts down the execution environment.
49. What can I use Lambda extensions for?
You can use extensions for your favorite tools for monitoring, observability, security, and governance from AWS as well as the following partners: AppDynamics, Datadog, Dynatrace, Epsagon, HashiCorp, Lumigo, Check Point CloudGuard, New Relic, Thundra, AWS AppConfig, Amazon CloudWatch. You can deploy extensions, using Layers, on one or more Lambda functions using the Console, CLI, or Infrastructure as Code tools such as CloudFormation, the AWS Serverless Application Model, and Terraform.