Exploring AWS Lambda Function Urls

Posted: 04/09/2022

Intro

In this tutorial, we are going to be exploring the new AWS lambda function URLs.

These URLs provide direct HTTP(s) endpoints to invoke your functions through either the browser or external clients like cURL, Postman, etc.

Prerequisites

  1. AWS Account

  2. AWS CLI (installation link)
    Verify installation with aws --version

Instructions

Create execution role

  1. Select trusted entity: Lambda

  2. Add permissions: AWSLambdaBasicExecutionRole

Create lambda function

  1. Import boilerplate code into new file called index.js
exports.handler = async (event) => {
  return {
    statusCode: 200,
    body: 'AWS Lambda Function URLs!',
  };
};
  1. Create deployment zip file through the following AWS CLI command
zip function.zip index.js
  1. Run AWS CLI create-function command to create a new lambda function with the code deployment zip file generated in the previous step. Make sure to replace the <FUNC_NAME> value with your desired function name and the <ROLE_ARN> value with the ARN from the previously create IAM role from above
aws lambda create-function \
    --function-name <FUNC_NAME> \
    --runtime nodejs14.x \
    --zip-file fileb://function.zip \
    --handler index.handler \
    --role <ROLE_ARN>
  1. Run AWS CLI create-function-url-config command to create a function URL for your newly created lambda function. Make sure to replace the <FUNC_NAME> value with the function name your set when creating your lambda function in the previous step
aws lambda create-function-url-config \
    --function-name <FUNC_NAME> \
    --auth-type NONE

Gotchas

Note: When creating the lambda function url config through AWS CLI with auth type of NONE, you must manually add the resource policy to your lambda function to allow public access

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": "lambda:InvokeFunctionUrl",
      "Resource": "<FUNC_ARN>",
      "Condition": {
        "StringEquals": {
          "lambda:FunctionUrlAuthType": "NONE"
        }
      }
    }
  ]
}

Testing your new lambda function URL endpoint

Execute the following cURL command to test executing your new lambda function URL endpoint. (replacing <URL_ID> with yours)

curl https://<URL_ID>.lambda-url.us-west-2.on.aws 

If all goes well, you should see the following response

{"body":"AWS Lambda Function URLs!"}