Create a Nullstone application that is served through AWS Lambda using a Docker image.
This application module creates an AWS Lambda using the Docker runtime that AWS Lambda offers.
AWS Lambda is a great choice for applications that require short bursts of execution (< 15 minutes). There are no servers to manage. Security and deployment are controlled explicitly through infrastructure code.
This variant of Lambda uses Docker images which provides a great level of flexibility and portability. However, using Docker images has a longer cold start (initial execution takes longer) because AWS has to pull the image. Use this module if cold start is not a concern, or you can minimize the size/change of the top Docker image layer.
Security scanning is graciously provided by Bridgecrew. Bridgecrew is the leading fully hosted, cloud-native solution providing continuous Terraform security and compliance.
Nullstone places the Lambda Function into private subnets for the connected network. As a result, the Lambda Function can route to services on the private network.
This application module supports various capabilities to handle execution of a Lambda Function.
- Ingress: Enables public access to execute Lambda as HTTP Request (e.g. API Gateway capabilities)
- Trigger: Enable events to execute Lambda (e.g. Cron Trigger, SQS Queue)
- CLI Execution:
nullstone exec(Seeexecfor more information)
Logs are automatically emitted to AWS Cloudwatch Log Group: /aws/lambda/<function-name>.
To access through the Nullstone CLI, use nullstone logs CLI command. (See logs for more information)
Nullstone cannot automatically inject secrets into your Lambda application.
Instead, Nullstone injects environment variables that refer to secrets stored in AWS Secrets Manager.
If the Nullstone app has a secret POSTGRES_URL, Nullstone will inject POSTGRES_URL_SECRET_ID that contains the Secrets Manager Secret ID to retrieve.
For more information on how to retrieve secrets for your language, check out Retrieve secrets from AWS Secrets Manager.