Deploying AWS Lambda from AWS ECR registry with Terraform

Amazon AWS is rather slow when it comes to supporting new .NET versions on its Lambda feature. This is where running your functions from a docker image comes in handy, allowing you to run any version of .NET.

In this short blog article, I will demonstrate how to deploy AWS Lambda from an Elastic Container Registry (ECR) using Terraform. I will focus on the DevOps aspects and assume that you already have the function that you want to deploy.

Push Docker Image to AWS ECR

Let’s start with creating a simple Dockerfile.

FROM public.ecr.aws/lambda/dotnet:7
WORKDIR /var/task
COPY "bin/net7.0" .

I am assuming here that you use .NET 7 because, at the time of writing this, Lambda currently supports .NET 6, so you wouldn’t have to use the ECR approach if you’re targeting an earlier version of .NET. Now, let’s configure the AWS Command Line Interface (CLI) if you haven’t already done so.

aws configure

Now you need to retrieve an authentication token and authenticate your Docker client to your ECR registry (you need to provide the region and the repository uri).

aws ecr get-login-password --region <region> | docker login --username AWS --password-stdin <repo_uri>.dkr.ecr.<region>.amazonaws.com

You are now ready to build the image (change the image tag to one that fits your needs):

docker build -t th-aws-workers:1.2.0 .

Next, let’s now create the tag and push the image to the repo:

docker tag th-aws-workers:1.2.0 <repo_uri>.dkr.ecr.<region>.amazonaws.com/threg:1.2.0
docker push 666097061481.dkr.ecr.us-east-2.amazonaws.com/threg:1.2.0   

You might want to navigate to AWS console and check if the image is there.

Image published to ECR

Terraform

In the previous step, we created and published an image to a repository.

An aws_lambda_function resource has an image_uri parameter where you provide, well … your image URI. It couldn’t be simpler to do:


data "aws_ecr_repository" "trailhead-ecr-repo" {
  name = "threg"
}

resource "aws_lambda_function" "api_function" {
  function_name = "th-api-framework-lambda-${var.environment}"
  timeout       = 5 # seconds
  image_uri     = "${data.aws_ecr_repository.trailhead-ecr-repo.repository_url}:1.2.0"
  package_type  = "Image"

  role = aws_iam_role.api_function_role.arn

  environment {
    variables = {
      ENVIRONMENT = var.environment
    }
  }
}

You will also want to define aws_iam_role along with aws_iam_role_policy_attachment. Permission AWSLambdaBasicExecutionRole is needed if you want to be able to log to a CloudWatch (aws lambda runtime logs AND/OR function logs).

data "aws_iam_policy_document" "policy-document" {
  statement {
    actions = ["sts:AssumeRole"]

    principals {
      type        = "Service"
      identifiers = ["lambda.amazonaws.com"]
    }
  }
}

resource "aws_iam_role" "api_function_role" {
  name = "lambda_iam_role"

  assume_role_policy = data.aws_iam_policy_document.policy-document.json
}

resource "aws_iam_role_policy_attachment" "basic" {
  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
  role       = aws_iam_role.api_function_role.name
}

Conclusion

In this brief guide, you’ve learned how to leverage Docker, ECR, and Terraform to deploy as-of-yet unsupported versions of .NET to AWS Lambda, allowing you to use the latest .NET version in your Lambda applications.

Related Blog Posts

We hope you’ve found this to be helpful and are walking away with some new, useful insights. If you want to learn more, here are a couple of related articles that others also usually find to be interesting:

Our Gear Is Packed and We're Excited to Explore With You

Ready to come with us? 

Together, we can map your company’s software journey and start down the right trails. If you’re set to take the first step, simply fill out our contact form. We’ll be in touch quickly – and you’ll have a partner who is ready to help your company take the next step on its software journey. 

We can’t wait to hear from you! 

Main Contact

This field is for validation purposes and should be left unchanged.

Together, we can map your company’s tech journey and start down the trails. If you’re set to take the first step, simply fill out the form below. We’ll be in touch – and you’ll have a partner who cares about you and your company. 

We can’t wait to hear from you! 

Montage Portal

Montage Furniture Services provides furniture protection plans and claims processing services to a wide selection of furniture retailers and consumers.

Project Background

Montage was looking to build a new web portal for both Retailers and Consumers, which would integrate with Dynamics CRM and other legacy systems. The portal needed to be multi tenant and support branding and configuration for different Retailers. Trailhead architected the new Montage Platform, including the Portal and all of it’s back end integrations, did the UI/UX and then delivered the new system, along with enhancements to DevOps and processes.

Logistics

We’ve logged countless miles exploring the tech world. In doing so, we gained the experience that enables us to deliver your unique software and systems architecture needs. Our team of seasoned tech vets can provide you with:

Custom App and Software Development

We collaborate with you throughout the entire process because your customized tech should fit your needs, not just those of other clients.

Cloud and Mobile Applications

The modern world demands versatile technology, and this is exactly what your mobile and cloud-based apps will give you.

User Experience and Interface (UX/UI) Design

We want your end users to have optimal experiences with tech that is highly intuitive and responsive.

DevOps

This combination of Agile software development and IT operations provides you with high-quality software at reduced cost, time, and risk.

Trailhead stepped into a challenging project – building our new web architecture and redeveloping our portals at the same time the business was migrating from a legacy system to our new CRM solution. They were able to not only significantly improve our web development architecture but our development and deployment processes as well as the functionality and performance of our portals. The feedback from customers has been overwhelmingly positive. Trailhead has proven themselves to be a valuable partner.

– BOB DOERKSEN, Vice President of Technology Services
at Montage Furniture Services

Technologies Used

When you hit the trails, it is essential to bring appropriate gear. The same holds true for your digital technology needs. That’s why Trailhead builds custom solutions on trusted platforms like .NET, Angular, React, and Xamarin.

Expertise

We partner with businesses who need intuitive custom software, responsive mobile applications, and advanced cloud technologies. And our extensive experience in the tech field allows us to help you map out the right path for all your digital technology needs.

  • Project Management
  • Architecture
  • Web App Development
  • Cloud Development
  • DevOps
  • Process Improvements
  • Legacy System Integration
  • UI Design
  • Manual QA
  • Back end/API/Database development

We partner with businesses who need intuitive custom software, responsive mobile applications, and advanced cloud technologies. And our extensive experience in the tech field allows us to help you map out the right path for all your digital technology needs.

Our Gear Is Packed and We're Excited to Explore with You

Ready to come with us? 

Together, we can map your company’s tech journey and start down the trails. If you’re set to take the first step, simply fill out the contact form. We’ll be in touch – and you’ll have a partner who cares about you and your company. 

We can’t wait to hear from you! 

Thank you for reaching out.

You’ll be getting an email from our team shortly. If you need immediate assistance, please call (616) 371-1037.