Sharing a Lambda layer across multiple AWS accounts

To share a layer between accounts or even publish it publicly, you need to use the AWS CLI or the API, as this is not supported in the console yet. We add permission statements using the AddLayerVersionPermission API action, which is similar to the way we do it with Lambda functions.

The following command is what we use to share a Lambda layer with another account:

aws lambda add-layer-version-permission
    --layer-name MessageVendorLayer
    --version-number 1
    --statement-id sharingWithOneAccount
    --principal 123456789012
    --action lambda:GetLayerVersion

What the preceding command will achieve is sharing version 1 of our layer to the AWS account with ID 123456789012. You could replace this principal with a * if you wanted to share it with any account. The consumers of your layer would enter the ARN as part of the attachment process we saw earlier. Only do this if you intend your layer to be available publicly, however.

 This is a great way to share work across accounts and make the most of the code we have written ourselves, or from other teams who have developed their own. In the next section, we'll home in on exactly where layers are useful.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.133.141.219