Follow these steps to deploy and invoke the Lambda:
- Run mvn clean package from inside the Lambda project root folder to create the Uber JAR.
- Upload the Uber JAR to S3:
aws s3 cp
target/lambda-invoke-sns-event-0.0.1-SNAPSHOT.jar
s3://serverless-cookbook/lambda-invoke-sns-event-0.0.1-SNAPSHOT.jar
--profile admin
- Create a role for the Lambda with an appropriate trust relationship definition:
aws iam create-role
--role-name lambda-invoke-sns-event-role
--assume-role-policy-document file://iam-role-trust-relationship.txt
--profile admin
The trust document, iam-role-trust-relationship.txt, is defined in previous recipes. You can also refer to the code files.
- Create a policy for basic logging permissions and attach it to the role.
- Create a policy for required SQS permissions and attach it to the role.
The policy document with required SQS permissions is shown here:
{
"Version":"2012-10-17",
"Statement":[
{
"Effect":"Allow",
"Action":[
"sqs:SendMessage",
"sqs:SendMessageBatch"
],
"Resource":[
"arn:aws:sqs:*:*:*"
]
}
]
}
These permissions are required since we are writing the messages received to the queue again, however if you are not using a queue, you will not need it.
- Create the Lambda function as shown here:
aws lambda create-function
--function-name lambda-invoke-sns-event
--runtime java8
--role arn:aws:iam::<account id>:role/lambda-invoke-sns-event-role
--handler tech.heartin.books.serverlesscookbook.LambdaSnsEventHandler::handleRequest
--code S3Bucket=serverless-cookbook,S3Key=lambda-invoke-sns-event-0.0.1-SNAPSHOT.jar
--environment Variables={SPC_OUTPUT_QUEUE_URL='https://queue.amazonaws.com/855923912133/my-output-queue'}
--timeout 15
--memory-size 512
--region us-east-1
--profile admin
- Subscribe the Lambda to the queue:
aws sns subscribe --topic-arn arn:aws:sns:us-east-1:<account id>:lambda-invoke-sns-topic
--protocol lambda
--notification-endpoint arn:aws:lambda:us-east-1:<account id>:function:lambda-invoke-sns-event
--profile admin