Deploy Lambda via Bitbucket Pipeline using AWS Lambda Deploy

Ashish Awasthi March 18, 2021

I want to add environment variable with lambda while pushing from bitbucket. How we can achieve the same using

 

AWS Lambda Deploy Pipes

 

Please let me know, if there is a way to attach enviornment variable with lambda once they are pushed

1 answer

2 votes
Halyna Berezovska
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 22, 2021

@Ashish Awasthifirstly, you need to create your lambda or update the lambda with environment variable. The only way I know - it can be done via sam template.

 

You can do this with sam deploy pipe. See example how to do this with sam deploy https://bitbucket.org/atlassian/aws-lambda-deploy/src/aa574370ffafa6bb2ede25ac37a5e6936cdafa05/bitbucket-pipelines.yml#lines-28 .

For this pipe you will provide sam template, where you mention variables section and put there variables you will need.

Here I provide with docs that you may need to do this in aws:

- https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-template-anatomy-globals.html  - first example is that how you pass lambda environment variables to the template.yaml .  You can go basically with this doc and use basic examples from sam-deploy pipe https://bitbucket.org/atlassian/aws-sam-deploy/src/master/README.md

 

- BUT If you do not want to expose your environment variables (e.g., they are sensitive) in Bitbucket Cloud - use AWS embedded parameters for that  (  https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html ) like here:


Parameters:
TableName:
Type: String
......
your other setting for your lambda function
......
Globals:
Function: Runtime: nodejs12.x Timeout: 180 Handler: ... Environment: <---- your env variables Variables: TABLE_NAME: !Ref TableName  <----- here you refer to parameters

and our STACK_PARAMETERS advanced example , when using sam-deploy pipe.

Precisely, you will need advanced example with STACK_PARAMETERS in Advanced examples section (https://bitbucket.org/atlassian/aws-sam-deploy/src/master/README.md ) :

 

script:
  - pipe: atlassian/aws-sam-deploy:1.1.0
    variables:
      AWS_ACCESS_KEY_ID: $AWS_ID
      AWS_SECRET_ACCESS_KEY: $AWS_KEY
      AWS_DEFAULT_REGION: 'us-east-1'
      S3_BUCKET: 'my-s3-bucket'
      STACK_NAME: 'my-stack-name'
      SAM_TEMPLATE: 'sam_template.yaml' <------ your template yaml
      CAPABILITIES: ['CAPABILITY_AUTO_EXPAND']
      STACK_PARAMETERS: >
        [{
          "ParameterKey": "TableName", 
"ParameterValue": ${YOUR_SECRET_ENIRONMENT_VARIABLE} <----- your secured var here
}
]

 

I will repeat, If you don't actually need secret environment vars to pass, you can just hardcode environment variable in Environment section and not use Parameters tool.

But we recommend the safer and more flexible way to be able to secure your lambda environment.

 

After executing sam-deploy pipe with such template environment variable, lambda function should be created or updated with mentioned environment variables  in the template.

Hope , this explanation is not too vague.

But anyway contact us in the case of more questions or if something did not work.

 

Regards, Galyna

Kamesh Dhanasekar
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 20, 2024

So we can pass it securely as parameters inside cloudformation stack right?

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events