Using a container image to add the Amazon AppConfig Agent Lambda extension - Amazon AppConfig
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Using a container image to add the Amazon AppConfig Agent Lambda extension

You can package your Amazon AppConfig Agent Lambda extension as a container image to upload it to your container registry hosted on Amazon Elastic Container Registry (Amazon ECR).

To add the Amazon AppConfig Agent Lambda extension as a Lambda container image
  1. Enter the Amazon Web Services Region and the Amazon Resource Name (ARN) in the Amazon Command Line Interface (Amazon CLI) as shown below. Replace the Region and ARN value with your Region and the matching ARN to retrieve a copy of the Lambda layer. Amazon AppConfig provides ARNs for x86-64 and ARM64 platforms.

    aws lambda get-layer-version-by-arn \ --region Amazon Web Services Region \ --arn extension ARN

    Here's an example.

    aws lambda get-layer-version-by-arn \ --region us-east-1 \ --arn arn:aws:lambda:us-east-1:027255383542:layer:AWS-AppConfig-Extension:128

    The response looks like the following:

    { "LayerVersionArn": "arn:aws:lambda:us-east-1:027255383542:layer:AWS-AppConfig-Extension:128", "Description": "Amazon AppConfig extension: Use dynamic configurations deployed via Amazon AppConfig for your Amazon Lambda functions", "CreatedDate": "2021-04-01T02:37:55.339+0000", "LayerArn": "arn:aws:lambda::layer:Amazon-AppConfig-Extension", "Content": { "CodeSize": 5228073, "CodeSha256": "8otOgbLQbexpUm3rKlMhvcE6Q5TvwcLCKrc4Oe+vmMY=", "Location" : "S3-Bucket-Location-URL" }, "Version": 30, "CompatibleRuntimes": [ "python3.8", "python3.7", "nodejs12.x", "ruby2.7" ], }
  2. In the above response, the value returned for Location is the URL of the Amazon Simple Storage Service (Amazon S3) bucket that contains the Lambda extension. Paste the URL into your web browser to download the Lambda extension .zip file.

    Note

    The Amazon S3 bucket URL is available for only 10 minutes.

    (Optional) Alternatively, you can also use the following curl command to download the Lambda extension.

    curl -o extension.zip "S3-Bucket-Location-URL"

    (Optional) Alternatively, you can combine Step 1 and Step 2 to retrieve the ARN and download the .zip extension file all at once.

    aws lambda get-layer-version-by-arn \ --arn extension ARN \ | jq -r '.Content.Location' \ | xargs curl -o extension.zip
  3. Add the following lines in your Dockerfile to add the extension to your container image.

    COPY extension.zip extension.zip RUN yum install -y unzip \ && unzip extension.zip /opt \ && rm -f extension.zip
  4. Ensure that the Lambda function execution role has the appconfig:GetConfiguration permission set.

Example

This section includes an example for enabling the Amazon AppConfig Agent Lambda extension on a container image-based Python Lambda function.

  1. Create a Dockerfile that is similar to the following.

    FROM public.ecr.aws/lambda/python:3.8 AS builder COPY extension.zip extension.zip RUN yum install -y unzip \ && unzip extension.zip -d /opt \ && rm -f extension.zip FROM public.ecr.aws/lambda/python:3.8 COPY --from=builder /opt /opt COPY index.py ${LAMBDA_TASK_ROOT} CMD [ "index.handler" ]
  2. Download the extension layer to the same directory as the Dockerfile.

    aws lambda get-layer-version-by-arn \ --arn extension ARN \ | jq -r '.Content.Location' \ | xargs curl -o extension.zip
  3. Create a Python file named index.py in the same directory as the Dockerfile.

    import urllib.request def handler(event, context): return { # replace parameters here with your application, environment, and configuration names 'configuration': get_configuration('myApp', 'myEnv', 'myConfig'), } def get_configuration(app, env, config): url = f'http://localhost:2772/applications/{app}/environments/{env}/configurations/{config}' return urllib.request.urlopen(url).read()
  4. Run the following steps to build the docker image and upload it to Amazon ECR.

    // set environment variables export ACCOUNT_ID = <YOUR_ACCOUNT_ID> export REGION = <AWS_REGION> // create an ECR repository aws ecr create-repository --repository-name test-repository // build the docker image docker build -t test-image . // sign in to AWS aws ecr get-login-password \ | docker login \ --username AWS \ --password-stdin "$ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com" // tag the image docker tag test-image:latest "$ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com/test-repository:latest" // push the image to ECR docker push "$ACCOUNT_ID.dkr.ecr.$REGION.amazonaws.com/test-repository:latest"
  5. Use the Amazon ECR image that you created above to create the Lambda function. For more information about a Lambda function as a container, see Create a Lambda function defined as a container image.

  6. Ensure that the Lambda function execution role has the appconfig:GetConfiguration permission set.