Table of Contents
The repository demonstrates how to create and manage AWS Lambda Layers using different Infrastructure as Code (IaC) tools. Each approach deploys the same infrastructure but uses different tooling and methodologies.
This example uses layer/requirements.txt to define Python dependencies for the layer. You can include PyPI packages, local packages (using relative paths), or any combination as requirements expand.
┌─────────────────────┐
│ AWS Lambda Layer │
│ (Python packages) │
└──────────┬──────────┘
│
│ uses
▼
┌─────────────────────┐ ┌─────────────────────┐
│ Test Lambda Func │◄───│ IAM Role │
│ (test_lambda.py) │ │ (execution role) │
└─────────────────────┘ └─────────────────────┘
- AWS Lambda Layer: Python dependencies packaged as a reusable layer
- Test Function: AWS Lambda function that uses the layer to validate functionality
- Three IaC Implementations: Terraform, AWS SAM CLI, and AWS CloudFormation
Note: Each implementation creates the same AWS resources but demonstrates different deployment workflows and state management strategies.
.
├── build_layer.sh # Shared build script (Terraform & CloudFormation)
├── layer/
│ └── requirements.txt # Python dependencies for the layer
├── lambda/
│ └── test_lambda.py # Test Lambda function code
├── infra-terraform/ # Terraform implementation
│ ├── main.tf
│ ├── variables.tf
│ ├── outputs.tf
│ └── README.md
├── infra-sam/ # AWS SAM CLI implementation
│ ├── template.yaml
│ ├── samconfig.toml
│ └── README.md
├── infra-cloudformation/ # CloudFormation implementation
│ ├── template.yaml
│ └── README.md
├── dist/ # Generated build artifacts (gitignored)
└── artifacts/ # ZIP packages (gitignored)
Choose your preferred IaC tool and follow the instructions:
cd infra-terraform
../build_layer.sh # Build dependencies first
terraform init
terraform plan
terraform applycd infra-sam
sam build # SAM builds layer automatically
sam deploy --guidedcd infra-cloudformation
../build_layer.sh # Build dependencies first
aws cloudformation package --template-file template.yaml --s3-bucket your-bucket --output-template-file packaged-template.yaml
aws cloudformation deploy --template-file packaged-template.yaml --stack-name lambda-layer-cf-example --capabilities CAPABILITY_NAMED_IAM| Tool | Layer Building | Deployment | Resource Naming |
|---|---|---|---|
| Terraform | Manual (build_layer.sh) |
Local state management | example-python-layer |
| SAM CLI | Automatic from requirements.txt |
AWS CloudFormation backend | sam-example-python-layer |
| AWS CloudFormation | Manual + packaging | Native AWS service | cf-example-python-layer |
- Terraform: Infrastructure teams preferring provider agnostic tool
- SAM CLI: Serverless-focused development with local testing capabilities
- CloudFormation: Native AWS tooling with existing AWS workflows
- Edit
layer/requirements.txtto modify Python dependencies - Update
lambda/test_lambda.pyto change the test function behavior - Modify variables/parameters in each IaC tool's configuration files
Previous layer versions are not retained in these examples. Update retention settings according to your organization's policies. Configuration details are available in each tool's README.
- AWS CLI configured with IAM permissions for Lambda, S3, and CloudFormation operations
- Minimum permissions:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "lambda:*", "iam:CreateRole", "iam:DeleteRole", "iam:AttachRolePolicy", "iam:DetachRolePolicy", "iam:PassRole", "s3:*", "cloudformation:*" ], "Resource": "*" } ] }
- Minimum permissions:
- Python 3.12 (tested version)
- Required IaC tool: Terraform 1.13.4+, SAM CLI 1.138.0+, or AWS CLI 2.0+
See CONTRIBUTING for more information.
This library is licensed under the MIT-0 License. See the LICENSE file.