使用 Infrastructure as Code 部署 Lambda 耐用函數 - AWS Lambda
AWS CloudFormationAWS CDKAWS Serverless Application Model常見的組態模式後續步驟

本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。

使用 Infrastructure as Code 部署 Lambda 耐用函數

您可以使用 Infrastructure as Code (IaC) 工具部署 Lambda 耐用函數 AWS CloudFormation,例如 AWS CDK或 AWS Serverless Application Model。這些工具可讓您在程式碼中定義函數、執行角色和許可,讓部署可重複且受版本控制。

這三個工具都需要您:

  • 在函數上啟用持久性執行

  • 將檢查點許可授予執行角色

  • 發佈版本或建立別名 (持久性函數需要合格的 ARNs)

AWS CloudFormation

使用 在範本中 CloudFormation 定義您的耐用函數。下列範例會建立具有必要許可的耐用函數。

AWSTemplateFormatVersion: '2010-09-09'
Description: Lambda durable function example

Resources:
  DurableFunctionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: '2012-10-17'		 	 	 
        Statement:
          - Effect: Allow
            Principal:
              Service: lambda.amazonaws.com
            Action: sts:AssumeRole
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      Policies:
        - PolicyName: DurableExecutionPolicy
          PolicyDocument:
            Version: '2012-10-17'		 	 	 
            Statement:
              - Effect: Allow
                Action:
                  - lambda:CheckpointDurableExecutions
                  - lambda:GetDurableExecutionState
                Resource: !GetAtt DurableFunction.Arn

  DurableFunction:
    Type: AWS::Lambda::Function
    Properties:
      FunctionName: myDurableFunction
      Runtime: nodejs22.x
      Handler: index.handler
      Role: !GetAtt DurableFunctionRole.Arn
      Code:
        ZipFile: |
          // Your durable function code here
          export const handler = async (event, context) => {
            return { statusCode: 200 };
          };
      DurableConfig:
        ExecutionTimeout: 10
        RetentionPeriodInDays: 1

  DurableFunctionVersion:
    Type: AWS::Lambda::Version
    Properties:
      FunctionName: !Ref DurableFunction
      Description: Initial version

  DurableFunctionAlias:
    Type: AWS::Lambda::Alias
    Properties:
      FunctionName: !Ref DurableFunction
      FunctionVersion: !GetAtt DurableFunctionVersion.Version
      Name: prod

Outputs:
  FunctionArn:
    Description: Durable function ARN
    Value: !GetAtt DurableFunction.Arn
  AliasArn:
    Description: Function alias ARN (use this for invocations)
    Value: !Ref DurableFunctionAlias

部署範本

aws cloudformation deploy \
  --template-file template.yaml \
  --stack-name my-durable-function-stack \
  --capabilities CAPABILITY_IAM

AWS CDK

AWS CDK 可讓您使用程式設計語言定義基礎設施。下列範例示範如何使用 TypeScript 和 Python 建立耐用的函數。

TypeScript
import * as cdk from 'aws-cdk-lib';
import * as lambda from 'aws-cdk-lib/aws-lambda';
import * as iam from 'aws-cdk-lib/aws-iam';
import { Construct } from 'constructs';

export class DurableFunctionStack extends cdk.Stack {
  constructor(scope: Construct, id: string, props?: cdk.StackProps) {
    super(scope, id, props);

    // Create the durable function
    const durableFunction = new lambda.Function(this, 'DurableFunction', {
      runtime: lambda.Runtime.NODEJS_22_X,
      handler: 'index.handler',
      code: lambda.Code.fromAsset('lambda'),
      functionName: 'myDurableFunction',
      durableConfig: { executionTimeout: Duration.hours(1), retentionPeriod: Duration.days(30) },
    });

    // Add checkpoint permissions
    durableFunction.addToRolePolicy(new iam.PolicyStatement({
      actions: [
        'lambda:CheckpointDurableExecutions',
        'lambda:GetDurableExecutionState',
      ],
      resources: [durableFunction.functionArn],
    }));

    // Create version and alias
    const version = durableFunction.currentVersion;
    const alias = new lambda.Alias(this, 'ProdAlias', {
      aliasName: 'prod',
      version: version,
    });

    // Output the alias ARN
    new cdk.CfnOutput(this, 'FunctionAliasArn', {
      value: alias.functionArn,
      description: 'Use this ARN to invoke the durable function',
    });
  }
}
Python
from aws_cdk import (
    Stack,
    aws_lambda as lambda_,
    aws_iam as iam,
    CfnOutput,
)
from constructs import Construct

class DurableFunctionStack(Stack):
    def __init__(self, scope: Construct, id: str, **kwargs):
        super().__init__(scope, id, **kwargs)

        # Create the durable function
        durable_function = lambda_.Function(
            self, 'DurableFunction',
            runtime=lambda_.Runtime.NODEJS_22_X,
            handler='index.handler',
            code=lambda_.Code.from_asset('lambda'),
            function_name='myDurableFunction',
            durable_execution={execution_timeout: Duration.hours(1), retention_period: Duration.days(30)}
        )

        # Add checkpoint permissions
        durable_function.add_to_role_policy(iam.PolicyStatement(
            actions=[
                'lambda:CheckpointDurableExecutions',
                'lambda:GetDurableExecutionState',
            ],
            resources=[durable_function.function_arn]
        ))

        # Create version and alias
        version = durable_function.current_version
        alias = lambda_.Alias(
            self, 'ProdAlias',
            alias_name='prod',
            version=version
        )

        # Output the alias ARN
        CfnOutput(
            self, 'FunctionAliasArn',
            value=alias.function_arn,
            description='Use this ARN to invoke the durable function'
        )

部署 CDK 堆疊

cdk deploy

AWS Serverless Application Model

AWS SAM 簡化無伺服器應用程式的 CloudFormation 範本。下列範本使用 建立耐久的 函數 AWS SAM。

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Lambda durable function with SAM

Resources:
  DurableFunction:
    Type: AWS::Serverless::Function
    Properties:
      FunctionName: myDurableFunction
      Runtime: nodejs22.x
      Handler: index.handler
      CodeUri: ./src
      DurableConfig:
        ExecutionTimeout: 10
        RetentionPeriodInDays: 1
      Policies:
        - Version: '2012-10-17'		 	 	 
          Statement:
            - Effect: Allow
              Action:
                - lambda:CheckpointDurableExecutions
                - lambda:GetDurableExecutionState
              Resource: !Sub 'arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:${DurableFunction}'
      AutoPublishAlias: prod

Outputs:
  FunctionArn:
    Description: Durable function ARN
    Value: !GetAtt DurableFunction.Arn
  AliasArn:
    Description: Function alias ARN (use this for invocations)
    Value: !Ref DurableFunction.Alias

部署 SAM 範本

sam build
sam deploy --guided

常見的組態模式

無論您使用哪種 IaC 工具,請遵循這些模式以取得耐用的函數:

啟用持久性執行

DurableExecution.Enabled 屬性設定為 true。此屬性僅在建立函數時可用,您無法在現有函數上啟用持久性執行。

授予檢查點許可

lambda:CheckpointDurableExecutionslambda:GetDurableExecutionState 新增至執行角色。將這些許可範圍限定為特定函數 ARN。

使用合格的 ARNs

為您的函數建立版本或別名。耐用函數需要合格的 ARNs(具有版本或別名) 才能叫用。在 AutoPublishAlias 中使用 AWS SAM 或在 CloudFormation 和 中建立明確版本 AWS CDK。

套件相依性

在您的部署套件中包含耐用的執行 SDK。對於 Node.js,安裝 @aws/durable-execution-sdk-js。針對 Python,安裝 aws-durable-execution-sdk-python

後續步驟

部署您的耐用函數之後:

  • 使用合格的 ARN (版本或別名) 測試您的函數

  • 在持久性執行索引標籤下的 Lambda 主控台中監控執行進度

  • 檢視 AWS CloudTrail 資料事件中的檢查點操作

  • 檢閱 CloudWatch Logs 以取得函數輸出和重播行為

如需使用 IaC 工具部署 Lambda 函數的詳細資訊,請參閱: