How to deploy AWS Lambda functions using Ansible

Ansible is an open-source automation platform that simplifies orchestration, configuration management, and application deployment. It is generally used for automations. Along with that, it can also be used to manage infrastructure as code. Ansible uses the concept of a control node and a managed node. The control node is the node from where Ansible executes commands and manages configurations. Whereas, managed nodes are the systems that are controlled and managed by Ansible.

We operate Ansible using Ansible playbooks. An Ansible playbook is a list of tasks written in a specific manner that tells Ansible which tasks are to be executed by it. The generic format of a basic Ansible playbook is as follows:

- name: Name of the playbook
  hosts: target_hosts # target hosts on which the operations are to be executed
  become: yes # specifies whether to run tasks as a privileged user (e.g., sudo)
  vars: # variables for use in tasks and templates
    var1: value1
    var2: value2
  tasks: # tasks that are to be run by Ansible. These can be one or multiple
    - name: Task 1
      <module_name>: # built-in modules that perform a specific task on the managed nodes
        <module_options>  # module configurations
      <other_task_directives>: <value>  # Additional directives for the task
    - name: Task 2
      <module_name>:
        <module_options>
      <other_task_directives>: <value>
  handlers: # external functions related to the task execution
    - name: Handler 1
      <module_name>:
        <module_options>  # Optional: Module-specific options for the handler
  pre_tasks:  # tasks that are to be executed before the main tasks
    - name: Pre-task 1
      <module_name>:
        <module_options>
  post_tasks:  # tasks that are to be executed after the main tasks
    - name: Post-task 1
      <module_name>:
        <module_options>

In this Answer, we'll use Ansible to deploy a Lambda function on AWS. Deploying Lambda function using Ansible streamlines the deployment process, allowing for automated and consistent provisioning of Lambda functions across environments. Additionally, Ansible's infrastructure-as-code (IAC) approach enhances scalability and reproducibility while reducing manual errors, making it ideal for DevOps teams managing complex cloud infrastructures.

Configure AWS environment

Since we'll be deploying infrastructure on our AWS account, we'll first have to configure AWS environment on our machine. This grants the required access to the managed node being hosted on our machine. To do that, execute the following command in the terminal below:

aws configure

  • We'll be asked to provide our AWS credentials, AWS access key ID and AWS secret access key.

  • Along with these keys, we'll be asked to select the AWS region we want to work in. Enter us-east-1 as the region.

  • The last thing required from us would be the output format. It is an optional parameter, so we can skip or specify any value.

Terminal 1
Terminal
Loading...

Our AWS environment is all set and ready to be used.

Create an IAM Role

Before we can create a Lambda function, we'll require an IAM role because Lambda mostly uses other AWS services, and AWS services are required to assume an IAM role to use other AWS services. The code below creates an IAM role for our Lambda function.

Note: The IAM user whose credentials are being used must have the permissions to perform all the required actions.

import boto3
import json
aws_region = 'us-east-1'
# Configure an IAM client
iam = boto3.client('iam', region_name=aws_region, aws_access_key_id=aws_key_id, aws_secret_access_key=aws_secret_key)
# Define the trust policy
trust_policy = {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {"Service": "lambda.amazonaws.com"},
            "Action": "sts:AssumeRole"
        }
    ]
}
# Create an IAM role which can only be assumed by Lambda
role = iam.create_role(RoleName='LambdaRole', AssumeRolePolicyDocument=json.dumps(trust_policy))
# Attach the AWSLambda_FullAccess policy to the role
iam.attach_role_policy(RoleName='LambdaRole', PolicyArn='arn:aws:iam::aws:policy/AWSLambda_FullAccess')
# Get the ARN of the created role
role_arn = role['Role']['Arn']
print("IAM Role ARN:", role_arn)

Copy the role ARN we’ll get in response and save it somewhere safe to be used later.

Deploy a Lambda function

We are all set to create a Lambda function using Ansible. The Ansible playbook provided below uses the lambda module of Ansible to set up a Lambda function.

def lambda_handler(event, context):
    print('Lambda created using ansible')
Ansible playbbok

Replace <IAM_role_arn> in line 7 with the ARN of the role we created earlier and click the "Run" button to open the terminal. Now execute the Ansible playbook using the following command:

ansible-playbook Lambda.YAML

We should see the ARN of the newly created Lambda function in the output. You can navigate to your AWS console to view your Lambda function and its configurations. So we've successfully deployed a Lambda function using Ansible.

By utilizing Ansible to deploy AWS Lambda functions, we can streamline our deployment process, ensuring consistency and reliability across different environments. This automation not only saves time but also reduces the likelihood of human error, enhancing overall efficiency.

Free Resources

Copyright ©2025 Educative, Inc. All rights reserved