How to Pass Input Data to an Amazon Web Services (AWS) Lambda PowerShell Script



The ability to execute PowerShell scripts with AWS Lambda functions is exciting. In this article, I’m going to show you how to pass some input data to your PowerShell AWS Lambda functions!

Before we get too far, you’ll first need to make sure that you’re running PowerShell 6 or higher. I’m running PowerShell 6.1 in my integrated console in Visual Studio Code. I’ll also assume you already have an IAM user set up to authenticate to AWS.

You’ll also need to have both the AWSPowerShell and AWSLambdaPSCore PowerShell modules installed. Below, I’m installing and importing both of them to get going.

Import-Module AWSPowerShell -Force
Import-Module AWSLambdaPSCore -Force
Install-Module AWSPowerShell -Scope CurrentUser
Install-Module AWSLambdaPSCore -Scope CurrentUser

Once I have the modules imported, the first thing I’m going to do is use an access key and secret key, which I’ve already stored into variables to initialize my AWS credentials.

$accessKey = ''
$secretKey = ''

I’ll go ahead and run Initialize-AWSDefaultConfiguration with my access key and secret key. This will set up my default profile so that AWS knows what access key and secret key I’ll be using.

# Initialize default credential profile
Initialize-AWSDefaultConfiguration -AccessKey $accessKey -SecretKey $secretKey

Next, let’s create a new PowerShell script from a Lambda template. I’m going to run Get-AWSPowerShellLambdaTemplate to see which templates I have available.

# Get the list of available PowerShell Lambda templates

For this article, I’m going to use the basic template, which I’m going to pass to New-AWSPowerShellLambda with a name of InputTest.

# Create a starter based on the Basic template
New-AWSPowerShellLambda -ScriptName InputTest -Template Basic

When I open the sample script that it creates, line four contains a predefined variable called $LambdaInput. This is set aside to be a PS object containing the input data passed to the Lambda function. I’ll get more into how to pass data to this later.

For now, I’ll just go to the bottom of the script and use Write-Host to display the contents of the $LambdaInput variable. Using Write-Host will display our output in the CloudWatch logs for this function. Now, let’s save and close this script.

Next, I’m going to create a splat of the parameters I need to publish the function. I’ll specify InputTest for the name of the function, then the path to the script file to run. Then, for region, I’ll specify my local region, which is us-east-1. Finally, I’m using an IAM role that I’ve already created, which this function will run as, called lambda_basic_execution.

Now, let’s go ahead and pass those parameters to Publish-AWSPowerShellLambda to publish the new function. This will start building the project and create the new Lambda function in AWS.

# Publish the new PowerShell based Lambda function
$publishPSLambdaParams = @{
	Name = 'InputTest'                        	# Name of the Lambda function
	ScriptPath = '.\InputTest\InputTest.ps1'  	# Path to the PowerShell script file
	Region = 'us-east-1'                      	# Local Region. Use Get-AWSRegion to find yours
	IAMRoleArn = 'lambda_basic_execution'     	# IAM role used that this function will run as
Publish-AWSPowerShellLambda @publishPSLambdaParams

Now that the Lambda function has been created, if I run Get-LMFunctionList, I can see my new InputTest function.

And now that we have the new function, let’s put together the payload, or input data. Below, I’m going to specify a hashtable with some values: a first name, last name, and department. Lambda functions require the input to be in JSON format, so I’m going to use ConvertTo-Json when storing this data to the $payload variable.

Next, to invoke this function, I’m going to run Invoke-LMFunction against InputTest, passing in the payload data. A status code of 200 means that the invocation was successful.

$payLoad = @{
	FirstName = 'Matt'
	LastName = 'McElreath'
	Department = 'Accounting'
} | ConvertTo-Json

Invoke-LMFunction -FunctionName InputTest -Payload $payLoad

Now let’s take a look at the CloudWatch logs for this function by running Get-CWLFilteredLogEvent and look at the events property.

$logs = Get-CWLFilteredLogEvent -LogGroupName /aws/lambda/InputTest

If I scroll up a little bit, we can see our payload data that has been passed to the function in the logs.

Now let’s go back to the script file and do something with this input data. I’m going to replace my Write-Host command with some more code. As you can see below, since the $LambdaInput variable is a PS object, we can access its properties just like any other object. Below, I’m storing the $firstName, $lastName, and $department to variables to build a string, which I’m going to write out to the logs.

$firstName = $LambdaInput.FirstName
$lastName = $LambdaInput.LastName
$department = $LambdaInput.Department

$string = "User: $firstName $lastName works in $department"

Write-Host $string

Let’s go ahead and save and close this file again. Now we need to republish the function with the splatted parameters.

Publish-AWSPowerShellLambda @publishPSLambdaParams

And now that that’s complete, let’s invoke the function using the same payload and take a look at the log events again.

We can now see the string that I built from the payload data displayed above — And that’s how to pass input data to an Amazon Web Services Lambda PowerShell script!

Matt McElreath is a Windows Server administrator concentrating on automation, PowerShell, Desired State Configuration (DSC), Octopus Deploy, and anything else thrown his way. You can follow Matt on Twitter at @mmcelreath.


Click on a tab to select how you'd like to leave your comment

Leave a Comment

Your email address will not be published. Required fields are marked *

Skip to toolbar