AWS Lambda integration
AWS Lambda integrations enable you to trigger event-driven serverless compute functions when an event occurs in Ably. They are useful for integrating into various AWS services.
To create an AWS Lambda integration in your dashboard:
- Login and select the application you wish to integrate with AWS Lambda.
- Click the Integrations tab.
- Click the New Integration Rule button.
- Choose Webhook.
- Choose AWS Lambda.
- Configure the AWS Lambda settings.
- Click Create.
You can also create an AWS Lambda integration using the Control API.
Settings
The following settings are available when creating an AWS Lambda integration:
Setting | Description |
---|---|
AWS Region | Specifies the region of your AWS Lambda. |
Function Name | The name of your AWS Lambda function. |
AWS authentication scheme | Choose the authentication method. Either AWS credentials or ARN of an assumable role. |
AWS Credentials | If using AWS credentials, enter the values in key:value format. |
ARN of an assumable role | If using ARN of an assumable role, enter the ARN of the role that Ably can assume to access your AWS Lambada function. |
Qualifier | The qualifier of your Lambda function, if set. |
Source | Specifies the event types being sent to your AWS Lambda function. |
Channel filter | Filters the source channels based on a regular expression. |
Encoding | Specifies the encoding format of messages. Either JSON or MsgPack. |
Enveloped | Checkbox to set whether messages should be enveloped or not. Enveloped is the default. |
AWS authentication
Delegate access to your AWS resources by creating an IAM role that the Ably AWS account can assume.
This approach follows AWS best practices, as it avoids sharing access keys directly. Specify the role’s ARN to grant Ably the necessary permissions in a secure manner.
Create a Lambda policy
The following steps show you how to create a policy for an AWS Lambda.
- In the IAM console sidebar select Policies.
- Click Create Policy.
- Click the JSON tab and enter the following JSON to configure the policy:
{
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowInvokeLambdaFunction",
"Effect": "Allow",
"Action": [
"lambda:InvokeAsync",
"lambda:InvokeFunction"
],
"Resource": [
"arn:aws:lambda:<YOUR_AWS_REGION>:<YOUR_AWS_ACCOUNT>:function:<YOUR_FUNCTION_NAME>"
]
}
]
}
CopyCopied!
- Click Next: Tags. You don’t need to add any tags.
- Click Next: Review.
- Enter a suitable name for your policy.
- Click Create Policy.
You have created a policy that grants the permissions required to use a Kinesis stream. You must now attach it to the role that you’ll specify in your Ably integration rule.
Create a role
Create an IAM role as follows:
- In the AWS IAM console, click Roles in the sidebar and then click Create Role.
- For type of trusted entity select Another AWS account.
- For Account ID specify 203461409171. This is the Ably AWS account.
- Click the Require external ID checkbox and then enter an external ID of
<Your_Ably_Account_ID>.<Your_Ably_app_ID>
. - Click Next: Permissions.
- Now select the policy you created earlier to attach to this role. You can type the name of your policy into the Filter policies search box.
Then ensure the checkbox for the policy is selected.
- Click Next: Tags.
- You don’t need to add tags so click Next: Review.
- Enter a suitable name for your role.
- Click Create Role.