Stats

Actions

Tags

Help us improve

Share bugs, ideas, or general feedback.

aws-cloudformation-lambda | developer-kit-aws | ClaudePluginHub

Skill

aws-cloudformation-lambda

From developer-kit-aws

Provides AWS CloudFormation templates and workflows for Lambda functions, layers, API Gateway integration, event sources, cold start optimization, monitoring, validation, and deployment. Use for Lambda infrastructure on AWS.

$

npx claudepluginhub giuseppe-trisciuoglio/developer-kit --plugin developer-kit-aws

Popularity

Parent stars

247

Parent forks

27

Invocation

How this skill is triggered — by the user, by Claude, or both

Slash command

/developer-kit-aws:aws-cloudformation-lambda

User invocable

Model invocable

Inline context

Default effort

Tool Access

This skill is limited to the following tools:

ReadWriteBash

Context Preview

The summary Claude sees in its skill listing — used to decide when to auto-load this skill

Create production-ready Lambda functions using CloudFormation templates with validation and deployment workflows.

Supporting Files

references/constraints.mdreferences/examples.mdreferences/reference.md

SKILL.md

408 lines · ~3k tokens

Similar Skills

aws-serverless

38.0k

Builds production-ready AWS serverless applications with Lambda functions, API Gateway, DynamoDB, SQS/SNS event patterns, SAM/CDK deployment, and cold start optimization.

antigravity-awesome-skills

aws-serverless

666

Builds, deploys, manages, debugs, configures, and optimizes AWS serverless apps using Lambda, API Gateway, Step Functions, EventBridge, SAM/CDK. Covers cold starts, concurrency, CORS, event sources.

10 files

aws-lambda

731

Designs, builds, deploys, tests, and debugs AWS Lambda serverless apps with SAM CLI, Lambda Web Adapter, event sources, EventBridge, and observability.

11 files

Stats

LanguagePython

Parent stars247

Parent forks27

MaintenanceExcellent

Last CommitMar 24, 2026

Actions

View Source View Plugin View on GitHub View README

Tags

deployment-workflow

Help us improve

Share bugs, ideas, or general feedback.

AWS CloudFormation Lambda Functions

Overview

Create production-ready Lambda functions using CloudFormation templates with validation and deployment workflows.

When to Use

Creating Lambda functions with CloudFormation
Configuring event sources (S3, SQS, DynamoDB, Kinesis)
Implementing Lambda layers and cold start optimization
Integrating Lambda with API Gateway
Deploying Lambda infrastructure with validation

Deployment Workflow

Always follow this deployment workflow:

1. Validate Template

aws cloudformation validate-template --template-body file://template.yaml

2. Deploy Stack

aws cloudformation deploy \
  --template-file template.yaml \
  --stack-name my-lambda-stack \
  --capabilities CAPABILITY_IAM \
  --parameter-overrides Environment=prod

3. Monitor Stack Events

aws cloudformation describe-stack-events \
  --stack-name my-lambda-stack \
  --query 'StackEvents[?ResourceStatus==`CREATE_FAILED`||ResourceStatus==`UPDATE_FAILED`]'

4. Verify Resources

aws lambda get-function --function-name my-lambda-stack-function
aws cloudformation describe-stacks --stack-name my-lambda-stack \
  --query 'Stacks[0].StackStatus'

5. Rollback on Failure

aws cloudformation delete-stack --stack-name my-lambda-stack
aws logs describe-log-groups --log-group-name-prefix "/aws/lambda/my-lambda"

Instructions

Follow these steps to create Lambda functions with CloudFormation:

1. Define Lambda Function Parameters

Specify runtime, memory, timeout, and environment variables:

Parameters:
  FunctionMemory:
    Type: Number
    Default: 256
    AllowedValues:
      - 128
      - 256
      - 512
      - 1024
      - 2048
    Description: Lambda function memory in MB

  FunctionTimeout:
    Type: Number
    Default: 30
    MinValue: 1
    MaxValue: 900
    Description: Function timeout in seconds

  Runtime:
    Type: String
    Default: nodejs20.x
    AllowedValues:
      - nodejs20.x
      - python3.11
      - java21
      - dotnet8
      - go1.x
    Description: Lambda runtime environment

2. Create Lambda Function

Define the basic function configuration:

Resources:
  LambdaFunction:
    Type: AWS::Lambda::Function
    Properties:
      FunctionName: !Sub "${AWS::StackName}-function"
      Runtime: !Ref Runtime
      Handler: index.handler
      Role: !Ref ExecutionRole
      MemorySize: !Ref FunctionMemory
      Timeout: !Ref FunctionTimeout
      Code:
        S3Bucket: !Ref CodeBucket
        S3Key: !Ref CodeKey
      Environment:
        Variables:
          LOG_LEVEL: INFO
          DATABASE_URL: !Ref DatabaseUrl
      Tags:
        - Key: Environment
          Value: !Ref Environment

3. Configure Execution Role

Apply least privilege IAM policies:

Resources:
  ExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Effect: Allow
            Principal:
              Service: lambda.amazonaws.com
            Action: sts:AssumeRole
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
      Policies:
        - PolicyName: S3ReadAccess
          PolicyDocument:
            Version: "2012-10-17"
            Statement:
              - Effect: Allow
                Action:
                  - s3:GetObject
                Resource: !Sub "${DataBucket.Arn}/*"

4. Add Event Sources

Configure triggers for Lambda invocation:

Resources:
  # S3 event source
  S3EventSource:
    Type: AWS::Lambda::EventSourceMapping
    Properties:
      EventSourceArn: !GetAtt DataBucket.Arn
      FunctionName: !Ref LambdaFunction

  # SQS event source
  SQSEventSource:
    Type: AWS::Lambda::EventSourceMapping
    Properties:
      EventSourceArn: !GetAtt Queue.Arn
      FunctionName: !Ref LambdaFunction
      BatchSize: 10
      MaximumBatchingWindowInSeconds: 5

5. Configure API Gateway Integration

Set up REST or HTTP API integration:

Resources:
  # HTTP API integration
  HttpApi:
    Type: AWS::ApiGatewayV2::Api
    Properties:
      Name: !Sub "${AWS::StackName}-api"
      ProtocolType: HTTP
      Target: !Ref LambdaFunction

  ApiIntegration:
    Type: AWS::ApiGatewayV2::Integration
    Properties:
      ApiId: !Ref HttpApi
      IntegrationType: AWS_PROXY
      IntegrationUri: !Sub "arn:aws:apigateway:${AWS::Region}:lambda:path/2015-03-31/functions/${LambdaFunction.Arn}/invocations"

6. Implement Versioning and Aliases

Create function versions and aliases:

Resources:
  LambdaVersion:
    Type: AWS::Lambda::Version
    Properties:
      FunctionName: !Ref LambdaFunction
      Description: !Sub "Version ${AWS::StackName} v1"

  LambdaAlias:
    Type: AWS::Lambda::Alias
    Properties:
      FunctionName: !Ref LambdaFunction
      FunctionVersion: !GetAtt LambdaVersion.Version
      Name: live

7. Configure Monitoring

Enable CloudWatch logging and X-Ray tracing:

Resources:
  LambdaFunction:
    Type: AWS::Lambda::Function
    Properties:
      LoggingConfig:
        LogGroup: !Ref LogGroup
      TracingConfig:
        Mode: Active

  LogGroup:
    Type: AWS::Logs::LogGroup
    Properties:
      LogGroupName: !Sub "/aws/lambda/${LambdaFunction}"
      RetentionInDays: 7

8. Set Up Dead Letter Queue

Configure DLQ for failed invocations:

Resources:
  DeadLetterQueue:
    Type: AWS::SQS::Queue
    Properties:
      QueueName: !Sub "${AWS::StackName}-dlq"

  LambdaFunction:
    Type: AWS::Lambda::Function
    Properties:
      DeadLetterConfig:
        TargetArn: !GetAtt DeadLetterQueue.Arn

Examples

Complete Lambda Stack Template

AWSTemplateFormatVersion: '2010-09-09'
Description: Lambda function with monitoring and DLQ

Parameters:
  FunctionMemory:
    Type: Number
    Default: 256
    AllowedValues: [128, 256, 512, 1024]
  FunctionTimeout:
    Type: Number
    Default: 30

Resources:
  ExecutionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Effect: Allow
            Principal: { Service: lambda.amazonaws.com }
            Action: sts:AssumeRole
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole

  LambdaFunction:
    Type: AWS::Lambda::Function
    Properties:
      FunctionName: !Sub "${AWS::StackName}-function"
      Runtime: nodejs20.x
      Handler: index.handler
      Role: !GetAtt ExecutionRole.Arn
      MemorySize: !Ref FunctionMemory
      Timeout: !Ref FunctionTimeout
      Code:
        S3Bucket: !Ref CodeBucket
        S3Key: !Ref CodeKey
      Environment:
        Variables:
          LOG_LEVEL: INFO

  LambdaVersion:
    Type: AWS::Lambda::Version
    Properties:
      FunctionName: !Ref LambdaFunction

  LambdaAlias:
    Type: AWS::Lambda::Alias
    Properties:
      FunctionName: !Ref LambdaFunction
      FunctionVersion: !GetAtt LambdaVersion.Version
      Name: live

Outputs:
  FunctionArn:
    Value: !GetAtt LambdaFunction.Arn
  FunctionName:
    Value: !Ref LambdaFunction

Best Practices

Performance Optimization

Use SnapStart for Java functions to eliminate cold starts
Use provisioned concurrency for critical functions requiring low latency
Keep deployment packages small (< 50 MB zipped)
Optimize memory size based on function requirements
Use appropriate timeout values (avoid maximum timeout)
Configure reserved concurrency to prevent throttling

Cost Optimization

Right-size memory allocation for cost efficiency
Use provisioned concurrency strategically (adds cost when idle)
Monitor Lambda duration and optimize for faster execution
Use ephemeral storage (/tmp) efficiently
Clean up unused Lambda functions and versions
Consider Lambda PowerTuning for optimal memory/power configuration

Security

Apply least privilege IAM policies to execution roles
Encrypt environment variables at rest
Use VPC endpoints for private AWS service access
Rotate IAM credentials regularly
Implement VPC configuration for private function access
Use AWS KMS for encrypting sensitive data

Reliability

Configure Dead Letter Queue for async invocations
Implement retry logic with exponential backoff
Use CloudWatch alarms for error monitoring
Test Lambda functions thoroughly before deployment
Implement circuit breakers for downstream service failures
Use canary deployments with Lambda aliases

Monitoring and Observability

Enable CloudWatch Logs for all functions
Use X-Ray tracing for distributed tracing
Configure CloudWatch metrics for performance monitoring
Set up alarms for errors, throttles, and duration
Use Lambda Insights for debugging
Monitor concurrent executions and throttling

Versioning and Deployment

Use Lambda aliases for production environments (live, staging)
Implement canary deployments with weighted aliases
Create function versions for immutable deployments
Use SAM or AWS CDK for simplified Lambda deployments
Implement blue/green deployments with Lambda aliases
Test function changes in development environment first

Constraints and Warnings

Timeout limits: Lambda timeout max is 900 seconds (15 min); set appropriate values to avoid orphaned executions
Deployment package size: Zipped packages max 50 MB, unzipped max 250 MB (including layers)
Layer limits: Max 5 layers per function; each layer max 50 MB (unzipped)
Environment variables: Max 4 KB for all variables; encrypt sensitive values with KMS
Cold starts: Java and .NET functions have longer cold starts; use SnapStart or Provisioned Concurrency for latency-sensitive workloads
Concurrent execution: Default limit 1000 per region; request increase for high-traffic functions
VPC networking: Lambda in VPC adds 10-30 second cold start overhead for first invocation
IAM permissions: Never use * in Resource policies; always scope to specific resources
Dead Letter Queue: Required for async invocations; ensure DLQ is in same region as function
Cost monitoring: Enable billing alerts; Lambda charges per invocation and duration

References

For detailed implementation guidance, see:

constraints.md - Resource limits (function limits, concurrent execution, timeout, memory), deployment constraints (function size, layer size, environment variables), operational constraints (cold starts, VPC networking, event sources, DLQ), security constraints (execution role, resource policies, VPC endpoints), cost considerations (provisioned concurrency, duration, memory, data transfer), and performance constraints (SnapStart, layer versioning, X-Ray tracing, async invocation)

Related Resources