AWS Lambda doesn't automatically pick up the latest image?

Asked 7/2, 2023 at 0:53 Answered 7/2, 2023 at 21:26

Solved amazon-web-services aws-lambda bitbucket amazon-ecr

I have a Lambda deployed on AWS. My Lambda is deployed uses a container to run my code. Whenever after we deploy a new image, we have to manually copy paste the URL in Lambda's configuration. Even if in ECR latest image has the URI which is already configured in Lambda, Lambda used the image from when configuration was last manually done. I was wondering if there is a way to automatically have lambda use the latest image that is deployed in ECR ?

Things I have tried:

Keeping the tags and image name same during deployment, so the URI of image stays the same. I then use that URI to configure my Lambda.
Used "latest" as a tag for my image.

Note: Image is being pushed to ECR by Bitbucket.

Zulazulch answered 7/2, 2023 at 0:53 Comment(1)

See the note under Creating images from AWS base images: To use the updated base image, you must rebuild your container image and update the function code. – Natalianatalie 7/2, 2023 at 2:30

This is expected as the Lambda isn't aware a new image was pushed.

For a function defined as a container image, Lambda resolves the image tag to an image digest. In Amazon ECR, if you update the image tag to a new image, Lambda does not automatically update the function.

https://docs.aws.amazon.com/cli/latest/reference/lambda/update-function-code.html#update-function-code

After pushing the image:

docker tag my-image:latest 123456789.dkr.ecr.eu-west-1.amazonaws.com/my-image:latest
docker push 123456789.dkr.ecr.eu-west-1.amazonaws.com/my-image:latest

Also update your Lambda with the new image:

aws lambda update-function-code \
           --function-name my-lambda \
           --image-uri 123456789.dkr.ecr.eu-west-1.amazonaws.com/my-image:latest

Resa answered 7/2, 2023 at 16:53 Comment(3)

i have multiple lambda functions defined in sam template referring to the same image uri, so i can not run the aws lambda update-function-code for each function. Any idea as how to update the image in aws sam via ci/cd – Settera 27/9, 2023 at 5:12

if you are using aws sam cli to package, it should be handled automatically – Urita 23/10, 2023 at 18:12

I am having the same issue where I am using AWS SAM (which interacts with the CLI behind the scenes) and it does not know to use the latest image. – Dixson 26/6 at 22:24

Answer Stephan gave, guided me to achieve the same using Bitbucket Pipelines (My problem needed to be solved on Bitbucket). Here is a code sample:

- pipe: atlassian/aws-lambda-deploy:1.7.0
  variables:
      AWS_DEFAULT_REGION: 'YOPUR_LAMBDA_REGION'
      AWS_OIDC_ROLE_ARN: "ARN_FOR_YOUR_IAM_ROLE"
      FUNCTION_NAME: 'YOUR_FUNCTION'
      COMMAND: 'update'
      IMAGE_URI: 'YOUR_IMAGE_URI'

For this to work, your Lambda has to be setup already since this code just updates your Lambda.

Zulazulch answered 7/2, 2023 at 21:26 Comment(0)

Have few solutions for this strange case.

Remove docker image <-- This is trick, then get new docker image by docker pull.
Use SHA256 for compare hash string of docker image. If hash strings are different, these are different docker image versions/tags.
You can leverage sha256 hash string, for example

docker pull ubuntu@sha256:26c68657ccce2cb0a31b330cb0be2b5e108d467f641c62e13ab40cbec258c68d

You can use specific tag, not latest. Reference document https://docs.docker.com/engine/reference/commandline/pull/

Labaw answered 7/2, 2023 at 1:36 Comment(0)

Recommended topics

Hot tags