Using Lambda with Kubernetes - AWS Lambda
AWS Controllers for Kubernetes (ACK)Crossplane

Using Lambda with Kubernetes

You can deploy and manage Lambda functions with the Kubernetes API using AWS Controllers for Kubernetes (ACK) or Crossplane.

AWS Controllers for Kubernetes (ACK)

You can use ACK to deploy and manage AWS resources from the Kubernetes API. Through ACK, AWS provides open-source custom controllers for AWS services such as Lambda, Amazon Elastic Container Registry (Amazon ECR), Amazon Simple Storage Service (Amazon S3), and Amazon SageMaker. Each supported AWS service has its own custom controller. In your Kubernetes cluster, install a controller for each AWS service that you want to use. Then, create a Custom Resource Definition (CRD) to define the AWS resources.

We recommend that you use Helm 3.8 or later to install ACK controllers. Every ACK controller comes with its own Helm chart, which installs the controller, CRDs, and Kubernetes RBAC rules. For more information, see Install an ACK Controller in the ACK documentation.

After you create the ACK custom resource, you can use it like any other built-in Kubernetes object. For example, you can deploy and manage Lambda functions with your preferred Kubernetes toolchains, including kubectl.

Here are some example use cases for provisioning Lambda functions through ACK:

  • Your organization uses role-based access control (RBAC) and IAM roles for service accounts to create permissions boundaries. With ACK, you can reuse this security model for Lambda without having to create new users and policies.

  • Your organization has a DevOps process to deploy resources into an Amazon Elastic Kubernetes Service (Amazon EKS) cluster using Kubernetes manifests. With ACK, you can use a manifest to provision Lambda functions without creating separate infrastructure as code templates.

For more information about using ACK, see the Lambda tutorial in the ACK documentation.

Crossplane

Crossplane is an open-source Cloud Native Computing Foundation (CNCF) project that uses Kubernetes to manage cloud infrastructure resources. With Crossplane, developers can request infrastructure without needing to understand its complexities. Platform teams retain control over how the infrastructure is provisioned and managed.

Using Crossplane, you can deploy and manage Lambda functions with your preferred Kubernetes toolchains such as kubectl, and any CI/CD pipeline that can deploy manifests to Kubernetes. Here are some example use cases for provisioning Lambda functions through Crossplane:

  • Your organization wants to enforce compliance by ensuring that Lambda functions have the correct tags. Platform teams can use Crossplane Compositions to define this policy through API abstractions. Developers can then use these abstractions to deploy Lambda functions with tags.

  • Your project uses GitOps with Kubernetes. In this model, Kubernetes continuously reconciles the git repository (desired state) with the resources running inside the cluster (current state). If there are differences, the GitOps process automatically makes changes to the cluster. You can use GitOps with Kubernetes for deploying and managing Lambda functions through Crossplane, using familiar Kubernetes tools and concepts such as CRDs and Controllers.

To learn more about using Crossplane with Lambda, see the following:

  • AWS Blueprints for Crossplane: This repository includes examples of how to use Crossplane to deploy AWS resources, including Lambda functions.

    Note

    AWS Blueprints for Crossplane are under active development and should not be used in production.

  • Deploying Lambda with Amazon EKS and Crossplane: This video demonstrates an advanced example of deploying an AWS serverless architecture with Crossplane, exploring the design from both the developer and platform perspectives.