About
Use Gloo Mesh Gateway to route traffic requests directly to an Amazon Web Services (AWS) Lambda function.
Lambda is a beta feature in Gloo Mesh Gateway version 2.3. For more information, see Gloo feature maturity.
About
Serverless functions, such as Lambda functions, provide an alternative to traditional applications or services. The functions run on servers that you do not have to manage yourself, and you pay for only for the compute time you use. However, you might want to invoke your serverless functions from other services or apps, such as the Kubernetes workloads that run in clusters in your Gloo Mesh Gateway environment. By abstracting a Lambda as a type of destination in your Gloo Mesh Gateway environment, your workloads can send requests to the Lambda destination in the same way that you set up routing through Gloo Mesh Gateway to other types of destinations. Gloo Mesh Gateway does the work of assuming an AWS IAM role to invoke the actual Lambda function in your AWS account.
Gloo Mesh Gateway integration
Gloo Mesh Gateway supports multiple features to help you seamlessly invoke Lambda functions from your Gloo environment:
- Permissions: To ensure that permissions to AWS Lambda are controlled, you can specify multiple levels of IAM roles for general AWS Lambda access, discovery of functions in an account, and invocation of specific functions.
- Discovery: Gloo Mesh Gateway can automatically discover all of the functions in an AWS account and region, or if you apply discovery filters, a subset of the functions. Alternatively, you can disable discovery and choose individual functions for Gloo Mesh Gateway to access.
- Routing: After Gateway discovers your functions, you can route to each function in the same way that you route to other destinations in a route table resource. Gloo Mesh Gateway assumes one of your AWS IAM roles to invoke the Lambda function.
- Transformations: You can use Gloo Mesh Gateway in place of your AWS ALB or AWS API Gateway. The default transformation that Gloo Mesh Gateway applies adjusts the default request and response payloads for a smooth migration from AWS gateways to Gloo Mesh Gateway. You can also apply additional Gloo transformation policies, which allow you to customize the request and response payloads for Lambda as needed.
- Multitenancy: By using Gloo workspaces, you can separate Lambda discovery, IAM access, and function invocation by team in your Gateway environment.
To use the AWS Lambda integration in Gloo Mesh Gateway, your gateway proxies must run a Solo distribution of Istio.