AWS Container Plugin
The AWS container plugin allows you to create, update, invoke, and delete Lambda functions using packages such as .zip files or container images.
important
You must set up a connection to the AWS server before adding AWS tasks. For more information, see Set up Connection to AWS Server.
note
In the release flow editor, Container tasks have a blue border.
AWS provides the following features:
- Create Function and Update Function using Image
- Create Function and Update Function using S3 zip
- Delete Function and Invoke Function
- Create Secret (Container)
- Get Secret (Container)
- Update Secret (Container)
- Delete Secret (Container)
Prerequisites
For AWS integration, you need the following:
- AWS server running and accessible via HTTP(s)
- Digital.ai Release Runner setup to run the container tasks
Set Up Connection to AWS Server
- From the navigation pane, under CONFIGURATION, click Connections.
- Under HTTP Server connections, next to AWS: Server (Container), click
.
The New AWS: Server (Container) page opens. - In the Title field, enter a name for the configuration.
- In the Authentication method dropdown, select an authentication method:
- Access Keys: Enter the following details:
- Access Key ID: The AWS access key ID.
- Secret Access Key: The AWS secret access key.
- Session Token (optional): The session token if applicable.
- None: Credentials will be automatically retrieved from the IAM role assigned to the pod or node.
- Access Keys: Enter the following details:
- In the Assume Role ARN (optional) field, enter the ARN of the assume role that the caller is assuming.
- If required, enter proxy details.
- To test the connection, click Test.
- To save the configuration, click Save.
Create Function Using Image (Container)
The Create Function Using Image (Container) task creates a Lambda function using the image.
In the release flow tab of a Release template, add a task of type AWS > Create Function Using Image (Container).
| Field | Description |
|---|---|
| Capabilities | Enter a value that matches the capability set for your Runner. This helps route jobs to that Runner. |
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Function Name | Enter the AWS Lambda function name. |
| Function Description | Enter a description for the AWS Lambda function. |
| Role | Enter the Amazon Resource Name (ARN) of the IAM role. |
| Image Uri | Enter the URI of a container image in the Amazon ECR registry. |
| Wait for Active State | Toggle on if you want to wait for the function to become active. |
| Wait Interval | Enter the interval in seconds between each attempt. |
| ENTRYPOINT Override | Enter a value to override the entry point value in the image configuration. |
| CMD Override | Enter a value to override the cmd value in the image configuration. |
| WORKDIR Override | Enter a value to override the workdir value in the image configuration. |
| Subnet Ids | Enter one or more VPC subnet IDs (comma-separated). |
| Security Group Ids | Enter one or more VPC security group IDs (comma-separated). |
| Timeout | Enter the timeout in seconds. |
| Memory Size | Enter the memory capacity for the Lambda function (in MB). |
| Environment | Add key-value pairs of environment variables accessible from function code during execution. |
| Publish | Toggle on if you want to publish the first version of the function during creation. |
| Tags | Add key-value pairs of tags assigned to the new function. |
Update Function Using Image (Container)
The Update Function Using Image (Container) task updates a Lambda function using the image.
In the release flow tab of a Release template, add a task of type AWS > Update Function Using Image (Container).
| Field | Description |
|---|---|
| Capabilities | Enter a value that matches the capability set for your Runner. This helps route jobs to that Runner. |
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Function Name | Enter the AWS Lambda function name. |
| Image Uri | Enter the URI of a container image in the Amazon ECR registry. |
| Wait for Successful Status | Toggle on if you want to wait for the function to get updated and become successful. |
| Wait Interval | Enter the value in seconds to define the wait interval between each attempt. |
| Publish | Toggle on if you want to publish the new version of the function after update. |
Create Function Using S3 Zip (Container)
The Create Function Using S3 Zip (Container) task creates a Lambda function using the S3 zip.
In the release flow tab of a Release template, add a task of type AWS > Create Function Using S3 Zip (Container).
| Field | Description |
|---|---|
| Capabilities | Enter a value that matches the capability set for your Runner. This helps route jobs to that Runner. |
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Function Name | Enter the AWS Lambda function name. |
| Function Description | Enter a description for the AWS Lambda function. |
| S3 Bucket Name | Enter the S3 bucket name where the .zip file containing your deployment package is stored. |
| S3 Object Key | Enter the path to your .zip file containing the deployment package. |
| S3 Object Version | Enter the version of your deployment package. |
| Runtime | Enter the runtime environment for execution. |
| Role | Enter the Amazon Resource Name (ARN) of the IAM role. |
| Handler | Enter the function within your code that Lambda calls to begin execution. |
| Wait for Active State | Toggle on if you want to wait for the function to become active. |
| Wait Interval | Enter the value in seconds to define the wait interval between each attempt. |
| Timeout | Enter the timeout in seconds. |
| Subnet Ids | Enter one or more VPC subnet IDs (comma-separated). |
| Security Group Ids | Enter one or more VPC security group IDs (comma-separated). |
| Memory Size | Enter the memory capacity for the Lambda function (in MB). |
| Environment | Add key-value pairs of environment variables accessible from function code during execution. |
| Publish | Toggle on if you want to publish the first version of the function during creation. |
| Tags | Add key-value pairs of tags assigned to the new function. |
Update Function Using S3 Zip (Container)
The Update Function Using S3 Zip (Container) task updates a lambda function using the S3 zip.
In the release flow tab of a Release template, add a task of type AWS > Update Function Using S3 Zip (Container).
| Field | Description |
|---|---|
| Capabilities | Enter a value that matches the capability set for your Runner. This helps route jobs to that Runner. |
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Function Name | Enter the AWS Lambda function name that must be updated. |
| S3 Bucket Name | Enter the S3 bucket name where the .zip file containing your deployment package is stored. |
| S3 Object Key | Enter the path to your .zip file containing the deployment package. |
| S3 Object Version | Enter the version of your deployment package. |
| Wait for Successful Status | Toggle on if you want to wait for the function to get updated and become successful. |
| Wait Interval | Enter the value in seconds to define the wait interval between each attempt. |
| Publish | Toggle on if you want to publish the new version of the function after update. |
Invoke Function (Container)
The Invoke Function Using S3 Zip (Container) task invokes a Lambda function.
In the release flow tab of a Release template, add a task of type AWS > Invoke Function (Container).
| Field | Description |
|---|---|
| Capabilities | Enter a value that matches the capability set for your Runner. This helps route jobs to that Runner. |
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Function Name | Enter the AWS Lambda function name that you want to invoke. |
| Invocation Type | Select a type from the drop-down list. This defines how the function is invoked. |
| Payload | Enter the JSON you want to provide to your Lambda function as input. |
| Client Context | Enter the value of the client context. |
| Qualifier | Specify a version or alias to invoke a published version of the function. |
Delete Function (Container)
The Delete Function Using S3 Zip (Container) task deletes a Lambda function.
In the release flow tab of a Release template, add a task of type AWS > Delete Function (Container).
| Field | Description |
|---|---|
| Capabilities | Enter a value that matches the capability set for your Runner. This helps route jobs to that Runner. |
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Function Name | Enter the AWS Lambda function name that you want to delete. |
| Qualifier | Specify a version of the function that you want to delete. |
Create Secret (Container)
The Create Secret (Container) task creates a new secret in AWS Secrets Manager.
| Field | Description |
|---|---|
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Name | Enter the name of the secret. |
| Value | Enter the value of the secret. |
Get Secret (Container)
The Get Secret (Container) task retrieves a stored secret from AWS Secrets Manager.
| Field | Description |
|---|---|
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Name | Enter the name (SecretId) of the secret to retrieve. |
| Key | Enter the key within the secret to retrieve. If omitted, the entire secret value is returned. |
Update Secret (Container)
The Update Secret (Container) task updates an existing secret in AWS Secrets Manager.
| Field | Description |
|---|---|
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Name | Enter the name (SecretId) of the secret to update. |
| Key | Enter the key within the secret to update. If omitted, the full secret string is overwritten. |
| Value | Enter the new secret value. |
Delete Secret (Container)
The Delete Secret (Container) task deletes a secret from AWS Secrets Manager.
| Field | Description |
|---|---|
| AWS Server | Select the configured AWS server. |
| Region | Enter the AWS region to be used. |
| Name | Enter the name (SecretId) of the secret to delete. |
| Recovery Window (Days) | Enter the number of days (7–30) before permanent deletion. Defaults to 30 if omitted. |
| Force Delete Without Recovery | Toggle on to delete the secret immediately without a recovery window. |
