Once you've added a Lambda Service to your Application, you can define Environments where your Service can be deployed. In an Environment, you specify the following in the Service Infrastructure of an Environment:
The Lambda Service where your functions zip file and functions specs are contained, set up in Lambda Services.
An Environment can be a Dev, QA, Production, or other Environment. You can deploy one or many Services to each Environment by creating a Service Infrastructure in the Environment for each Service.
Create a New Harness Environment
The following procedure creates an Environment for the Lambda Service type set up in Lambda Services.
In your Harness Application, click Environments. The Environments page appears.
Click Add Environment. The Environment dialog appears.
In Name, enter a name that describes the deployment environment, for example, Lambda.
In Environment Type, select Non-Production.
Click SUBMIT. The new Environment page appears.
Add a Service Infrastructure
You define the AWS VPC, subnets, and security groups to use for the Lambda deployment as a Service Infrastructure.
To add a service infrastructure, do the following:
In the Harness Environment, click Add Service Infrastructure. The Service Infrastructure dialog appears.
In Service, select the Harness Lambda Service you created in Lambda Services.
In Cloud Provider, select the AWS Cloud Provider you added in Connectors and Providers Setup. The dialog will look something like this:
Click Next. The Configuration section appears.The Configuration settings are similar to the --role and --vpc-config options in the aws lambda create-function command. For example:
Already Provisioned/Dynamically Provisioned - If you have a Harness Infrastructure Provisioner configured, select Dynamically Provisioned, and select the provisioner. For more information, see Infrastructure Provisioners Overview. The setting below are for Already Provisioned.
IAM Role - The IAM role that AWS Lambda assumes when it executes your function.
Region - The AWS region where your function will be used.
VPC - The VPC the function will connect to in your account. You connect your function to the VPC to access private resources during execution. Lambda runs your function code securely within a VPC by default. However, to enable your Lambda function to access resources inside your private VPC, you must provide additional VPC-specific configuration information that includes private subnet IDs and security group IDs. AWS Lambda uses this information to set up elastic network interfaces (ENIs) that enable your function to connect securely to other resources within your private VPC. For more information and guidelines, see Configuring a Lambda Function to Access Resources in an Amazon VPC from AWS.
Subnets - The subnet IDs for the subnets in the VPC where the Lambda function will access resources. AWS recommends that you choose at least 2 subnets for Lambda to run your functions in high availability mode.
Security Groups - The security group ID(s) for the Lambda function. When you set a VPC for your function to access, your Lambda function loses default Internet access. If you require external Internet access for your function, make sure that your security group allows outbound connections and that your VPC has a NAT gateway.
When you are done, the dialog will look something like this:
Click SUBMIT. The new Service Infrastructure is added to the Harness environment.
That is all you have to do to set up the deployment Environment in Harness. Now you can create the deployment Workflow in Harness.
Override Service Settings
Your Service Infrastructure can overwrite Service Config Variables, Config Files, and other settings. This enables you to have a Service keep its settings but have them changed when used with this Environment.
