Harness Key Concepts

Built-in App Tour Guide

AWS AMI Quickstart

AWS CodeDeploy Quickstart

AWS ECS Quickstart

AWS Lambda Quickstart

Helm Quickstart

IIS (.NET) Quickstart

Kubernetes Quickstart

Pivotal Cloud Foundry Quickstart

Tour Harness Manager

Supported Platforms and Technologies

Checklist Builder

Delegate Installation and Management

Delegate Connection Requirements

Delegate Server Requirements

Common Delegate Profile Scripts

Using the Helm Delegate

Target Delegates to Specific Namespaces

Automate Harness Kubernetes Delegate Setup

Connectors Overview

Add Artifact Servers

Add Cloud Providers

Add Source Repo Providers

Add Verification Providers

Add Collaboration Providers

User Notifications and Alert Settings

Harness Editions

Migrating to Harness Community

Add Application Stacks

Use Templates

Using Tags

Deployments Overview

AMI Deployments Overview

AMI Basic Deployment

AMI Canary Deployment

AMI Blue/Green Deployment

AMI Spotinst Elastigroup Deployment

ECS Deployments Overview

1 - Harness ECS Delegate

2 - ECS Connectors and Providers Setup

3 - ECS Services

4 - ECS Environments

5 - ECS Workflows

6 - ECS Blue/Green Workflows

7 - ECS Setup in YAML

8 - ECS Troubleshooting

Lambda Deployment Overview

1 - Delegate and Connectors for Lambda

2 - Services for Lambda

3 - Lambda Environments

4 - Lambda Workflows and Deployments

5 - Verifications and Troubleshooting

Build and Deploy Pipelines Overview

1 - Harness Account Setup

2 - Service and Artifact Source

3 - Build Workflow

4 - Environment

5 - Deploy Workflow

6 - Artifact Build and Deploy Pipelines

7 - Triggers

Azure Deployments Overview

1 - Harness Account Setup for Azure

2 - Service and Azure Artifact Source

3 - Azure Environment

4 - Azure Workflows and Deployments

5 - Azure Troubleshooting

Helm Deployment Guide Overview

1 - Delegate, Providers, and Helm Setup

2 - Helm Services

3 - Helm Environments

4 - Helm Workflows and Deployments

5 - Helm Troubleshooting

Upgrade Native Helm 2 Deployments to Helm 3

IIS (.NET) Deployment Overview

1 - Delegate and Connectors for IIS

2 - Services for IIS (.NET)

3 - IIS Environments in AWS and Azure

4 - IIS Workflows and Pipelines

5 - Best Practices and Troubleshooting

Kubernetes How-tos

Connect to Your Target Kubernetes Platform

Add Container Images for Kubernetes Deployments

Pull an Image from a Private Registry for Kubernetes

Define Kubernetes Manifests

Use Go Templating in Kubernetes Manifests

Adding and Editing Inline Kubernetes Manifest Files

Upload Kubernetes Resource Files

Use a Helm Repository with Kubernetes

Link Resource Files or Helm Charts in Git Repos

Using Harness Config Variables in Manifests

Use Harness Config Files in Manifests

Override Remote Values YAML Files

Override Harness Kubernetes Service Settings

Define Your Kubernetes Target Infrastructure

Provision Kubernetes Infrastructures

Create a Kubernetes Canary Deployment

Create a Kubernetes Rolling Deployment

Create a Kubernetes Blue/Green Deployment

Kubernetes Workflow Variable Expressions

Create Kubernetes Namespaces based on InfraMapping

Create Kubernetes Namespaces with Workflow Variables

Set Up Kubernetes Traffic Splitting

Deploy Manifests Separately using Apply Step

Use Kustomize for Kubernetes Deployments

Ignore a Manifest File During Deployment

Set up Kubernetes Ingress Rules

Scale Kubernetes Pods

Delete Kubernetes Resources

Traffic Splitting Without Istio

Kubernetes Versioning and Annotations

Upgrade to Helm 3 Charts in Kubernetes Services

Using OpenShift with Harness Kubernetes

Harness Kubernetes V2 Changes

Use Helm Chart Hooks in Kubernetes Deployments

Run Kubernetes Jobs

Pivotal Cloud Foundry Deployments

1 - Delegate and Connectors for PCF

2 - Services for PCF

3 - PCF Environments

4 - PCF Workflows and Deployments

Using CLI Plugins in Harness PCF Deployments

Traditional Deployments Overview

1 - Delegate, Providers, and Connectors Setup

2 - Services for App Packages

3 - App Stacks and Default Variables

4 - Commands and Scripts

5 - Environments for Traditional Deployments

6 - Traditional Workflows and Deployments

Create an Application

Services

Custom Artifact Source

Service Types and Artifact Sources

Add a Docker Artifact Source

Add an Azure DevOps Artifact Source

Environments

Infrastructure Definitions

Migrating from Service Infrastructures to Infrastructure Definitions

Service Infrastructures

Workflows

Using the HTTP Command

Using the Shell Script Command

Using the Jenkins Command

Jira Integration

ServiceNow Integration

Passing Variables into Workflows and Pipelines from Triggers

Resource Restrictions

Workflow Queuing

Target Specific Hosts During Deployment

Using the Terraform Apply Command

Skip Workflow Steps

Post-Deployment Rollback

Select Nodes in a Rolling Deployment Workflow

Workflow Steps UI Changes

Integrate Tests into Harness Workflows

Pipelines

Pipeline Skip Conditions

Infrastructure Provisioners Overview

Terraform Provisioner

CloudFormation Provisioner

Shell Script Provisioner

Triggers

Approvals

Harness GitOps

Onboard Teams Using GitOps

Set Up 24/7 Service Guard

AppDynamics Verification Overview

1 - AppDynamics Connection Setup

2 - 24/7 Service Guard for AppDynamics

3 - Verify Deployments with AppDynamics

Bugsnag Verification Overview

1 - Bugsnag Connection Setup

2 - 24/7 Service Guard for Bugsnag

3 - Verify Deployments with Bugsnag

CloudWatch Verification Overview

1 - CloudWatch Connection Setup

2 - 24/7 Service Guard for CloudWatch

3 - Verify Deployments with CloudWatch

Datadog Verification Overview

1 - Datadog Connection Setup

2 - 24/7 Service Guard for Datadog

3 - Verify Deployments with Datadog

Dynatrace Verification Overview

1 - Dynatrace Connection Setup

2 - 24/7 Service Guard for Dynatrace

3 - Verify Deployments with Dynatrace

Elasticsearch Verification Overview

1 - Elasticsearch Connection Setup

2 - 24/7 Service Guard for Elasticsearch

3 - Verify Deployments with Elasticsearch

4 - Troubleshooting Elasticsearch

New Relic Verification Overview

1 - New Relic Connection Setup

2 - 24/7 Service Guard for New Relic

3 - New Relic Deployment Marker

4 - Verify Deployments with New Relic

5 - Troubleshooting New Relic

Prometheus Verification Overview

1 - Prometheus Connection Setup

2 - 24/7 Service Guard for Prometheus

3 - Verify Deployments with Prometheus

Splunk Verification Overview

1 - Splunk Connection Setup

2 - 24/7 Service Guard for Splunk

3 - Verify Deployments with Splunk

Stackdriver Verification Overview

1 – Stackdriver Connection Setup

2 – 24/7 Service Guard for Stackdriver

3 – Verify Deployments with Stackdriver

Sumo Logic Verification Overview

1 - Sumo Logic Connection Setup

2 - 24/7 Service Guard for Sumo Logic

3 - Verify Deployments with Sumo Logic

Instana Verification Overview

1 – Instana Connection Setup

2 – 24/7 Service Guard for Instana

3 – Verify Deployments with Instana

Custom Verification Overview

1 - Custom Verification Connection Setup

2 - 24/7 Service Guard for Custom Logs

3 - 24/7 Service Guard for Custom Metrics

4 - Verify Deployments with Custom APMs and Logs

5 - Datadog as a Custom APM

6 – AppDynamics as a Custom APM

File Jira Tickets on Verification Events

CV Strategies, Tuning, and Best Practices

Harness Verification Feedback Overview

Refine 24/7 Service Guard Verification Analysis

Refine Deployment Verification Analysis

Verification Event Classifications

Managing Users and Groups (RBAC)

Authentication Settings

SSO Provider Overview

Single Sign-On (SSO) with OAuth 2.0

Single Sign-On (SSO) with LDAP

Single Sign-On (SSO) with SAML

Provisioning Users with Okta (SCIM)

Two-Factor Authentication

Secrets Management

Deployment Freeze

IP Whitelist Management

API Keys

Audit Trail

Pipeline Governance

Main and Services Dashboards

Custom Dashboards

Serverless Functions Dashboard

Harness Search

Harness On-Prem Release Notes

On-Prem Overview

Kubernetes Connected On-Prem Setup

Docker Connected On-Prem Setup

Docker Connected On-Prem Monitoring

Docker Connected Start/Stop Scripts

Harness Disconnected On-Prem Setup

OpenShift Connected On-Prem Setup

Connected On-Prem Disaster Recovery Strategy (3 Node Architecture)

Connected On-Prem Backup and Restore Strategy

On-Prem Migration

Harness API

Encrypted Text API

Encrypted Files API

SSH Credentials API

WinRM Credentials API

Configuration as Code

Harness YAML Code Reference

Variables and Expressions in Harness

JSON and XML Functors

Troubleshooting

Diagnose Issues

Harness Kubernetes v1 FAQ

Deployment Concepts and Strategies

CI/CD with the Build Workflow

Artifact Build and Deploy Pipelines Overview

AWS AMI Deployments Overview

AMI Spotinst Elastigroup Deployments Overview

AWS ECS Deployments Overview

AWS Lambda Deployments Overview

Azure Kubernetes Service (AKS) Deployments Overview

Helm Deployments Overview

IIS (.NET) Deployments Overview

Kubernetes Deployments Overview

Pivotal Cloud Foundry Deployments Overview

What Is Continuous Verification (CV)?

Why Perform Continuous Verification?

When Does Harness Verify Deployments?

How Does Harness Perform Continuous Verification?

Who Are Harness' Verification Providers?

Verification Results Overview

24/7 Service Guard Overview

Customer Case Studies

Overview of Harness

Canary Deployment Video

Create an Application and Service Video

Create an Environment Video

Create a Workflow Video

Create a Pipeline Video

Create a Trigger Video

All Categories > How-to Guides > Continuous Deployments > AWS Lambda Deployments > 3 - Lambda Environments

3 - Lambda Environments

Updated 3 months ago by Michael Cretzman

Lambda Environment Summary
Create a New Harness Environment
Define the Infrastructure
Next Step

This topic shows you how to create an Environment that defines one or more deployment infrastructures for your Lambda Service. It covers:

Lambda Environment Summary

Once you've added a Lambda Service to your Application, you can define Environments where your Service can be deployed. Within an Environment, you specify the following in an Infrastructure Definition or Service Infrastructure:

The Lambda Service that contains your functions zip file and functions specs. (Set up in Lambda Services.)
A deployment type. In this case, Lambda.
The AWS Cloud Provider you set up in Connectors and Providers Setup.

An Environment can be a Dev, QA, Production, or other Environment. You can deploy one or many Services to each Environment by creating a Service Infrastructure in the Environment for each Service.

Create a New Harness Environment

The following procedure creates an Environment for the Lambda Service type, as set up in Lambda Services.

In your Harness Application, click Environments. The Environments page appears.
Click Add Environment. The Environment dialog appears.
In Name, enter a name that describes the deployment environment, for example, Lambda.
In Environment Type, select Non-Production.
Click SUBMIT. The new Environment page appears.

Define the Infrastructure

Next, you define one or more Service Infrastructures—or Infrastructure Definitions—for the Environment.

Infrastructure Definition is replacing Service Infrastructure as a more flexible method for defining your target infrastructure. Currently, Infrastructure Definition is behind a feature flag. Contact Harness Support to migrate to the Infrastructure Definition feature.

During the transition, we document both options:

Service Infrastructure
Infrastructure Definition

Service Infrastructure

To add a Service Infrastructure that defines the AWS VPC, subnets, and security groups to use for the Lambda deployment:

In the Harness Environment, click Add Service Infrastructure. The Service Infrastructure dialog appears.
In Service, select the Harness Lambda Service you created in Lambda Services.
In Cloud Provider, select the AWS Cloud Provider you added in Connectors and Providers Setup. The dialog will look something like this:
Click Next. The Configuration section appears.
The Configuration settings are similar to the --role and --vpc-config options in the aws lambda create-function command. For example:

$ aws lambda create-function --function-name ExampleApp-aws-lambda-Lambda-my-function \
--runtime nodejs8.10 --handler index.handler --zip-file lambda/function.zip \
--role execution-role-arn \
--vpc-config SubnetIds=comma-separated-vpc-subnet-ids,SecurityGroupIds=comma-separated-security-group-ids

Configure the following settings:
1. Already Provisioned/Dynamically Provisioned - If you have a Harness Infrastructure Provisioner configured, select Dynamically Provisioned, and select the provisioner. For more information, see Infrastructure Provisioners Overview. The setting below are for Already Provisioned.
2. IAM Role - The IAM role that AWS Lambda assumes when it executes your function.
3. Region - The AWS region where your function will be used.
4. VPC - The VPC the function will connect to in your account. You connect your function to the VPC to access private resources during execution. Lambda runs your function code securely within a VPC by default. However, to enable your Lambda function to access resources inside your private VPC, you must provide additional VPC-specific configuration information that includes private subnet IDs and security group IDs. AWS Lambda uses this information to set up elastic network interfaces (ENIs) that enable your function to connect securely to other resources within your private VPC. For more information and guidelines, see Configuring a Lambda Function to Access Resources in an Amazon VPC from AWS.
5. Subnets - The subnet IDs for the subnets in the VPC where the Lambda function will access resources. AWS recommends that you choose at least 2 subnets for Lambda to run your functions in high availability mode.
6. Security Groups - The security group ID(s) for the Lambda function. When you set a VPC for your function to access, your Lambda function loses default Internet access. If you require external Internet access for your function, make sure that your security group allows outbound connections and that your VPC has a NAT gateway.
When you are done, the dialog will look something like this:
Click SUBMIT. The new Service Infrastructure is added to the Harness environment.

That is all you have to do to set up the deployment Environment in Harness. Now you can create the deployment Workflow.

Infrastructure Definition

A Harness Infrastructure Definition defines the AWS VPC, subnets, and security groups to use for the Lambda deployment.

Currently, Infrastructure Definition is behind a feature flag. Contact Harness Support to migrate to the Infrastructure Definition feature.

To add the Infrastructure Definition:

In the Harness Environment, click Add Infrastructure Definition. The Infrastructure Definition dialog appears.
The Infrastructure Definition dialog appears.
Enter a Name that will identify this Infrastructure Definition when you add it to a Workflow.
In Cloud Provider Type, select Amazon Web Services.
In Deployment Type, select AWS Lambda. This expands the Infrastructure Definition dialog to look something like this:
Select Use Already Provisioned Infrastructure, and follow the Define a Provisioned Infrastructure steps below.

If you are using a configured Harness Infrastructure Provisioner, instead select Map Dynamically Provisioned Infrastructure, and then select the provisioner. The settings below are for Use Already Provisioned Infrastructure.

Define a Provisioned Infrastructure

The Infrastructure Definition dialog's lower section defines settings similar to the ‑‑role and ‑‑vpc-config options in the aws lambda create-function command. For example:

$ aws lambda create-function --function-name ExampleApp-aws-lambda-Lambda-my-function \
--runtime nodejs8.10 --handler index.handler --zip-file lambda/function.zip \
--role execution-role-arn \
--vpc-config SubnetIds=comma-separated-vpc-subnet-ids,SecurityGroupIds=comma-separated-security-group-ids

To fill out the Infrastructure Definition dialog's lower section:

In Cloud Provider, select the AWS Cloud Provider you added in Connectors and Providers Setup.

After your Cloud Provider selection, the remaining drop-down lists take a few seconds to populate. Later, some fields will again take a few seconds to repopulate based on your selections in other fields.

In IAM Role, select IAM role that AWS Lambda assumes when it executes your function.
In Region, select the AWS region where your function will be used.
In VPC, select the virtual private cloud to which the function will connect in your account.

You connect your function to the VPC to access private resources during execution. Lambda runs your function code securely within a VPC by default. However, to enable your Lambda function to access resources inside your private VPC, you must provide additional, VPC-specific configuration information that includes private subnet IDs and security group IDs. AWS Lambda uses this information to set up elastic network interfaces (ENIs) that enable your function to connect securely to other resources within your private VPC. For more information and guidelines, see Configuring a Lambda Function to Access Resources in an Amazon VPC from AWS.

In Subnets, select the subnet IDs for the subnets (within the VPC) where the Lambda function will access resources. AWS recommends that you choose at least two subnets for Lambda to run your functions in high availability mode.
In Security Groups, select the security group ID(s) for the Lambda function. When you set a VPC for your function to access, your Lambda function loses default Internet access. If you require external Internet access for your function, make sure that your security group allows outbound connections, and that your VPC has a NAT gateway.
Enable Scope to Specific Services, and use the adjacent drop-down to select the Harness Lambda Service you created in Lambda Services.

Scoping is a recommended step, to make this Infrastructure Definition available to any Workflow or Phase that uses your Lambda Service.

When you are done, the dialog will look something like this:

Click Submit. The new Infrastructure Definition is added to the Harness environment.

That is all you have to do to set up the deployment Environment in Harness. Now you can create the deployment Workflow.

Override Service Settings

Your Service Infrastructure can overwrite Service Config Variables, Config Files, and other settings. This enables you to maintain a Service's native settings, but change them when the Service is used with this Environment.

For more information, see Override a Service Configuration.

Next Step

4 - Lambda Workflows and Deployments

3 - Lambda Environments

Lambda Environment Summary

Create a New Harness Environment

Define the Infrastructure

Service Infrastructure

Infrastructure Definition

Define a Provisioned Infrastructure

Override Service Settings

Next Step

How did we do?

Related Articles 4 - ECS Environments Migrating from Service Infrastructures to Infrastructure Definitions Environments

Feedback

Related Articles

4 - ECS Environments

Migrating from Service Infrastructures to Infrastructure Definitions

Environments