This pattern demonstrates how to create and deploy AWS Lambda Managed Instances using AWS CDK in TypeScript. Lambda Managed Instances allow you to run Lambda functions on dedicated EC2 instances for workloads that require more control over the underlying infrastructure.
Learn more about this pattern at Serverless Land Patterns: Lambda Managed Instances
Important: this application uses various AWS services and there are costs associated with these services after the Free Tier usage - please see the AWS Pricing page for details. You are responsible for any AWS costs incurred. No warranty is implied in this example.
- Create an AWS account if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources.
- AWS CLI installed and configured
- Node.js (version 18.x or later)
- AWS CDK installed (
npm install -g aws-cdk) - Git Installed
This CDK stack creates:
-
IAM Roles:
- Lambda execution role with basic execution permissions
- Capacity provider operator role for managing EC2 instances
-
VPC Resources:
- New VPC with CIDR 10.0.0.0/16
- Private subnet with NAT Gateway for outbound internet access
- Security group for Lambda Managed Instances
-
Lambda Capacity Provider:
- Manages EC2 instances (x86_64 architecture)
- Maximum 30 vCPUs scaling configuration
-
Lambda Function:
- Node.js 20.x runtime
- 2048 MB memory allocation
- 512 MB ephemeral storage
- Configured to use the managed instances capacity provider
-
Clone this repository and navigate to the pattern directory:
cd lambda-managed-instances-cdk-ts -
Install dependencies:
npm install
-
Build the TypeScript code:
npm run build
-
Bootstrap CDK (if you haven't done this before in your account/region):
cdk bootstrap
-
Deploy the stack:
cdk deploy
-
Note the outputs from the CDK deployment process. These contain the resource names and ARNs which are used for testing.
-
Infrastructure Setup: The CDK creates all necessary infrastructure including VPC, subnets, security groups, and IAM roles.
-
Capacity Provider: A Lambda capacity provider is created that manages EC2 instances in your VPC. This provider can scale up to 30 vCPUs based on demand.
-
Lambda Function: The Lambda function is configured to use the managed instances capacity provider instead of the standard serverless execution environment.
-
Function Execution: When invoked, the Lambda function runs on dedicated EC2 instances managed by the capacity provider, providing more control over the execution environment.
-
Test the Lambda function using the AWS CLI:
aws lambda invoke \ --function-name my-managed-instance-function \ --payload '{"test": "data"}' \ response.json -
Check the response:
cat response.json
-
You should see a response like:
{ "statusCode": 200, "body": "{\"message\":\"Hello from Lambda Managed Instances!\",\"event\":{\"test\":\"data\"}}" } -
Monitor the function execution in CloudWatch Logs to see the detailed execution logs.
npm run build- compile typescript to jsnpm run watch- watch for changes and compilecdk deploy- deploy this stack to your default AWS account/regioncdk diff- compare deployed stack with current statecdk synth- emits the synthesized CloudFormation templatecdk destroy- delete the stack
-
Delete the stack:
cdk destroy
-
Confirm when prompted to delete the stack and all its resources.
- Lambda Managed Instances require VPC configuration and have different networking requirements compared to standard Lambda functions.
- The capacity provider manages EC2 instances automatically, scaling based on function invocation demand.
- This pattern is suitable for workloads that need more control over the execution environment or have specific networking requirements.
Copyright 2025 Amazon.com, Inc. or its affiliates. All Rights Reserved.
SPDX-License-Identifier: MIT-0