The AWS Toolkit for Visual Studio Code enables you to debug your AWS Lambda functions that are running in the cloud, directly in VS Code. With AWS Lambda remote debugging you can inspect running functions, set breakpoints, examine variables, and step-through debugging without modifying their existing development workflow.
The following sections describe how to work with Lambda remote debugging in the AWS Toolkit for Visual Studio Code.
How Lambda remote debugging worksThe AWS Toolkit enables remote debugging by temporarily modifying your Lambda functions with an additional Lambda debugging layer and extending the Lambda invoke timeout limit to 900 seconds. A secure connection is established between your local debugger and the Lambda runtime environment using AWS IoT Secure Tunneling. This connection allows you to use your local-code breakpoints to step through the function as it executes remotely. After your debugging session is complete, all of the temporary modifications are automatically reverted to their original settings.
Getting Started Supported runtimesThe following runtimes are supported by Lambda remote debugging.
Python (Amazon Linux 2023)
Java
JavaScript/Node.js (Amazon Linux 2023)
Before you begin, the following prerequisites must be met.
You must have valid AWS credentials configured in the AWS Toolkit. For additional details about installing the AWS Toolkit and configuring your credentials, see the Getting started topic in this user guide.
A Lambda function has been deployed to your AWS account. For details on deploying a Lambda function, see the Create your first Lambda function topic in the AWS Lambda Developer Guide.
You must have appropriate AWS Identity and Access Management (IAM) policy and permissions to debug your function. For additional details on Lambda permissions, see the AWS managed policies for AWS Lambda topic in the AWS Lambda Developer Guide. The following is an example of a policy that contains the minimum required permissions for working with Lambda remote debugging in the AWS Toolkit.
NoteRemote debugging is enabled through AWS AWS IoT Secure Tunneling. This allows your local debugger to establish a secure connection to the Lambda runtime environment.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:ListFunctions",
"lambda:GetFunction",
"lambda:GetFunctionConfiguration",
"lambda:GetLayerVersion",
"lambda:UpdateFunctionConfiguration",
"lambda:InvokeFunction",
"lambda:PublishVersion",
"lambda:DeleteFunction",
"iot:CloseTunnel",
"iot:OpenTunnel",
"iot:RotateTunnelAccessToken",
"iot:ListTunnels"
],
"Resource": "*"
}
]
}
There are two main paths to access Lambda remote debugging in the AWS Toolkit: the AWS explorer or the Application Builder explorer. From the AWS explorer, you can access Lambda remote debugging through your AWS Lambda nodes. From the Application Builder explorer, you can access Lambda remote debugging through your local AWS SAM projects.
Accessing Lambda remote debugging from the AWS explorerFrom VS Code, open the AWS Toolkit extension.
From the AWS Toolkit, expand the AWS explorer.
From the explorer, expand the Lambda node.
Navigate to the function you want to debug, then choose the Invoke remotely icon from the context menu to open the Remote invoke configuration screen.
From VS Code, open the AWS Toolkit extension.
From the AWS Toolkit, expand the application builder explorer.
From the explorer expand the AWS SAM project that contains the Lambda project you want to debug.
Expand the deployed Lambda function that you want to debug.
Navigate to the function remote, then choose the Invoke remotely icon from the context menu to open the Remote invoke configuration screen.
The following sections describe how to work with Lambda remote debugging in the AWS Toolkit for Visual Studio Code.
NoteLambda functions have a 5-layer limit and a 250MB combined limit for function code and all attached layers. Lambda remote debugging requires at least 1 free layer to run.
Setting up a debugging sessionBefore you begin, configure your debugging session by completing the following procedure.
Open the Remote invoke configuration menu by completing the Accessing Lambda remote debug from the AWS explorer or the Accessing Lambda remote debug from the Application Builder explorer procedure, located in the previous section.
From the Remote invoke configuration menu, select the Remote Debugging check box to display the remote debugging properties.
Specify the Local Root Path to your local handler file.
NoteThe local root path is the location of your source code that matches the deployed Lambda function. If you're working from a deployed function in the Application Builder explorer, your local root path is automatically detected.
If you don't have the source code stored locally, choose the Download remote code button to retrieve your Lambda function source code. This will open your handler file in the VS Code editor.
From the Payload section, specify where your test-event data is obtained.
Set breakpoints and begin debugging by completing the following procedure.
From your handler file in the VS Code editor, click in the gutter-margin to set breakpoints at the line numbers where you want to pause debugging.
When you're satisfied with the breakpoints, return to the Remote invoke configuration menu to verify that your settings are configured correctly, then choose the Remote invoke button to start debugging.
The AWS Toolkit updates your Lambda function with debugging capabilities, establishes a secure tunnel for the debugging session, invokes your function with the specified payload, then pauses the process when it reaches a breakpoint.
At a breakpoint pause, use the RUN AND DEBUG pane to view your VARIABLES, CALL STACK, and BREAKPOINTS.
To modify your code and test changes with a quick deployment, complete the following procedure.
With your debugging session active, make changes to your handler file in the VS Code editor.
Save your changes (Command+S on macOS,Ctrl+S on Windows)
When prompted, confirm that you wish to proceed to deploy your changes. The AWS Toolkit will update your Lambda function with the modified code.
Continue debugging and testing your changes by setting new breakpoints and selecting the Remote invoke button again.
NoteAlternatively, you can deselect the Attach debugger option in the VS Code debugging controls and choose the Remote invoke button to run your function without debugging.
Each of the following options ends your remote debugging session and removes the debug layer from your project.
Choosing the Remove Debug Setup option from the Remote invoke configuration screen.
Choosing the disconnect icon from the VS Code debugging controls.
Closing the handler file in the VS Code editor.
Take note of the following:
The Lambda debug layer is automatically removed after 60 seconds of inactivity. The count begins when your last invoke is complete.
If you made code changes to your infrastructure-as-code (IaC) managed (AWS SAM, AWS CDK, Terraform) functions during the debugging process, save them to your local project and consider updating your source-control repository. Unsaved changes are overwritten when your IaC function redeploys.
If you made temporary changes for debugging purposes only, you may want to redeploy your function from your source control to ensure it matches your production code.
If your debug session fails, start the troubleshooting process by completing these steps.
Update the AWS Toolkit to the latest version.
Refresh the web view by closing the Remote invoke configuration web view and reopening it.
Restart VS Code by closing it completely and reopening it.
Open the VS Code Command Palette and enter the command AWS: Reset Lambda Remote Debugging Snapshot, select it when it populates in the results to reset your Lambda remote debugging snapshot.
If you're not able to troubleshoot the problem, submit an issue to AWS Toolkit for Visual Studio Code GitHub Issues.
Remote debugging requires attaching a debug layer to your Lambda function. If your function has code-signing configuration enabled and enforced, the AWS Toolkit can't automatically attach the debug layer to your function.
There are two options to resolve the code-signing configuration issue.
Temporarily remove code signing.
Use a signed debug layer.
Update the code-signing configuration by setting UntrustedArtifactOnDeployment : Warn, then re-enable it back to Enforced after the debugging process is complete.
For more information, see the UpdateCodeSigningConfig reference in the AWS Lambda API Reference.
Using a signed debug layerFrom Lambda remote debugging in the AWS Toolkit, expand the Remote debug additional configuration section.
From the Remote debug additional configuration section, copy your Region layer ARN from the Layer override field.
From the AWS CLI, use the following command to download the layer version aws lambda get-layer-version-by-arn --arn , replacing layer-arn with your layer ARN. For detailed instructions on how to download the signed debug layer, see the get-layer-version-by-arn reference in the AWS CLI Command Reference.layer-arn
Sign the layer with your code-signing configuration and publish it to your account. For signing and publishing guidance, see the Set up code signing for your AWS SAM application topic in the AWS Serverless Application Model Developer Guide.
After the layer has been signed and published to your account, return to the Remote debug additional configuration section of Lambda remote debugging, then enter the new layer ARN into the Layer override field. When the process is complete, Lambda remote debugging uses your signed layer instead of the default layer.
The following error occurs when a region doesn't support remote debugging.
Region ${region} doesn't support remote debugging yetThe following is a list of supported regions.
ap-east-1
ap-northeast-1
ap-northeast-2
ap-south-1
ap-southeast-1
ap-southeast-2
ca-central-1
eu-central-1
eu-north-1
eu-west-1
eu-west-2
eu-west-3
me-central-1
me-south-1
sa-east-1
us-east-1
us-east-2
us-west-1
us-west-2
Lambda functions have a 5-layer limit and a 250MB combined limit for function code and all attached layers. The remote debugging layer is approximately 40MB, which may cause your function to exceed this limit if you have a large function package or multiple layers. For additional details, see the Lambda: InvalidParameterValueException or RequestEntityTooLargeException topic section in the AWS Lambda Developer Guide.
The following list describes ways to troubleshoot and correct this error.
Reduce function size: Optimize your function code and remove unnecessary dependencies.
Remove unused layers: Temporarily remove non-essential layers during debugging.
Use external dependencies: Move large dependencies to external storage, such as Amazon S3, and load them at runtime.
The following is an example of the tunnel quota exceeded error that occurs when you've reached the daily limit for AWS IoT secure tunneling connections in Lambda remote debugging.
Error creating/reusing tunnel: LimitExceededException: Exceeded quota of Lambda debugging tunnelsAWS IoT Secure Tunneling connection have the following quotas:
Free-tier IoT secure tunneling is allotted 10 connections per day.
Each tunnel supports one VS Code instance for up to 12 hours.
The quota applies per AWS account, per day.
If you encounter the AWS IoT secure tunneling error, wait for the daily quota reset or contact AWS support to request a quota-limit increase. For AWS support contact info, see the AWS support contact portal. For detailed information about AWS IoT secure tunneling, see the AWS IoT secure tunneling topic in the AWS IoT Developer Guide.
Debugging TypeScript Lambda functions with source mapsThe following sections describe how to debug your TypeScript Lambda functions with source maps.
PrerequisitesTo debug your TypeScript Lambda functions, the following prerequisites must be met.
Your TypeScript must be complied with the source map option enabled. For additional information, see the JavaScript source map support topic in the VS Code documentation.
To work with in-line source maps, all changes must be redeployed to the cloud.
To configure Lambda remote debugging for TypeScript Lambda functions in the AWS Toolkit, complete the following steps.
From the AWS Toolkit, expand the AWS explorer.
From the explorer, expand the Lambda node.
Navigate to the function you want to configure for TypeScript, then choose the Invoke remotely icon from the context menu to open the Remote invoke configuration screen.
Enable remote debugging by select the Remote debugging check box.
Configure your Local Root Path by pointing to the directory containing your TypeScript handler file.
The TypeScript handler file is where you set your debugging breakpoints.
Expand Remote debug additional configuration settings.
Enable source mapping by selecting the Source map check box.
Set the Out files field to the local directory of your Lambda function copy.
If app.js and app.map are in .aws-sam/build/HelloWorldFunction, then make the Out files location /Users/.user/project/aws-sam/build/HelloWorldFunction/*
The Out file path should be an absolute path.
When you're satisfied with the settings, choose the Remote invoke button to begin debugging your TypeScript function.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4