I have AWS account with huge amount of AWS Lambda functions and I'd like to check all environment variables of all functions and try to find functions which use some specific values there. How can I to do that without manual checking of each function in AWS console? Does AWS CLI allow that?
2 Answers
4
votes
Yes the AWS CLI allows you to check your Lambda environment variables. To automate it end to end you'll need to chain some commands together. Also, I defaulted to using jq for the heavy lifting. I'm sure there is a way to do this in JMESPath but I didn't have time to figure it out.
Here's the overview of how it works:
- Get a list of Lambda function names by calling
list-functionsand pipe that list as text toxargs - Take the output from the previous step and use it to get all the Lambda function configuration details by calling
get-function-configuration. - Pipe that output to
jq, ensure theEnvironmentfield is not null and search for the Variable you want. In this case I'm searching for a variable calledcustomerwhich has a value ofshared_services. - Output the Lambda function name.
The code:
aws lambda list-functions --query 'Functions[*].[FunctionName]' --output text | xargs -I {} aws lambda get-function-configuration --function-name {} | jq -r 'select((.Environment) and select(.Environment.Variables.customer == "shared_services"))| .FunctionName'
Output
copy_snaps_shared_services
snapshot_by_customer
References
JQ Manual
JQ Presence of Key before Iterating
AWS CLI Usage Examples
AWS Lambda Get Function Configuration
AWS Lambda List Functions
1
votes
You should be able to use the AWS CLI get-function to get the meta about the Lambda function. The returned meta-data includes a presigned URL for downloading the deployment package. You can donwload the deployment package, unpack it, and search the source code for references to the environment variables you are looking for.
Take a look at this script to see how it can easily be done: https://gist.github.com/nemaniarjun/defdde356b6678352bcd4af69b7fe529
