Skip to main content

AWS Lambda Production Check

This Lambda is in production β€” proceed with caution
πŸ”’
https://eu-central-1.console.aws.amazon.com/lambda/home?region=eu-central-1#/functions/shop-order-processing?tab=code
preload

This integration helps engineers quickly identify when they're working with AWS Lambda functions in production environments. It displays a warning when the AWS account ID matches a configured production account.

How does it help?​

A large number of mistakes are being done when engineers believe a resource is not in production, when it actually is.

This integration:

  • Displays "In production env!" with important status if it's a production account
  • Shows nothing if it's not a production account

Preview​

How it looks in the extension

ToolJumpβ€’In production env!β€’ ... Other items ...

Configuration​

The integration uses a simple account ID check. You'll need to update the PRODUCTION_ACCOUNT_ID constant in the integration file with your actual production AWS account ID.

const PRODUCTION_ACCOUNT_ID = '12345678'; // Replace with your production account ID

When it runs​

This integration runs when:

  • You're on an AWS Lambda function page (console.aws.amazon.com/lambda)
  • The AWS account ID is available in the context
  • The service type is lambda
Alternative Detection Methods

While this integration only checks the account ID, you could also modify it to check for function name patterns like -prod or -production suffixes for additional environment detection.

Installation​

  1. Copy the integration file to your examples/data/ directory
  2. Update the PRODUCTION_ACCOUNT_ID with your actual production account ID
  3. The integration will automatically be available when you visit AWS Lambda function pages

Security Note​

This integration only reads the account ID from the page context and doesn't make any external API calls, making it safe to use without additional AWS credentials.

Code​

aws-lambda-production-check.integration.example.js
module.exports = {
    metadata: {
        name: 'aws-lambda-production-check',
        description: 'Shows production environment status for AWS Lambda functions',
        match: {
            contextType: 'aws',
            context: {
                'service.name': { equals: 'lambda' },
                'global.accountId': { exists: true }
            }
        },
        cache: 3600
    },
    
    async run(context, secrets = {}, dataFiles = []) {
        logger.info({
            operation: 'aws-lambda-production-check',
            step: 'initialization',
            contextService: context.service.name,
            accountId: context.global.accountId
        }, 'AWS Lambda production check starting');
        
        // Production account ID - replace with your actual production account ID
        const PRODUCTION_ACCOUNT_ID = '12345678';
        
        if (context.global.accountId === PRODUCTION_ACCOUNT_ID) {
            logger.info({
                operation: 'aws-lambda-production-check',
                step: 'production-detected',
                accountId: context.global.accountId,
                functionName: context.service.resourceName
            }, 'Production environment detected');
            
            return [{
                type: 'text',
                content: 'In production env!',
                status: 'important'
            }];
        }

        logger.debug({
            operation: 'aws-lambda-production-check',
            step: 'no-production',
            contextService: context.service.name,
            accountId: context.global.accountId
        }, 'Not in production environment');

        return [];
    }
};