lambda-shell-runtime provides a minimal AWS Lambda custom runtime implemented using the execution environment’s standard POSIX shell, following the official AWS Lambda custom runtime specification as closely as possible.
The runtime is packaged as a Lambda Layer and is intended to be consumed directly or via the AWS Serverless Application Repository (SAR).
- Architecture: arm64, amd64
- Runtime type: AWS Lambda custom runtime (
provided.al2023) - Shell: system-provided
/bin/sh - Distribution: Lambda Layer
- Tools included:
- AWS CLI v2 (Linux aarch64, x86_64)
- jq
- Adhere strictly to AWS Lambda custom runtime documentation
- Use only AWS-defined environment variables and contracts
- Avoid abstractions, frameworks, or opinionated conventions
- Prefer predictable, explicit, and minimal behavior
- Make the runtime transparent and easy to audit
- Keep tooling strictly POSIX shell; any non-POSIX tooling must be documented here
- runtime/bootstrap
- layer/opt
- scripts/
- build_layer.sh
- package_layer.sh
- test-smoke.sh
- test-unit.sh
- test-int.sh
- docker/Dockerfile
- examples/
- function.sh
- README.md
- template/
- template.yaml
- template-arm64.yaml
- template-amd64.yaml
- aws-setup.yaml
- USAGE.md
- DEVELOPMENT.md
- dist/
- Makefile
- README.md
- LICENSE
- .gitignore
....
The layer zip is unpacked into /opt. The zip root should contain bootstrap, bin/, aws-cli/, and lib/ so
they appear as /opt/... at runtime. Do not include a top-level opt/ directory.
Expected contents at runtime:
/opt/bootstrap/opt/bin/aws/opt/bin/jq/opt/aws-cli/
/opt/bin is added to PATH by the runtime.
bootstrapis the runtime entrypoint.- The runtime implements the standard AWS Lambda Runtime API loop:
- Initialize the runtime.
- Poll the Runtime API for the next invocation.
- Pass the event payload to the handler via STDIN.
- Read handler STDOUT as the invocation response.
- Send the response back to the Runtime API.
The runtime does not transform or reinterpret event or response payloads.
- The handler is a shell script included in the Lambda function package.
- The handler name is provided via the
_HANDLERenvironment variable. - Example:
_HANDLER=function.handlerloadsfunction.shand invokeshandler. - The handler function:
- Reads the event JSON from STDIN
- Writes the response JSON to STDOUT
- Writes logs to STDERR
- For compatibility, if
_HANDLERdoes not contain a dot, the runtime treats it as a handler file and runs it with the event on STDIN.
No additional response validation is performed.
- All binaries are built in a Docker environment based on Amazon Linux 2023 (arm64, x86_64).
- AWS CLI v2:
- Installed using the official Linux installer for the target architecture
- Installed under
/opt/aws-cli - Exposed via
/opt/bin/aws
- jq:
- Installed via
dnf - Copied into
/opt/bin/jq
- Installed via
- All shell scripts should pass
shellcheck - Smoke tests verify:
aws --versionjq --version- End-to-end runtime invocation with a sample handler
Documented exceptions used by this repo:
- Build/package: Docker (layer build), zip (layer packaging)
- Test: ShellSpec (vendored test runner), AWS SAM CLI (
sam) + Docker (integration tests) - Release/ops: AWS CLI (
aws) (aws-setup/aws-check/publish/deploy/release), AWS SAM CLI (sam) (package/publish/release), Git (release/tag automation), curl (release checks/aws-check/deploy)
Runtime host requirements (non-POSIX): curl, mktemp.
- Git tags correspond to releases
- Each release produces versioned layer artifacts:
lambda-shell-runtime-arm64-<version>.ziplambda-shell-runtime-amd64-<version>.zip
- Apache License 2.0
- All bundled third-party software must be compatible with Apache-2.0
- Automatic dependency updates
- Opinionated handler frameworks
- Nonstandard configuration or environment variables
This document defines the authoritative design constraints for the project.
- Do not create commits unless explicitly asked.