- Newest
- Most votes
- Most comments
Why would you want to do that? By doing that you are exposing yourself to different security issues, as well as exploiting your account to run malicious code. Also, downloading the code dynamically will add to the function's cold start and latency.
Why not create a new function every time there is a code in the repo (using CI/CD pipelines)? This way you can include different scanning and testing tools as part of the build process.
I want to make it in a decentralized way so that if some new user wants to test our code which is changing time to time. This code needs the input as some sensitive information of user. They just need to do some initial setup and run the lambda function in their respective AWS accounts. Even though organization is built, the root user is only responsible for paying the bill. They shouldn't have any other control over the other accounts.
If this is what you need, create a Lambda function that the code loads the custom code dynamically (in can do it into /tmp) and then calls the entry point. Implementation will be language dependant.
As an option, you can use AWS CloudFormation Git sync https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/git-sync.html
please accept the answer if it was useful