This post describes all the necessary steps in order to build, run/debug locally, package and deploy AWS Lambda functions using Visual Studio Code. By the end of this post, you will be able to have a complete setup on your local computer where you can write code on Visual Studio Code, test it by step-through debugging and then have it packaged and deployed deployed to AWS Lambda.

This post will assume that the runtime used for Lambda is nodejs, but you should be able to use any other runtime with a few simple tweaks. Let’s get started.

Install AWS CLI and configure permissions

To install, check here to choose how you would like to install it, whether using pip or using the bundled installer.

Using the bundled installer, ensure that Python is installed:

python --version

Then download, unzip and install the bundle:

curl "" -o ""
sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws

After the installation, we will need to configure the AWS CLI, but first we need AWS account security credentials.

Now you can create the credentials from the account that you are using, but it is recommended that a new user with as limited permissions as possible should be created and then credentials from that user should be used, as credentials from your own account are not safe to be propagated on shared workstations, colleagues and codebases.

Creating AWS IAM User with limited accessibility

Go to AWS IAM Console:

  • Click Users from the left sidebar.
  • Click Add User.
  • Provide a User name, select Programmatic Access.
  • Click Next: Permissions

One the Permissions page, select Attach Existing Policies Directly and select the following permissions:

  • AWSLambdaFullAccess
  • AmazonS3FullAccess
  • AWSCloudFormationFullAccess
  • AmazonApiGatewayAdministrator
  • AWSIAMFullAccess

Note: We can have more limited access instead of full access, but that will require configuration on Role and Policies level and needs more adjustments. This is fine for starters and gives the idea, but make sure to limit the full access, especially removing the AWSIAMFullAccess and introducing limited IAM access using Roles in you SAM template.

Click Next, provide tags and create the User. After the creation, you will be shown the Access and Secret Key for the first and last time. Make sure you download it and store it someplace safe.

Configuring AWS

Open your terminal, configure AWS CLI by entering:

aws configure
AWS Secret Access Key [None]: wJalrXUtDUMMY/G9ETUOE/bPxRfiCYSECRETKEY
Default region name [None]: me-south-1
Default output format [None]: json

Enter your credentials and your region like in the example above. For more info, check this out.

This concludes the AWS IAM and CLI configuration. Let’s move onto what we need to do in Visual Studio Code.

Visual Studio Code Setup

Open Visual Studio Code and click Extensions. Search for AWS Toolkit for Visual Studio Code. Install the extension. It’s better to restart VS Code after the installation has finished.

Now open the command palette in VS Code. For MacOS, the shortcut key is Shift + Command + P

Type Create Credentials Profile. This will show you your ~/.aws/credentials and ~/.aws/config files:

Inside these files, you can have multiple named profiles and use them, such as in VS Code. The default profile is used in aws cli commands where you don’t explicitly mention the profile.

Open the command palette again in VS Code, this time enter Connect to AWS:

It is going to show you with a list consisting of default and named profiles. Choose the profile that you wish. Connection to AWS is going to start and will be set in several seconds and clicking the ‘aws’ on the left should show something like this:


Docker is not necessary to create and deploy serverless apps, but if you want to run or debug the application locally, then you have to install it. This will give you an environment similar to the one that AWS Lambda uses; using a container.

Install Docker from here depending on your platform.

Install AWS SAM

AWS SAM is an open source framework to manage the development of serverless applications. It has 2 main components:

  • AWS SAM template, which provides a clean way to describe your serverless application in a single file. This is where you are going to define the functions, permissions, APIs and configurations that constitute your serverless application. SAM templates are an extension of AWS CloudFormation templates, just optimised for serverless apps.
  • Then there is AWS SAM CLI, which uses the SAM template to verify, debug, package and deploy your serverless app.

Install from here depending on your platform. For MacOS, I will describe the process here.

Install Homebrew:

/usr/bin/ruby -e "$(curl -fsSL"

Verify the installation:

brew --version

Now install SAM:

brew tap aws/tap
brew install aws-sam-cli

And then verify:

sam --version

Note: While running the brew install aws-sam-cli command, you may encounter this issue if running MacOS: Cannot find AWS CLI installation, was looking at executables with names: [‘aws’]

  • This happens even when you have AWS CLI’s executable on the path. The solution in this case is to open ~/.bash_profile, locate the location of your AWS CLI in the path and provide the full path instead of just the tilde ~
    • For example, if the path is ~/Library/Python/2.7/bin, change it to /Users/syedwaqas/Library/Python/2.7/bin (update with your own username).

Development in VS Code

Now the outer pre-requisites are out of the way and we can focus on setup inside Visual Studio Code.

Open the command palette and type AWS: Create new SAM application:

Choose runtime:

And provide application name.

Your application is not setup with boilerplate code.

Run/Debug Locally

Open app.js. Right above the exports.lambdaHandler, you will see the option to Run Locally | Debug Locally:

Setup a breakpoint and click Debug Locally:

Your breakpoint is going to hit and now, you can utilise all the goodness and power of Visual Studio’s trademark debugging capabilities.

Note: In case you encounter a problem such as a time limit issue, this may be because it took SAM too long to pull the Docker image:

So pull the image manually. In this case, it’s nodejs’ image, but change to which runtime you are using. Open terminal and enter:

docker pull lambci/lambda:nodejs10.x


S3 Bucket

In order to deploy using AWS SAM template, we need to create an S3 bucket where AWS SAM is going to store the deployment files.

Create a new bucket using AWS CLI(or alternatively create one using the AWS S3 console):

aws s3 mb s3://bucketname --region region-name

Update with your bucket name and region. If you want to use a named profile to do this, simply add --profile namedProfile to the statement.

Finally, deployment

Open command palette and enter AWS: Deploy SAM application:

Choose the template to deploy from the list:

Choose the region where you want to deploy:

Provide the bucket name created earlier.

Provide a name for the stack visible on CloudFormation.

AWS SAM is now going to deploy your Lambda function. You should see success message similar to this:

After the deployment, you can check the deployment on AWS CloudFormation console, the Lambda function in AWS Lambda console and the API which was also a part of our template.yaml file, in the API Gateway console.