The latest articles on DEV Community by Ajeet Chaulagain (@ajeetchaulagain). https://dev.to/ajeetchaulagain https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F1357234%2F630101ac-6d27-44f6-bcd2-c03720862614.jpeg https://dev.to/ajeetchaulagain en Ajeet Chaulagain Fri, 08 May 2026 01:31:00 +0000 https://dev.to/ajeetchaulagain/how-to-deploy-nestjs-to-aws-lambda-using-cdk-and-github-actions-3lf8 https://dev.to/ajeetchaulagain/how-to-deploy-nestjs-to-aws-lambda-using-cdk-and-github-actions-3lf8 <blockquote> <p><em>Originally published on <a href="https://ajeetchaulagain.com/blog/nestjs-aws-lambda-cdk-deployment/" rel="noopener noreferrer">ajeetchaulagain.com</a> on March 30, 2026.</em></p> </blockquote> <p>Deploying a NestJS application to AWS Lambda behind API Gateway sounds straightforward — until you start wiring things together.</p> <p>Between adapting NestJS to a serverless runtime, configuring <a href="https://docs.aws.amazon.com/apigateway/latest/developerguide/welcome.html" rel="noopener noreferrer">API Gateway</a>, and setting up infrastructure with <a href="https://docs.aws.amazon.com/cdk/v2/guide/home.html" rel="noopener noreferrer">AWS CDK</a>, there are several moving parts that can quickly become messy. While working on a personal side project, I ran into these challenges firsthand — particularly around adapting NestJS to Lambda's execution model.</p> <p>By the end of this guide, you'll have:</p> <ul> <li>A NestJS app adapted for Lambda's execution model using <code>@codegenie/serverless-express</code> </li> <li>Infrastructure defined as code: a Lambda function and HTTP API Gateway, provisioned with AWS CDK</li> <li>A GitHub Actions workflow that builds and deploys your stack automatically on every push to <code>main</code> </li> </ul> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftvpvlk6q5gn8ctyuo64v.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ftvpvlk6q5gn8ctyuo64v.png" alt="Simple architecture diagram of NestJS deployment in AWS Lambda" width="735" height="339"></a></p> <p>The complete source code is available on <a href="https://github.com/ajeetchaulagain/nestjs-serverless-aws-lambda-cdk" rel="noopener noreferrer">GitHub</a>.</p> <h2> Prerequisites </h2> <p>To follow along, you'll need:</p> <ul> <li>An AWS account</li> <li>Basic familiarity with Node.js and NestJS</li> <li>Basic familiarity with AWS services and tools (AWS CLI, IAM, Lambda, API Gateway, CloudFormation)</li> <li>A GitHub account (for setting up a repository and GitHub Actions)</li> </ul> <p>You don't need to be an AWS expert to follow along, but having a rough idea of how Lambda and API Gateway fit together will make things easier.</p> <h2> Set up a new NestJS project </h2> <p>Start by creating a new NestJS application using the Nest CLI:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm i <span class="nt">-g</span> @nestjs/cli nest new nestjs-serverless-aws-cdk </code></pre> </div> <p>This scaffolds a standard NestJS project with all the necessary boilerplate.</p> <p>For a deeper understanding of NestJS concepts and architecture, I highly recommend checking out the <a href="https://docs.nestjs.com/" rel="noopener noreferrer">NestJS official documentation</a>.</p> <p>Now, start the application:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">cd </span>nestjs-serverless-aws-cdk npm run start </code></pre> </div> <p>You should see the application running at <code>http://localhost:3000/</code>. The default port is configured in <code>src/main.ts</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/main.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">NestFactory</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/core</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">AppModule</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./app.module</span><span class="dl">'</span><span class="p">;</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">bootstrap</span><span class="p">()</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">app</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">NestFactory</span><span class="p">.</span><span class="nf">create</span><span class="p">(</span><span class="nx">AppModule</span><span class="p">);</span> <span class="k">await</span> <span class="nx">app</span><span class="p">.</span><span class="nf">listen</span><span class="p">(</span><span class="nx">process</span><span class="p">.</span><span class="nx">env</span><span class="p">.</span><span class="nx">PORT</span> <span class="o">??</span> <span class="mi">3000</span><span class="p">);</span> <span class="p">}</span> <span class="nf">bootstrap</span><span class="p">();</span> </code></pre> </div> <p>The scaffolded project already includes:</p> <ul> <li>A controller (<code>app.controller.ts</code>)</li> <li>A service (<code>app.service.ts</code>)</li> <li>A module (<code>app.module.ts</code>)</li> </ul> <p>Since the focus of this guide is deployment, we'll reuse the default endpoint instead of creating new ones.</p> <h2> Adapting NestJS for AWS Lambda </h2> <p>By default, a NestJS application runs on a long-lived HTTP server. It bootstraps once, initializes its dependencies, and continues handling incoming requests.</p> <p>AWS Lambda, on the other hand, follows an <em>event-driven model</em> where code is executed per request in short-lived, stateless environments (with occasional cold starts).</p> <p>Because of this difference, NestJS cannot run directly in Lambda without some adaptation. To bridge this gap, we use <a href="https://www.npmjs.com/package/@codegenie/serverless-express" rel="noopener noreferrer">@codegenie/serverless-express</a>, which allows a NestJS application to run inside AWS Lambda.</p> <p>Under the hood, it:</p> <ul> <li>Converts the incoming Lambda event into an HTTP request</li> <li>Passes it to your NestJS application</li> <li>Transforms the response back into a Lambda-compatible format</li> </ul> <p>In simple terms, it makes Lambda behave like an HTTP server so NestJS can run without major changes.</p> <p>Now that we understand the need for additional configuration, let's install the required packages:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm <span class="nb">install</span> @codegenie/serverless-express @types/aws-lambda </code></pre> </div> <blockquote> <p>Note: <code>@types/aws-lambda</code> provides the TypeScript types used in the handler.</p> </blockquote> <p>Next, create a new file called <code>lambda.ts</code> inside the <code>src/</code> directory (alongside <code>main.ts</code>). This will act as the entry point for your Lambda function.<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// src/lambda.ts</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">NestFactory</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/core</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">ExpressAdapter</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@nestjs/platform-express</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="nx">serverlessExpress</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">@codegenie/serverless-express</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">,</span> <span class="nx">APIGatewayProxyResult</span><span class="p">,</span> <span class="nx">Context</span><span class="p">,</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-lambda</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="nx">express</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">express</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">AppModule</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">./app.module</span><span class="dl">'</span><span class="p">;</span> <span class="kd">type</span> <span class="nx">AsyncHandler</span> <span class="o">=</span> <span class="p">(</span> <span class="nx">event</span><span class="p">:</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">,</span> <span class="nx">context</span><span class="p">:</span> <span class="nx">Context</span><span class="p">,</span> <span class="p">)</span> <span class="o">=&gt;</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">APIGatewayProxyResult</span><span class="o">&gt;</span><span class="p">;</span> <span class="kd">let</span> <span class="nx">serverlessExpressInstance</span><span class="p">:</span> <span class="nx">AsyncHandler</span> <span class="o">|</span> <span class="kc">undefined</span><span class="p">;</span> <span class="k">async</span> <span class="kd">function</span> <span class="nf">setup</span><span class="p">(</span> <span class="nx">event</span><span class="p">:</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">,</span> <span class="nx">context</span><span class="p">:</span> <span class="nx">Context</span><span class="p">,</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">APIGatewayProxyResult</span><span class="o">&gt;</span> <span class="p">{</span> <span class="kd">const</span> <span class="nx">expressApp</span> <span class="o">=</span> <span class="nf">express</span><span class="p">();</span> <span class="kd">const</span> <span class="nx">nestApp</span> <span class="o">=</span> <span class="k">await</span> <span class="nx">NestFactory</span><span class="p">.</span><span class="nf">create</span><span class="p">(</span> <span class="nx">AppModule</span><span class="p">,</span> <span class="k">new</span> <span class="nc">ExpressAdapter</span><span class="p">(</span><span class="nx">expressApp</span><span class="p">),</span> <span class="p">);</span> <span class="nx">nestApp</span><span class="p">.</span><span class="nf">enableCors</span><span class="p">();</span> <span class="k">await</span> <span class="nx">nestApp</span><span class="p">.</span><span class="nf">init</span><span class="p">();</span> <span class="nx">serverlessExpressInstance</span> <span class="o">=</span> <span class="nf">serverlessExpress</span><span class="p">({</span> <span class="na">app</span><span class="p">:</span> <span class="nx">expressApp</span><span class="p">,</span> <span class="p">})</span> <span class="k">as</span> <span class="nx">unknown</span> <span class="k">as</span> <span class="nx">AsyncHandler</span><span class="p">;</span> <span class="k">return</span> <span class="nf">serverlessExpressInstance</span><span class="p">(</span><span class="nx">event</span><span class="p">,</span> <span class="nx">context</span><span class="p">);</span> <span class="p">}</span> <span class="k">export</span> <span class="kd">function</span> <span class="nf">handler</span><span class="p">(</span> <span class="nx">event</span><span class="p">:</span> <span class="nx">APIGatewayProxyEvent</span><span class="p">,</span> <span class="nx">context</span><span class="p">:</span> <span class="nx">Context</span><span class="p">,</span> <span class="p">):</span> <span class="nb">Promise</span><span class="o">&lt;</span><span class="nx">APIGatewayProxyResult</span><span class="o">&gt;</span> <span class="p">{</span> <span class="k">if </span><span class="p">(</span><span class="nx">serverlessExpressInstance</span><span class="p">)</span> <span class="p">{</span> <span class="k">return</span> <span class="nf">serverlessExpressInstance</span><span class="p">(</span><span class="nx">event</span><span class="p">,</span> <span class="nx">context</span><span class="p">);</span> <span class="p">}</span> <span class="k">return</span> <span class="nf">setup</span><span class="p">(</span><span class="nx">event</span><span class="p">,</span> <span class="nx">context</span><span class="p">);</span> <span class="p">}</span> </code></pre> </div> <p>A few key things worth calling out in the code above:</p> <ul> <li> <code>serverlessExpressInstance</code> is declared outside the handler and only populated on the first invocation. On subsequent invocations within the same Lambda container, the <code>if (serverlessExpressInstance)</code> check skips the full NestJS bootstrap and reuses the existing instance. This is the standard pattern for reducing cold start overhead in Lambda.</li> <li>The <code>setup</code> function is where NestJS bootstraps. It creates an Express app, wraps it with the NestJS <code>ExpressAdapter</code>, and passes it to <code>serverlessExpress</code>. The resulting instance is a function that accepts Lambda events and returns Lambda-compatible responses.</li> </ul> <p>This handler follows the standard async/await pattern and works with modern AWS Lambda Node.js runtimes (including Node.js 20 and 24).</p> <blockquote> <p>The AWS Lambda Node.js 24 runtime dropped support for the callback-style handler (<code>callback(null, response)</code>) — using it will cause the function to hang until timeout. See the <a href="https://docs.aws.amazon.com/lambda/latest/dg/lambda-nodejs.html" rel="noopener noreferrer">AWS Lambda Node.js runtime docs</a> for details.</p> </blockquote> <h2> Setting up infrastructure using AWS CDK </h2> <p>Now that we have the Lambda handler ready to serve our NestJS application, let's set up the infrastructure using AWS CDK. AWS Cloud Development Kit (CDK) is an Infrastructure as Code (IaC) framework that allows you to define AWS resources using programming languages such as TypeScript, Python, Java, and more. Think of it like this: instead of writing raw CloudFormation templates, you write code that is synthesized into CloudFormation, which is then used to deploy resources to AWS.</p> <p>The high-level CDK flow looks something like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>👨‍💻 Write CDK Code ↓ 🧪 cdk synth ↓ 📄 CloudFormation Template ↓ 🚀 cdk deploy ↓ ☁️ AWS Resources </code></pre> </div> <p>In practice, CDK makes infrastructure easier to reason about and maintain compared to raw templates.</p> <h3> CDK mental model (quick overview) </h3> <p>Before we define our infrastructure, it helps to understand a few core CDK concepts:</p> <ul> <li> <strong>App</strong> → The root container for your CDK application</li> <li> <strong>Stack</strong> → A unit of deployment (maps to a CloudFormation stack)</li> <li> <strong>Construct</strong> → Building blocks used to define AWS resources</li> </ul> <p>In this guide, we'll define a single stack that provisions our Lambda function, API Gateway, and related resources.</p> <h3> Initializing CDK in the project </h3> <p>Now that you've understood the basics of AWS CDK, let's initialize it in our project. To keep the infrastructure code separate from the NestJS source code, you'll initialize the CDK project into a separate subdirectory, <code>infra/</code>.</p> <p>Run the following command from the project root:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">mkdir </span>infra <span class="o">&amp;&amp;</span> <span class="nb">cd </span>infra npx cdk init app <span class="nt">--language</span> typescript </code></pre> </div> <p>This generates the basic CDK project structure:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight plaintext"><code>. ├── bin/ ├── lib/ ├── cdk.json ├── package.json └── tsconfig.json </code></pre> </div> <p>Where:</p> <ul> <li> <code>bin/</code> contains the entry point of your CDK app</li> <li> <code>lib/</code> contains the stack definition for your infrastructure</li> <li> <code>cdk.json</code> contains configuration for the CDK CLI</li> </ul> <h3> Configuring AWS credentials (step by step) </h3> <p>Before running any AWS CDK commands, you need to configure AWS credentials on your local machine.</p> <p>This allows AWS to authenticate your requests and perform actions on your behalf — such as deploying CloudFormation stacks and uploading assets.</p> <p>For example, when you run:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx cdk bootstrap </code></pre> </div> <p>Your IAM identity needs permissions to create foundational resources like:</p> <ul> <li>CloudFormation stacks</li> <li>S3 buckets (for storing assets)</li> <li>IAM roles and policies</li> </ul> <p>In production environments, it's best to follow the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/getting-started-reduce-permissions.html" rel="noopener noreferrer">principle of least privilege</a>, granting only the permissions required for a specific task.</p> <p>However, to keep this guide simple and focused, we'll use an IAM user with the <strong><code>AdministratorAccess</code></strong> policy attached.</p> <p>Follow these steps to configure AWS credentials:</p> <h4> 1. Install AWS CLI </h4> <p>Make sure AWS CLI is installed on your machine. Follow the <a href="https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html" rel="noopener noreferrer">official installation guide</a>.</p> <h4> 2. Create an IAM user </h4> <p>Create an IAM user with the AdministratorAccess policy and generate an access key for it.</p> <ol> <li>Log in to your AWS console</li> <li>Navigate to IAM → Users → Create User</li> <li>Create a user (e.g., <code>cdk-bootstrap-admin</code>) <ul> <li>Attach the <strong>AdministratorAccess</strong> policy</li> <li>Generate an <strong>access key</strong> </li> </ul> </li> </ol> <p>Make sure to download the secret key for use later — you won't be able to view it again.</p> <h4> 3. Run AWS Configure </h4> <p>Run <code>aws configure</code> to set up credentials for the AWS CLI so it can authenticate your requests:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>aws configure </code></pre> </div> <p>You'll be prompted to enter:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight properties"><code><span class="err">AWS</span> <span class="err">Access</span> <span class="err">Key</span> <span class="py">ID</span><span class="p">:</span> <span class="err">AWS</span> <span class="err">Secret</span> <span class="err">Access</span> <span class="py">Key</span><span class="p">:</span> <span class="err">Default</span> <span class="err">region</span> <span class="py">name</span><span class="p">:</span> <span class="s">us-east-1</span> <span class="err">Default</span> <span class="err">output</span> <span class="py">format</span><span class="p">:</span> <span class="s">json</span> </code></pre> </div> <p>Paste the access keys you generated in the previous step.</p> <h4> 4. Verify credentials configuration </h4> <p>To confirm AWS credentials are configured correctly, run the following AWS CLI command, which will show the details of your AWS account and IAM user:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>aws sts get-caller-identity </code></pre> </div> <p>Output:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="p">{</span><span class="w"> </span><span class="nl">"UserId"</span><span class="p">:</span><span class="w"> </span><span class="s2">"UserId"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Account"</span><span class="p">:</span><span class="w"> </span><span class="s2">"AccountNumber"</span><span class="p">,</span><span class="w"> </span><span class="nl">"Arn"</span><span class="p">:</span><span class="w"> </span><span class="s2">"arn:aws:iam::&lt;AccountNumber&gt;:user/cdk-bootstrap-admin"</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <h3> Bootstrapping the CDK project </h3> <p>Now that your AWS credentials are configured locally, you're ready to bootstrap your AWS environment for CDK.</p> <p>Bootstrapping prepares your AWS account so that AWS CDK can deploy resources on your behalf.</p> <p>Run the following command in your <code>infra/</code> directory:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx cdk bootstrap </code></pre> </div> <p>This command creates a foundational one-time CloudFormation stack (called <code>CDKToolkit</code>) in your AWS account, which sets up required resources such as IAM roles and an S3 bucket to upload CloudFormation templates. These resources are needed for future CDK deployments.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnhfiomq9dm5c862dldv1.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fnhfiomq9dm5c862dldv1.png" alt="Screenshot listing resources created by bootstrap in the CDKToolkit CloudFormation stack" width="735" height="353"></a></p> <blockquote> <p>You only need to run <code>cdk bootstrap</code> once per account and region.</p> </blockquote> <h3> Writing the CDK stack </h3> <p>Now that you've bootstrapped your environment, you're ready to define your infrastructure using AWS CDK. In this section, you'll create a stack that provisions a Lambda function for your application.</p> <p>I'm also using a Lambda layer to bundle production dependencies. Separating <code>node_modules</code> from the application code helps reduce the size of the deployment package and allows the same layer to be reused across multiple Lambda functions.</p> <p>Navigate to the <code>infra/lib</code> directory, where you'll find a file named <code>infra-stack.ts</code>. This file was generated during CDK project initialization. You can rename the stack if needed, but for this guide, we'll keep it as is.</p> <p>Add the following stack definition code to <code>infra/lib/infra-stack.ts</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="c1">// infra/lib/infra-stack.ts</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">cdk</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/core</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="p">{</span> <span class="nx">Construct</span> <span class="p">}</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">constructs</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">lambda</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/aws-lambda</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">apigwv2</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/aws-apigatewayv2</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">integrations</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">aws-cdk-lib/aws-apigatewayv2-integrations</span><span class="dl">'</span><span class="p">;</span> <span class="k">import</span> <span class="o">*</span> <span class="k">as</span> <span class="nx">path</span> <span class="k">from</span> <span class="dl">'</span><span class="s1">path</span><span class="dl">'</span><span class="p">;</span> <span class="k">export</span> <span class="kd">class</span> <span class="nc">InfraStack</span> <span class="kd">extends</span> <span class="nc">cdk</span><span class="p">.</span><span class="nx">Stack</span> <span class="p">{</span> <span class="nf">constructor</span><span class="p">(</span><span class="nx">scope</span><span class="p">:</span> <span class="nx">Construct</span><span class="p">,</span> <span class="nx">id</span><span class="p">:</span> <span class="kr">string</span><span class="p">,</span> <span class="nx">props</span><span class="p">?:</span> <span class="nx">cdk</span><span class="p">.</span><span class="nx">StackProps</span><span class="p">)</span> <span class="p">{</span> <span class="k">super</span><span class="p">(</span><span class="nx">scope</span><span class="p">,</span> <span class="nx">id</span><span class="p">,</span> <span class="nx">props</span><span class="p">);</span> <span class="kd">const</span> <span class="nx">nodeModulesLayer</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">LayerVersion</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">NodeModulesLayer</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">../../layer</span><span class="dl">'</span><span class="p">)),</span> <span class="na">compatibleRuntimes</span><span class="p">:</span> <span class="p">[</span><span class="nx">lambda</span><span class="p">.</span><span class="nx">Runtime</span><span class="p">.</span><span class="nx">NODEJS_24_X</span><span class="p">],</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Production node_modules for NestJS Lambda</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">nestApiLambda</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">Function</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">NestApiLambdaFunction</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">runtime</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Runtime</span><span class="p">.</span><span class="nx">NODEJS_24_X</span><span class="p">,</span> <span class="na">handler</span><span class="p">:</span> <span class="dl">'</span><span class="s1">src/lambda.handler</span><span class="dl">'</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">../../dist</span><span class="dl">'</span><span class="p">),</span> <span class="p">{</span> <span class="na">exclude</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">infra</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">tsconfig*</span><span class="dl">'</span><span class="p">],</span> <span class="p">}),</span> <span class="na">memorySize</span><span class="p">:</span> <span class="mi">512</span><span class="p">,</span> <span class="na">layers</span><span class="p">:</span> <span class="p">[</span><span class="nx">nodeModulesLayer</span><span class="p">],</span> <span class="p">});</span> <span class="kd">const</span> <span class="nx">httpApi</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">apigwv2</span><span class="p">.</span><span class="nc">HttpApi</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">HttpApi</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">defaultIntegration</span><span class="p">:</span> <span class="k">new</span> <span class="nx">integrations</span><span class="p">.</span><span class="nc">HttpLambdaIntegration</span><span class="p">(</span> <span class="dl">'</span><span class="s1">LambdaIntegration</span><span class="dl">'</span><span class="p">,</span> <span class="nx">nestApiLambda</span><span class="p">,</span> <span class="p">),</span> <span class="p">});</span> <span class="k">new</span> <span class="nx">cdk</span><span class="p">.</span><span class="nc">CfnOutput</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">HttpApiUrl</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">value</span><span class="p">:</span> <span class="nx">httpApi</span><span class="p">.</span><span class="nx">url</span><span class="o">!</span><span class="p">,</span> <span class="p">});</span> <span class="p">}</span> <span class="p">}</span> </code></pre> </div> <p>In this setup, you're using a few core CDK constructs to define your infrastructure:</p> <ul> <li><code>lambda.Function</code></li> <li><code>lambda.LayerVersion</code></li> <li><code>apigwv2.HttpApi</code></li> </ul> <p>In CDK, constructs are the basic building blocks used to model infrastructure. If you haven't come across constructs before, the official docs are worth a quick read: <a href="https://docs.aws.amazon.com/cdk/v2/guide/constructs.html" rel="noopener noreferrer">AWS CDK Constructs</a>.</p> <p>Now let's go through the different configuration parts in the code above.</p> <h3> Lambda layer configuration </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">nodeModulesLayer</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">LayerVersion</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">NodeModulesLayer</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">../../layer</span><span class="dl">'</span><span class="p">)),</span> <span class="na">compatibleRuntimes</span><span class="p">:</span> <span class="p">[</span><span class="nx">lambda</span><span class="p">.</span><span class="nx">Runtime</span><span class="p">.</span><span class="nx">NODEJS_24_X</span><span class="p">],</span> <span class="na">description</span><span class="p">:</span> <span class="dl">'</span><span class="s1">Production node_modules for NestJS Lambda</span><span class="dl">'</span><span class="p">,</span> <span class="p">});</span> </code></pre> </div> <p>This code defines a Lambda layer using the <code>LayerVersion</code> construct, where the code is loaded from a <code>layer/</code> directory, which doesn't exist yet.</p> <p>To create it, add the following script to your root <code>package.json</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="nl">"build:lambda-layer"</span><span class="p">:</span><span class="w"> </span><span class="s2">"mkdir -p layer/nodejs &amp;&amp; cp package.json package-lock.json layer/nodejs/ &amp;&amp; npm ci --prefix layer/nodejs --omit=dev &amp;&amp; rm layer/nodejs/package.json layer/nodejs/package-lock.json"</span><span class="w"> </span></code></pre> </div> <p>Since we don't need dev dependencies for our Lambda runtime, this script installs only production dependencies into <code>layer/nodejs/</code>. In short, it copies the existing <code>package.json</code> and lock file into <code>layer/nodejs/</code> temporarily and installs production dependencies (<code>npm ci --omit=dev</code>) that our application needs.</p> <p>Now, run that script from the project root to create a <code>/layer</code> directory (we'll need this before deploying):<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm run build:lambda-layer </code></pre> </div> <p>Also add <code>/layer/nodejs/node_modules</code> to your <code>.gitignore</code>. This directory should be generated during builds, not committed.</p> <h3> Lambda function configuration </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">nestApiLambda</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">lambda</span><span class="p">.</span><span class="nc">Function</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">NestApiLambdaFunction</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">runtime</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Runtime</span><span class="p">.</span><span class="nx">NODEJS_24_X</span><span class="p">,</span> <span class="na">handler</span><span class="p">:</span> <span class="dl">'</span><span class="s1">src/lambda.handler</span><span class="dl">'</span><span class="p">,</span> <span class="na">code</span><span class="p">:</span> <span class="nx">lambda</span><span class="p">.</span><span class="nx">Code</span><span class="p">.</span><span class="nf">fromAsset</span><span class="p">(</span><span class="nx">path</span><span class="p">.</span><span class="nf">join</span><span class="p">(</span><span class="nx">__dirname</span><span class="p">,</span> <span class="dl">'</span><span class="s1">../../dist</span><span class="dl">'</span><span class="p">),</span> <span class="p">{</span> <span class="na">exclude</span><span class="p">:</span> <span class="p">[</span><span class="dl">'</span><span class="s1">infra</span><span class="dl">'</span><span class="p">,</span> <span class="dl">'</span><span class="s1">tsconfig*</span><span class="dl">'</span><span class="p">],</span> <span class="p">}),</span> <span class="na">memorySize</span><span class="p">:</span> <span class="mi">512</span><span class="p">,</span> <span class="na">layers</span><span class="p">:</span> <span class="p">[</span><span class="nx">nodeModulesLayer</span><span class="p">],</span> <span class="p">});</span> </code></pre> </div> <p>This code defines our Lambda function along with some configuration. Here's a breakdown of the key settings:</p> <ul> <li> <code>runtime: lambda.Runtime.NODEJS_24_X</code> — sets Node.js v24 as the runtime used by the Lambda function</li> <li> <code>handler: 'src/lambda.handler'</code> — the entry point Lambda invokes. We created this handler previously in <code>src/lambda.ts</code>. Since the application is deployed from the <code>dist</code> directory which contains a <code>src</code> folder, the handler is defined as <code>src/lambda.handler</code>.</li> <li> <code>code: lambda.Code.fromAsset(…)</code> — packages the compiled application (<code>dist/</code>) and uploads it as the deployment bundle</li> <li> <code>exclude: […]</code> — skips unnecessary files from the bundle. I would strongly recommend being intentional here — smaller bundles lead to faster deployments. For example, I've excluded the <code>infra</code> directory and <code>tsconfig*</code> related files present in our <code>dist</code> directory. The only files needed for the NestJS runtime are in <code>dist/src</code>.</li> <li> <code>memorySize: 512</code> — allocates 512 MB of memory to our Lambda runtime. NestJS has a heavier bootstrap compared to minimal handlers, so this tends to give better performance out of the box. Without <code>memorySize</code>, it defaults to 128 MB.</li> <li> <code>layers</code> — attaches the layer defined above. This layer is merged into the function's filesystem at runtime.</li> </ul> <h3> HTTP API Gateway configuration </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="kd">const</span> <span class="nx">httpApi</span> <span class="o">=</span> <span class="k">new</span> <span class="nx">apigwv2</span><span class="p">.</span><span class="nc">HttpApi</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">HttpApi</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">defaultIntegration</span><span class="p">:</span> <span class="k">new</span> <span class="nx">integrations</span><span class="p">.</span><span class="nc">HttpLambdaIntegration</span><span class="p">(</span> <span class="dl">'</span><span class="s1">LambdaIntegration</span><span class="dl">'</span><span class="p">,</span> <span class="nx">nestApiLambda</span><span class="p">,</span> <span class="p">),</span> <span class="p">});</span> </code></pre> </div> <p>Here you define an HTTP API using <em>API Gateway v2</em>. This guide uses HTTP API (v2), which is cheaper than REST API (v1), has lower latency, and is sufficient for NestJS since routing lives inside the application. See the <a href="https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-vs-rest.html" rel="noopener noreferrer">official comparison</a> if you need the advanced features REST API offers.</p> <p>This uses <code>HttpLambdaIntegration</code>, which enables <a href="https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html" rel="noopener noreferrer">Lambda proxy integration</a>. In simple terms, any incoming HTTP requests to API Gateway are forwarded to your Lambda as an event, and the response from Lambda is forwarded back to the client unchanged.</p> <p>By setting this as the default integration, CDK creates a <code>$default</code> route — a catch-all that matches any HTTP method and any path. This is an important consideration for our NestJS application because we want the routing to happen inside the application itself, not at the API Gateway level.</p> <h3> CloudFormation outputs </h3> <div class="highlight js-code-highlight"> <pre class="highlight typescript"><code><span class="k">new</span> <span class="nx">cdk</span><span class="p">.</span><span class="nc">CfnOutput</span><span class="p">(</span><span class="k">this</span><span class="p">,</span> <span class="dl">'</span><span class="s1">HttpApiUrl</span><span class="dl">'</span><span class="p">,</span> <span class="p">{</span> <span class="na">value</span><span class="p">:</span> <span class="nx">httpApi</span><span class="p">.</span><span class="nx">url</span><span class="o">!</span><span class="p">,</span> <span class="p">});</span> </code></pre> </div> <p>This prints the generated endpoint URL to the terminal after running <code>cdk deploy</code>. Something like this:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="na">Outputs</span><span class="pi">:</span> <span class="s">InfraStack.HttpApiUrl = https://abc123.execute-api.us-east-1.amazonaws.com/</span> <span class="na">Stack ARN</span><span class="pi">:</span> <span class="s">arn:aws:cloudformation:us-east-1:&lt;account-number&gt;:stack/InfraStack/a0fb4130-2a7f-11f1-ab1d-12c493467933</span> </code></pre> </div> <h2> Deploying the infrastructure </h2> <p>At this point, your infrastructure is defined. Now it's time to deploy it.</p> <h3> Deploying locally </h3> <p>Before running the <code>cdk deploy</code> command, let's first validate the CloudFormation stack by running <code>cdk synth</code> from the <code>infra/</code> directory:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code><span class="nb">cd </span>infra <span class="o">&amp;&amp;</span> npx cdk synth </code></pre> </div> <p>This compiles your CDK code and generates the CloudFormation template in the <code>infra/cdk.out/</code> directory. It's a quick way to catch configuration issues before running a full deployment.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbhfdc7j6c0jrb9c0r2xj.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fbhfdc7j6c0jrb9c0r2xj.png" alt="CDK synth output in the terminal" width="359" height="198"></a></p> <p>Once synthesis succeeds, make sure your <code>tsconfig.build.json</code> excludes the <code>infra/</code> directory and explicitly sets <code>rootDir</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight json"><code><span class="err">//</span><span class="w"> </span><span class="err">tsconfig.build.json</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"extends"</span><span class="p">:</span><span class="w"> </span><span class="s2">"./tsconfig.json"</span><span class="p">,</span><span class="w"> </span><span class="nl">"compilerOptions"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"> </span><span class="nl">"rootDir"</span><span class="p">:</span><span class="w"> </span><span class="s2">"./"</span><span class="w"> </span><span class="p">},</span><span class="w"> </span><span class="nl">"exclude"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"node_modules"</span><span class="p">,</span><span class="w"> </span><span class="s2">"test"</span><span class="p">,</span><span class="w"> </span><span class="s2">"dist"</span><span class="p">,</span><span class="w"> </span><span class="s2">"infra"</span><span class="p">,</span><span class="w"> </span><span class="s2">"**/*spec.ts"</span><span class="p">]</span><span class="w"> </span><span class="p">}</span><span class="w"> </span></code></pre> </div> <p>Two things are happening here:</p> <ul> <li> <strong>Excluding <code>infra/</code></strong> — without this, <code>nest build</code> will try to compile your CDK code as part of the application. Since CDK dependencies like <code>aws-cdk-lib</code> are installed inside <code>infra/node_modules</code> (not at the project root), the build will fail with module resolution errors.</li> <li> <strong>Setting <code>rootDir</code></strong> — controls the output folder structure. Without it set explicitly, TypeScript figures it out from whichever files are included. Once <code>infra/</code> is excluded, TypeScript only sees <code>src/</code> and uses that as the root — so <code>lambda.ts</code> compiles to <code>dist/lambda.js</code> instead of <code>dist/src/lambda.js</code>, which no longer matches the handler path you defined in the stack.</li> </ul> <p>Now build your application (<code>dist/</code>) and Lambda layer (<code>layer/</code>) from the project root:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npm run build npm run build:lambda-layer </code></pre> </div> <p>This ensures your compiled application and production dependencies are ready for deployment.</p> <p>Now run the deploy command from the <code>infra/</code> directory:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight shell"><code>npx cdk deploy </code></pre> </div> <p>This starts the CDK deployment process. You'll see a summary of IAM and resource changes before it proceeds.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg1g9ucfqgk369565r9ta.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg1g9ucfqgk369565r9ta.png" alt="CDK deploy confirmation prompt showing IAM and resource changes" width="735" height="157"></a></p> <p>Confirm the deployment when prompted. After a successful deploy, you'll see the API URL in the terminal output.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0ibc1nsozq02uaa5il0p.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F0ibc1nsozq02uaa5il0p.png" alt="CDK deploy output showing the HttpApiUrl" width="735" height="145"></a></p> <p>Hit this URL and you should see the "Hello World!" response from your <code>app.controller.ts</code> endpoint — your NestJS app is live on AWS Lambda!</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw8uv9brkw95psfyx7upb.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fw8uv9brkw95psfyx7upb.png" alt="Hello World response from the deployed NestJS Lambda endpoint" width="735" height="214"></a></p> <h3> Deploying with GitHub Actions </h3> <p>So far, you've been deploying locally using <code>cdk deploy</code>. That works well for development, but in a production-grade setup, you'll want deployments to run through CI.</p> <p>A common approach is to trigger deployments automatically when changes are pushed to the main branch. In this section, we'll keep things simple and use GitHub Actions to automate deployments on every push to <code>main</code>. I won't walk through the workflow line by line — the goal here is to get a working setup in place.</p> <p>If you're new to GitHub Actions, the <a href="https://docs.github.com/en/actions" rel="noopener noreferrer">official docs</a> are a good place to start.</p> <p>Add the following file <code>.github/workflows/deploy.yml</code>:<br> </p> <div class="highlight js-code-highlight"> <pre class="highlight yaml"><code><span class="c1"># .github/workflows/deploy.yml</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Deploy</span> <span class="na">on</span><span class="pi">:</span> <span class="na">push</span><span class="pi">:</span> <span class="na">branches</span><span class="pi">:</span> <span class="pi">-</span> <span class="s">main</span> <span class="na">jobs</span><span class="pi">:</span> <span class="na">deploy</span><span class="pi">:</span> <span class="na">runs-on</span><span class="pi">:</span> <span class="s">ubuntu-latest</span> <span class="na">steps</span><span class="pi">:</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Checkout</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/checkout@v4.2.2</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Set up Node.js</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">actions/setup-node@v4.4.0</span> <span class="na">with</span><span class="pi">:</span> <span class="na">node-version</span><span class="pi">:</span> <span class="m">24</span> <span class="na">cache</span><span class="pi">:</span> <span class="s1">'</span><span class="s">npm'</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install dependencies</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npm ci</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build application</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npm run build</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Build Lambda layer</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npm run build:lambda-layer</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Configure AWS credentials</span> <span class="na">uses</span><span class="pi">:</span> <span class="s">aws-actions/configure-aws-credentials@v4.1.0</span> <span class="na">with</span><span class="pi">:</span> <span class="na">aws-access-key-id</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_ACCESS_KEY_ID }}</span> <span class="na">aws-secret-access-key</span><span class="pi">:</span> <span class="s">${{ secrets.AWS_SECRET_ACCESS_KEY }}</span> <span class="na">aws-region</span><span class="pi">:</span> <span class="s">${{ vars.AWS_REGION }}</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Install CDK dependencies</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npm ci</span> <span class="na">working-directory</span><span class="pi">:</span> <span class="s">infra</span> <span class="pi">-</span> <span class="na">name</span><span class="pi">:</span> <span class="s">Deploy CDK Stack</span> <span class="na">run</span><span class="pi">:</span> <span class="s">npx cdk deploy --require-approval never</span> <span class="na">working-directory</span><span class="pi">:</span> <span class="s">infra</span> </code></pre> </div> <p>At a high level, this workflow:</p> <ul> <li>Installs dependencies</li> <li>Builds the application (<code>dist/</code>) and Lambda layer (<code>/layer</code>)</li> <li>Configures AWS credentials for CI</li> <li>Deploys the CDK stack</li> </ul> <p><strong>AWS credentials for CI</strong></p> <p>If you look at the workflow code, you'll see it uses GitHub <strong>secrets</strong> and <strong>variables</strong> to authenticate with AWS:</p> <ul> <li> <code>AWS_ACCESS_KEY_ID</code> — stored as a secret</li> <li> <code>AWS_SECRET_ACCESS_KEY</code> — stored as a secret</li> <li> <code>AWS_REGION</code> — stored as a variable</li> </ul> <p>Make sure you add these in your repository settings. You can follow the official guides:</p> <ul> <li><a href="https://docs.github.com/en/actions/how-tos/write-workflows/choose-what-workflows-do/use-secrets" rel="noopener noreferrer">GitHub docs — Using secrets in workflows</a></li> <li><a href="https://docs.github.com/en/actions/how-tos/write-workflows/choose-what-workflows-do/use-variables" rel="noopener noreferrer">GitHub docs — Using variables in workflows</a></li> </ul> <blockquote> <p><strong>Note:</strong> GitHub masks secret values in logs, so outputs like your API URL (which includes the region) will also be masked and won't be directly clickable. Using <code>vars</code> for <code>AWS_REGION</code> keeps the output readable and ensures the endpoint URL is visible and usable, while sensitive values remain stored in secrets.</p> </blockquote> <p>Once everything is in place, push your changes (including the workflow file) to the <code>main</code> branch. This will trigger the deployment automatically.</p> <p>You can monitor the workflow from the <strong>Actions</strong> tab in your repository.</p> <p>After the workflow completes, open the workflow run and check the <strong>Deploy CDK Stack</strong> step — the <code>HttpApiUrl</code> will be printed there without the region being masked.</p> <p><a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmbyzy8v1t469ew95f2f8.png" class="article-body-image-wrapper"><img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fmbyzy8v1t469ew95f2f8.png" alt="GitHub Actions deploy workflow run showing the HttpApiUrl output" width="735" height="260"></a></p> <h2> Conclusion </h2> <p>That's the full setup. If you've made it this far, you have a production-ready baseline for running NestJS on AWS Lambda!</p> <p>You adapted NestJS to fit Lambda's execution model, defined your infrastructure as code using CDK, exposed it through API Gateway, and automated deployments with GitHub Actions. None of these pieces are complex on their own — but together they give you a setup that's consistent, repeatable, and easy to extend.</p> <p>A few things this setup gets right out of the box:</p> <ul> <li>Infrastructure is version-controlled alongside your application code</li> <li>Deployments are automated and consistent, and can be extended to support multiple environments</li> <li>NestJS runs in Lambda without changes to your routing or application logic — the gateway proxies everything through and NestJS handles it internally</li> </ul> <p>From here, you can layer in things like custom domains, environment-specific stacks, API Gateway authentication, or move to container-based Lambda deployments if your workloads grow.</p> <p>Thanks for following along — enjoy the serverless!</p> <p><em>If this saved you time, you can find more posts like this on <a href="https://ajeetchaulagain.com/blog/" rel="noopener noreferrer">my blog</a> or <a href="https://www.linkedin.com/in/ajeet-chaulagain/" rel="noopener noreferrer">follow me on LinkedIn</a>.</em></p> nestjs aws serverless tutorial