Skip to content

Files

Latest commit

 

History

History
2137 lines (1321 loc) · 82.2 KB

API.md

File metadata and controls

2137 lines (1321 loc) · 82.2 KB

API Reference

Constructs

DotNetFunction

A .NET Lambda function.

Initializers 

import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

new DotNetFunction(scope: Construct, id: string, props: DotNetFunctionProps)
Name Type Description
scope constructs.Construct No description.
id string No description.
props DotNetFunctionProps No description.
scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
propsRequired

Methods

Name Description
toString Returns a string representation of this construct.
applyRemovalPolicy Apply the given removal policy to this resource.
addEventSource Adds an event source to this function.
addEventSourceMapping Adds an event source that maps to this AWS Lambda function.
addFunctionUrl Adds a url to this lambda function.
addPermission Adds a permission to the Lambda resource policy.
addToRolePolicy Adds a statement to the IAM role assumed by the instance.
configureAsyncInvoke Configures options for asynchronous invocation.
considerWarningOnInvokeFunctionPermissions A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
grantInvoke Grant the given identity permissions to invoke this Lambda.
grantInvokeCompositePrincipal Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
grantInvokeUrl Grant the given identity permissions to invoke this Lambda Function URL.
metric Return the given named metric for this Function.
metricDuration How long execution of this Lambda takes.
metricErrors How many invocations of this Lambda fail.
metricInvocations How often this Lambda is invoked.
metricThrottles How often this Lambda is throttled.
addAlias Defines an alias for this function.
addEnvironment Adds an environment variable to this Lambda function.
addLayers Adds one or more Lambda Layers to this Lambda function.
invalidateVersionBasedOn Mix additional information into the hash of the Version object.
toString 
public toString(): string

Returns a string representation of this construct.

applyRemovalPolicy 
public applyRemovalPolicy(policy: RemovalPolicy): void

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

policyRequired
  • Type: aws-cdk-lib.RemovalPolicy
addEventSource 
public addEventSource(source: IEventSource): void

Adds an event source to this function.

Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.

The following example adds an SQS Queue as an event source:

import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
  • Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping 
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping

Adds an event source that maps to this AWS Lambda function.

idRequired
  • Type: string
optionsRequired
  • Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl 
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl

Adds a url to this lambda function.

optionsOptional
  • Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission 
public addPermission(id: string, permission: Permission): void

Adds a permission to the Lambda resource policy.

[Permission for details.](Permission for details.)

idRequired
  • Type: string

The id for the permission construct.

permissionRequired
  • Type: aws-cdk-lib.aws_lambda.Permission

The permission to grant to this Lambda function.

addToRolePolicy 
public addToRolePolicy(statement: PolicyStatement): void

Adds a statement to the IAM role assumed by the instance.

statementRequired
  • Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke 
public configureAsyncInvoke(options: EventInvokeConfigOptions): void

Configures options for asynchronous invocation.

optionsRequired
  • Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions 
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void

A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.

function.currentVersion is invoked before or after the permission is created.

This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.

scopeRequired
  • Type: constructs.Construct
actionRequired
  • Type: string
grantInvoke 
public grantInvoke(grantee: IGrantable): Grant

Grant the given identity permissions to invoke this Lambda.

granteeRequired
  • Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal 
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]

Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.

compositePrincipalRequired
  • Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeUrl 
public grantInvokeUrl(grantee: IGrantable): Grant

Grant the given identity permissions to invoke this Lambda Function URL.

granteeRequired
  • Type: aws-cdk-lib.aws_iam.IGrantable
metric 
public metric(metricName: string, props?: MetricOptions): Metric

Return the given named metric for this Function.

metricNameRequired
  • Type: string
propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration 
public metricDuration(props?: MetricOptions): Metric

How long execution of this Lambda takes.

Average over 5 minutes

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors 
public metricErrors(props?: MetricOptions): Metric

How many invocations of this Lambda fail.

Sum over 5 minutes

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations 
public metricInvocations(props?: MetricOptions): Metric

How often this Lambda is invoked.

Sum over 5 minutes

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles 
public metricThrottles(props?: MetricOptions): Metric

How often this Lambda is throttled.

Sum over 5 minutes

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias 
public addAlias(aliasName: string, options?: AliasOptions): Alias

Defines an alias for this function.

The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.

declare const fn: lambda.Function;

fn.addAlias('Live');

// Is equivalent to

new lambda.Alias(this, 'AliasLive', {
  aliasName: 'Live',
  version: fn.currentVersion,
});
aliasNameRequired
  • Type: string

The name of the alias.

optionsOptional
  • Type: aws-cdk-lib.aws_lambda.AliasOptions

Alias options.

addEnvironment 
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function

Adds an environment variable to this Lambda function.

If this is a ref to a Lambda function, this operation results in a no-op.

keyRequired
  • Type: string

The environment variable key.

valueRequired
  • Type: string

The environment variable's value.

optionsOptional
  • Type: aws-cdk-lib.aws_lambda.EnvironmentOptions

Environment variable options.

addLayers 
public addLayers(layers: ...ILayerVersion[]): void

Adds one or more Lambda Layers to this Lambda function.

layersRequired
  • Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]

the layers to be added.

invalidateVersionBasedOn 
public invalidateVersionBasedOn(x: string): void

Mix additional information into the hash of the Version object.

The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).

However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.

This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.

This method may be called more than once.

xRequired
  • Type: string

Static Functions

Name Description
isConstruct Checks if x is a construct.
isOwnedResource Returns true if the construct was created by CDK, and false otherwise.
isResource Check whether the given construct is a Resource.
classifyVersionProperty Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
fromFunctionArn Import a lambda function into the CDK using its ARN.
fromFunctionAttributes Creates a Lambda function object which represents a function not defined within this stack.
fromFunctionName Import a lambda function into the CDK using its name.
metricAll Return the given named metric for this Lambda.
metricAllConcurrentExecutions Metric for the number of concurrent executions across all Lambdas.
metricAllDuration Metric for the Duration executing all Lambdas.
metricAllErrors Metric for the number of Errors executing all Lambdas.
metricAllInvocations Metric for the number of invocations of all Lambdas.
metricAllThrottles Metric for the number of throttled invocations of all Lambdas.
metricAllUnreservedConcurrentExecutions Metric for the number of unreserved concurrent executions across all Lambdas.
isConstruct 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.isConstruct(x: any)

Checks if x is a construct.

xRequired
  • Type: any

Any object.

isOwnedResource 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.isOwnedResource(construct: IConstruct)

Returns true if the construct was created by CDK, and false otherwise.

constructRequired
  • Type: constructs.IConstruct
isResource 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.isResource(construct: IConstruct)

Check whether the given construct is a Resource.

constructRequired
  • Type: constructs.IConstruct
classifyVersionProperty 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.classifyVersionProperty(propertyName: string, locked: boolean)

Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.

See 'currentVersion' section in the module README for more details.

propertyNameRequired
  • Type: string

The property to classify.

lockedRequired
  • Type: boolean

whether the property should be associated to the version or not.

fromFunctionArn 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)

Import a lambda function into the CDK using its ARN.

For Function.addPermissions() to work on this imported lambda, make sure that is in the same account and region as the stack you are importing it into.

scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
functionArnRequired
  • Type: string
fromFunctionAttributes 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)

Creates a Lambda function object which represents a function not defined within this stack.

For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true if this imported lambda is in the same account and region as the stack you are importing it into.

scopeRequired
  • Type: constructs.Construct

The parent construct.

idRequired
  • Type: string

The name of the lambda construct.

attrsRequired
  • Type: aws-cdk-lib.aws_lambda.FunctionAttributes

the attributes of the function to import.

fromFunctionName 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.fromFunctionName(scope: Construct, id: string, functionName: string)

Import a lambda function into the CDK using its name.

scopeRequired
  • Type: constructs.Construct
idRequired
  • Type: string
functionNameRequired
  • Type: string
metricAll 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.metricAll(metricName: string, props?: MetricOptions)

Return the given named metric for this Lambda.

metricNameRequired
  • Type: string
propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.metricAllConcurrentExecutions(props?: MetricOptions)

Metric for the number of concurrent executions across all Lambdas.

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.metricAllDuration(props?: MetricOptions)

Metric for the Duration executing all Lambdas.

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.metricAllErrors(props?: MetricOptions)

Metric for the number of Errors executing all Lambdas.

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.metricAllInvocations(props?: MetricOptions)

Metric for the number of invocations of all Lambdas.

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.metricAllThrottles(props?: MetricOptions)

Metric for the number of throttled invocations of all Lambdas.

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions 
import { DotNetFunction } from '@aws-cdk/aws-lambda-dotnet'

DotNetFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)

Metric for the number of unreserved concurrent executions across all Lambdas.

propsOptional
  • Type: aws-cdk-lib.aws_cloudwatch.MetricOptions

Properties

Name Type Description
node constructs.Node The tree node.
env aws-cdk-lib.ResourceEnvironment The environment this resource belongs to.
stack aws-cdk-lib.Stack The stack in which this resource is defined.
architecture aws-cdk-lib.aws_lambda.Architecture The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connections aws-cdk-lib.aws_ec2.Connections Access the Connections object.
functionArn string ARN of this function.
functionName string Name of this function.
grantPrincipal aws-cdk-lib.aws_iam.IPrincipal The principal this Lambda Function is running as.
isBoundToVpc boolean Whether or not this Lambda function was bound to a VPC.
latestVersion aws-cdk-lib.aws_lambda.IVersion The $LATEST version of this function.
permissionsNode constructs.Node The construct node where permissions are attached.
resourceArnsForGrantInvoke string[] The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
role aws-cdk-lib.aws_iam.IRole Execution role associated with this function.
currentVersion aws-cdk-lib.aws_lambda.Version Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
logGroup aws-cdk-lib.aws_logs.ILogGroup The LogGroup where the Lambda function's logs are made available.
runtime aws-cdk-lib.aws_lambda.Runtime The runtime configured for this lambda.
deadLetterQueue aws-cdk-lib.aws_sqs.IQueue The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopic aws-cdk-lib.aws_sns.ITopic The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeout aws-cdk-lib.Duration The timeout configured for this lambda.
nodeRequired 
public readonly node: Node;
  • Type: constructs.Node

The tree node.

envRequired 
public readonly env: ResourceEnvironment;
  • Type: aws-cdk-lib.ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.

stackRequired 
public readonly stack: Stack;
  • Type: aws-cdk-lib.Stack

The stack in which this resource is defined.

architectureRequired 
public readonly architecture: Architecture;
  • Type: aws-cdk-lib.aws_lambda.Architecture

The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).

connectionsRequired 
public readonly connections: Connections;
  • Type: aws-cdk-lib.aws_ec2.Connections

Access the Connections object.

Will fail if not a VPC-enabled Lambda Function

functionArnRequired 
public readonly functionArn: string;
  • Type: string

ARN of this function.

functionNameRequired 
public readonly functionName: string;
  • Type: string

Name of this function.

grantPrincipalRequired 
public readonly grantPrincipal: IPrincipal;
  • Type: aws-cdk-lib.aws_iam.IPrincipal

The principal this Lambda Function is running as.

isBoundToVpcRequired 
public readonly isBoundToVpc: boolean;
  • Type: boolean

Whether or not this Lambda function was bound to a VPC.

If this is is false, trying to access the connections object will fail.

latestVersionRequired 
public readonly latestVersion: IVersion;
  • Type: aws-cdk-lib.aws_lambda.IVersion

The $LATEST version of this function.

Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.

To obtain a reference to an explicit version which references the current function configuration, use lambdaFunction.currentVersion instead.

permissionsNodeRequired 
public readonly permissionsNode: Node;
  • Type: constructs.Node

The construct node where permissions are attached.

resourceArnsForGrantInvokeRequired 
public readonly resourceArnsForGrantInvoke: string[];
  • Type: string[]

The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().

roleOptional 
public readonly role: IRole;
  • Type: aws-cdk-lib.aws_iam.IRole

Execution role associated with this function.

currentVersionRequired 
public readonly currentVersion: Version;
  • Type: aws-cdk-lib.aws_lambda.Version

Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.

You can specify options for this version using the currentVersionOptions prop when initializing the lambda.Function.

logGroupRequired 
public readonly logGroup: ILogGroup;
  • Type: aws-cdk-lib.aws_logs.ILogGroup

The LogGroup where the Lambda function's logs are made available.

If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention period (never expire, by default).

Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention to never expire even if it was configured with a different value.

runtimeRequired 
public readonly runtime: Runtime;
  • Type: aws-cdk-lib.aws_lambda.Runtime

The runtime configured for this lambda.

deadLetterQueueOptional 
public readonly deadLetterQueue: IQueue;
  • Type: aws-cdk-lib.aws_sqs.IQueue

The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).

deadLetterTopicOptional 
public readonly deadLetterTopic: ITopic;
  • Type: aws-cdk-lib.aws_sns.ITopic

The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).

timeoutOptional 
public readonly timeout: Duration;
  • Type: aws-cdk-lib.Duration

The timeout configured for this lambda.

Structs

BundlingOptions

Bundling options.

Initializer 

import { BundlingOptions } from '@aws-cdk/aws-lambda-dotnet'

const bundlingOptions: BundlingOptions = { ... }

Properties

Name Type Description
assetHash string Specify a custom hash for this asset.
assetHashType aws-cdk-lib.AssetHashType Determines how the asset hash is calculated. Assets will get rebuilt and uploaded only if their hash has changed.
commandHooks ICommandHooks Command hooks.
dockerImage aws-cdk-lib.DockerImage A custom bundling Docker image.
environment {[ key: string ]: string} Environment variables defined when go runs.
forcedDockerBundling boolean Force bundling in a Docker container even if local bundling is possible.
msbuildParameters string[] Arguments passed to the dotnet publish command.
assetHashOptional 
public readonly assetHash: string;
  • Type: string
  • Default: based on assetHashType

Specify a custom hash for this asset.

If assetHashType is set it must be set to AssetHashType.CUSTOM. For consistency, this custom hash will be SHA256 hashed and encoded as hex. The resulting hash will be the asset hash.

NOTE: the hash is used in order to identify a specific revision of the asset, and used for optimizing and caching deployment activities related to this asset such as packaging, uploading to Amazon S3, etc. If you chose to customize the hash, you will need to make sure it is updated every time the asset changes, or otherwise it is possible that some deployments will not be invalidated.

assetHashTypeOptional 
public readonly assetHashType: AssetHashType;
  • Type: aws-cdk-lib.AssetHashType
  • Default: AssetHashType.OUTPUT. If assetHash is also specified, the default is CUSTOM.

Determines how the asset hash is calculated. Assets will get rebuilt and uploaded only if their hash has changed.

If the asset hash is set to OUTPUT (default), the hash is calculated after bundling. This means that any change in the output will cause the asset to be invalidated and uploaded. Bear in mind that the go binary that is output can be different depending on the environment that it was compiled in. If you want to control when the output is changed it is recommended that you use immutable build images such as public.ecr.aws/bitnami/golang:1.16.3-debian-10-r16.

If the asset hash is set to SOURCE, then only changes to the source directory will cause the asset to rebuild. If your go project has multiple Lambda functions this means that an update to any one function could cause all the functions to be rebuilt and uploaded.

commandHooksOptional 
public readonly commandHooks: ICommandHooks;

Command hooks.

dockerImageOptional 
public readonly dockerImage: DockerImage;
  • Type: aws-cdk-lib.DockerImage
  • Default: use the Docker image provided by

A custom bundling Docker image.

environmentOptional 
public readonly environment: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
  • Default: no environment variables are defined.

Environment variables defined when go runs.

forcedDockerBundlingOptional 
public readonly forcedDockerBundling: boolean;
  • Type: boolean
  • Default: false

Force bundling in a Docker container even if local bundling is possible.

msbuildParametersOptional 
public readonly msbuildParameters: string[];
  • Type: string[]

Arguments passed to the dotnet publish command.

DotNetFunctionProps

Properties for a .NET Function.

Initializer 

import { DotNetFunctionProps } from '@aws-cdk/aws-lambda-dotnet'

const dotNetFunctionProps: DotNetFunctionProps = { ... }

Properties

Name Type Description
maxEventAge aws-cdk-lib.Duration The maximum age of a request that Lambda sends to a function for processing.
onFailure aws-cdk-lib.aws_lambda.IDestination The destination for failed invocations.
onSuccess aws-cdk-lib.aws_lambda.IDestination The destination for successful invocations.
retryAttempts number The maximum number of times to retry when the function returns an error.
adotInstrumentation aws-cdk-lib.aws_lambda.AdotInstrumentationConfig Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllOutbound boolean Whether to allow the Lambda to send all network traffic.
allowPublicSubnet boolean Lambda Functions in a public subnet can NOT access the internet.
applicationLogLevel string Sets the application log level for the function.
architecture aws-cdk-lib.aws_lambda.Architecture The system architectures compatible with this lambda function.
codeSigningConfig aws-cdk-lib.aws_lambda.ICodeSigningConfig Code signing config associated with this function.
currentVersionOptions aws-cdk-lib.aws_lambda.VersionOptions Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueue aws-cdk-lib.aws_sqs.IQueue The SQS queue to use if DLQ is enabled.
deadLetterQueueEnabled boolean Enabled DLQ.
deadLetterTopic aws-cdk-lib.aws_sns.ITopic The SNS topic to use as a DLQ.
description string A description of the function.
environment {[ key: string ]: string} Key-value pairs that Lambda caches and makes available for your Lambda functions.
environmentEncryption aws-cdk-lib.aws_kms.IKey The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSize aws-cdk-lib.Size The size of the function’s /tmp directory in MiB.
events aws-cdk-lib.aws_lambda.IEventSource[] Event sources for this function.
filesystem aws-cdk-lib.aws_lambda.FileSystem The filesystem configuration for the lambda function.
functionName string A name for the function.
initialPolicy aws-cdk-lib.aws_iam.PolicyStatement[] Initial policy statements to add to the created Lambda Role.
insightsVersion aws-cdk-lib.aws_lambda.LambdaInsightsVersion Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStack boolean Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
layers aws-cdk-lib.aws_lambda.ILayerVersion[] A list of layers to add to the function's execution environment.
logFormat string Sets the logFormat for the function.
loggingFormat aws-cdk-lib.aws_lambda.LoggingFormat Sets the loggingFormat for the function.
logGroup aws-cdk-lib.aws_logs.ILogGroup The log group the function sends logs to.
logRetention aws-cdk-lib.aws_logs.RetentionDays The number of days log events are kept in CloudWatch Logs.
logRetentionRetryOptions aws-cdk-lib.aws_lambda.LogRetentionRetryOptions When log retention is specified, a custom resource attempts to create the CloudWatch log group.
logRetentionRole aws-cdk-lib.aws_iam.IRole The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
memorySize number The amount of memory, in MB, that is allocated to your Lambda function.
paramsAndSecrets aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion Specify the configuration of Parameters and Secrets Extension.
profiling boolean Enable profiling.
profilingGroup aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup Profiling Group.
reservedConcurrentExecutions number The maximum of concurrent executions you want to reserve for the function.
role aws-cdk-lib.aws_iam.IRole Lambda execution role.
runtimeManagementMode aws-cdk-lib.aws_lambda.RuntimeManagementMode Sets the runtime management configuration for a function's version.
securityGroups aws-cdk-lib.aws_ec2.ISecurityGroup[] The list of security groups to associate with the Lambda's network interfaces.
snapStart aws-cdk-lib.aws_lambda.SnapStartConf Enable SnapStart for Lambda Function.
systemLogLevel string Sets the system log level for the function.
timeout aws-cdk-lib.Duration The function execution time (in seconds) after which Lambda terminates the function.
tracing aws-cdk-lib.aws_lambda.Tracing Enable AWS X-Ray Tracing for Lambda Function.
vpc aws-cdk-lib.aws_ec2.IVpc VPC network to place Lambda network interfaces.
vpcSubnets aws-cdk-lib.aws_ec2.SubnetSelection Where to place the network interfaces within the VPC.
projectDir string Directory containing your .csproj file.
bundling BundlingOptions Bundling options.
handler string The name of the method within your code that Lambda calls to execute your function.
runtime aws-cdk-lib.aws_lambda.Runtime The runtime environment.
solutionDir string Directory containing your .sln file.
maxEventAgeOptional 
public readonly maxEventAge: Duration;
  • Type: aws-cdk-lib.Duration
  • Default: Duration.hours(6)

The maximum age of a request that Lambda sends to a function for processing.

Minimum: 60 seconds Maximum: 6 hours

onFailureOptional 
public readonly onFailure: IDestination;
  • Type: aws-cdk-lib.aws_lambda.IDestination
  • Default: no destination

The destination for failed invocations.

onSuccessOptional 
public readonly onSuccess: IDestination;
  • Type: aws-cdk-lib.aws_lambda.IDestination
  • Default: no destination

The destination for successful invocations.

retryAttemptsOptional 
public readonly retryAttempts: number;
  • Type: number
  • Default: 2

The maximum number of times to retry when the function returns an error.

Minimum: 0 Maximum: 2

adotInstrumentationOptional 
public readonly adotInstrumentation: AdotInstrumentationConfig;
  • Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
  • Default: No ADOT instrumentation

Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.

https://aws-otel.github.io/docs/getting-started/lambda

allowAllOutboundOptional 
public readonly allowAllOutbound: boolean;
  • Type: boolean
  • Default: true

Whether to allow the Lambda to send all network traffic.

If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets.

Do not specify this property if the securityGroups or securityGroup property is set. Instead, configure allowAllOutbound directly on the security group.

allowPublicSubnetOptional 
public readonly allowPublicSubnet: boolean;
  • Type: boolean
  • Default: false

Lambda Functions in a public subnet can NOT access the internet.

Use this property to acknowledge this limitation and still place the function in a public subnet.

https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841

applicationLogLevelOptional 
public readonly applicationLogLevel: string;
  • Type: string
  • Default: "INFO"

Sets the application log level for the function.

architectureOptional 
public readonly architecture: Architecture;
  • Type: aws-cdk-lib.aws_lambda.Architecture
  • Default: Architecture.X86_64

The system architectures compatible with this lambda function.

codeSigningConfigOptional 
public readonly codeSigningConfig: ICodeSigningConfig;
  • Type: aws-cdk-lib.aws_lambda.ICodeSigningConfig
  • Default: Not Sign the Code

Code signing config associated with this function.

currentVersionOptionsOptional 
public readonly currentVersionOptions: VersionOptions;
  • Type: aws-cdk-lib.aws_lambda.VersionOptions
  • Default: default options as described in VersionOptions

Options for the lambda.Version resource automatically created by the fn.currentVersion method.

deadLetterQueueOptional 
public readonly deadLetterQueue: IQueue;
  • Type: aws-cdk-lib.aws_sqs.IQueue
  • Default: SQS queue with 14 day retention period if deadLetterQueueEnabled is true

The SQS queue to use if DLQ is enabled.

If SNS topic is desired, specify deadLetterTopic property instead.

deadLetterQueueEnabledOptional 
public readonly deadLetterQueueEnabled: boolean;
  • Type: boolean
  • Default: false unless deadLetterQueue is set, which implies DLQ is enabled.

Enabled DLQ.

If deadLetterQueue is undefined, an SQS queue with default options will be defined for your Function.

deadLetterTopicOptional 
public readonly deadLetterTopic: ITopic;
  • Type: aws-cdk-lib.aws_sns.ITopic
  • Default: no SNS topic

The SNS topic to use as a DLQ.

Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.

descriptionOptional 
public readonly description: string;
  • Type: string
  • Default: No description.

A description of the function.

environmentOptional 
public readonly environment: {[ key: string ]: string};
  • Type: {[ key: string ]: string}
  • Default: No environment variables.

Key-value pairs that Lambda caches and makes available for your Lambda functions.

Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code.

environmentEncryptionOptional 
public readonly environmentEncryption: IKey;
  • Type: aws-cdk-lib.aws_kms.IKey
  • Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).

The AWS KMS key that's used to encrypt your function's environment variables.

ephemeralStorageSizeOptional 
public readonly ephemeralStorageSize: Size;
  • Type: aws-cdk-lib.Size
  • Default: 512 MiB

The size of the function’s /tmp directory in MiB.

eventsOptional 
public readonly events: IEventSource[];
  • Type: aws-cdk-lib.aws_lambda.IEventSource[]
  • Default: No event sources.

Event sources for this function.

You can also add event sources using addEventSource.

filesystemOptional 
public readonly filesystem: FileSystem;
  • Type: aws-cdk-lib.aws_lambda.FileSystem
  • Default: will not mount any filesystem

The filesystem configuration for the lambda function.

functionNameOptional 
public readonly functionName: string;
  • Type: string
  • Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.

A name for the function.

initialPolicyOptional 
public readonly initialPolicy: PolicyStatement[];
  • Type: aws-cdk-lib.aws_iam.PolicyStatement[]
  • Default: No policy statements are added to the created Lambda role.

Initial policy statements to add to the created Lambda Role.

You can call addToRolePolicy to the created lambda to add statements post creation.

insightsVersionOptional 
public readonly insightsVersion: LambdaInsightsVersion;
  • Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
  • Default: No Lambda Insights

Specify the version of CloudWatch Lambda insights to use for monitoring.

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-Getting-Started-docker.html

ipv6AllowedForDualStackOptional 
public readonly ipv6AllowedForDualStack: boolean;
  • Type: boolean
  • Default: false

Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.

Only used if 'vpc' is supplied.

layersOptional 
public readonly layers: ILayerVersion[];
  • Type: aws-cdk-lib.aws_lambda.ILayerVersion[]
  • Default: No layers.

A list of layers to add to the function's execution environment.

You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions.

logFormatOptional 
public readonly logFormat: string;
  • Type: string
  • Default: "Text"

Sets the logFormat for the function.

loggingFormatOptional 
public readonly loggingFormat: LoggingFormat;
  • Type: aws-cdk-lib.aws_lambda.LoggingFormat
  • Default: LoggingFormat.TEXT

Sets the loggingFormat for the function.

logGroupOptional 
public readonly logGroup: ILogGroup;
  • Type: aws-cdk-lib.aws_logs.ILogGroup
  • Default: /aws/lambda/${this.functionName} - default log group created by Lambda

The log group the function sends logs to.

By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.

Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.

Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.

logRetentionOptional 
public readonly logRetention: RetentionDays;
  • Type: aws-cdk-lib.aws_logs.RetentionDays
  • Default: logs.RetentionDays.INFINITE

The number of days log events are kept in CloudWatch Logs.

When updating this property, unsetting it doesn't remove the log retention policy. To remove the retention policy, set the value to INFINITE.

This is a legacy API and we strongly recommend you move away from it if you can. Instead create a fully customizable log group with logs.LogGroup and use the logGroup property to instruct the Lambda function to send logs to it. Migrating from logRetention to logGroup will cause the name of the log group to change. Users and code and referencing the name verbatim will have to adjust.

In AWS CDK code, you can access the log group name directly from the LogGroup construct:

import * as logs from 'aws-cdk-lib/aws-logs';

declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional 
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
  • Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
  • Default: Default AWS SDK retry options.

When log retention is specified, a custom resource attempts to create the CloudWatch log group.

These options control the retry policy when interacting with CloudWatch APIs.

This is a legacy API and we strongly recommend you migrate to logGroup if you can. logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.

logRetentionRoleOptional 
public readonly logRetentionRole: IRole;
  • Type: aws-cdk-lib.aws_iam.IRole
  • Default: A new role is created.

The IAM role for the Lambda function associated with the custom resource that sets the retention policy.

This is a legacy API and we strongly recommend you migrate to logGroup if you can. logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.

memorySizeOptional 
public readonly memorySize: number;
  • Type: number
  • Default: 128

The amount of memory, in MB, that is allocated to your Lambda function.

Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide.

paramsAndSecretsOptional 
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
  • Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
  • Default: No Parameters and Secrets Extension

Specify the configuration of Parameters and Secrets Extension.

https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html

profilingOptional 
public readonly profiling: boolean;
  • Type: boolean
  • Default: No profiling.

Enable profiling.

https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html

profilingGroupOptional 
public readonly profilingGroup: IProfilingGroup;
  • Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
  • Default: A new profiling group will be created if profiling is set.

Profiling Group.

https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html

reservedConcurrentExecutionsOptional 
public readonly reservedConcurrentExecutions: number;
  • Type: number
  • Default: No specific limit - account limit.

The maximum of concurrent executions you want to reserve for the function.

https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html

roleOptional 
public readonly role: IRole;
  • Type: aws-cdk-lib.aws_iam.IRole
  • Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling addToRolePolicy.

Lambda execution role.

This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.

The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.

The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".

runtimeManagementModeOptional 
public readonly runtimeManagementMode: RuntimeManagementMode;
  • Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
  • Default: Auto

Sets the runtime management configuration for a function's version.

securityGroupsOptional 
public readonly securityGroups: ISecurityGroup[];
  • Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
  • Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.

The list of security groups to associate with the Lambda's network interfaces.

Only used if 'vpc' is supplied.

snapStartOptional 
public readonly snapStart: SnapStartConf;
  • Type: aws-cdk-lib.aws_lambda.SnapStartConf
  • Default: No snapstart

Enable SnapStart for Lambda Function.

SnapStart is currently supported only for Java 11, 17 runtime

systemLogLevelOptional 
public readonly systemLogLevel: string;
  • Type: string
  • Default: "INFO"

Sets the system log level for the function.

timeoutOptional 
public readonly timeout: Duration;
  • Type: aws-cdk-lib.Duration
  • Default: Duration.seconds(3)

The function execution time (in seconds) after which Lambda terminates the function.

Because the execution time affects cost, set this value based on the function's expected execution time.

tracingOptional 
public readonly tracing: Tracing;
  • Type: aws-cdk-lib.aws_lambda.Tracing
  • Default: Tracing.Disabled

Enable AWS X-Ray Tracing for Lambda Function.

vpcOptional 
public readonly vpc: IVpc;
  • Type: aws-cdk-lib.aws_ec2.IVpc
  • Default: Function is not placed within a VPC.

VPC network to place Lambda network interfaces.

Specify this if the Lambda function needs to access resources in a VPC. This is required when vpcSubnets is specified.

vpcSubnetsOptional 
public readonly vpcSubnets: SubnetSelection;
  • Type: aws-cdk-lib.aws_ec2.SubnetSelection
  • Default: the Vpc default strategy if not specified

Where to place the network interfaces within the VPC.

This requires vpc to be specified in order for interfaces to actually be placed in the subnets. If vpc is not specify, this will raise an error.

Note: Internet access for Lambda Functions requires a NAT Gateway, so picking public subnets is not allowed (unless allowPublicSubnet is set to true).

projectDirRequired 
public readonly projectDir: string;
  • Type: string

Directory containing your .csproj file.

bundlingOptional 
public readonly bundling: BundlingOptions;

Bundling options.

handlerOptional 
public readonly handler: string;
  • Type: string
  • Default: the .csproj file is used as project name and the handler is set to the project name or the handler is found reading the aws-lambda-tools-defaults.json file in the project directory.

The name of the method within your code that Lambda calls to execute your function.

The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html.

runtimeOptional 
public readonly runtime: Runtime;
  • Type: aws-cdk-lib.aws_lambda.Runtime
  • Default: lambda.Runtime.DOTNET_8

The runtime environment.

Only runtimes of the .NET family and provided family are supported.

solutionDirOptional 
public readonly solutionDir: string;
  • Type: string
  • Default: the path is found by walking up parent directories searching for a .sln file from the location of projectDir. If no .sln file is found, the projectDir will be used.

Directory containing your .sln file.

This will be used as the source of the volume mounted in the Docker container and will be the directory where it will run dotnet build from.

Protocols

ICommandHooks

Command hooks.

These commands will run in the environment in which bundling occurs: inside the container for Docker bundling or on the host OS for local bundling.

Commands are chained with &&.

{
  // Run tests prior to bundling
  beforeBundling(inputDir: string, outputDir: string): string[] {
    return [`go test -mod=vendor ./...`];
  }
  // ...
}

Methods

Name Description
afterBundling Returns commands to run after bundling.
beforeBundling Returns commands to run before bundling.
afterBundling 
public afterBundling(inputDir: string, outputDir: string): string[]

Returns commands to run after bundling.

Commands are chained with &&.

inputDirRequired
  • Type: string
outputDirRequired
  • Type: string
beforeBundling 
public beforeBundling(inputDir: string, outputDir: string): string[]

Returns commands to run before bundling.

Commands are chained with &&.

inputDirRequired
  • Type: string
outputDirRequired
  • Type: string