SingletonFunction

class aws_cdk.aws_lambda.SingletonFunction(scope, id, *, uuid, lambda_purpose=None, code, handler, runtime, allow_all_outbound=None, allow_public_subnet=None, current_version_options=None, dead_letter_queue=None, dead_letter_queue_enabled=None, description=None, environment=None, events=None, filesystem=None, function_name=None, initial_policy=None, layers=None, log_retention=None, log_retention_retry_options=None, log_retention_role=None, memory_size=None, profiling=None, profiling_group=None, reserved_concurrent_executions=None, role=None, security_group=None, security_groups=None, timeout=None, tracing=None, vpc=None, vpc_subnets=None, max_event_age=None, on_failure=None, on_success=None, retry_attempts=None)

Bases: aws_cdk.aws_lambda.FunctionBase

A Lambda that will only ever be added to a stack once.

This construct is a way to guarantee that the lambda function will be guaranteed to be part of the stack, once and only once, irrespective of how many times the construct is declared to be part of the stack. This is guaranteed as long as the uuid property and the optional lambdaPurpose property stay the same whenever they’re declared into the stack.

Resource

AWS::Lambda::Function

Parameters
  • scope (Construct) –

  • id (str) –

  • uuid (str) – A unique identifier to identify this lambda. The identifier should be unique across all custom resource providers. We recommend generating a UUID per provider.

  • lambda_purpose (Optional[str]) – A descriptive name for the purpose of this Lambda. If the Lambda does not have a physical name, this string will be reflected its generated name. The combination of lambdaPurpose and uuid must be unique. Default: SingletonLambda

  • code (Code) – The source code of your Lambda function. You can point to a file in an Amazon Simple Storage Service (Amazon S3) bucket or specify your source code as inline text.

  • handler (str) – The name of the method within your code that Lambda calls to execute your function. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-features.html#gettingstarted-features-programmingmodel. NOTE: If you specify your source code as inline text by specifying the ZipFile property within the Code property, specify index.function_name as the handler.

  • runtime (Runtime) – The runtime environment for the Lambda function that you are uploading. For valid values, see the Runtime property in the AWS Lambda Developer Guide.

  • allow_all_outbound (Optional[bool]) – Whether to allow the Lambda to send all network traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets. Default: true

  • allow_public_subnet (Optional[bool]) – Lambda Functions in a public subnet can NOT access the internet. Use this property to acknowledge this limitation and still place the function in a public subnet. Default: false

  • current_version_options (Optional[VersionOptions]) – Options for the lambda.Version resource automatically created by the fn.currentVersion method. Default: - default options as described in VersionOptions

  • dead_letter_queue (Optional[IQueue]) – The SQS queue to use if DLQ is enabled. Default: - SQS queue with 14 day retention period if deadLetterQueueEnabled is true

  • dead_letter_queue_enabled (Optional[bool]) – Enabled DLQ. If deadLetterQueue is undefined, an SQS queue with default options will be defined for your Function. Default: - false unless deadLetterQueue is set, which implies DLQ is enabled.

  • description (Optional[str]) – A description of the function. Default: - No description.

  • environment (Optional[Mapping[str, str]]) – Key-value pairs that Lambda caches and makes available for your Lambda functions. Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code. Default: - No environment variables.

  • events (Optional[List[IEventSource]]) – Event sources for this function. You can also add event sources using addEventSource. Default: - No event sources.

  • filesystem (Optional[FileSystem]) – The filesystem configuration for the lambda function. Default: - will not mount any filesystem

  • function_name (Optional[str]) – A name for the function. Default: - AWS CloudFormation generates a unique physical ID and uses that ID for the function’s name. For more information, see Name Type.

  • initial_policy (Optional[List[PolicyStatement]]) – Initial policy statements to add to the created Lambda Role. You can call addToRolePolicy to the created lambda to add statements post creation. Default: - No policy statements are added to the created Lambda role.

  • layers (Optional[List[ILayerVersion]]) – A list of layers to add to the function’s execution environment. You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by mulitple functions. Default: - No layers.

  • log_retention (Optional[RetentionDays]) – The number of days log events are kept in CloudWatch Logs. When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to INFINITE. Default: logs.RetentionDays.INFINITE

  • log_retention_retry_options (Optional[LogRetentionRetryOptions]) – When log retention is specified, a custom resource attempts to create the CloudWatch log group. These options control the retry policy when interacting with CloudWatch APIs. Default: - Default AWS SDK retry options.

  • log_retention_role (Optional[IRole]) – The IAM role for the Lambda function associated with the custom resource that sets the retention policy. Default: - A new role is created.

  • memory_size (Union[int, float, None]) – The amount of memory, in MB, that is allocated to your Lambda function. Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide. Default: 128

  • profiling (Optional[bool]) – Enable profiling. Default: - No profiling.

  • profiling_group (Optional[IProfilingGroup]) – Profiling Group. Default: - A new profiling group will be created if profiling is set.

  • reserved_concurrent_executions (Union[int, float, None]) – The maximum of concurrent executions you want to reserve for the function. Default: - No specific limit - account limit.

  • role (Optional[IRole]) – Lambda execution role. This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the ‘lambda.amazonaws.com’ service principal. The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself. The relevant managed policies are “service-role/AWSLambdaBasicExecutionRole” and “service-role/AWSLambdaVPCAccessExecutionRole”. Default: - A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling addToRolePolicy.

  • security_group (Optional[ISecurityGroup]) – (deprecated) What security group to associate with the Lambda’s network interfaces. This property is being deprecated, consider using securityGroups instead. Only used if ‘vpc’ is supplied. Use securityGroups property instead. Function constructor will throw an error if both are specified. Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroups prop, a dedicated security group will be created for this function.

  • security_groups (Optional[List[ISecurityGroup]]) – The list of security groups to associate with the Lambda’s network interfaces. Only used if ‘vpc’ is supplied. Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.

  • timeout (Optional[Duration]) – The function execution time (in seconds) after which Lambda terminates the function. Because the execution time affects cost, set this value based on the function’s expected execution time. Default: Duration.seconds(3)

  • tracing (Optional[Tracing]) – Enable AWS X-Ray Tracing for Lambda Function. Default: Tracing.Disabled

  • vpc (Optional[IVpc]) – VPC network to place Lambda network interfaces. Specify this if the Lambda function needs to access resources in a VPC. Default: - Function is not placed within a VPC.

  • vpc_subnets (Optional[SubnetSelection]) – Where to place the network interfaces within the VPC. Only used if ‘vpc’ is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed. Default: - the Vpc default strategy if not specified

  • max_event_age (Optional[Duration]) – The maximum age of a request that Lambda sends to a function for processing. Minimum: 60 seconds Maximum: 6 hours Default: Duration.hours(6)

  • on_failure (Optional[IDestination]) – The destination for failed invocations. Default: - no destination

  • on_success (Optional[IDestination]) – The destination for successful invocations. Default: - no destination

  • retry_attempts (Union[int, float, None]) – The maximum number of times to retry when the function returns an error. Minimum: 0 Maximum: 2 Default: 2

Methods

add_dependency(*up)

Using node.addDependency() does not work on this method as the underlying lambda function is modeled as a singleton across the stack. Use this method instead to declare dependencies.

Parameters

up (IDependable) –

Return type

None

add_event_source(source)

Adds an event source to this function.

Event sources are implemented in the @aws-cdk/aws-lambda-event-sources module.

The following example adds an SQS Queue as an event source:

import { SqsEventSource } from '@aws-cdk/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
Parameters

source (IEventSource) – The event source to bind to this function.

Return type

None

add_event_source_mapping(id, *, event_source_arn, batch_size=None, bisect_batch_on_error=None, enabled=None, kafka_topic=None, max_batching_window=None, max_record_age=None, on_failure=None, parallelization_factor=None, retry_attempts=None, starting_position=None)

Adds an event source that maps to this AWS Lambda function.

Parameters
  • id (str) –

  • event_source_arn (str) – The Amazon Resource Name (ARN) of the event source. Any record added to this stream can invoke the Lambda function.

  • batch_size (Union[int, float, None]) – The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function. Your function receives an event with all the retrieved records. Valid Range: Minimum value of 1. Maximum value of 10000. Default: - Amazon Kinesis, Amazon DynamoDB, and Amazon MSK is 100 records. Both the default and maximum for Amazon SQS are 10 messages.

  • bisect_batch_on_error (Optional[bool]) – If the function returns an error, split the batch in two and retry. Default: false

  • enabled (Optional[bool]) – Set to false to disable the event source upon creation. Default: true

  • kafka_topic (Optional[str]) – The name of the Kafka topic. Default: - no topic

  • max_batching_window (Optional[Duration]) – The maximum amount of time to gather records before invoking the function. Maximum of Duration.minutes(5) Default: Duration.seconds(0)

  • max_record_age (Optional[Duration]) – The maximum age of a record that Lambda sends to a function for processing. Valid Range: - Minimum value of 60 seconds - Maximum value of 7 days Default: - infinite or until the record expires.

  • on_failure (Optional[IEventSourceDlq]) – An Amazon SQS queue or Amazon SNS topic destination for discarded records. Default: discarded records are ignored

  • parallelization_factor (Union[int, float, None]) – The number of batches to process from each shard concurrently. Valid Range: - Minimum value of 1 - Maximum value of 10 Default: 1

  • retry_attempts (Union[int, float, None]) – The maximum number of times to retry when the function returns an error. Set to undefined if you want lambda to keep retrying infinitely or until the record expires. Valid Range: - Minimum value of 0 - Maximum value of 10000 Default: - infinite or until the record expires.

  • starting_position (Optional[StartingPosition]) – The position in the DynamoDB, Kinesis or MSK stream where AWS Lambda should start reading. Default: - Required for Amazon Kinesis, Amazon DynamoDB, and Amazon MSK Streams sources.

Return type

EventSourceMapping

add_permission(name, *, principal, action=None, event_source_token=None, scope=None, source_account=None, source_arn=None)

Adds a permission to the Lambda resource policy.

Parameters
  • name (str) –

  • principal (IPrincipal) – The entity for which you are granting permission to invoke the Lambda function. This entity can be any valid AWS service principal, such as s3.amazonaws.com or sns.amazonaws.com, or, if you are granting cross-account permission, an AWS account ID. For example, you might want to allow a custom application in another AWS account to push events to Lambda by invoking your function. The principal can be either an AccountPrincipal or a ServicePrincipal.

  • action (Optional[str]) – The Lambda actions that you want to allow in this statement. For example, you can specify lambda:CreateFunction to specify a certain action, or use a wildcard (lambda:*) to grant permission to all Lambda actions. For a list of actions, see Actions and Condition Context Keys for AWS Lambda in the IAM User Guide. Default: ‘lambda:InvokeFunction’

  • event_source_token (Optional[str]) – A unique token that must be supplied by the principal invoking the function. Default: The caller would not need to present a token.

  • scope (Optional[Construct]) – The scope to which the permission constructs be attached. The default is the Lambda function construct itself, but this would need to be different in cases such as cross-stack references where the Permissions would need to sit closer to the consumer of this permission (i.e., the caller). Default: - The instance of lambda.IFunction

  • source_account (Optional[str]) – The AWS account ID (without hyphens) of the source owner. For example, if you specify an S3 bucket in the SourceArn property, this value is the bucket owner’s account ID. You can use this property to ensure that all source principals are owned by a specific account.

  • source_arn (Optional[str]) – The ARN of a resource that is invoking your function. When granting Amazon Simple Storage Service (Amazon S3) permission to invoke your function, specify this property with the bucket ARN as its value. This ensures that events generated only from the specified bucket, not just any bucket from any AWS account that creates a mapping to your function, can invoke the function.

Return type

None

add_to_role_policy(statement)

Adds a statement to the IAM role assumed by the instance.

Parameters

statement (PolicyStatement) –

Return type

None

configure_async_invoke(*, max_event_age=None, on_failure=None, on_success=None, retry_attempts=None)

Configures options for asynchronous invocation.

Parameters
  • max_event_age (Optional[Duration]) – The maximum age of a request that Lambda sends to a function for processing. Minimum: 60 seconds Maximum: 6 hours Default: Duration.hours(6)

  • on_failure (Optional[IDestination]) – The destination for failed invocations. Default: - no destination

  • on_success (Optional[IDestination]) – The destination for successful invocations. Default: - no destination

  • retry_attempts (Union[int, float, None]) – The maximum number of times to retry when the function returns an error. Minimum: 0 Maximum: 2 Default: 2

Return type

None

depend_on(down)

The SingletonFunction construct cannot be added as a dependency of another construct using node.addDependency(). Use this method instead to declare this as a dependency of another construct.

Parameters

down (IConstruct) –

Return type

None

grant_invoke(grantee)

Grant the given identity permissions to invoke this Lambda.

Parameters

grantee (IGrantable) –

Return type

Grant

metric(metric_name, *, account=None, color=None, dimensions=None, label=None, period=None, region=None, statistic=None, unit=None)

Return the given named metric for this Function.

Parameters
  • metric_name (str) –

  • account (Optional[str]) – Account which this metric comes from. Default: - Deployment account.

  • color (Optional[str]) – The hex color code, prefixed with ‘#’ (e.g. ‘#00ff00’), to use when this metric is rendered on a graph. The Color class has a set of standard colors that can be used here. Default: - Automatic color

  • dimensions (Optional[Mapping[str, Any]]) – Dimensions of the metric. Default: - No dimensions.

  • label (Optional[str]) – Label for this metric when added to a Graph in a Dashboard. Default: - No label

  • period (Optional[Duration]) – The period over which the specified statistic is applied. Default: Duration.minutes(5)

  • region (Optional[str]) – Region which this metric comes from. Default: - Deployment region.

  • statistic (Optional[str]) – What function to use for aggregating. Can be one of the following: - “Minimum” | “min” - “Maximum” | “max” - “Average” | “avg” - “Sum” | “sum” - “SampleCount | “n” - “pNN.NN” Default: Average

  • unit (Optional[Unit]) – Unit used to filter the metric stream. Only refer to datums emitted to the metric stream with the given unit and ignore all others. Only useful when datums are being emitted to the same metric stream under different units. The default is to use all matric datums in the stream, regardless of unit, which is recommended in nearly all cases. CloudWatch does not honor this property for graphs. Default: - All metric datums in the given metric stream

Return type

Metric

metric_duration(*, account=None, color=None, dimensions=None, label=None, period=None, region=None, statistic=None, unit=None)

How long execution of this Lambda takes.

Average over 5 minutes

Parameters
  • account (Optional[str]) – Account which this metric comes from. Default: - Deployment account.

  • color (Optional[str]) – The hex color code, prefixed with ‘#’ (e.g. ‘#00ff00’), to use when this metric is rendered on a graph. The Color class has a set of standard colors that can be used here. Default: - Automatic color

  • dimensions (Optional[Mapping[str, Any]]) – Dimensions of the metric. Default: - No dimensions.

  • label (Optional[str]) – Label for this metric when added to a Graph in a Dashboard. Default: - No label

  • period (Optional[Duration]) – The period over which the specified statistic is applied. Default: Duration.minutes(5)

  • region (Optional[str]) – Region which this metric comes from. Default: - Deployment region.

  • statistic (Optional[str]) – What function to use for aggregating. Can be one of the following: - “Minimum” | “min” - “Maximum” | “max” - “Average” | “avg” - “Sum” | “sum” - “SampleCount | “n” - “pNN.NN” Default: Average

  • unit (Optional[Unit]) – Unit used to filter the metric stream. Only refer to datums emitted to the metric stream with the given unit and ignore all others. Only useful when datums are being emitted to the same metric stream under different units. The default is to use all matric datums in the stream, regardless of unit, which is recommended in nearly all cases. CloudWatch does not honor this property for graphs. Default: - All metric datums in the given metric stream

Return type

Metric

metric_errors(*, account=None, color=None, dimensions=None, label=None, period=None, region=None, statistic=None, unit=None)

How many invocations of this Lambda fail.

Sum over 5 minutes

Parameters
  • account (Optional[str]) – Account which this metric comes from. Default: - Deployment account.

  • color (Optional[str]) – The hex color code, prefixed with ‘#’ (e.g. ‘#00ff00’), to use when this metric is rendered on a graph. The Color class has a set of standard colors that can be used here. Default: - Automatic color

  • dimensions (Optional[Mapping[str, Any]]) – Dimensions of the metric. Default: - No dimensions.

  • label (Optional[str]) – Label for this metric when added to a Graph in a Dashboard. Default: - No label

  • period (Optional[Duration]) – The period over which the specified statistic is applied. Default: Duration.minutes(5)

  • region (Optional[str]) – Region which this metric comes from. Default: - Deployment region.

  • statistic (Optional[str]) – What function to use for aggregating. Can be one of the following: - “Minimum” | “min” - “Maximum” | “max” - “Average” | “avg” - “Sum” | “sum” - “SampleCount | “n” - “pNN.NN” Default: Average

  • unit (Optional[Unit]) – Unit used to filter the metric stream. Only refer to datums emitted to the metric stream with the given unit and ignore all others. Only useful when datums are being emitted to the same metric stream under different units. The default is to use all matric datums in the stream, regardless of unit, which is recommended in nearly all cases. CloudWatch does not honor this property for graphs. Default: - All metric datums in the given metric stream

Return type

Metric

metric_invocations(*, account=None, color=None, dimensions=None, label=None, period=None, region=None, statistic=None, unit=None)

How often this Lambda is invoked.

Sum over 5 minutes

Parameters
  • account (Optional[str]) – Account which this metric comes from. Default: - Deployment account.

  • color (Optional[str]) – The hex color code, prefixed with ‘#’ (e.g. ‘#00ff00’), to use when this metric is rendered on a graph. The Color class has a set of standard colors that can be used here. Default: - Automatic color

  • dimensions (Optional[Mapping[str, Any]]) – Dimensions of the metric. Default: - No dimensions.

  • label (Optional[str]) – Label for this metric when added to a Graph in a Dashboard. Default: - No label

  • period (Optional[Duration]) – The period over which the specified statistic is applied. Default: Duration.minutes(5)

  • region (Optional[str]) – Region which this metric comes from. Default: - Deployment region.

  • statistic (Optional[str]) – What function to use for aggregating. Can be one of the following: - “Minimum” | “min” - “Maximum” | “max” - “Average” | “avg” - “Sum” | “sum” - “SampleCount | “n” - “pNN.NN” Default: Average

  • unit (Optional[Unit]) – Unit used to filter the metric stream. Only refer to datums emitted to the metric stream with the given unit and ignore all others. Only useful when datums are being emitted to the same metric stream under different units. The default is to use all matric datums in the stream, regardless of unit, which is recommended in nearly all cases. CloudWatch does not honor this property for graphs. Default: - All metric datums in the given metric stream

Return type

Metric

metric_throttles(*, account=None, color=None, dimensions=None, label=None, period=None, region=None, statistic=None, unit=None)

How often this Lambda is throttled.

Sum over 5 minutes

Parameters
  • account (Optional[str]) – Account which this metric comes from. Default: - Deployment account.

  • color (Optional[str]) – The hex color code, prefixed with ‘#’ (e.g. ‘#00ff00’), to use when this metric is rendered on a graph. The Color class has a set of standard colors that can be used here. Default: - Automatic color

  • dimensions (Optional[Mapping[str, Any]]) – Dimensions of the metric. Default: - No dimensions.

  • label (Optional[str]) – Label for this metric when added to a Graph in a Dashboard. Default: - No label

  • period (Optional[Duration]) – The period over which the specified statistic is applied. Default: Duration.minutes(5)

  • region (Optional[str]) – Region which this metric comes from. Default: - Deployment region.

  • statistic (Optional[str]) – What function to use for aggregating. Can be one of the following: - “Minimum” | “min” - “Maximum” | “max” - “Average” | “avg” - “Sum” | “sum” - “SampleCount | “n” - “pNN.NN” Default: Average

  • unit (Optional[Unit]) – Unit used to filter the metric stream. Only refer to datums emitted to the metric stream with the given unit and ignore all others. Only useful when datums are being emitted to the same metric stream under different units. The default is to use all matric datums in the stream, regardless of unit, which is recommended in nearly all cases. CloudWatch does not honor this property for graphs. Default: - All metric datums in the given metric stream

Return type

Metric

to_string()

Returns a string representation of this construct.

Return type

str

Attributes

connections

Access the Connections object.

Will fail if not a VPC-enabled Lambda Function

Return type

Connections

current_version

Returns a lambda.Version which represents the current version of this singleton Lambda function. A new version will be created every time the function’s configuration changes.

You can specify options for this version using the currentVersionOptions prop when initializing the lambda.SingletonFunction.

Return type

Version

env

The environment this resource belongs to.

For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.

Return type

ResourceEnvironment

function_arn

The ARN fo the function.

Return type

str

function_name

The name of the function.

Return type

str

grant_principal

The principal this Lambda Function is running as.

Return type

IPrincipal

is_bound_to_vpc

Whether or not this Lambda function was bound to a VPC.

If this is is false, trying to access the connections object will fail.

Return type

bool

latest_version

The $LATEST version of this function.

Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.

To obtain a reference to an explicit version which references the current function configuration, use lambdaFunction.currentVersion instead.

Return type

IVersion

node

The construct tree node associated with this construct.

Return type

ConstructNode

permissions_node

The construct node where permissions are attached.

Return type

ConstructNode

role

The IAM role associated with this function.

Undefined if the function was imported without a role.

Return type

Optional[IRole]

stack

The stack in which this resource is defined.

Return type

Stack

Static Methods

classmethod is_construct(x)

Return whether the given object is a Construct.

Parameters

x (Any) –

Return type

bool