SingletonFunctionProps¶
-
class
aws_cdk.aws_lambda.
SingletonFunctionProps
(*, max_event_age=None, on_failure=None, on_success=None, retry_attempts=None, allow_all_outbound=None, allow_public_subnet=None, code_signing_config=None, current_version_options=None, dead_letter_queue=None, dead_letter_queue_enabled=None, description=None, environment=None, environment_encryption=None, events=None, filesystem=None, function_name=None, initial_policy=None, layers=None, log_retention=None, log_retention_retry_options=None, log_retention_role=None, memory_size=None, profiling=None, profiling_group=None, reserved_concurrent_executions=None, role=None, security_group=None, security_groups=None, timeout=None, tracing=None, vpc=None, vpc_subnets=None, code, handler, runtime, uuid, lambda_purpose=None)¶ Bases:
aws_cdk.aws_lambda.FunctionProps
Properties for a newly created singleton Lambda.
- Parameters
max_event_age (
Optional
[Duration
]) – The maximum age of a request that Lambda sends to a function for processing. Minimum: 60 seconds Maximum: 6 hours Default: Duration.hours(6)on_failure (
Optional
[IDestination
]) – The destination for failed invocations. Default: - no destinationon_success (
Optional
[IDestination
]) – The destination for successful invocations. Default: - no destinationretry_attempts (
Union
[int
,float
,None
]) – The maximum number of times to retry when the function returns an error. Minimum: 0 Maximum: 2 Default: 2allow_all_outbound (
Optional
[bool
]) – Whether to allow the Lambda to send all network traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets. Default: trueallow_public_subnet (
Optional
[bool
]) – Lambda Functions in a public subnet can NOT access the internet. Use this property to acknowledge this limitation and still place the function in a public subnet. Default: falsecode_signing_config (
Optional
[ICodeSigningConfig
]) – Code signing config associated with this function. Default: - Not Sign the Codecurrent_version_options (
Optional
[VersionOptions
]) – Options for thelambda.Version
resource automatically created by thefn.currentVersion
method. Default: - default options as described inVersionOptions
dead_letter_queue (
Optional
[IQueue
]) – The SQS queue to use if DLQ is enabled. Default: - SQS queue with 14 day retention period ifdeadLetterQueueEnabled
istrue
dead_letter_queue_enabled (
Optional
[bool
]) – Enabled DLQ. IfdeadLetterQueue
is undefined, an SQS queue with default options will be defined for your Function. Default: - false unlessdeadLetterQueue
is set, which implies DLQ is enabled.description (
Optional
[str
]) – A description of the function. Default: - No description.environment (
Optional
[Mapping
[str
,str
]]) – Key-value pairs that Lambda caches and makes available for your Lambda functions. Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code. Default: - No environment variables.environment_encryption (
Optional
[IKey
]) – The AWS KMS key that’s used to encrypt your function’s environment variables. Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).events (
Optional
[List
[IEventSource
]]) – Event sources for this function. You can also add event sources usingaddEventSource
. Default: - No event sources.filesystem (
Optional
[FileSystem
]) – The filesystem configuration for the lambda function. Default: - will not mount any filesystemfunction_name (
Optional
[str
]) – A name for the function. Default: - AWS CloudFormation generates a unique physical ID and uses that ID for the function’s name. For more information, see Name Type.initial_policy (
Optional
[List
[PolicyStatement
]]) – Initial policy statements to add to the created Lambda Role. You can calladdToRolePolicy
to the created lambda to add statements post creation. Default: - No policy statements are added to the created Lambda role.layers (
Optional
[List
[ILayerVersion
]]) – A list of layers to add to the function’s execution environment. You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by mulitple functions. Default: - No layers.log_retention (
Optional
[RetentionDays
]) – The number of days log events are kept in CloudWatch Logs. When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value toINFINITE
. Default: logs.RetentionDays.INFINITElog_retention_retry_options (
Optional
[LogRetentionRetryOptions
]) – When log retention is specified, a custom resource attempts to create the CloudWatch log group. These options control the retry policy when interacting with CloudWatch APIs. Default: - Default AWS SDK retry options.log_retention_role (
Optional
[IRole
]) – The IAM role for the Lambda function associated with the custom resource that sets the retention policy. Default: - A new role is created.memory_size (
Union
[int
,float
,None
]) – The amount of memory, in MB, that is allocated to your Lambda function. Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide. Default: 128profiling (
Optional
[bool
]) – Enable profiling. Default: - No profiling.profiling_group (
Optional
[IProfilingGroup
]) – Profiling Group. Default: - A new profiling group will be created ifprofiling
is set.reserved_concurrent_executions (
Union
[int
,float
,None
]) – The maximum of concurrent executions you want to reserve for the function. Default: - No specific limit - account limit.role (
Optional
[IRole
]) – Lambda execution role. This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the ‘lambda.amazonaws.com’ service principal. The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself. The relevant managed policies are “service-role/AWSLambdaBasicExecutionRole” and “service-role/AWSLambdaVPCAccessExecutionRole”. Default: - A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by callingaddToRolePolicy
.security_group (
Optional
[ISecurityGroup
]) – (deprecated) What security group to associate with the Lambda’s network interfaces. This property is being deprecated, consider using securityGroups instead. Only used if ‘vpc’ is supplied. Use securityGroups property instead. Function constructor will throw an error if both are specified. Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroups prop, a dedicated security group will be created for this function.security_groups (
Optional
[List
[ISecurityGroup
]]) – The list of security groups to associate with the Lambda’s network interfaces. Only used if ‘vpc’ is supplied. Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.timeout (
Optional
[Duration
]) – The function execution time (in seconds) after which Lambda terminates the function. Because the execution time affects cost, set this value based on the function’s expected execution time. Default: Duration.seconds(3)tracing (
Optional
[Tracing
]) – Enable AWS X-Ray Tracing for Lambda Function. Default: Tracing.Disabledvpc (
Optional
[IVpc
]) – VPC network to place Lambda network interfaces. Specify this if the Lambda function needs to access resources in a VPC. Default: - Function is not placed within a VPC.vpc_subnets (
Optional
[SubnetSelection
]) – Where to place the network interfaces within the VPC. Only used if ‘vpc’ is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed. Default: - the Vpc default strategy if not specifiedcode (
Code
) – The source code of your Lambda function. You can point to a file in an Amazon Simple Storage Service (Amazon S3) bucket or specify your source code as inline text.handler (
str
) – The name of the method within your code that Lambda calls to execute your function. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-features.html#gettingstarted-features-programmingmodel. UseHandler.FROM_IMAGE
when defining a function from a Docker image. NOTE: If you specify your source code as inline text by specifying the ZipFile property within the Code property, specify index.function_name as the handler.runtime (
Runtime
) – The runtime environment for the Lambda function that you are uploading. For valid values, see the Runtime property in the AWS Lambda Developer Guide. UseRuntime.FROM_IMAGE
when when defining a function from a Docker image.uuid (
str
) – A unique identifier to identify this lambda. The identifier should be unique across all custom resource providers. We recommend generating a UUID per provider.lambda_purpose (
Optional
[str
]) – A descriptive name for the purpose of this Lambda. If the Lambda does not have a physical name, this string will be reflected its generated name. The combination of lambdaPurpose and uuid must be unique. Default: SingletonLambda
Attributes
-
allow_all_outbound
¶ Whether to allow the Lambda to send all network traffic.
If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets.
- Default
true
- Return type
Optional
[bool
]
-
allow_public_subnet
¶ Lambda Functions in a public subnet can NOT access the internet.
Use this property to acknowledge this limitation and still place the function in a public subnet.
- Default
false
- See
- Return type
Optional
[bool
]
-
code
¶ The source code of your Lambda function.
You can point to a file in an Amazon Simple Storage Service (Amazon S3) bucket or specify your source code as inline text.
- Return type
-
code_signing_config
¶ Code signing config associated with this function.
- Default
Not Sign the Code
- Return type
Optional
[ICodeSigningConfig
]
-
current_version_options
¶ Options for the
lambda.Version
resource automatically created by thefn.currentVersion
method.- Default
default options as described in
VersionOptions
- Return type
Optional
[VersionOptions
]
-
dead_letter_queue
¶ The SQS queue to use if DLQ is enabled.
- Default
SQS queue with 14 day retention period if
deadLetterQueueEnabled
istrue
- Return type
Optional
[IQueue
]
-
dead_letter_queue_enabled
¶ Enabled DLQ.
If
deadLetterQueue
is undefined, an SQS queue with default options will be defined for your Function.- Default
false unless
deadLetterQueue
is set, which implies DLQ is enabled.
- Return type
Optional
[bool
]
-
description
¶ A description of the function.
- Default
No description.
- Return type
Optional
[str
]
-
environment
¶ Key-value pairs that Lambda caches and makes available for your Lambda functions.
Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code.
- Default
No environment variables.
- Return type
Optional
[Mapping
[str
,str
]]
-
environment_encryption
¶ The AWS KMS key that’s used to encrypt your function’s environment variables.
- Default
AWS Lambda creates and uses an AWS managed customer master key (CMK).
- Return type
Optional
[IKey
]
-
events
¶ Event sources for this function.
You can also add event sources using
addEventSource
.- Default
No event sources.
- Return type
Optional
[List
[IEventSource
]]
-
filesystem
¶ The filesystem configuration for the lambda function.
- Default
will not mount any filesystem
- Return type
Optional
[FileSystem
]
-
function_name
¶ A name for the function.
- Default
AWS CloudFormation generates a unique physical ID and uses that
ID for the function’s name. For more information, see Name Type.
- Return type
Optional
[str
]
-
handler
¶ The name of the method within your code that Lambda calls to execute your function.
The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-features.html#gettingstarted-features-programmingmodel.
Use
Handler.FROM_IMAGE
when defining a function from a Docker image.NOTE: If you specify your source code as inline text by specifying the ZipFile property within the Code property, specify index.function_name as the handler.
- Return type
str
-
initial_policy
¶ Initial policy statements to add to the created Lambda Role.
You can call
addToRolePolicy
to the created lambda to add statements post creation.- Default
No policy statements are added to the created Lambda role.
- Return type
Optional
[List
[PolicyStatement
]]
-
lambda_purpose
¶ A descriptive name for the purpose of this Lambda.
If the Lambda does not have a physical name, this string will be reflected its generated name. The combination of lambdaPurpose and uuid must be unique.
- Default
SingletonLambda
- Return type
Optional
[str
]
-
layers
¶ A list of layers to add to the function’s execution environment.
You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by mulitple functions.
- Default
No layers.
- Return type
Optional
[List
[ILayerVersion
]]
-
log_retention
¶ The number of days log events are kept in CloudWatch Logs.
When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to
INFINITE
.- Default
logs.RetentionDays.INFINITE
- Return type
Optional
[RetentionDays
]
-
log_retention_retry_options
¶ When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
- Default
Default AWS SDK retry options.
- Return type
Optional
[LogRetentionRetryOptions
]
-
log_retention_role
¶ The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
- Default
A new role is created.
- Return type
Optional
[IRole
]
-
max_event_age
¶ The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
- Default
Duration.hours(6)
- Return type
Optional
[Duration
]
-
memory_size
¶ The amount of memory, in MB, that is allocated to your Lambda function.
Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide.
- Default
128
- Return type
Union
[int
,float
,None
]
-
on_failure
¶ The destination for failed invocations.
- Default
no destination
- Return type
Optional
[IDestination
]
-
on_success
¶ The destination for successful invocations.
- Default
no destination
- Return type
Optional
[IDestination
]
-
profiling
¶ Enable profiling.
- Default
No profiling.
- See
https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
- Return type
Optional
[bool
]
-
profiling_group
¶ Profiling Group.
- Default
A new profiling group will be created if
profiling
is set.
- See
https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
- Return type
Optional
[IProfilingGroup
]
-
reserved_concurrent_executions
¶ The maximum of concurrent executions you want to reserve for the function.
- Default
No specific limit - account limit.
- See
https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html
- Return type
Union
[int
,float
,None
]
-
retry_attempts
¶ The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
- Default
2
- Return type
Union
[int
,float
,None
]
-
role
¶ Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the ‘lambda.amazonaws.com’ service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are “service-role/AWSLambdaBasicExecutionRole” and “service-role/AWSLambdaVPCAccessExecutionRole”.
- Default
A unique role will be generated for this lambda function.
Both supplied and generated roles can always be changed by calling
addToRolePolicy
.- Return type
Optional
[IRole
]
-
runtime
¶ The runtime environment for the Lambda function that you are uploading.
For valid values, see the Runtime property in the AWS Lambda Developer Guide.
Use
Runtime.FROM_IMAGE
when when defining a function from a Docker image.- Return type
-
security_group
¶ (deprecated) What security group to associate with the Lambda’s network interfaces. This property is being deprecated, consider using securityGroups instead.
Only used if ‘vpc’ is supplied.
Use securityGroups property instead. Function constructor will throw an error if both are specified.
- Default
If the function is placed within a VPC and a security group is
not specified, either by this or securityGroups prop, a dedicated security group will be created for this function.
- Deprecated
This property is deprecated, use securityGroups instead
- Stability
deprecated
- Return type
Optional
[ISecurityGroup
]
-
security_groups
¶ The list of security groups to associate with the Lambda’s network interfaces.
Only used if ‘vpc’ is supplied.
- Default
If the function is placed within a VPC and a security group is
not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
- Return type
Optional
[List
[ISecurityGroup
]]
-
timeout
¶ The function execution time (in seconds) after which Lambda terminates the function.
Because the execution time affects cost, set this value based on the function’s expected execution time.
- Default
Duration.seconds(3)
- Return type
Optional
[Duration
]
-
tracing
¶ Enable AWS X-Ray Tracing for Lambda Function.
- Default
Tracing.Disabled
- Return type
Optional
[Tracing
]
-
uuid
¶ A unique identifier to identify this lambda.
The identifier should be unique across all custom resource providers. We recommend generating a UUID per provider.
- Return type
str
-
vpc
¶ VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
- Default
Function is not placed within a VPC.
- Return type
Optional
[IVpc
]
-
vpc_subnets
¶ Where to place the network interfaces within the VPC.
Only used if ‘vpc’ is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed.
- Default
the Vpc default strategy if not specified
- Return type
Optional
[SubnetSelection
]