class GoFunction (construct)
| Language | Type name | 
|---|---|
|  .NET | Amazon.CDK.AWS.Lambda.Go.GoFunction | 
|  Java | software.amazon.awscdk.services.lambda.go.GoFunction | 
|  Python | aws_cdk.aws_lambda_go.GoFunction | 
|  TypeScript (source) | @aws-cdk/aws-lambda-goยปGoFunction | 
Implements
IConstruct, IConstruct, IDependable, IResource, IFunction, IConnectable, IGrantable, IClient
A Golang Lambda function.
Example
new lambda.GoFunction(this, 'handler', {
  entry: 'app/cmd/api',
  bundling: {
    dockerImage: DockerImage.fromBuild('/path/to/Dockerfile'),
  },
});
Initializer
new GoFunction(scope: Construct, id: string, props: GoFunctionProps)
Parameters
- scope Construct
- id string
- props GoFunction Props 
Construct Props
| Name | Type | Description | 
|---|---|---|
| entry | string | The path to the folder or file that contains the main application entry point files for the project. | 
| allow | boolean | Whether to allow the Lambda to send all network traffic. | 
| allow | boolean | Lambda Functions in a public subnet can NOT access the internet. | 
| architecture? | Architecture | The system architectures compatible with this lambda function. | 
| architectures? | Architecture[] | DEPRECATED. | 
| bundling? | Bundling | Bundling options. | 
| code | ICode | Code signing config associated with this function. | 
| current | Version | Options for the lambda.Versionresource automatically created by thefn.currentVersionmethod. | 
| dead | IQueue | The SQS queue to use if DLQ is enabled. | 
| dead | boolean | Enabled DLQ. | 
| dead | ITopic | The SNS topic to use as a DLQ. | 
| description? | string | A description of the function. | 
| environment? | { [string]: string } | Key-value pairs that Lambda caches and makes available for your Lambda functions. | 
| environment | IKey | The AWS KMS key that's used to encrypt your function's environment variables. | 
| ephemeral | Size | The size of the functionโs /tmp directory in MiB. | 
| events? | IEvent[] | Event sources for this function. | 
| filesystem? | File | The filesystem configuration for the lambda function. | 
| function | string | A name for the function. | 
| initial | Policy[] | Initial policy statements to add to the created Lambda Role. | 
| insights | Lambda | Specify the version of CloudWatch Lambda insights to use for monitoring. | 
| layers? | ILayer[] | A list of layers to add to the function's execution environment. | 
| log | Retention | The number of days log events are kept in CloudWatch Logs. | 
| log | Log | When log retention is specified, a custom resource attempts to create the CloudWatch log group. | 
| log | IRole | The IAM role for the Lambda function associated with the custom resource that sets the retention policy. | 
| max | Duration | The maximum age of a request that Lambda sends to a function for processing. | 
| memory | number | The amount of memory, in MB, that is allocated to your Lambda function. | 
| module | string | Directory containing your go.mod file. | 
| on | IDestination | The destination for failed invocations. | 
| on | IDestination | The destination for successful invocations. | 
| profiling? | boolean | Enable profiling. | 
| profiling | IProfiling | Profiling Group. | 
| reserved | number | The maximum of concurrent executions you want to reserve for the function. | 
| retry | number | The maximum number of times to retry when the function returns an error. | 
| role? | IRole | Lambda execution role. | 
| runtime? | Runtime | The runtime environment. | 
| security | ISecurity | What security group to associate with the Lambda's network interfaces. This property is being deprecated, consider using securityGroups instead. | 
| security | ISecurity[] | The list of security groups to associate with the Lambda's network interfaces. | 
| timeout? | Duration | The function execution time (in seconds) after which Lambda terminates the function. | 
| tracing? | Tracing | Enable AWS X-Ray Tracing for Lambda Function. | 
| vpc? | IVpc | VPC network to place Lambda network interfaces. | 
| vpc | Subnet | Where to place the network interfaces within the VPC. | 
entry
Type:
string
The path to the folder or file that contains the main application entry point files for the project.
This accepts either a path to a directory or file.
If a directory path is provided then it will assume there is a Go entry file (i.e. main.go) and
will construct the build command using the directory path.
For example, if you provide the entry as:
 entry: 'my-lambda-app/cmd/api'
Then the go build command would be:
 `go build ./cmd/api`
If a path to a file is provided then it will use the filepath in the build command.
For example, if you provide the entry as:
 entry: 'my-lambda-app/cmd/api/main.go'
Then the go build command would be:
 `go build ./cmd/api/main.go`
allowAllOutbound?
Type:
boolean
(optional, default: true)
Whether to allow the Lambda to send all network traffic.
If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets.
allowPublicSubnet?
Type:
boolean
(optional, default: false)
Lambda Functions in a public subnet can NOT access the internet.
Use this property to acknowledge this limitation and still place the function in a public subnet.
architecture?
Type:
Architecture
(optional, default: Architecture.X86_64)
The system architectures compatible with this lambda function.
architectures?
โ ๏ธ Deprecated: use architecture
Type:
Architecture[]
(optional, default: [Architecture.X86_64])
DEPRECATED.
bundling?
Type:
Bundling
(optional, default: use default bundling options)
Bundling options.
codeSigningConfig?
Type:
ICode
(optional, default: Not Sign the Code)
Code signing config associated with this function.
currentVersionOptions?
Type:
Version
(optional, default: default options as described in VersionOptions)
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueue?
Type:
IQueue
(optional, default: SQS queue with 14 day retention period if deadLetterQueueEnabled is true)
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabled?
Type:
boolean
(optional, default: false unless deadLetterQueue is set, which implies DLQ is enabled.)
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopic?
Type:
ITopic
(optional, default: no SNS topic)
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
description?
Type:
string
(optional, default: No description.)
A description of the function.
environment?
Type:
{ [string]: string }
(optional, default: No environment variables.)
Key-value pairs that Lambda caches and makes available for your Lambda functions.
Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code.
environmentEncryption?
Type:
IKey
(optional, default: AWS Lambda creates and uses an AWS managed customer master key (CMK).)
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSize?
Type:
Size
(optional, default: 512 MiB)
The size of the functionโs /tmp directory in MiB.
events?
Type:
IEvent[]
(optional, default: No event sources.)
Event sources for this function.
You can also add event sources using addEventSource.
filesystem?
Type:
File
(optional, default: will not mount any filesystem)
The filesystem configuration for the lambda function.
functionName?
Type:
string
(optional, default: AWS CloudFormation generates a unique physical ID and uses that
ID for the function's name. For more information, see Name Type.)
A name for the function.
initialPolicy?
Type:
Policy[]
(optional, default: No policy statements are added to the created Lambda role.)
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersion?
Type:
Lambda
(optional, default: No Lambda Insights)
Specify the version of CloudWatch Lambda insights to use for monitoring.
layers?
Type:
ILayer[]
(optional, default: No layers.)
A list of layers to add to the function's execution environment.
You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions.
logRetention?
Type:
Retention
(optional, default: logs.RetentionDays.INFINITE)
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
logRetentionRetryOptions?
Type:
Log
(optional, default: Default AWS SDK retry options.)
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
logRetentionRole?
Type:
IRole
(optional, default: A new role is created.)
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
maxEventAge?
Type:
Duration
(optional, default: Duration.hours(6))
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
memorySize?
Type:
number
(optional, default: 128)
The amount of memory, in MB, that is allocated to your Lambda function.
Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide.
moduleDir?
Type:
string
(optional, default: the path is found by walking up parent directories searching for
a go.mod file from the location of entry)
Directory containing your go.mod file.
This will accept either a directory path containing a go.mod file
or a filepath to your go.mod file (i.e. path/to/go.mod).
This will be used as the source of the volume mounted in the Docker
container and will be the directory where it will run go build from.
onFailure?
Type:
IDestination
(optional, default: no destination)
The destination for failed invocations.
onSuccess?
Type:
IDestination
(optional, default: no destination)
The destination for successful invocations.
profiling?
Type:
boolean
(optional, default: No profiling.)
Enable profiling.
See also: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
profilingGroup?
Type:
IProfiling
(optional, default: A new profiling group will be created if profiling is set.)
Profiling Group.
See also: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
reservedConcurrentExecutions?
Type:
number
(optional, default: No specific limit - account limit.)
The maximum of concurrent executions you want to reserve for the function.
See also: https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html
retryAttempts?
Type:
number
(optional, default: 2)
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
role?
Type:
IRole
(optional, default: A unique role will be generated for this lambda function.
Both supplied and generated roles can always be changed by calling addToRolePolicy.)
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtime?
Type:
Runtime
(optional, default: lambda.Runtime.PROVIDED_AL2)
The runtime environment.
Only runtimes of the Golang family and provided family are supported.
securityGroup?
โ ๏ธ Deprecated: - This property is deprecated, use securityGroups instead
Type:
ISecurity
(optional, default: If the function is placed within a VPC and a security group is
not specified, either by this or securityGroups prop, a dedicated security
group will be created for this function.)
What security group to associate with the Lambda's network interfaces. This property is being deprecated, consider using securityGroups instead.
Only used if 'vpc' is supplied.
Use securityGroups property instead. Function constructor will throw an error if both are specified.
securityGroups?
Type:
ISecurity[]
(optional, default: If the function is placed within a VPC and a security group is
not specified, either by this or securityGroup prop, a dedicated security
group will be created for this function.)
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
timeout?
Type:
Duration
(optional, default: Duration.seconds(3))
The function execution time (in seconds) after which Lambda terminates the function.
Because the execution time affects cost, set this value based on the function's expected execution time.
tracing?
Type:
Tracing
(optional, default: Tracing.Disabled)
Enable AWS X-Ray Tracing for Lambda Function.
vpc?
Type:
IVpc
(optional, default: Function is not placed within a VPC.)
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
vpcSubnets?
Type:
Subnet
(optional, default: the Vpc default strategy if not specified)
Where to place the network interfaces within the VPC.
Only used if 'vpc' is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed.
Properties
| Name | Type | Description | 
|---|---|---|
| architecture | Architecture | The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). | 
| connections | Connections | Access the Connections object. | 
| current | Version | Returns a lambda.Versionwhich represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. | 
| env | Resource | The environment this resource belongs to. | 
| function | string | ARN of this function. | 
| function | string | Name of this function. | 
| grant | IPrincipal | The principal this Lambda Function is running as. | 
| is | boolean | Whether or not this Lambda function was bound to a VPC. | 
| latest | IVersion | The $LATESTversion of this function. | 
| log | ILog | The LogGroup where the Lambda function's logs are made available. | 
| node | Construct | The construct tree node associated with this construct. | 
| permissions | Construct | The construct node where permissions are attached. | 
| resource | string[] | The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). | 
| runtime | Runtime | The runtime configured for this lambda. | 
| stack | Stack | The stack in which this resource is defined. | 
| dead | IQueue | The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). | 
| dead | ITopic | The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). | 
| role? | IRole | Execution role associated with this function. | 
| timeout? | Duration | The timeout configured for this lambda. | 
| static GOOGLE_GOPROXY | string | The address of the Google Go proxy. | 
architecture
Type:
Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connections
Type:
Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
currentVersion
Type:
Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
env
Type:
Resource
The environment this resource belongs to.
For resources that are created and managed by the CDK (generally, those created by creating new class instances like Role, Bucket, etc.), this is always the same as the environment of the stack they belong to; however, for imported resources (those obtained from static methods like fromRoleArn, fromBucketName, etc.), that might be different than the stack they were imported into.
functionArn
Type:
string
ARN of this function.
functionName
Type:
string
Name of this function.
grantPrincipal
Type:
IPrincipal
The principal this Lambda Function is running as.
isBoundToVpc
Type:
boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersion
Type:
IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
logGroup
Type:
ILog
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
node
Type:
Construct
The construct tree node associated with this construct.
permissionsNode
Type:
Construct
The construct node where permissions are attached.
resourceArnsForGrantInvoke
Type:
string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
runtime
Type:
Runtime
The runtime configured for this lambda.
stack
Type:
Stack
The stack in which this resource is defined.
deadLetterQueue?
Type:
IQueue
(optional)
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopic?
Type:
ITopic
(optional)
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
role?
Type:
IRole
(optional)
Execution role associated with this function.
timeout?
Type:
Duration
(optional)
The timeout configured for this lambda.
static GOOGLE_GOPROXY
Type:
string
The address of the Google Go proxy.
Methods
| Name | Description | 
|---|---|
| add | Defines an alias for this function. | 
| add | Adds an environment variable to this Lambda function. | 
| add | Adds an event source to this function. | 
| add | Adds an event source that maps to this AWS Lambda function. | 
| add | Adds a url to this lambda function. | 
| add | Adds one or more Lambda Layers to this Lambda function. | 
| add | Adds a permission to the Lambda resource policy. | 
| add | Adds a statement to the IAM role assumed by the instance. | 
| add | Add a new version for this Lambda. | 
| apply | Apply the given removal policy to this resource. | 
| configure | Configures options for asynchronous invocation. | 
| consider | A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunctionare added to the unqualified function. | 
| grant | Grant the given identity permissions to invoke this Lambda. | 
| grant | Grant the given identity permissions to invoke this Lambda Function URL. | 
| metric(metricName, props?) | Return the given named metric for this Function. | 
| metric | How long execution of this Lambda takes. | 
| metric | How many invocations of this Lambda fail. | 
| metric | How often this Lambda is invoked. | 
| metric | How often this Lambda is throttled. | 
| to | Returns a string representation of this construct. | 
addAlias(aliasName, options?) 
public addAlias(aliasName: string, options?: AliasOptions): Alias
Parameters
- aliasName stringโ The name of the alias.
- options Aliasโ Alias options.Options 
Returns
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
   aliasName: 'Live',
   version: fn.currentVersion,
});
---
### add<wbr>Environment(key, value, options?)<span class="api-icon api-icon-experimental" title="This API element is experimental. It may change without notice.">๐น</span>
```ts
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Parameters
- key stringโ The environment variable key.
- value stringโ The environment variable's value.
- options Environmentโ Environment variable options.Options 
Returns
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
addEventSource(source)  
public addEventSource(source: IEventSource): void
Parameters
- source IEventSource 
Adds an event source to this function.
Event sources are implemented in the @aws-cdk/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from '@aws-cdk/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
addEventSourceMapping(id, options)   
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Parameters
- id string
- options EventSource Mapping Options 
Returns
Adds an event source that maps to this AWS Lambda function.
addFunctionUrl(options?)  
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Parameters
- options FunctionUrl Options 
Returns
Adds a url to this lambda function.
addLayers(...layers) 
public addLayers(...layers: ILayerVersion[]): void
Parameters
- layers ILayerโ the layers to be added.Version 
Adds one or more Lambda Layers to this Lambda function.
addPermission(id, permission) 
public addPermission(id: string, permission: Permission): void
Parameters
- id stringโ The id for the permission construct.
- permission Permissionโ The permission to grant to this Lambda function.
Adds a permission to the Lambda resource policy.
See also: [Permission for details.](Permission for details.)
addToRolePolicy(statement)   
public addToRolePolicy(statement: PolicyStatement): void
Parameters
- statement PolicyStatement 
Adds a statement to the IAM role assumed by the instance.
addVersion(name, codeSha256?, description?, provisionedExecutions?, asyncInvokeConfig?) 
public addVersion(name: string, codeSha256?: string, description?: string, provisionedExecutions?: number, asyncInvokeConfig?: EventInvokeConfigOptions): Version
โ ๏ธ Deprecated: This method will create an AWS::Lambda::Version resource which
snapshots the AWS Lambda function at the time of its creation and it
won't get updated when the function changes. Instead, use
this.currentVersion to obtain a reference to a version resource that gets
automatically recreated when the function configuration (or code) changes.
Parameters
- name stringโ A unique name for this version.
- codeSha256 stringโ The SHA-256 hash of the most recently deployed Lambda source code, or omit to skip validation.
- description stringโ A description for this version.
- provisionedExecutions numberโ A provisioned concurrency configuration for a function's version.
- asyncInvokeConfig Eventโ configuration for this version when it is invoked asynchronously.Invoke Config Options 
Returns
Add a new version for this Lambda.
If you want to deploy through CloudFormation and use aliases, you need to add a new version (with a new name) to your Lambda every time you want to deploy an update. An alias can then refer to the newly created Version.
All versions should have distinct names, and you should not delete versions as long as your Alias needs to refer to them.
applyRemovalPolicy(policy)  
public applyRemovalPolicy(policy: RemovalPolicy): void
Parameters
- policy RemovalPolicy 
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
configureAsyncInvoke(options)  
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Parameters
- options EventInvoke Config Options 
Configures options for asynchronous invocation.
considerWarningOnInvokeFunctionPermissions(scope, action)     
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
Parameters
- scope Construct
- action string
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
- function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
grantInvoke(grantee) 
public grantInvoke(grantee: IGrantable): Grant
Parameters
- grantee IGrantable
Returns
Grant the given identity permissions to invoke this Lambda.
grantInvokeUrl(grantee)  
public grantInvokeUrl(grantee: IGrantable): Grant
Parameters
- grantee IGrantable
Returns
Grant the given identity permissions to invoke this Lambda Function URL.
metric(metricName, props?)
public metric(metricName: string, props?: MetricOptions): Metric
Parameters
- metricName string
- props MetricOptions 
Returns
Return the given named metric for this Function.
metricDuration(props?) 
public metricDuration(props?: MetricOptions): Metric
Parameters
- props MetricOptions 
Returns
How long execution of this Lambda takes.
Average over 5 minutes
metricErrors(props?) 
public metricErrors(props?: MetricOptions): Metric
Parameters
- props MetricOptions 
Returns
How many invocations of this Lambda fail.
Sum over 5 minutes
metricInvocations(props?) 
public metricInvocations(props?: MetricOptions): Metric
Parameters
- props MetricOptions 
Returns
How often this Lambda is invoked.
Sum over 5 minutes
metricThrottles(props?) 
public metricThrottles(props?: MetricOptions): Metric
Parameters
- props MetricOptions 
Returns
How often this Lambda is throttled.
Sum over 5 minutes
toString() 
public toString(): string
Returns
- string
Returns a string representation of this construct.
