interface FunctionAttributes
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.Lambda.FunctionAttributes |
 Java | software.amazon.awscdk.services.lambda.FunctionAttributes |
 Python | aws_cdk.aws_lambda.FunctionAttributes |
 TypeScript (source) | @aws-cdk/aws-lambda » FunctionAttributes |
Represents a Lambda function defined outside of this stack.
Example
const fn = lambda.Function.fromFunctionAttributes(this, 'Function', {
functionArn: 'arn:aws:lambda:us-east-1:123456789012:function:MyFn',
// The following are optional properties for specific use cases and should be used with caution:
// Use Case: imported function is in the same account as the stack. This tells the CDK that it
// can modify the function's permissions.
sameEnvironment: true,
// Use Case: imported function is in a different account and user commits to ensuring that the
// imported function has the correct permissions outside the CDK.
skipPermissions: true,
});
Properties
| Name | Type | Description |
|---|---|---|
| function | string | The ARN of the Lambda function. |
| architecture? | Architecture | The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
| role? | IRole | The IAM execution role associated with this function. |
| same | boolean | Setting this property informs the CDK that the imported function is in the same environment as the stack. |
| security | ISecurity | The security group of this Lambda, if in a VPC. |
| security | string | Id of the security group of this Lambda, if in a VPC. |
| skip | boolean | Setting this property informs the CDK that the imported function ALREADY HAS the necessary permissions for what you are trying to do. |
functionArn
Type:
string
The ARN of the Lambda function.
Format: arn:
architecture?
Type:
Architecture
(optional, default: Architecture.X86_64)
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
role?
Type:
IRole
(optional)
The IAM execution role associated with this function.
If the role is not specified, any role-related operations will no-op.
sameEnvironment?
Type:
boolean
(optional, default: depends: true, if the Stack is configured with an explicit env (account and region) and the account is the same as this function.
For environment-agnostic stacks this will default to false.)
Setting this property informs the CDK that the imported function is in the same environment as the stack.
This affects certain behaviours such as, whether this function's permission can be modified.
When not configured, the CDK attempts to auto-determine this. For environment agnostic stacks, i.e., stacks
where the account is not specified with the env property, this is determined to be false.
Set this to property ONLY IF the imported function is in the same account as the stack it's imported in.
securityGroup?
Type:
ISecurity
(optional)
The security group of this Lambda, if in a VPC.
This needs to be given in order to support allowing connections to this Lambda.
securityGroupId?
⚠️ Deprecated: use securityGroup instead
Type:
string
(optional)
Id of the security group of this Lambda, if in a VPC.
This needs to be given in order to support allowing connections to this Lambda.
skipPermissions?
Type:
boolean
(optional, default: false)
Setting this property informs the CDK that the imported function ALREADY HAS the necessary permissions for what you are trying to do.
When not configured, the CDK attempts to auto-determine whether or not additional permissions are necessary on the function when grant APIs are used. If the CDK tried to add permissions on an imported lambda, it will fail.
Set this property ONLY IF you are committing to manage the imported function's permissions outside of CDK. You are acknowledging that your CDK code alone will have insufficient permissions to access the imported function.