software.amazon.awscdk.services.lambda

Interface FunctionOptions

All Superinterfaces:

EventInvokeConfigOptions

All Known Subinterfaces:

DockerImageFunctionProps, EdgeFunctionProps, FunctionProps, GoFunctionProps, NodejsFunctionProps, PythonFunctionProps, SingletonFunctionProps, TriggerFunctionProps

All Known Implementing Classes:

DockerImageFunctionProps.Jsii$Proxy, EdgeFunctionProps.Jsii$Proxy, FunctionOptions.Jsii$Proxy, FunctionProps.Jsii$Proxy, GoFunctionProps.Jsii$Proxy, NodejsFunctionProps.Jsii$Proxy, PythonFunctionProps.Jsii$Proxy, SingletonFunctionProps.Jsii$Proxy, TriggerFunctionProps.Jsii$Proxy

@Generated(value="jsii-pacmak/1.73.0 (build 6faeda3)",
           date="2023-01-31T18:36:54.541Z")
public interface FunctionOptions
extends EventInvokeConfigOptions

Non runtime options.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.codeguruprofiler.*;
 import software.amazon.awscdk.services.ec2.*;
 import software.amazon.awscdk.services.iam.*;
 import software.amazon.awscdk.services.kms.*;
 import software.amazon.awscdk.services.lambda.*;
 import software.amazon.awscdk.services.logs.*;
 import software.amazon.awscdk.services.sns.*;
 import software.amazon.awscdk.services.sqs.*;
 import software.amazon.awscdk.core.*;
 Architecture architecture;
 CodeSigningConfig codeSigningConfig;
 IDestination destination;
 IEventSource eventSource;
 FileSystem fileSystem;
 Key key;
 LambdaInsightsVersion lambdaInsightsVersion;
 LayerVersion layerVersion;
 PolicyStatement policyStatement;
 ProfilingGroup profilingGroup;
 Queue queue;
 Role role;
 SecurityGroup securityGroup;
 Size size;
 Subnet subnet;
 SubnetFilter subnetFilter;
 Topic topic;
 Vpc vpc;
 FunctionOptions functionOptions = FunctionOptions.builder()
         .allowAllOutbound(false)
         .allowPublicSubnet(false)
         .architecture(architecture)
         .architectures(List.of(architecture))
         .codeSigningConfig(codeSigningConfig)
         .currentVersionOptions(VersionOptions.builder()
                 .codeSha256("codeSha256")
                 .description("description")
                 .maxEventAge(Duration.minutes(30))
                 .onFailure(destination)
                 .onSuccess(destination)
                 .provisionedConcurrentExecutions(123)
                 .removalPolicy(RemovalPolicy.DESTROY)
                 .retryAttempts(123)
                 .build())
         .deadLetterQueue(queue)
         .deadLetterQueueEnabled(false)
         .deadLetterTopic(topic)
         .description("description")
         .environment(Map.of(
                 "environmentKey", "environment"))
         .environmentEncryption(key)
         .ephemeralStorageSize(size)
         .events(List.of(eventSource))
         .filesystem(fileSystem)
         .functionName("functionName")
         .initialPolicy(List.of(policyStatement))
         .insightsVersion(lambdaInsightsVersion)
         .layers(List.of(layerVersion))
         .logRetention(RetentionDays.ONE_DAY)
         .logRetentionRetryOptions(LogRetentionRetryOptions.builder()
                 .base(Duration.minutes(30))
                 .maxRetries(123)
                 .build())
         .logRetentionRole(role)
         .maxEventAge(Duration.minutes(30))
         .memorySize(123)
         .onFailure(destination)
         .onSuccess(destination)
         .profiling(false)
         .profilingGroup(profilingGroup)
         .reservedConcurrentExecutions(123)
         .retryAttempts(123)
         .role(role)
         .securityGroup(securityGroup)
         .securityGroups(List.of(securityGroup))
         .timeout(Duration.minutes(30))
         .tracing(Tracing.ACTIVE)
         .vpc(vpc)
         .vpcSubnets(SubnetSelection.builder()
                 .availabilityZones(List.of("availabilityZones"))
                 .onePerAz(false)
                 .subnetFilters(List.of(subnetFilter))
                 .subnetGroupName("subnetGroupName")
                 .subnetName("subnetName")
                 .subnets(List.of(subnet))
                 .subnetType(SubnetType.ISOLATED)
                 .build())
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	FunctionOptions.Builder A builder for FunctionOptions
static class	FunctionOptions.Jsii$Proxy An implementation for FunctionOptions

Method Summary

Modifier and Type	Method and Description
static FunctionOptions.Builder	builder()
default java.lang.Boolean	getAllowAllOutbound() Whether to allow the Lambda to send all network traffic.
default java.lang.Boolean	getAllowPublicSubnet() Lambda Functions in a public subnet can NOT access the internet.
default Architecture	getArchitecture() The system architectures compatible with this lambda function.
default java.util.List<Architecture>	getArchitectures() Deprecated. use `architecture`
default ICodeSigningConfig	getCodeSigningConfig() Code signing config associated with this function.
default VersionOptions	getCurrentVersionOptions() Options for the `lambda.Version` resource automatically created by the `fn.currentVersion` method.
default IQueue	getDeadLetterQueue() The SQS queue to use if DLQ is enabled.
default java.lang.Boolean	getDeadLetterQueueEnabled() Enabled DLQ.
default ITopic	getDeadLetterTopic() The SNS topic to use as a DLQ.
default java.lang.String	getDescription() A description of the function.
default java.util.Map<java.lang.String,java.lang.String>	getEnvironment() Key-value pairs that Lambda caches and makes available for your Lambda functions.
default IKey	getEnvironmentEncryption() The AWS KMS key that's used to encrypt your function's environment variables.
default Size	getEphemeralStorageSize() The size of the function’s /tmp directory in MiB.
default java.util.List<IEventSource>	getEvents() Event sources for this function.
default FileSystem	getFilesystem() The filesystem configuration for the lambda function.
default java.lang.String	getFunctionName() A name for the function.
default java.util.List<PolicyStatement>	getInitialPolicy() Initial policy statements to add to the created Lambda Role.
default LambdaInsightsVersion	getInsightsVersion() Specify the version of CloudWatch Lambda insights to use for monitoring.
default java.util.List<ILayerVersion>	getLayers() A list of layers to add to the function's execution environment.
default RetentionDays	getLogRetention() The number of days log events are kept in CloudWatch Logs.
default LogRetentionRetryOptions	getLogRetentionRetryOptions() When log retention is specified, a custom resource attempts to create the CloudWatch log group.
default IRole	getLogRetentionRole() The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
default java.lang.Number	getMemorySize() The amount of memory, in MB, that is allocated to your Lambda function.
default java.lang.Boolean	getProfiling() Enable profiling.
default IProfilingGroup	getProfilingGroup() Profiling Group.
default java.lang.Number	getReservedConcurrentExecutions() The maximum of concurrent executions you want to reserve for the function.
default IRole	getRole() Lambda execution role.
default ISecurityGroup	getSecurityGroup() Deprecated. - This property is deprecated, use securityGroups instead
default java.util.List<ISecurityGroup>	getSecurityGroups() The list of security groups to associate with the Lambda's network interfaces.
default Duration	getTimeout() The function execution time (in seconds) after which Lambda terminates the function.
default Tracing	getTracing() Enable AWS X-Ray Tracing for Lambda Function.
default IVpc	getVpc() VPC network to place Lambda network interfaces.
default SubnetSelection	getVpcSubnets() Where to place the network interfaces within the VPC.

Methods inherited from interface software.amazon.awscdk.services.lambda.EventInvokeConfigOptions

getMaxEventAge, getOnFailure, getOnSuccess, getRetryAttempts

Method Detail

getAllowAllOutbound

default java.lang.Boolean getAllowAllOutbound()

Whether to allow the Lambda to send all network traffic.

If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets.

Default: true

getAllowPublicSubnet

default java.lang.Boolean getAllowPublicSubnet()

Lambda Functions in a public subnet can NOT access the internet.

Use this property to acknowledge this limitation and still place the function in a public subnet.

Default: false

See Also:

https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841

getArchitecture

default Architecture getArchitecture()

The system architectures compatible with this lambda function.

Default: Architecture.X86_64

getArchitectures

@Deprecated
default java.util.List<Architecture> getArchitectures()

Deprecated. use `architecture`

(deprecated) DEPRECATED.

Default: [Architecture.X86_64]

getCodeSigningConfig

default ICodeSigningConfig getCodeSigningConfig()

Code signing config associated with this function.

Default: - Not Sign the Code

getCurrentVersionOptions

default VersionOptions getCurrentVersionOptions()

Options for the `lambda.Version` resource automatically created by the `fn.currentVersion` method.

Default: - default options as described in `VersionOptions`

getDeadLetterQueue

default IQueue getDeadLetterQueue()

The SQS queue to use if DLQ is enabled.

If SNS topic is desired, specify deadLetterTopic property instead.

Default: - SQS queue with 14 day retention period if `deadLetterQueueEnabled` is `true`

getDeadLetterQueueEnabled

default java.lang.Boolean getDeadLetterQueueEnabled()

Enabled DLQ.

If deadLetterQueue is undefined, an SQS queue with default options will be defined for your Function.

Default: - false unless `deadLetterQueue` is set, which implies DLQ is enabled.

getDeadLetterTopic

default ITopic getDeadLetterTopic()

The SNS topic to use as a DLQ.

Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.

Default: - no SNS topic

getDescription

default java.lang.String getDescription()

A description of the function.

Default: - No description.

getEnvironment

default java.util.Map<java.lang.String,java.lang.String> getEnvironment()

Key-value pairs that Lambda caches and makes available for your Lambda functions.

Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code.

Default: - No environment variables.

getEnvironmentEncryption

default IKey getEnvironmentEncryption()

The AWS KMS key that's used to encrypt your function's environment variables.

Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).

getEphemeralStorageSize

default Size getEphemeralStorageSize()

The size of the function’s /tmp directory in MiB.

Default: 512 MiB

getEvents

default java.util.List<IEventSource> getEvents()

Event sources for this function.

You can also add event sources using addEventSource.

Default: - No event sources.

getFilesystem

default FileSystem getFilesystem()

The filesystem configuration for the lambda function.

Default: - will not mount any filesystem

getFunctionName

default java.lang.String getFunctionName()

A name for the function.

Default: - AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.

getInitialPolicy

default java.util.List<PolicyStatement> getInitialPolicy()

Initial policy statements to add to the created Lambda Role.

You can call addToRolePolicy to the created lambda to add statements post creation.

Default: - No policy statements are added to the created Lambda role.

getInsightsVersion

default LambdaInsightsVersion getInsightsVersion()

Specify the version of CloudWatch Lambda insights to use for monitoring.

Default: - No Lambda Insights

See Also:

https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-Getting-Started-docker.html

getLayers

default java.util.List<ILayerVersion> getLayers()

A list of layers to add to the function's execution environment.

You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions.

Default: - No layers.

getLogRetention

default RetentionDays getLogRetention()

The number of days log events are kept in CloudWatch Logs.

When updating this property, unsetting it doesn't remove the log retention policy. To remove the retention policy, set the value to INFINITE.

Default: logs.RetentionDays.INFINITE

getLogRetentionRetryOptions

default LogRetentionRetryOptions getLogRetentionRetryOptions()

When log retention is specified, a custom resource attempts to create the CloudWatch log group.

These options control the retry policy when interacting with CloudWatch APIs.

Default: - Default AWS SDK retry options.

getLogRetentionRole

default IRole getLogRetentionRole()

The IAM role for the Lambda function associated with the custom resource that sets the retention policy.

Default: - A new role is created.

getMemorySize

default java.lang.Number getMemorySize()

The amount of memory, in MB, that is allocated to your Lambda function.

Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide.

Default: 128

getProfiling

default java.lang.Boolean getProfiling()

Enable profiling.

Default: - No profiling.

See Also:

https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html

getProfilingGroup

default IProfilingGroup getProfilingGroup()

Profiling Group.

Default: - A new profiling group will be created if `profiling` is set.

See Also:

https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html

getReservedConcurrentExecutions

default java.lang.Number getReservedConcurrentExecutions()

The maximum of concurrent executions you want to reserve for the function.

Default: - No specific limit - account limit.

See Also:

https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html

getRole

default IRole getRole()

Lambda execution role.

This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.

The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.

The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".

Default: - A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling `addToRolePolicy`.

getSecurityGroup

@Deprecated
default ISecurityGroup getSecurityGroup()

Deprecated. - This property is deprecated, use securityGroups instead

(deprecated) What security group to associate with the Lambda's network interfaces. This property is being deprecated, consider using securityGroups instead.

Only used if 'vpc' is supplied.

Use securityGroups property instead. Function constructor will throw an error if both are specified.

Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroups prop, a dedicated security group will be created for this function.

getSecurityGroups

default java.util.List<ISecurityGroup> getSecurityGroups()

The list of security groups to associate with the Lambda's network interfaces.

Only used if 'vpc' is supplied.

Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.

getTimeout

default Duration getTimeout()

The function execution time (in seconds) after which Lambda terminates the function.

Because the execution time affects cost, set this value based on the function's expected execution time.

Default: Duration.seconds(3)

getTracing

default Tracing getTracing()

Enable AWS X-Ray Tracing for Lambda Function.

Default: Tracing.Disabled

getVpc

default IVpc getVpc()

VPC network to place Lambda network interfaces.

Specify this if the Lambda function needs to access resources in a VPC.

Default: - Function is not placed within a VPC.

getVpcSubnets

default SubnetSelection getVpcSubnets()

Where to place the network interfaces within the VPC.

Only used if 'vpc' is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed.

Default: - the Vpc default strategy if not specified

builder

static FunctionOptions.Builder builder()

Specified by:

builder in interface EventInvokeConfigOptions

Returns:

a FunctionOptions.Builder of FunctionOptions