Class ProviderProps

Initialization properties for the Provider construct.

Inheritance
System.Object
ProviderProps
Implements
Namespace: Amazon.CDK.CustomResources
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class ProviderProps : Object, IProviderProps
Syntax (vb)
Public Class ProviderProps
    Inherits Object
    Implements IProviderProps
Remarks

ExampleMetadata: infused

Examples
// Create custom resource handler entrypoint
var handler = new Function(this, "my-handler", new FunctionProps {
    Runtime = Runtime.NODEJS_20_X,
    Handler = "index.handler",
    Code = Code.FromInline(@"
      exports.handler = async (event, context) => {
        return {
          PhysicalResourceId: '1234',
          NoEcho: true,
          Data: {
            mySecret: 'secret-value',
            hello: 'world',
            ghToken: 'gho_xxxxxxx',
          },
        };
      };")
});

// Provision a custom resource provider framework
var provider = new Provider(this, "my-provider", new ProviderProps {
    OnEventHandler = handler
});

new CustomResource(this, "my-cr", new CustomResourceProps {
    ServiceToken = provider.ServiceToken
});

Synopsis

Constructors

ProviderProps()

Properties

DisableWaiterStateMachineLogging

Whether logging for the waiter state machine is disabled.
IsCompleteHandler

The AWS Lambda function to invoke in order to determine if the operation is complete.
LogGroup

The Log Group used for logging of events emitted by the custom resource's lambda function.
LogRetention

The number of days framework log events are kept in CloudWatch Logs.
OnEventHandler

The AWS Lambda function to invoke for all resource lifecycle operations (CREATE/UPDATE/DELETE).
ProviderFunctionEnvEncryption

AWS KMS key used to encrypt provider lambda's environment variables.
ProviderFunctionName

Provider Lambda name.
QueryInterval

Time between calls to the isComplete handler which determines if the resource has been stabilized.
Role

AWS Lambda execution role.
SecurityGroups

Security groups to attach to the provider functions.
TotalTimeout

Total timeout for the entire operation.
Vpc

The vpc to provision the lambda functions in.
VpcSubnets

Which subnets from the VPC to place the lambda functions in.
WaiterStateMachineLogOptions

Defines what execution history events of the waiter state machine are logged and where they are logged.

Constructors

ProviderProps()

public ProviderProps()

Properties

DisableWaiterStateMachineLogging

Whether logging for the waiter state machine is disabled.

public Nullable<bool> DisableWaiterStateMachineLogging { get; set; }
Property Value

System.Nullable<System.Boolean>

Remarks

Default: - false

IsCompleteHandler

The AWS Lambda function to invoke in order to determine if the operation is complete.

public IFunction IsCompleteHandler { get; set; }
Property Value

IFunction

Remarks

This function will be called immediately after onEvent and then periodically based on the configured query interval as long as it returns false. If the function still returns false and the alloted timeout has passed, the operation will fail.

Default: - provider is synchronous. This means that the onEvent handler is expected to finish all lifecycle operations within the initial invocation.

LogGroup

The Log Group used for logging of events emitted by the custom resource's lambda function.

public ILogGroup LogGroup { get; set; }
Property Value

ILogGroup

Remarks

Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.

Default: - a default log group created by AWS Lambda

LogRetention

The number of days framework log events are kept in CloudWatch Logs.

public Nullable<RetentionDays> LogRetention { get; set; }
Property Value

System.Nullable<RetentionDays>

Remarks

When updating this property, unsetting it doesn't remove the log retention policy. To remove the retention policy, set the value to INFINITE.

This is a legacy API and we strongly recommend you migrate to logGroup if you can. logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.

Default: logs.RetentionDays.INFINITE

OnEventHandler

The AWS Lambda function to invoke for all resource lifecycle operations (CREATE/UPDATE/DELETE).

public IFunction OnEventHandler { get; set; }
Property Value

IFunction

Remarks

This function is responsible to begin the requested resource operation (CREATE/UPDATE/DELETE) and return any additional properties to add to the event, which will later be passed to isComplete. The PhysicalResourceId property must be included in the response.

ProviderFunctionEnvEncryption

AWS KMS key used to encrypt provider lambda's environment variables.

public IKey ProviderFunctionEnvEncryption { get; set; }
Property Value

IKey

Remarks

Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK)

ProviderFunctionName

Provider Lambda name.

public string ProviderFunctionName { get; set; }
Property Value

System.String

Remarks

The provider lambda function name.

Default: - CloudFormation default name from unique physical ID

QueryInterval

Time between calls to the isComplete handler which determines if the resource has been stabilized.

public Duration QueryInterval { get; set; }
Property Value

Duration

Remarks

The first isComplete will be called immediately after handler and then every queryInterval seconds, and until timeout has been reached or until isComplete returns true.

Default: Duration.seconds(5)

Role

AWS Lambda execution role.

public IRole Role { get; set; }
Property Value

IRole

Remarks

The role that will be assumed by the AWS Lambda. Must be assumable by the 'lambda.amazonaws.com' service principal.

Default: - A default role will be created.

SecurityGroups

Security groups to attach to the provider functions.

public ISecurityGroup[] SecurityGroups { get; set; }
Property Value

ISecurityGroup[]

Remarks

Only used if 'vpc' is supplied

Default: - If vpc is not supplied, no security groups are attached. Otherwise, a dedicated security group is created for each function.

TotalTimeout

Total timeout for the entire operation.

public Duration TotalTimeout { get; set; }
Property Value

Duration

Remarks

The maximum timeout is 1 hour (yes, it can exceed the AWS Lambda 15 minutes)

Default: Duration.minutes(30)

Vpc

The vpc to provision the lambda functions in.

public IVpc Vpc { get; set; }
Property Value

IVpc

Remarks

Default: - functions are not provisioned inside a vpc.

VpcSubnets

Which subnets from the VPC to place the lambda functions in.

public ISubnetSelection VpcSubnets { get; set; }
Property Value

ISubnetSelection

Remarks

Only used if 'vpc' is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed.

Default: - the Vpc default strategy if not specified

WaiterStateMachineLogOptions

Defines what execution history events of the waiter state machine are logged and where they are logged.

public ILogOptions WaiterStateMachineLogOptions { get; set; }
Property Value

ILogOptions

Remarks

Default: - A default log group will be created if logging for the waiter state machine is enabled.

Implements