CfnFunction
- class aws_cdk.aws_lambda.CfnFunction(scope, id, *, code, role, architectures=None, code_signing_config_arn=None, dead_letter_config=None, description=None, environment=None, ephemeral_storage=None, file_system_configs=None, function_name=None, handler=None, image_config=None, kms_key_arn=None, layers=None, logging_config=None, memory_size=None, package_type=None, recursive_loop=None, reserved_concurrent_executions=None, runtime=None, runtime_management_config=None, snap_start=None, tags=None, timeout=None, tracing_config=None, vpc_config=None)
Bases:
CfnResource
The
AWS::Lambda::Function
resource creates a Lambda function.To create a function, you need a deployment package and an execution role . The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use AWS services, such as Amazon CloudWatch Logs for log streaming and AWS X-Ray for request tracing.
You set the package type to
Image
if the deployment package is a container image . For these functions, include the URI of the container image in the Amazon ECR registry in the`ImageUri
property of theCode
property <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-imageuri>`_ . You do not need to specify the handler and runtime properties.You set the package type to
Zip
if the deployment package is a .zip file archive . For these functions, specify the Amazon S3 location of your .zip file in theCode
property. Alternatively, for Node.js and Python functions, you can define your function inline in the`ZipFile
property of theCode
property <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-zipfile>`_ . In both cases, you must also specify the handler and runtime properties.You can use code signing if your deployment package is a .zip file archive. To enable code signing for this function, specify the ARN of a code-signing configuration. When a user attempts to deploy a code package with
UpdateFunctionCode
, Lambda checks that the code package has a valid signature from a trusted publisher. The code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.When you update a
AWS::Lambda::Function
resource, CloudFormation calls the UpdateFunctionConfiguration and UpdateFunctionCode Lambda APIs under the hood. Because these calls happen sequentially, and invocations can happen between these calls, your function may encounter errors in the time between the calls. For example, if you remove an environment variable, and the code that references that environment variable in the same CloudFormation update, you may see invocation errors related to a missing environment variable. To work around this, you can invoke your function against a version or alias by default, rather than the$LATEST
version.Note that you configure provisioned concurrency on a
AWS::Lambda::Version
or aAWS::Lambda::Alias
.For a complete introduction to Lambda functions, see What is Lambda? in the Lambda developer guide.
- See:
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html
- CloudformationResource:
AWS::Lambda::Function
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ cfn_function = lambda_.CfnFunction(self, "MyCfnFunction", code=lambda.CfnFunction.CodeProperty( image_uri="imageUri", s3_bucket="s3Bucket", s3_key="s3Key", s3_object_version="s3ObjectVersion", source_kms_key_arn="sourceKmsKeyArn", zip_file="zipFile" ), role="role", # the properties below are optional architectures=["architectures"], code_signing_config_arn="codeSigningConfigArn", dead_letter_config=lambda.CfnFunction.DeadLetterConfigProperty( target_arn="targetArn" ), description="description", environment=lambda.CfnFunction.EnvironmentProperty( variables={ "variables_key": "variables" } ), ephemeral_storage=lambda.CfnFunction.EphemeralStorageProperty( size=123 ), file_system_configs=[lambda.CfnFunction.FileSystemConfigProperty( arn="arn", local_mount_path="localMountPath" )], function_name="functionName", handler="handler", image_config=lambda.CfnFunction.ImageConfigProperty( command=["command"], entry_point=["entryPoint"], working_directory="workingDirectory" ), kms_key_arn="kmsKeyArn", layers=["layers"], logging_config=lambda.CfnFunction.LoggingConfigProperty( application_log_level="applicationLogLevel", log_format="logFormat", log_group="logGroup", system_log_level="systemLogLevel" ), memory_size=123, package_type="packageType", recursive_loop="recursiveLoop", reserved_concurrent_executions=123, runtime="runtime", runtime_management_config=lambda.CfnFunction.RuntimeManagementConfigProperty( update_runtime_on="updateRuntimeOn", # the properties below are optional runtime_version_arn="runtimeVersionArn" ), snap_start=lambda.CfnFunction.SnapStartProperty( apply_on="applyOn" ), tags=[CfnTag( key="key", value="value" )], timeout=123, tracing_config=lambda.CfnFunction.TracingConfigProperty( mode="mode" ), vpc_config=lambda.CfnFunction.VpcConfigProperty( ipv6_allowed_for_dual_stack=False, security_group_ids=["securityGroupIds"], subnet_ids=["subnetIds"] ) )
- Parameters:
scope (
Construct
) – Scope in which this resource is defined.id (
str
) – Construct identifier for this resource (unique in its scope).code (
Union
[IResolvable
,CodeProperty
,Dict
[str
,Any
]]) – The code for the function. You can define your function code in multiple ways:. - For .zip deployment packages, you can specify the Amazon S3 location of the .zip file in theS3Bucket
,S3Key
, andS3ObjectVersion
properties. - For .zip deployment packages, you can alternatively define the function code inline in theZipFile
property. This method works only for Node.js and Python functions. - For container images, specify the URI of your container image in the Amazon ECR registry in theImageUri
property.role (
str
) – The Amazon Resource Name (ARN) of the function’s execution role.architectures (
Optional
[Sequence
[str
]]) – The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value isx86_64
.code_signing_config_arn (
Optional
[str
]) – To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.dead_letter_config (
Union
[IResolvable
,DeadLetterConfigProperty
,Dict
[str
,Any
],None
]) – A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see Dead-letter queues .description (
Optional
[str
]) – A description of the function.environment (
Union
[IResolvable
,EnvironmentProperty
,Dict
[str
,Any
],None
]) – Environment variables that are accessible from function code during execution.ephemeral_storage (
Union
[IResolvable
,EphemeralStorageProperty
,Dict
[str
,Any
],None
]) – The size of the function’s/tmp
directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.file_system_configs (
Union
[IResolvable
,Sequence
[Union
[IResolvable
,FileSystemConfigProperty
,Dict
[str
,Any
]]],None
]) – Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an AWS::EFS::MountTarget resource, you must also specify aDependsOn
attribute to ensure that the mount target is created or updated before the function. For more information about using theDependsOn
attribute, see DependsOn Attribute .function_name (
Optional
[str
]) – The name of the Lambda function, up to 64 characters in length. If you don’t specify a name, AWS CloudFormation generates one. If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.handler (
Optional
[str
]) – The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see Lambda programming model .image_config (
Union
[IResolvable
,ImageConfigProperty
,Dict
[str
,Any
],None
]) – Configuration values that override the container image Dockerfile settings. For more information, see Container image settings .kms_key_arn (
Optional
[str
]) – The ARN of the AWS Key Management Service ( AWS KMS ) customer managed key that’s used to encrypt your function’s environment variables . When Lambda SnapStart is activated, Lambda also uses this key is to encrypt your function’s snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it’s deployed. Note that this is not the same key that’s used to protect your container image in the Amazon Elastic Container Registry ( Amazon ECR ). If you don’t provide a customer managed key, Lambda uses a default service key.layers (
Optional
[Sequence
[str
]]) – A list of function layers to add to the function’s execution environment. Specify each layer by its ARN, including the version.logging_config (
Union
[IResolvable
,LoggingConfigProperty
,Dict
[str
,Any
],None
]) – The function’s Amazon CloudWatch Logs configuration settings.memory_size (
Union
[int
,float
,None
]) – The amount of memory available to the function at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.package_type (
Optional
[str
]) – The type of deployment package. Set toImage
for container image and setZip
for .zip file archive.recursive_loop (
Optional
[str
]) – The status of your function’s recursive loop detection configuration. When this value is set toAllow
and Lambda detects your function being invoked as part of a recursive loop, it doesn’t take any action. When this value is set toTerminate
and Lambda detects your function being invoked as part of a recursive loop, it stops your function being invoked and notifies you.reserved_concurrent_executions (
Union
[int
,float
,None
]) – The number of simultaneous executions to reserve for the function.runtime (
Optional
[str
]) – The identifier of the function’s runtime . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you’re deploying a function using a container image. The following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see Runtime use after deprecation . For a list of all currently supported runtimes, see Supported runtimes .runtime_management_config (
Union
[IResolvable
,RuntimeManagementConfigProperty
,Dict
[str
,Any
],None
]) – Sets the runtime management configuration for a function’s version. For more information, see Runtime updates .snap_start (
Union
[IResolvable
,SnapStartProperty
,Dict
[str
,Any
],None
]) – The function’s AWS Lambda SnapStart setting.tags (
Optional
[Sequence
[Union
[CfnTag
,Dict
[str
,Any
]]]]) – A list of tags to apply to the function. .. epigraph:: You must have thelambda:TagResource
,lambda:UntagResource
, andlambda:ListTags
permissions for your IAM principal to manage the AWS CloudFormation stack. If you don’t have these permissions, there might be unexpected behavior with stack-level tags propagating to the resource during resource creation and update.timeout (
Union
[int
,float
,None
]) – The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see Lambda execution environment .tracing_config (
Union
[IResolvable
,TracingConfigProperty
,Dict
[str
,Any
],None
]) – SetMode
toActive
to sample and trace a subset of incoming requests with X-Ray .vpc_config (
Union
[IResolvable
,VpcConfigProperty
,Dict
[str
,Any
],None
]) – For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see Configuring a Lambda function to access resources in a VPC .
Methods
- add_deletion_override(path)
Syntactic sugar for
addOverride(path, undefined)
.- Parameters:
path (
str
) – The path of the value to delete.- Return type:
None
- add_dependency(target)
Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
This can be used for resources across stacks (or nested stack) boundaries and the dependency will automatically be transferred to the relevant scope.
- Parameters:
target (
CfnResource
) –- Return type:
None
- add_depends_on(target)
(deprecated) Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
- Parameters:
target (
CfnResource
) –- Deprecated:
use addDependency
- Stability:
deprecated
- Return type:
None
- add_metadata(key, value)
Add a value to the CloudFormation Resource Metadata.
- Parameters:
key (
str
) –value (
Any
) –
- See:
- Return type:
None
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.
- add_override(path, value)
Adds an override to the synthesized CloudFormation resource.
To add a property override, either use
addPropertyOverride
or prefixpath
with “Properties.” (i.e.Properties.TopicName
).If the override is nested, separate each nested level using a dot (.) in the path parameter. If there is an array as part of the nesting, specify the index in the path.
To include a literal
.
in the property name, prefix with a\
. In most programming languages you will need to write this as"\\."
because the\
itself will need to be escaped.For example:
cfn_resource.add_override("Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes", ["myattribute"]) cfn_resource.add_override("Properties.GlobalSecondaryIndexes.1.ProjectionType", "INCLUDE")
would add the overrides Example:
"Properties": { "GlobalSecondaryIndexes": [ { "Projection": { "NonKeyAttributes": [ "myattribute" ] ... } ... }, { "ProjectionType": "INCLUDE" ... }, ] ... }
The
value
argument toaddOverride
will not be processed or translated in any way. Pass raw JSON values in here with the correct capitalization for CloudFormation. If you pass CDK classes or structs, they will be rendered with lowercased key names, and CloudFormation will reject the template.- Parameters:
path (
str
) –The path of the property, you can use dot notation to override values in complex types. Any intermediate keys will be created as needed.
value (
Any
) –The value. Could be primitive or complex.
- Return type:
None
- add_property_deletion_override(property_path)
Adds an override that deletes the value of a property from the resource definition.
- Parameters:
property_path (
str
) – The path to the property.- Return type:
None
- add_property_override(property_path, value)
Adds an override to a resource property.
Syntactic sugar for
addOverride("Properties.<...>", value)
.- Parameters:
property_path (
str
) – The path of the property.value (
Any
) – The value.
- Return type:
None
- apply_removal_policy(policy=None, *, apply_to_update_replace_policy=None, default=None)
Sets the deletion policy of the resource based on the removal policy specified.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you’ve removed it from the CDK application or because you’ve made a change that requires the resource to be replaced.
The resource can be deleted (
RemovalPolicy.DESTROY
), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN
). In some cases, a snapshot can be taken of the resource prior to deletion (RemovalPolicy.SNAPSHOT
). A list of resources that support this policy can be found in the following link:- Parameters:
policy (
Optional
[RemovalPolicy
]) –apply_to_update_replace_policy (
Optional
[bool
]) – Apply the same deletion policy to the resource’s “UpdateReplacePolicy”. Default: truedefault (
Optional
[RemovalPolicy
]) – The default policy to apply in case the removal policy is not defined. Default: - Default value is resource specific. To determine the default value for a resource, please consult that specific resource’s documentation.
- See:
- Return type:
None
- get_att(attribute_name, type_hint=None)
Returns a token for an runtime attribute of this resource.
Ideally, use generated attribute accessors (e.g.
resource.arn
), but this can be used for future compatibility in case there is no generated attribute.- Parameters:
attribute_name (
str
) – The name of the attribute.type_hint (
Optional
[ResolutionTypeHint
]) –
- Return type:
- get_metadata(key)
Retrieve a value value from the CloudFormation Resource Metadata.
- Parameters:
key (
str
) –- See:
- Return type:
Any
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
Note that this is a different set of metadata from CDK node metadata; this metadata ends up in the stack template under the resource, whereas CDK node metadata ends up in the Cloud Assembly.
- inspect(inspector)
Examines the CloudFormation resource and discloses attributes.
- Parameters:
inspector (
TreeInspector
) – tree inspector to collect and process attributes.- Return type:
None
- obtain_dependencies()
Retrieves an array of resources this resource depends on.
This assembles dependencies on resources across stacks (including nested stacks) automatically.
- Return type:
List
[Union
[Stack
,CfnResource
]]
- obtain_resource_dependencies()
Get a shallow copy of dependencies between this resource and other resources in the same stack.
- Return type:
List
[CfnResource
]
- override_logical_id(new_logical_id)
Overrides the auto-generated logical ID with a specific ID.
- Parameters:
new_logical_id (
str
) – The new logical ID to use for this stack element.- Return type:
None
- remove_dependency(target)
Indicates that this resource no longer depends on another resource.
This can be used for resources across stacks (including nested stacks) and the dependency will automatically be removed from the relevant scope.
- Parameters:
target (
CfnResource
) –- Return type:
None
- replace_dependency(target, new_target)
Replaces one dependency with another.
- Parameters:
target (
CfnResource
) – The dependency to replace.new_target (
CfnResource
) – The new dependency to add.
- Return type:
None
- to_string()
Returns a string representation of this construct.
- Return type:
str
- Returns:
a string representation of this resource
Attributes
- CFN_RESOURCE_TYPE_NAME = 'AWS::Lambda::Function'
- architectures
The instruction set architecture that the function supports.
- attr_arn
The Amazon Resource Name (ARN) of the function.
- CloudformationAttribute:
Arn
- attr_snap_start_response
//docs.aws.amazon.com/lambda/latest/dg/snapstart.html>`_ setting.
- CloudformationAttribute:
SnapStartResponse
- Type:
The function’s `SnapStart <https
- attr_snap_start_response_apply_on
When set to
PublishedVersions
, Lambda creates a snapshot of the execution environment when you publish a function version.- CloudformationAttribute:
SnapStartResponse.ApplyOn
- attr_snap_start_response_optimization_status
//docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using>`_, this response element indicates whether SnapStart is activated for the specified function version.
- CloudformationAttribute:
SnapStartResponse.OptimizationStatus
- Type:
When you provide a `qualified Amazon Resource Name (ARN) <https
- cfn_options
Options for this resource, such as condition, update policy etc.
- cfn_resource_type
AWS resource type.
- code
The code for the function.
You can define your function code in multiple ways:.
- code_signing_config_arn
To enable code signing for this function, specify the ARN of a code-signing configuration.
- creation_stack
return:
the stack trace of the point where this Resource was created from, sourced from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most node +internal+ entries filtered.
- dead_letter_config
A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing.
- description
A description of the function.
- environment
Environment variables that are accessible from function code during execution.
- ephemeral_storage
The size of the function’s
/tmp
directory in MB.
- file_system_configs
Connection settings for an Amazon EFS file system.
- function_name
The name of the Lambda function, up to 64 characters in length.
- handler
The name of the method within your code that Lambda calls to run your function.
- image_config
Configuration values that override the container image Dockerfile settings.
- kms_key_arn
//docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html>`_ is activated, Lambda also uses this key is to encrypt your function’s snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it’s deployed. Note that this is not the same key that’s used to protect your container image in the Amazon Elastic Container Registry ( Amazon ECR ). If you don’t provide a customer managed key, Lambda uses a default service key.
- layers
//docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html>`_ to add to the function’s execution environment. Specify each layer by its ARN, including the version.
- Type:
A list of `function layers <https
- logging_config
The function’s Amazon CloudWatch Logs configuration settings.
- logical_id
The logical ID for this CloudFormation stack element.
The logical ID of the element is calculated from the path of the resource node in the construct tree.
To override this value, use
overrideLogicalId(newLogicalId)
.- Returns:
the logical ID as a stringified token. This value will only get resolved during synthesis.
- memory_size
//docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console>`_ at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.
- Type:
The amount of `memory available to the function <https
- node
The tree node.
- package_type
The type of deployment package.
- recursive_loop
The status of your function’s recursive loop detection configuration.
- ref
Return a string that will be resolved to a CloudFormation
{ Ref }
for this element.If, by any chance, the intrinsic reference of a resource is not a string, you could coerce it to an IResolvable through
Lazy.any({ produce: resource.ref })
.
- reserved_concurrent_executions
The number of simultaneous executions to reserve for the function.
- role
The Amazon Resource Name (ARN) of the function’s execution role.
- runtime
//docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html>`_ . Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you’re deploying a function using a container image.
- Type:
The identifier of the function’s `runtime <https
- runtime_management_config
Sets the runtime management configuration for a function’s version.
- snap_start
//docs.aws.amazon.com/lambda/latest/dg/snapstart.html>`_ setting.
- Type:
The function’s `AWS Lambda SnapStart <https
- stack
The stack in which this element is defined.
CfnElements must be defined within a stack scope (directly or indirectly).
- tags
Tag Manager which manages the tags for this resource.
- tags_raw
//docs.aws.amazon.com/lambda/latest/dg/tagging.html>`_ to apply to the function.
- Type:
A list of `tags <https
- timeout
The amount of time (in seconds) that Lambda allows a function to run before stopping it.
- tracing_config
//docs.aws.amazon.com/lambda/latest/dg/services-xray.html>`_ .
- Type:
Set
Mode
toActive
to sample and trace a subset of incoming requests with `X-Ray <https
- vpc_config
For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC.
Static Methods
- classmethod is_cfn_element(x)
Returns
true
if a construct is a stack element (i.e. part of the synthesized cloudformation template).Uses duck-typing instead of
instanceof
to allow stack elements from different versions of this library to be included in the same stack.- Parameters:
x (
Any
) –- Return type:
bool
- Returns:
The construct as a stack element or undefined if it is not a stack element.
- classmethod is_cfn_resource(x)
Check whether the given object is a CfnResource.
- Parameters:
x (
Any
) –- Return type:
bool
- classmethod is_construct(x)
Checks if
x
is a construct.Use this method instead of
instanceof
to properly detectConstruct
instances, even when the construct library is symlinked.Explanation: in JavaScript, multiple copies of the
constructs
library on disk are seen as independent, completely different libraries. As a consequence, the classConstruct
in each copy of theconstructs
library is seen as a different class, and an instance of one class will not test asinstanceof
the other class.npm install
will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of theconstructs
library can be accidentally installed, andinstanceof
will behave unpredictably. It is safest to avoid usinginstanceof
, and using this type-testing method instead.- Parameters:
x (
Any
) – Any object.- Return type:
bool
- Returns:
true if
x
is an object created from a class which extendsConstruct
.
CodeProperty
- class CfnFunction.CodeProperty(*, image_uri=None, s3_bucket=None, s3_key=None, s3_object_version=None, source_kms_key_arn=None, zip_file=None)
Bases:
object
The deployment package for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template.
Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template.
- Parameters:
image_uri (
Optional
[str
]) –URI of a container image in the Amazon ECR registry.
s3_bucket (
Optional
[str
]) – An Amazon S3 bucket in the same AWS Region as your function. The bucket can be in a different AWS account .s3_key (
Optional
[str
]) – The Amazon S3 key of the deployment package.s3_object_version (
Optional
[str
]) – For versioned objects, the version of the deployment package object to use.source_kms_key_arn (
Optional
[str
]) –zip_file (
Optional
[str
]) –(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named
index
and zips it to create a deployment package . This zip file cannot exceed 4MB. For theHandler
property, the first part of the handler identifier must beindex
. For example,index.handler
. For JSON, you must escape quotes and special characters such as newline (\n
) with a backslash. If you specify a function that interacts with an AWS CloudFormation custom resource, you don’t have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( cfn-response ) that simplifies sending responses. See Using AWS Lambda with AWS CloudFormation for details.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ code_property = lambda.CfnFunction.CodeProperty( image_uri="imageUri", s3_bucket="s3Bucket", s3_key="s3Key", s3_object_version="s3ObjectVersion", source_kms_key_arn="sourceKmsKeyArn", zip_file="zipFile" )
Attributes
- image_uri
//docs.aws.amazon.com/lambda/latest/dg/lambda-images.html>`_ in the Amazon ECR registry.
- See:
- Type:
URI of a `container image <https
- s3_bucket
An Amazon S3 bucket in the same AWS Region as your function.
The bucket can be in a different AWS account .
- s3_key
The Amazon S3 key of the deployment package.
- s3_object_version
For versioned objects, the version of the deployment package object to use.
- source_kms_key_arn
-
- Type:
see
- zip_file
//docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html>`_ . This zip file cannot exceed 4MB. For the
Handler
property, the first part of the handler identifier must beindex
. For example,index.handler
.For JSON, you must escape quotes and special characters such as newline (
\n
) with a backslash.If you specify a function that interacts with an AWS CloudFormation custom resource, you don’t have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ( cfn-response ) that simplifies sending responses. See Using AWS Lambda with AWS CloudFormation for details.
- See:
- Type:
(Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, AWS CloudFormation places it in a file named
index
and zips it to create a `deployment package <https
DeadLetterConfigProperty
- class CfnFunction.DeadLetterConfigProperty(*, target_arn=None)
Bases:
object
The dead-letter queue for failed asynchronous invocations.
- Parameters:
target_arn (
Optional
[str
]) – The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ dead_letter_config_property = lambda.CfnFunction.DeadLetterConfigProperty( target_arn="targetArn" )
Attributes
- target_arn
The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
EnvironmentProperty
- class CfnFunction.EnvironmentProperty(*, variables=None)
Bases:
object
A function’s environment variable settings.
You can use environment variables to adjust your function’s behavior without updating code. An environment variable is a pair of strings that are stored in a function’s version-specific configuration.
- Parameters:
variables (
Union
[IResolvable
,Mapping
[str
,str
],None
]) – Environment variable key-value pairs. For more information, see Using Lambda environment variables .- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ environment_property = lambda.CfnFunction.EnvironmentProperty( variables={ "variables_key": "variables" } )
Attributes
- variables
Environment variable key-value pairs.
For more information, see Using Lambda environment variables .
EphemeralStorageProperty
- class CfnFunction.EphemeralStorageProperty(*, size)
Bases:
object
The size of the function’s
/tmp
directory in MB.The default value is 512, but it can be any whole number between 512 and 10,240 MB.
- Parameters:
size (
Union
[int
,float
]) – The size of the function’s/tmp
directory.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ ephemeral_storage_property = lambda.CfnFunction.EphemeralStorageProperty( size=123 )
Attributes
- size
The size of the function’s
/tmp
directory.
FileSystemConfigProperty
- class CfnFunction.FileSystemConfigProperty(*, arn, local_mount_path)
Bases:
object
Details about the connection between a Lambda function and an Amazon EFS file system .
- Parameters:
arn (
str
) – The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.local_mount_path (
str
) – The path where the function can access the file system, starting with/mnt/
.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ file_system_config_property = lambda.CfnFunction.FileSystemConfigProperty( arn="arn", local_mount_path="localMountPath" )
Attributes
- arn
The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.
- local_mount_path
The path where the function can access the file system, starting with
/mnt/
.
ImageConfigProperty
- class CfnFunction.ImageConfigProperty(*, command=None, entry_point=None, working_directory=None)
Bases:
object
Configuration values that override the container image Dockerfile settings.
For more information, see Container image settings .
- Parameters:
command (
Optional
[Sequence
[str
]]) – Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.entry_point (
Optional
[Sequence
[str
]]) – Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.working_directory (
Optional
[str
]) – Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ image_config_property = lambda.CfnFunction.ImageConfigProperty( command=["command"], entry_point=["entryPoint"], working_directory="workingDirectory" )
Attributes
- command
Specifies parameters that you want to pass in with ENTRYPOINT.
You can specify a maximum of 1,500 parameters in the list.
- entry_point
Specifies the entry point to their application, which is typically the location of the runtime executable.
You can specify a maximum of 1,500 string entries in the list.
- working_directory
Specifies the working directory.
The length of the directory string cannot exceed 1,000 characters.
LoggingConfigProperty
- class CfnFunction.LoggingConfigProperty(*, application_log_level=None, log_format=None, log_group=None, system_log_level=None)
Bases:
object
The function’s Amazon CloudWatch Logs configuration settings.
- Parameters:
application_log_level (
Optional
[str
]) – Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, whereTRACE
is the highest level andFATAL
is the lowest.log_format (
Optional
[str
]) – The format in which Lambda sends your function’s application and system logs to CloudWatch. Select between plain text and structured JSON.log_group (
Optional
[str
]) – The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named/aws/lambda/<function name>
. To use a different log group, enter an existing log group or enter a new log group name.system_log_level (
Optional
[str
]) – Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, whereDEBUG
is the highest level andWARN
is the lowest.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ logging_config_property = lambda.CfnFunction.LoggingConfigProperty( application_log_level="applicationLogLevel", log_format="logFormat", log_group="logGroup", system_log_level="systemLogLevel" )
Attributes
- application_log_level
Set this property to filter the application logs for your function that Lambda sends to CloudWatch.
Lambda only sends application logs at the selected level of detail and lower, where
TRACE
is the highest level andFATAL
is the lowest.
- log_format
The format in which Lambda sends your function’s application and system logs to CloudWatch.
Select between plain text and structured JSON.
- log_group
The name of the Amazon CloudWatch log group the function sends logs to.
By default, Lambda functions send logs to a default log group named
/aws/lambda/<function name>
. To use a different log group, enter an existing log group or enter a new log group name.
- system_log_level
Set this property to filter the system logs for your function that Lambda sends to CloudWatch.
Lambda only sends system logs at the selected level of detail and lower, where
DEBUG
is the highest level andWARN
is the lowest.
RuntimeManagementConfigProperty
- class CfnFunction.RuntimeManagementConfigProperty(*, update_runtime_on, runtime_version_arn=None)
Bases:
object
Sets the runtime management configuration for a function’s version.
For more information, see Runtime updates .
- Parameters:
update_runtime_on (
str
) – Specify the runtime update mode. - Auto (default) - Automatically update to the most recent and secure runtime version using a Two-phase runtime version rollout . This is the best choice for most customers to ensure they always benefit from runtime updates. - FunctionUpdate - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date. - Manual - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see Roll back a runtime version . Valid Values :Auto
|FunctionUpdate
|Manual
runtime_version_arn (
Optional
[str
]) – The ARN of the runtime version you want the function to use. .. epigraph:: This is only required if you’re using the Manual runtime update mode.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ runtime_management_config_property = lambda.CfnFunction.RuntimeManagementConfigProperty( update_runtime_on="updateRuntimeOn", # the properties below are optional runtime_version_arn="runtimeVersionArn" )
Attributes
- runtime_version_arn
The ARN of the runtime version you want the function to use.
This is only required if you’re using the Manual runtime update mode.
- update_runtime_on
Specify the runtime update mode.
Auto (default) - Automatically update to the most recent and secure runtime version using a Two-phase runtime version rollout . This is the best choice for most customers to ensure they always benefit from runtime updates.
FunctionUpdate - Lambda updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.
Manual - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see Roll back a runtime version .
Valid Values :
Auto
|FunctionUpdate
|Manual
SnapStartProperty
- class CfnFunction.SnapStartProperty(*, apply_on)
Bases:
object
The function’s AWS Lambda SnapStart setting.
- Parameters:
apply_on (
str
) – SetApplyOn
toPublishedVersions
to create a snapshot of the initialized execution environment when you publish a function version.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ snap_start_property = lambda.CfnFunction.SnapStartProperty( apply_on="applyOn" )
Attributes
- apply_on
Set
ApplyOn
toPublishedVersions
to create a snapshot of the initialized execution environment when you publish a function version.
SnapStartResponseProperty
- class CfnFunction.SnapStartResponseProperty(*, apply_on=None, optimization_status=None)
Bases:
object
The function’s SnapStart setting.
- Parameters:
apply_on (
Optional
[str
]) – When set toPublishedVersions
, Lambda creates a snapshot of the execution environment when you publish a function version.optimization_status (
Optional
[str
]) – When you provide a qualified Amazon Resource Name (ARN) , this response element indicates whether SnapStart is activated for the specified function version.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ snap_start_response_property = lambda.CfnFunction.SnapStartResponseProperty( apply_on="applyOn", optimization_status="optimizationStatus" )
Attributes
- apply_on
When set to
PublishedVersions
, Lambda creates a snapshot of the execution environment when you publish a function version.
TracingConfigProperty
- class CfnFunction.TracingConfigProperty(*, mode=None)
Bases:
object
The function’s AWS X-Ray tracing configuration. To sample and record incoming requests, set
Mode
toActive
.- Parameters:
mode (
Optional
[str
]) – The tracing mode.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ tracing_config_property = lambda.CfnFunction.TracingConfigProperty( mode="mode" )
Attributes
VpcConfigProperty
- class CfnFunction.VpcConfigProperty(*, ipv6_allowed_for_dual_stack=None, security_group_ids=None, subnet_ids=None)
Bases:
object
The VPC security groups and subnets that are attached to a Lambda function.
When you connect a function to a VPC, Lambda creates an elastic network interface for each combination of security group and subnet in the function’s VPC configuration. The function can only access resources and the internet through that VPC. For more information, see VPC Settings . .. epigraph:
When you delete a function, AWS CloudFormation monitors the state of its network interfaces and waits for Lambda to delete them before proceeding. If the VPC is defined in the same stack, the network interfaces need to be deleted by Lambda before AWS CloudFormation can delete the VPC's resources. To monitor network interfaces, AWS CloudFormation needs the ``ec2:DescribeNetworkInterfaces`` permission. It obtains this from the user or role that modifies the stack. If you don't provide this permission, AWS CloudFormation does not wait for network interfaces to be deleted.
- Parameters:
ipv6_allowed_for_dual_stack (
Union
[bool
,IResolvable
,None
]) – Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.security_group_ids (
Optional
[Sequence
[str
]]) – A list of VPC security group IDs.subnet_ids (
Optional
[Sequence
[str
]]) – A list of VPC subnet IDs.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk import aws_lambda as lambda_ vpc_config_property = lambda.CfnFunction.VpcConfigProperty( ipv6_allowed_for_dual_stack=False, security_group_ids=["securityGroupIds"], subnet_ids=["subnetIds"] )
Attributes
- ipv6_allowed_for_dual_stack
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
- security_group_ids
A list of VPC security group IDs.
- subnet_ids
A list of VPC subnet IDs.