# aws-s3-lambda
| | |
| --- |--- |
| Reference Documentation: | https://docs.aws.amazon.com/solutions/latest/constructs/ |
| **Language** | **Package** |
| --- | --- |
|  Python | `aws_solutions_constructs.aws_s3_lambda` |
|  Typescript | `@aws-solutions-constructs/aws-s3-lambda` |
|  Java | `software.amazon.awsconstructs.services.s3lambda` |
## Overview
This AWS Solutions Construct implements an Amazon S3 bucket connected to an AWS Lambda function.
Here is a minimal deployable pattern definition:
**Example**
```
import { Construct } from 'constructs';
import { Stack, StackProps } from 'aws-cdk-lib';
import * as lambda from "aws-cdk-lib/aws-lambda";
import { S3ToLambdaProps, S3ToLambda } from '@aws-solutions-constructs/aws-s3-lambda';
new S3ToLambda(this, 'test-s3-lambda', {
lambdaFunctionProps: {
code: lambda.Code.fromAsset(`lambda`),
runtime: lambda.Runtime.NODEJS_22_X,
handler: 'index.handler'
},
});
```
```
from aws_solutions_constructs.aws_s3_lambda import S3ToLambda
from aws_cdk import (
aws_lambda as _lambda,
Stack
)
from constructs import Construct
S3ToLambda(self, 'test_s3_lambda',
lambda_function_props=_lambda.FunctionProps(
code=_lambda.Code.from_asset('lambda'),
runtime=_lambda.Runtime.PYTHON_3_14,
handler='index.handler'
)
)
```
```
import software.constructs.Construct;
import software.amazon.awscdk.Stack;
import software.amazon.awscdk.StackProps;
import software.amazon.awscdk.services.lambda.*;
import software.amazon.awscdk.services.lambda.Runtime;
import software.amazon.awsconstructs.services.s3lambda.*;
new S3ToLambda(this, "test-s3-lambda'", new S3ToLambdaProps.Builder()
.lambdaFunctionProps(new FunctionProps.Builder()
.runtime(Runtime.NODEJS_22_X)
.code(Code.fromAsset("lambda"))
.handler("index.handler")
.build())
.build());
```
## Pattern Construct Props
| **Name** | **Type** | **Description** |
| --- | --- | --- |
| existingLambdaObj? | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.Function.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.Function.html) | Existing instance of Lambda Function object, providing both this and `lambdaFunctionProps` will cause an error. |
| lambdaFunctionProps? | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.FunctionProps.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.FunctionProps.html) | Optional user provided props to override the default props for the Lambda function. |
| existingBucketObj? | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html) | Optional - existing instance of S3 Bucket. If this is provided, then also providing bucketProps causes an error. |
| bucketProps? | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html) | Optional user provided props to override the default props for the S3 Bucket. |
| s3EventSourceProps? | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda_event_sources.S3EventSourceProps.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda_event_sources.S3EventSourceProps.html) | Optional user provided props to override the default props for S3EventSourceProps |
| loggingBucketProps? | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.BucketProps.html) | Optional user provided props to override the default props for the S3 Logging Bucket. |
| logS3AccessLogs? | boolean | Whether to turn on Access Logging for the S3 bucket. Creates an S3 bucket with associated storage costs for the logs. Enabling Access Logging is a best practice. default - true |
## Pattern Properties
| **Name** | **Type** | **Description** |
| --- | --- | --- |
| lambdaFunction | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.Function.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda.Function.html) | Returns an instance of the lambda.Function created by the construct |
| s3Bucket? | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html) | Returns an instance of the s3.Bucket created by the construct |
| s3LoggingBucket? | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html) | Returns an instance of s3.Bucket created by the construct as the logging bucket for the primary bucket. |
| s3BucketInterface | [https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.IBucket.html) | Returns an instance of s3.IBucket created by the construct |
## Default settings
Out of the box implementation of the Construct without any override will set the following defaults:
### Amazon S3 Bucket
+ Configure Access logging for S3 Bucket
+ Enable server-side encryption for S3 Bucket using AWS managed KMS Key
+ Enforce encryption of data in transit
+ Turn on the versioning for S3 Bucket
+ Don’t allow public access for S3 Bucket
+ Retain the S3 Bucket when deleting the CloudFormation stack
+ Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days
### AWS Lambda Function
+ Configure limited privilege access IAM role for Lambda function
+ Enable reusing connections with Keep-Alive for NodeJs Lambda function
+ Enable X-Ray Tracing
+ Set Environment Variables
+ AWS\_NODEJS\_CONNECTION\_REUSE\_ENABLED (for Node 10.x and higher functions)
## Architecture
## Github
Go to the [Github repo](https://github.com/awslabs/aws-solutions-constructs/tree/main/source/patterns/%40aws-solutions-constructs/aws-s3-lambda) for this pattern to view the code, read/create issues and pull requests and more.