Interface IFunctionOptions
Non runtime options.
Inherited Members
Namespace: Amazon.CDK.AWS.Lambda
Assembly: Amazon.CDK.AWS.Lambda.dll
Syntax (csharp)
public interface IFunctionOptions : IEventInvokeConfigOptions
Syntax (vb)
Public Interface IFunctionOptions
Inherits IEventInvokeConfigOptions
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.CodeGuruProfiler;
using Amazon.CDK.AWS.EC2;
using Amazon.CDK.AWS.IAM;
using Amazon.CDK.AWS.KMS;
using Amazon.CDK.AWS.Lambda;
using Amazon.CDK.AWS.Logs;
using Amazon.CDK.AWS.SNS;
using Amazon.CDK.AWS.SQS;
using Amazon.CDK;
Architecture architecture;
CodeSigningConfig codeSigningConfig;
IDestination destination;
IEventSource eventSource;
FileSystem fileSystem;
Key key;
LambdaInsightsVersion lambdaInsightsVersion;
LayerVersion layerVersion;
PolicyStatement policyStatement;
ProfilingGroup profilingGroup;
Queue queue;
Role role;
SecurityGroup securityGroup;
Size size;
Subnet subnet;
SubnetFilter subnetFilter;
Topic topic;
Vpc vpc;
var functionOptions = new FunctionOptions {
AllowAllOutbound = false,
AllowPublicSubnet = false,
Architecture = architecture,
Architectures = new [] { architecture },
CodeSigningConfig = codeSigningConfig,
CurrentVersionOptions = new VersionOptions {
CodeSha256 = "codeSha256",
Description = "description",
MaxEventAge = Duration.Minutes(30),
OnFailure = destination,
OnSuccess = destination,
ProvisionedConcurrentExecutions = 123,
RemovalPolicy = RemovalPolicy.DESTROY,
RetryAttempts = 123
},
DeadLetterQueue = queue,
DeadLetterQueueEnabled = false,
DeadLetterTopic = topic,
Description = "description",
Environment = new Dictionary<string, string> {
{ "environmentKey", "environment" }
},
EnvironmentEncryption = key,
EphemeralStorageSize = size,
Events = new [] { eventSource },
Filesystem = fileSystem,
FunctionName = "functionName",
InitialPolicy = new [] { policyStatement },
InsightsVersion = lambdaInsightsVersion,
Layers = new [] { layerVersion },
LogRetention = RetentionDays.ONE_DAY,
LogRetentionRetryOptions = new LogRetentionRetryOptions {
Base = Duration.Minutes(30),
MaxRetries = 123
},
LogRetentionRole = role,
MaxEventAge = Duration.Minutes(30),
MemorySize = 123,
OnFailure = destination,
OnSuccess = destination,
Profiling = false,
ProfilingGroup = profilingGroup,
ReservedConcurrentExecutions = 123,
RetryAttempts = 123,
Role = role,
SecurityGroup = securityGroup,
SecurityGroups = new [] { securityGroup },
Timeout = Duration.Minutes(30),
Tracing = Tracing.ACTIVE,
Vpc = vpc,
VpcSubnets = new SubnetSelection {
AvailabilityZones = new [] { "availabilityZones" },
OnePerAz = false,
SubnetFilters = new [] { subnetFilter },
SubnetGroupName = "subnetGroupName",
SubnetName = "subnetName",
Subnets = new [] { subnet },
SubnetType = SubnetType.ISOLATED
}
};
Synopsis
Properties
AllowAllOutbound | Whether to allow the Lambda to send all network traffic. |
AllowPublicSubnet | Lambda Functions in a public subnet can NOT access the internet. |
Architecture | The system architectures compatible with this lambda function. |
Architectures | (deprecated) DEPRECATED. |
CodeSigningConfig | Code signing config associated with this function. |
CurrentVersionOptions | Options for the |
DeadLetterQueue | The SQS queue to use if DLQ is enabled. |
DeadLetterQueueEnabled | Enabled DLQ. |
DeadLetterTopic | The SNS topic to use as a DLQ. |
Description | A description of the function. |
Environment | Key-value pairs that Lambda caches and makes available for your Lambda functions. |
EnvironmentEncryption | The AWS KMS key that's used to encrypt your function's environment variables. |
EphemeralStorageSize | The size of the function’s /tmp directory in MiB. |
Events | Event sources for this function. |
Filesystem | The filesystem configuration for the lambda function. |
FunctionName | A name for the function. |
InitialPolicy | Initial policy statements to add to the created Lambda Role. |
InsightsVersion | Specify the version of CloudWatch Lambda insights to use for monitoring. |
Layers | A list of layers to add to the function's execution environment. |
LogRetention | The number of days log events are kept in CloudWatch Logs. |
LogRetentionRetryOptions | When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
LogRetentionRole | The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
MemorySize | The amount of memory, in MB, that is allocated to your Lambda function. |
Profiling | Enable profiling. |
ProfilingGroup | Profiling Group. |
ReservedConcurrentExecutions | The maximum of concurrent executions you want to reserve for the function. |
Role | Lambda execution role. |
SecurityGroup | (deprecated) What security group to associate with the Lambda's network interfaces. This property is being deprecated, consider using securityGroups instead. |
SecurityGroups | The list of security groups to associate with the Lambda's network interfaces. |
Timeout | The function execution time (in seconds) after which Lambda terminates the function. |
Tracing | Enable AWS X-Ray Tracing for Lambda Function. |
Vpc | VPC network to place Lambda network interfaces. |
VpcSubnets | Where to place the network interfaces within the VPC. |
Properties
AllowAllOutbound
Whether to allow the Lambda to send all network traffic.
virtual Nullable<bool> AllowAllOutbound { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets.
Default: true
AllowPublicSubnet
Lambda Functions in a public subnet can NOT access the internet.
virtual Nullable<bool> AllowPublicSubnet { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
Use this property to acknowledge this limitation and still place the function in a public subnet.
Default: false
Architecture
The system architectures compatible with this lambda function.
virtual Architecture Architecture { get; }
Property Value
Remarks
Default: Architecture.X86_64
Architectures
(deprecated) DEPRECATED.
virtual Architecture[] Architectures { get; }
Property Value
Remarks
Default: [Architecture.X86_64]
Stability: Deprecated
CodeSigningConfig
Code signing config associated with this function.
virtual ICodeSigningConfig CodeSigningConfig { get; }
Property Value
Remarks
Default: - Not Sign the Code
CurrentVersionOptions
Options for the lambda.Version
resource automatically created by the fn.currentVersion
method.
virtual IVersionOptions CurrentVersionOptions { get; }
Property Value
Remarks
Default: - default options as described in VersionOptions
DeadLetterQueue
The SQS queue to use if DLQ is enabled.
virtual IQueue DeadLetterQueue { get; }
Property Value
Remarks
If SNS topic is desired, specify deadLetterTopic
property instead.
Default: - SQS queue with 14 day retention period if deadLetterQueueEnabled
is true
DeadLetterQueueEnabled
Enabled DLQ.
virtual Nullable<bool> DeadLetterQueueEnabled { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
If deadLetterQueue
is undefined,
an SQS queue with default options will be defined for your Function.
Default: - false unless deadLetterQueue
is set, which implies DLQ is enabled.
DeadLetterTopic
The SNS topic to use as a DLQ.
virtual ITopic DeadLetterTopic { get; }
Property Value
Remarks
Note that if deadLetterQueueEnabled
is set to true
, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
Default: - no SNS topic
Description
A description of the function.
virtual string Description { get; }
Property Value
System.String
Remarks
Default: - No description.
Environment
Key-value pairs that Lambda caches and makes available for your Lambda functions.
virtual IDictionary<string, string> Environment { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.String>
Remarks
Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code.
Default: - No environment variables.
EnvironmentEncryption
The AWS KMS key that's used to encrypt your function's environment variables.
virtual IKey EnvironmentEncryption { get; }
Property Value
Remarks
Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).
EphemeralStorageSize
The size of the function’s /tmp directory in MiB.
virtual Size EphemeralStorageSize { get; }
Property Value
Remarks
Default: 512 MiB
Events
Event sources for this function.
virtual IEventSource[] Events { get; }
Property Value
Remarks
You can also add event sources using addEventSource
.
Default: - No event sources.
Filesystem
The filesystem configuration for the lambda function.
virtual FileSystem Filesystem { get; }
Property Value
Remarks
Default: - will not mount any filesystem
FunctionName
A name for the function.
virtual string FunctionName { get; }
Property Value
System.String
Remarks
Default: - AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
InitialPolicy
Initial policy statements to add to the created Lambda Role.
virtual PolicyStatement[] InitialPolicy { get; }
Property Value
Remarks
You can call addToRolePolicy
to the created lambda to add statements post creation.
Default: - No policy statements are added to the created Lambda role.
InsightsVersion
Specify the version of CloudWatch Lambda insights to use for monitoring.
virtual LambdaInsightsVersion InsightsVersion { get; }
Property Value
Remarks
Default: - No Lambda Insights
Layers
A list of layers to add to the function's execution environment.
virtual ILayerVersion[] Layers { get; }
Property Value
Remarks
You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions.
Default: - No layers.
LogRetention
The number of days log events are kept in CloudWatch Logs.
virtual Nullable<RetentionDays> LogRetention { get; }
Property Value
System.Nullable<RetentionDays>
Remarks
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE
.
Default: logs.RetentionDays.INFINITE
LogRetentionRetryOptions
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
virtual ILogRetentionRetryOptions LogRetentionRetryOptions { get; }
Property Value
Remarks
These options control the retry policy when interacting with CloudWatch APIs.
Default: - Default AWS SDK retry options.
LogRetentionRole
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
virtual IRole LogRetentionRole { get; }
Property Value
Remarks
Default: - A new role is created.
MemorySize
The amount of memory, in MB, that is allocated to your Lambda function.
virtual Nullable<double> MemorySize { get; }
Property Value
System.Nullable<System.Double>
Remarks
Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide.
Default: 128
Profiling
Enable profiling.
virtual Nullable<bool> Profiling { get; }
Property Value
System.Nullable<System.Boolean>
Remarks
Default: - No profiling.
See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
ProfilingGroup
Profiling Group.
virtual IProfilingGroup ProfilingGroup { get; }
Property Value
Remarks
Default: - A new profiling group will be created if profiling
is set.
See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
ReservedConcurrentExecutions
The maximum of concurrent executions you want to reserve for the function.
virtual Nullable<double> ReservedConcurrentExecutions { get; }
Property Value
System.Nullable<System.Double>
Remarks
Default: - No specific limit - account limit.
See: https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html
Role
Lambda execution role.
virtual IRole Role { get; }
Property Value
Remarks
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
Default: - A unique role will be generated for this lambda function.
Both supplied and generated roles can always be changed by calling addToRolePolicy
.
SecurityGroup
(deprecated) What security group to associate with the Lambda's network interfaces. This property is being deprecated, consider using securityGroups instead.
virtual ISecurityGroup SecurityGroup { get; }
Property Value
Remarks
Only used if 'vpc' is supplied.
Use securityGroups property instead. Function constructor will throw an error if both are specified.
Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroups prop, a dedicated security group will be created for this function.
Stability: Deprecated
SecurityGroups
The list of security groups to associate with the Lambda's network interfaces.
virtual ISecurityGroup[] SecurityGroups { get; }
Property Value
Remarks
Only used if 'vpc' is supplied.
Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
Timeout
The function execution time (in seconds) after which Lambda terminates the function.
virtual Duration Timeout { get; }
Property Value
Remarks
Because the execution time affects cost, set this value based on the function's expected execution time.
Default: Duration.seconds(3)
Tracing
Enable AWS X-Ray Tracing for Lambda Function.
virtual Nullable<Tracing> Tracing { get; }
Property Value
System.Nullable<Tracing>
Remarks
Default: Tracing.Disabled
Vpc
VPC network to place Lambda network interfaces.
virtual IVpc Vpc { get; }
Property Value
Remarks
Specify this if the Lambda function needs to access resources in a VPC.
Default: - Function is not placed within a VPC.
VpcSubnets
Where to place the network interfaces within the VPC.
virtual ISubnetSelection VpcSubnets { get; }
Property Value
Remarks
Only used if 'vpc' is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed.
Default: - the Vpc default strategy if not specified