ParamsAndSecretsOptions

class aws_cdk.aws_lambda.ParamsAndSecretsOptions(*, cache_enabled=None, cache_size=None, http_port=None, log_level=None, max_connections=None, parameter_store_timeout=None, parameter_store_ttl=None, secrets_manager_timeout=None, secrets_manager_ttl=None)

Bases: object

Parameters and Secrets Extension configuration options.

Parameters:

  • cache_enabled (Optional[bool]) – Whether the Parameters and Secrets Extension will cache parameters and secrets. Default: true

  • cache_size (Union[int, float, None]) – The maximum number of secrets and parameters to cache. Must be a value from 0 to 1000. A value of 0 means there is no caching. Note: This variable is ignored if parameterStoreTtl and secretsManagerTtl are 0. Default: 1000

  • http_port (Union[int, float, None]) – The port for the local HTTP server. Valid port numbers are 1 - 65535. Default: 2773

  • log_level (Optional[ParamsAndSecretsLogLevel]) – The level of logging provided by the Parameters and Secrets Extension. Note: Set to debug to see the cache configuration. Default: - Logging level will be info

  • max_connections (Union[int, float, None]) – The maximum number of connection for HTTP clients that the Parameters and Secrets Extension uses to make requests to Parameter Store or Secrets Manager. There is no maximum limit. Minimum is 1. Note: Every running copy of this Lambda function may open the number of connections specified by this property. Thus, the total number of connections may exceed this number. Default: 3

  • parameter_store_timeout (Optional[Duration]) – The timeout for requests to Parameter Store. A value of 0 means that there is no timeout. Default: 0

  • parameter_store_ttl (Optional[Duration]) – The time-to-live of a parameter in the cache. A value of 0 means there is no caching. The maximum time-to-live is 300 seconds. Note: This variable is ignored if cacheSize is 0. Default: 300 seconds

  • secrets_manager_timeout (Optional[Duration]) – The timeout for requests to Secrets Manager. A value of 0 means that there is no timeout. Default: 0

  • secrets_manager_ttl (Optional[Duration]) – The time-to-live of a secret in the cache. A value of 0 means there is no caching. The maximum time-to-live is 300 seconds. Note: This variable is ignored if cacheSize is 0. Default: 300 seconds

ExampleMetadata:

infused

Example:

import aws_cdk.aws_secretsmanager as sm
import aws_cdk.aws_ssm as ssm


secret = sm.Secret(self, "Secret")
parameter = ssm.StringParameter(self, "Parameter",
    parameter_name="mySsmParameterName",
    string_value="mySsmParameterValue"
)

params_and_secrets = lambda_.ParamsAndSecretsLayerVersion.from_version(lambda_.ParamsAndSecretsVersions.V1_0_103,
    cache_size=500,
    log_level=lambda_.ParamsAndSecretsLogLevel.DEBUG
)

lambda_function = lambda_.Function(self, "MyFunction",
    runtime=lambda_.Runtime.NODEJS_18_X,
    handler="index.handler",
    architecture=lambda_.Architecture.ARM_64,
    code=lambda_.Code.from_asset(path.join(__dirname, "lambda-handler")),
    params_and_secrets=params_and_secrets
)

secret.grant_read(lambda_function)
parameter.grant_read(lambda_function)

Attributes

cache_enabled

Whether the Parameters and Secrets Extension will cache parameters and secrets.

Default:

true

cache_size

The maximum number of secrets and parameters to cache.

Must be a value from 0 to 1000. A value of 0 means there is no caching.

Note: This variable is ignored if parameterStoreTtl and secretsManagerTtl are 0.

Default:

1000

http_port

The port for the local HTTP server.

Valid port numbers are 1 - 65535.

Default:

2773

log_level

The level of logging provided by the Parameters and Secrets Extension.

Note: Set to debug to see the cache configuration.

Default:

  • Logging level will be info

max_connections

The maximum number of connection for HTTP clients that the Parameters and Secrets Extension uses to make requests to Parameter Store or Secrets Manager.

There is no maximum limit. Minimum is 1.

Note: Every running copy of this Lambda function may open the number of connections specified by this property. Thus, the total number of connections may exceed this number.

Default:

3

parameter_store_timeout

The timeout for requests to Parameter Store.

A value of 0 means that there is no timeout.

Default:

0

parameter_store_ttl

The time-to-live of a parameter in the cache.

A value of 0 means there is no caching. The maximum time-to-live is 300 seconds.

Note: This variable is ignored if cacheSize is 0.

Default:

300 seconds

secrets_manager_timeout

The timeout for requests to Secrets Manager.

A value of 0 means that there is no timeout.

Default:

0

secrets_manager_ttl

The time-to-live of a secret in the cache.

A value of 0 means there is no caching. The maximum time-to-live is 300 seconds.

Note: This variable is ignored if cacheSize is 0.

Default:

300 seconds