Control which events Lambda sends to your function - Amazon Lambda
Understanding event filtering basicsHandling records that don't meet filter criteriaFilter rule syntaxAttaching filter criteria to an event source mapping (console)Attaching filter criteria to an event source mapping (Amazon CLI)Attaching filter criteria to an event source mapping (Amazon SAM)Using filters with different Amazon Web Services
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Control which events Lambda sends to your function

You can use event filtering to control which records from a stream or queue Lambda sends to your function. For example, you can add a filter so that your function only processes Amazon SQS messages containing certain data parameters. Event filtering works only with certain event source mappings. You can add filters to event source mappings for the following Amazon services:

  • Amazon DynamoDB

  • Amazon Kinesis Data Streams

  • Amazon MQ

  • Amazon Managed Streaming for Apache Kafka (Amazon MSK)

  • Self-managed Apache Kafka

  • Amazon Simple Queue Service (Amazon SQS)

For specific information about filtering with specific event sources, see Using filters with different Amazon Web Services. Lambda doesn't support event filtering for Amazon DocumentDB.

By default, you can define up to five different filters for a single event source mapping. Your filters are logically ORed together. If a record from your event source satisfies one or more of your filters, Lambda includes the record in the next event it sends to your function. If none of your filters are satisfied, Lambda discards the record.

Note

If you need to define more than five filters for an event source, you can request a quota increase for up to 10 filters for each event source. If you attempt to add more filters than your current quota permits, Lambda will return an error when you try to create the event source.

Understanding event filtering basics

A filter criteria (FilterCriteria) object is a structure that consists of a list of filters (Filters). Each filter is a structure that defines an event filtering pattern (Pattern). A pattern is a string representation of a JSON filter rule. The structure of a FilterCriteria object is as follows.

{
   "Filters": [
        {
            "Pattern": "{ \"Metadata1\": [ rule1 ], \"data\": { \"Data1\": [ rule2 ] }}"
        }
    ]
}

For added clarity, here is the value of the filter's Pattern expanded in plain JSON.

{
    "Metadata1": [ rule1 ],
    "data": {
        "Data1": [ rule2 ]
    }
}

Your filter pattern can include metadata properties, data properties, or both. The available metadata parameters and the format of the data parameters vary according to the Amazon Web Service which is acting as the event source. For example, suppose your event source mapping receives the following record from an Amazon SQS queue:

{
    "messageId": "059f36b4-87a3-44ab-83d2-661975830a7d",
    "receiptHandle": "AQEBwJnKyrHigUMZj6rYigCgxlaS3SLy0a...",
    "body": "{\n "City": "Seattle",\n "State": "WA",\n "Temperature": "46"\n}",
    "attributes": {
        "ApproximateReceiveCount": "1",
        "SentTimestamp": "1545082649183",
        "SenderId": "AIDAIENQZJOLO23YVJ4VO",
        "ApproximateFirstReceiveTimestamp": "1545082649185"
    },
    "messageAttributes": {},
    "md5OfBody": "e4e68fb7bd0e697a0ae8f1bb342846b3",
    "eventSource": "aws:sqs",
    "eventSourceARN": "arn:aws:sqs:us-east-2:123456789012:my-queue",
    "awsRegion": "us-east-2"
}

  • Metadata properties are the fields containing information about the event that created the record. In the example Amazon SQS record, the metadata properties include fields such as messageID, eventSourceArn, and awsRegion.

  • Data properties are the fields of the record containing the data from your stream or queue. In the Amazon SQS event example, the key for the data field is body, and the data properties are the fields City State, and Temperature.

Different types of event source use different key values for their data fields. To filter on data properties, make sure that you use the correct key in your filter’s pattern. For a list of data filtering keys, and to see examples of filter patterns for each supported Amazon Web Service, refer to Using filters with different Amazon Web Services.

Event filtering can handle multi-level JSON filtering. For example, consider the following fragment of a record from a DynamoDB stream:

"dynamodb": {
    "Keys": {
        "ID": {
            "S": "ABCD"
        }
        "Number": {
            "N": "1234"
    },
    ...
}

Suppose you want to process only those records where the value of the sort key Number is 4567. In this case, your FilterCriteria object would look like this:

{
    "Filters": [
        {
            "Pattern": "{ \"dynamodb\": { \"Keys\": { \"Number\": { \"N\": [ "4567" ] } } } }"
        }
    ]
}

For added clarity, here is the value of the filter's Pattern expanded in plain JSON. 

{
    "dynamodb": {
        "Keys": {
            "Number": {
                "N": [ "4567" ]
                }
            }
        }
}

Handling records that don't meet filter criteria

How Lambda handles records that don't meet your filter criteria depends on the event source.

  • For Amazon SQS, if a message doesn't satisfy your filter criteria, Lambda automatically removes the message from the queue. You don't have to manually delete these messages in Amazon SQS.

  • For Kinesis and DynamoDB, after your filter criteria evaluates a record, the streams iterator advances past this record. If the record doesn't satisfy your filter criteria, you don't have to manually delete the record from your event source. After the retention period, Kinesis and DynamoDB automatically delete these old records. If you want records to be deleted sooner, see Changing the Data Retention Period.

  • For Amazon MSK, self-managed Apache Kafka, and Amazon MQ messages, Lambda drops messages that don't match all fields included in the filter. For Amazon MSK and self-managed Apache Kafka, Lambda commits offsets for matched and unmatched messages after successfully invoking the function. For Amazon MQ, Lambda acknowledges matched messages after successfully invoking the function, and acknowledges unmatched messages when filtering them.

Filter rule syntax

For filter rules, Lambda supports the Amazon EventBridge rules and uses the same syntax as EventBridge. For more information, see Amazon EventBridge event patterns in the Amazon EventBridge User Guide.

The following is a summary of all the comparison operators available for Lambda event filtering.

Comparison operator Example Rule syntax

Null

UserID is null

"UserID": [ null ]

Empty

LastName is empty

"LastName": [""]

Equals

Name is "Alice"

"Name": [ "Alice" ]

Equals (ignore case)

Name is "Alice"

"Name": [ { "equals-ignore-case": "alice" } ]

And

Location is "New York" and Day is "Monday"

"Location": [ "New York" ], "Day": ["Monday"]

Or

PaymentType is "Credit" or "Debit"

"PaymentType": [ "Credit", "Debit"]

Or (multiple fields)

Location is "New York", or Day is "Monday".

"$or": [ { "Location": [ "New York" ] }, { "Day": [ "Monday" ] } ]

Not

Weather is anything but "Raining"

"Weather": [ { "anything-but": [ "Raining" ] } ]

Numeric (equals)

Price is 100

"Price": [ { "numeric": [ "=", 100 ] } ]

Numeric (range)

Price is more than 10, and less than or equal to 20

"Price": [ { "numeric": [ ">", 10, "<=", 20 ] } ]

Exists

ProductName exists

"ProductName": [ { "exists": true } ]

Does not exist

ProductName does not exist

"ProductName": [ { "exists": false } ]

Begins with

Region is in the US

"Region": [ {"prefix": "us-" } ]

Ends with

FileName ends with a .png extension.

"FileName": [ { "suffix": ".png" } ]

Note

Like EventBridge, for strings, Lambda uses exact character-by-character matching without case-folding or any other string normalization. For numbers, Lambda also uses string representation. For example, 300, 300.0, and 3.0e2 are not considered equal.

Note that the Exists operator only works on leaf nodes in your event source JSON. It doesn't match intermediate nodes. For example, with the following JSON, the filter pattern { "person": { "address": [ { "exists": true } ] } }" wouldn't find a match because "address" is an intermediate node.

{
  "person": {
    "name": "John Doe",
    "age": 30,
    "address": {
      "street": "123 Main St",
      "city": "Anytown",
      "country": "USA"
    }
  }
}

Attaching filter criteria to an event source mapping (console)

Follow these steps to create a new event source mapping with filter criteria using the Lambda console.

To create a new event source mapping with filter criteria (console)

  1. Open the Functions page of the Lambda console.

  2. Choose the name of a function to create an event source mapping for.

  3. Under Function overview, choose Add trigger.

  4. For Trigger configuration, choose a trigger type that supports event filtering. For a list of supported services, refer to the list at the beginning of this page.

  5. Expand Additional settings.

  6. Under Filter criteria, choose Add, and then define and enter your filters. For example, you can enter the following.

    { "Metadata" : [ 1, 2 ] }

    This instructs Lambda to process only the records where field Metadata is equal to 1 or 2. You can continue to select Add to add more filters up to the maximum allowed amount.

  7. When you have finished adding your filters, choose Save.

When you enter filter criteria using the console, you enter only the filter pattern and don't need to provide the Pattern key or escape quotes. In step 6 of the preceding instructions, { "Metadata" : [ 1, 2 ] } corresponds to the following FilterCriteria.

{
   "Filters": [
      {
          "Pattern": "{ \"Metadata\" : [ 1, 2 ] }"
      }
   ]
}

After creating your event source mapping in the console, you can see the formatted FilterCriteria in the trigger details. For more examples of creating event filters using the console, see Using filters with different Amazon Web Services.

Attaching filter criteria to an event source mapping (Amazon CLI)

Suppose you want an event source mapping to have the following FilterCriteria:

{
   "Filters": [
      {
          "Pattern": "{ \"Metadata\" : [ 1, 2 ] }"
      }
   ]
}

To create a new event source mapping with these filter criteria using the Amazon Command Line Interface (Amazon CLI), run the following command.

aws lambda create-event-source-mapping \
    --function-name my-function \
    --event-source-arn arn:aws:sqs:us-east-2:123456789012:my-queue \
    --filter-criteria '{"Filters": [{"Pattern": "{ \"Metadata\" : [ 1, 2 ]}"}]}'

This create-event-source-mapping command creates a new Amazon SQS event source mapping for function my-function with the specified FilterCriteria.

To add these filter criteria to an existing event source mapping, run the following command.

aws lambda update-event-source-mapping \
    --uuid "a1b2c3d4-5678-90ab-cdef-11111EXAMPLE" \
    --filter-criteria '{"Filters": [{"Pattern": "{ \"Metadata\" : [ 1, 2 ]}"}]}'

Note that to update an event source mapping, you need its UUID. You can get the UUID from a list-event-source-mappings call. Lambda also returns the UUID in the create-event-source-mapping CLI response.

To remove filter criteria from an event source, you can run the following update-event-source-mapping command with an empty FilterCriteria object.

aws lambda update-event-source-mapping \
    --uuid "a1b2c3d4-5678-90ab-cdef-11111EXAMPLE" \
    --filter-criteria "{}"

For more examples of creating event filters using the Amazon CLI, see Using filters with different Amazon Web Services.

Attaching filter criteria to an event source mapping (Amazon SAM)

Suppose you want to configure an event source in Amazon SAM to use the following filter criteria: 

{
   "Filters": [
      {
          "Pattern": "{ \"Metadata\" : [ 1, 2 ] }"
      }
   ]
}

To add these filter criteria to your event source mapping, insert the following snippet into the YAML template for your event source.

FilterCriteria: 
  Filters: 
    - Pattern: '{"Metadata": [1, 2]}'

For more information on creating and configuring an Amazon SAM template for an event source mapping, see the EventSource section of the Amazon SAM Developer Guide. Fore more examples of creating event filters using Amazon SAM templates, see Using filters with different Amazon Web Services.

Using filters with different Amazon Web Services

Different types of event source use different key values for their data fields. To filter on data properties, make sure that you use the correct key in your filter’s pattern. The following table gives the filtering keys for each supported Amazon Web Service.

Amazon Web Service Filtering key
DynamoDB dynamodb
Kinesis data
Amazon MQ data
Amazon MSK value
Self-managed Apache Kafka value
Amazon SQS body

The following sections give examples of filter patterns for different types of event sources. They also provide definitions of supported incoming data formats and filter pattern body formats for each supported service.