Invoking Lambda function URLs
A function URL is a dedicated HTTP(S) endpoint for your Lambda function. You can create and configure a function URL through the Lambda console or the Lambda API. When you create a function URL, Lambda automatically generates a unique URL endpoint for you. Once you create a function URL, its URL endpoint never changes. Function URL endpoints have the following format:
https://
<url-id>
.lambda-url.<region>.on.aws
Note
Function URLs are not supported in the following Amazon Web Services Regions: Asia Pacific (Hyderabad) (ap-south-2
), Asia Pacific (Melbourne) (ap-southeast-4
), Asia Pacific (Malaysia) (ap-southeast-5
), Canada West (Calgary) (ca-west-1
), Europe (Spain) (eu-south-2
), Europe (Zurich) (eu-central-2
), Israel (Tel Aviv) (il-central-1
), and Middle East (UAE) (me-central-1
).
Function URLs are dual stack-enabled, supporting IPv4 and IPv6. After configuring your function URL, you can
invoke your function through its HTTP(S) endpoint via a web browser, curl, Postman, or any HTTP client. To invoke a
function URL, you must have lambda:InvokeFunctionUrl
permissions. For more information, see Access control.
Function URL invocation basics
If your function URL uses the AWS_IAM
auth type, you must sign each HTTP request using
Amazon Signature Version 4
(SigV4). Tools such as awscurl
If you don't use a tool to sign HTTP requests to your function URL, you must manually sign each request using SigV4. When your function URL receives a request, Lambda also calculates the SigV4 signature. Lambda processes the request only if the signatures match. For instructions on how to manually sign your requests with SigV4, see Signing Amazon requests with Signature Version 4 in the Amazon Web Services General Reference Guide.
If your function URL uses the NONE
auth type, you don't have to sign your requests
using SigV4. You can invoke your function using a web browser, curl, Postman, or any HTTP client.
To test simple GET
requests to your function, use a web browser. For example, if your function
URL is https://abcdefg.lambda-url.us-east-1.on.aws
, and it takes in a string parameter
message
, your request URL could look like this:
https://abcdefg.lambda-url.us-east-1.on.aws/?message=HelloWorld
To test other HTTP requests, such as a POST
request, you can use a tool such as curl. For
example, if you want to include some JSON data in a POST
request to your function URL, you could use
the following curl command:
curl -v 'https://abcdefg.lambda-url.us-east-1.on.aws/?message=HelloWorld' \ -H 'content-type: application/json' \ -d '{ "example": "test" }'
Request and response payloads
When a client calls your function URL, Lambda maps the request to an event object before passing it to your function. Your function's response is then mapped to an HTTP response that Lambda sends back to the client through the function URL.
The request and response event formats follow the same schema as the Amazon API Gateway payload format version 2.0.
Request payload format
A request payload has the following structure:
{ "version": "2.0", "routeKey": "$default", "rawPath": "/my/path", "rawQueryString": "parameter1=value1¶meter1=value2¶meter2=value", "cookies": [ "cookie1", "cookie2" ], "headers": { "header1": "value1", "header2": "value1,value2" }, "queryStringParameters": { "parameter1": "value1,value2", "parameter2": "value" }, "requestContext": { "accountId": "123456789012", "apiId": "<urlid>", "authentication": null, "authorizer": { "iam": { "accessKey": "AKIA...", "accountId": "111122223333", "callerId": "AIDA...", "cognitoIdentity": null, "principalOrgId": null, "userArn": "arn:aws:iam::111122223333:user/example-user", "userId": "AIDA..." } }, "domainName": "<url-id>.lambda-url.us-west-2.on.aws", "domainPrefix": "<url-id>", "http": { "method": "POST", "path": "/my/path", "protocol": "HTTP/1.1", "sourceIp": "123.123.123.123", "userAgent": "agent" }, "requestId": "id", "routeKey": "$default", "stage": "$default", "time": "12/Mar/2020:19:03:58 +0000", "timeEpoch": 1583348638390 }, "body": "Hello from client!", "pathParameters": null, "isBase64Encoded": false, "stageVariables": null }
Parameter | Description | Example |
---|---|---|
|
The payload format version for this event. Lambda function URLs currently support payload format version 2.0. |
|
|
Function URLs don't use this parameter. Lambda sets this to |
|
|
The request path. For example, if the request URL is
|
|
|
The raw string containing the request's query string parameters. Supported characters include |
|
|
An array containing all cookies sent as part of the request. |
|
|
The list of request headers, presented as key-value pairs. |
|
|
The query parameters for the request. For example, if the request URL is
|
|
|
An object that contains additional information about the request, such as the
|
|
|
The Amazon Web Services account ID of the function owner. |
|
|
The ID of the function URL. |
|
|
Function URLs don't use this parameter. Lambda sets this to |
|
|
An object that contains information about the caller identity, if the function URL uses the
|
|
|
The access key of the caller identity. |
|
|
The Amazon Web Services account ID of the caller identity. |
|
|
The ID (user ID) of the caller. |
|
|
Function URLs don't use this parameter. Lambda sets this to |
|
|
The principal org ID associated with the caller identity. |
|
|
The user Amazon Resource Name (ARN) of the caller identity. |
|
|
The user ID of the caller identity. |
|
|
The domain name of the function URL. |
|
|
The domain prefix of the function URL. |
|
|
An object that contains details about the HTTP request. |
|
|
The HTTP method used in this request. Valid values include |
|
|
The request path. For example, if the request URL is
|
|
|
The protocol of the request. |
|
|
The source IP address of the immediate TCP connection making the request. |
|
|
The User-Agent request header value. |
|
|
The ID of the invocation request. You can use this ID to trace invocation logs related to your function. |
|
|
Function URLs don't use this parameter. Lambda sets this to |
|
|
Function URLs don't use this parameter. Lambda sets this to |
|
|
The timestamp of the request. |
|
|
The timestamp of the request, in Unix epoch time. |
|
|
The body of the request. If the content type of the request is binary, the body is base64-encoded. |
|
|
Function URLs don't use this parameter. Lambda sets this to |
|
|
|
|
|
Function URLs don't use this parameter. Lambda sets this to |
|
Response payload format
When your function returns a response, Lambda parses the response and converts it into an HTTP response. Function response payloads have the following format:
{ "statusCode": 201, "headers": { "Content-Type": "application/json", "My-Custom-Header": "Custom Value" }, "body": "{ \"message\": \"Hello, world!\" }", "cookies": [ "Cookie_1=Value1; Expires=21 Oct 2021 07:48 GMT", "Cookie_2=Value2; Max-Age=78000" ], "isBase64Encoded": false }
Lambda infers the response format for you. If your function returns valid JSON and doesn't return a
statusCode
, Lambda assumes the following:
-
statusCode
is200
. -
content-type
isapplication/json
. -
body
is the function response. -
isBase64Encoded
isfalse
.
The following examples show how the output of your Lambda function maps to the response payload, and how the response payload maps to the final HTTP response. When the client invokes your function URL, they see the HTTP response.
Example output for a string response
Lambda function output | Interpreted response output | HTTP response (what the client sees) |
---|---|---|
|
|
|
Example output for a JSON response
Lambda function output | Interpreted response output | HTTP response (what the client sees) |
---|---|---|
|
|
|
Example output for a custom response
Lambda function output | Interpreted response output | HTTP response (what the client sees) |
---|---|---|
|
|
|
Cookies
To return cookies from your function, don't manually add set-cookie
headers. Instead, include
the cookies in your response payload object. Lambda automatically interprets this and adds them as
set-cookie
headers in your HTTP response, as in the following example.
Lambda function output | HTTP response (what the client sees) |
---|---|
|
|