NodejsFunctionProps
- class aws_cdk.aws_lambda_nodejs.NodejsFunctionProps(*, max_event_age=None, on_failure=None, on_success=None, retry_attempts=None, allow_all_outbound=None, allow_public_subnet=None, architecture=None, architectures=None, code_signing_config=None, current_version_options=None, dead_letter_queue=None, dead_letter_queue_enabled=None, dead_letter_topic=None, description=None, environment=None, environment_encryption=None, ephemeral_storage_size=None, events=None, filesystem=None, function_name=None, initial_policy=None, insights_version=None, layers=None, log_retention=None, log_retention_retry_options=None, log_retention_role=None, memory_size=None, profiling=None, profiling_group=None, reserved_concurrent_executions=None, role=None, security_group=None, security_groups=None, timeout=None, tracing=None, vpc=None, vpc_subnets=None, aws_sdk_connection_reuse=None, bundling=None, deps_lock_file_path=None, entry=None, handler=None, project_root=None, runtime=None)
Bases:
FunctionOptions
Properties for a NodejsFunction.
- Parameters:
max_event_age (
Optional
[Duration
]) – The maximum age of a request that Lambda sends to a function for processing. Minimum: 60 seconds Maximum: 6 hours Default: Duration.hours(6)on_failure (
Optional
[IDestination
]) – The destination for failed invocations. Default: - no destinationon_success (
Optional
[IDestination
]) – The destination for successful invocations. Default: - no destinationretry_attempts (
Union
[int
,float
,None
]) – The maximum number of times to retry when the function returns an error. Minimum: 0 Maximum: 2 Default: 2allow_all_outbound (
Optional
[bool
]) – Whether to allow the Lambda to send all network traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets. Default: trueallow_public_subnet (
Optional
[bool
]) – Lambda Functions in a public subnet can NOT access the internet. Use this property to acknowledge this limitation and still place the function in a public subnet. Default: falsearchitecture (
Optional
[Architecture
]) – The system architectures compatible with this lambda function. Default: Architecture.X86_64architectures (
Optional
[Sequence
[Architecture
]]) – (deprecated) DEPRECATED. Default: [Architecture.X86_64]code_signing_config (
Optional
[ICodeSigningConfig
]) – Code signing config associated with this function. Default: - Not Sign the Codecurrent_version_options (
Union
[VersionOptions
,Dict
[str
,Any
],None
]) – Options for thelambda.Version
resource automatically created by thefn.currentVersion
method. Default: - default options as described inVersionOptions
dead_letter_queue (
Optional
[IQueue
]) – The SQS queue to use if DLQ is enabled. If SNS topic is desired, specifydeadLetterTopic
property instead. Default: - SQS queue with 14 day retention period ifdeadLetterQueueEnabled
istrue
dead_letter_queue_enabled (
Optional
[bool
]) – Enabled DLQ. IfdeadLetterQueue
is undefined, an SQS queue with default options will be defined for your Function. Default: - false unlessdeadLetterQueue
is set, which implies DLQ is enabled.dead_letter_topic (
Optional
[ITopic
]) – The SNS topic to use as a DLQ. Note that ifdeadLetterQueueEnabled
is set totrue
, an SQS queue will be created rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly. Default: - no SNS topicdescription (
Optional
[str
]) – A description of the function. Default: - No description.environment (
Optional
[Mapping
[str
,str
]]) – Key-value pairs that Lambda caches and makes available for your Lambda functions. Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code. Default: - No environment variables.environment_encryption (
Optional
[IKey
]) – The AWS KMS key that’s used to encrypt your function’s environment variables. Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).ephemeral_storage_size (
Optional
[Size
]) – The size of the function’s /tmp directory in MiB. Default: 512 MiBevents (
Optional
[Sequence
[IEventSource
]]) – Event sources for this function. You can also add event sources usingaddEventSource
. Default: - No event sources.filesystem (
Optional
[FileSystem
]) – The filesystem configuration for the lambda function. Default: - will not mount any filesystemfunction_name (
Optional
[str
]) – A name for the function. Default: - AWS CloudFormation generates a unique physical ID and uses that ID for the function’s name. For more information, see Name Type.initial_policy (
Optional
[Sequence
[PolicyStatement
]]) – Initial policy statements to add to the created Lambda Role. You can calladdToRolePolicy
to the created lambda to add statements post creation. Default: - No policy statements are added to the created Lambda role.insights_version (
Optional
[LambdaInsightsVersion
]) – Specify the version of CloudWatch Lambda insights to use for monitoring. Default: - No Lambda Insightslayers (
Optional
[Sequence
[ILayerVersion
]]) – A list of layers to add to the function’s execution environment. You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions. Default: - No layers.log_retention (
Optional
[RetentionDays
]) – The number of days log events are kept in CloudWatch Logs. When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value toINFINITE
. Default: logs.RetentionDays.INFINITElog_retention_retry_options (
Union
[LogRetentionRetryOptions
,Dict
[str
,Any
],None
]) – When log retention is specified, a custom resource attempts to create the CloudWatch log group. These options control the retry policy when interacting with CloudWatch APIs. Default: - Default AWS SDK retry options.log_retention_role (
Optional
[IRole
]) – The IAM role for the Lambda function associated with the custom resource that sets the retention policy. Default: - A new role is created.memory_size (
Union
[int
,float
,None
]) – The amount of memory, in MB, that is allocated to your Lambda function. Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide. Default: 128profiling (
Optional
[bool
]) – Enable profiling. Default: - No profiling.profiling_group (
Optional
[IProfilingGroup
]) – Profiling Group. Default: - A new profiling group will be created ifprofiling
is set.reserved_concurrent_executions (
Union
[int
,float
,None
]) – The maximum of concurrent executions you want to reserve for the function. Default: - No specific limit - account limit.role (
Optional
[IRole
]) – Lambda execution role. This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the ‘lambda.amazonaws.com’ service principal. The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself. The relevant managed policies are “service-role/AWSLambdaBasicExecutionRole” and “service-role/AWSLambdaVPCAccessExecutionRole”. Default: - A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by callingaddToRolePolicy
.security_group (
Optional
[ISecurityGroup
]) – (deprecated) What security group to associate with the Lambda’s network interfaces. This property is being deprecated, consider using securityGroups instead. Only used if ‘vpc’ is supplied. Use securityGroups property instead. Function constructor will throw an error if both are specified. Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroups prop, a dedicated security group will be created for this function.security_groups (
Optional
[Sequence
[ISecurityGroup
]]) – The list of security groups to associate with the Lambda’s network interfaces. Only used if ‘vpc’ is supplied. Default: - If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.timeout (
Optional
[Duration
]) – The function execution time (in seconds) after which Lambda terminates the function. Because the execution time affects cost, set this value based on the function’s expected execution time. Default: Duration.seconds(3)tracing (
Optional
[Tracing
]) – Enable AWS X-Ray Tracing for Lambda Function. Default: Tracing.Disabledvpc (
Optional
[IVpc
]) – VPC network to place Lambda network interfaces. Specify this if the Lambda function needs to access resources in a VPC. Default: - Function is not placed within a VPC.vpc_subnets (
Union
[SubnetSelection
,Dict
[str
,Any
],None
]) – Where to place the network interfaces within the VPC. Only used if ‘vpc’ is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed. Default: - the Vpc default strategy if not specifiedaws_sdk_connection_reuse (
Optional
[bool
]) – Whether to automatically reuse TCP connections when working with the AWS SDK for JavaScript. This sets theAWS_NODEJS_CONNECTION_REUSE_ENABLED
environment variable to1
. Default: truebundling (
Union
[BundlingOptions
,Dict
[str
,Any
],None
]) – Bundling options. Default: - use default bundling options: no minify, no sourcemap, all modules are bundled.deps_lock_file_path (
Optional
[str
]) – The path to the dependencies lock file (yarn.lock
orpackage-lock.json
). This will be used as the source for the volume mounted in the Docker container. Modules specified innodeModules
will be installed using the right installer (npm
oryarn
) along with this lock file. Default: - the path is found by walking up parent directories searching for ayarn.lock
orpackage-lock.json
fileentry (
Optional
[str
]) – Path to the entry file (JavaScript or TypeScript). Default: - Derived from the name of the defining file and the construct’s id. If theNodejsFunction
is defined instack.ts
withmy-handler
as id (new NodejsFunction(this, 'my-handler')
), the construct will look atstack.my-handler.ts
andstack.my-handler.js
.handler (
Optional
[str
]) – The name of the exported handler in the entry file. Default: handlerproject_root (
Optional
[str
]) – The path to the directory containing project config files (package.json
ortsconfig.json
). Default: - the directory containing thedepsLockFilePath
runtime (
Optional
[Runtime
]) – The runtime environment. Only runtimes of the Node.js family are supported. Default: Runtime.NODEJS_14_X
- ExampleMetadata:
infused
Example:
lambda_.NodejsFunction(self, "my-handler", bundling=lambda.BundlingOptions( minify=True, # minify code, defaults to false source_map=True, # include source map, defaults to false source_map_mode=lambda_.SourceMapMode.INLINE, # defaults to SourceMapMode.DEFAULT sources_content=False, # do not include original source into source map, defaults to true target="es2020", # target environment for the generated JavaScript code loader={ # Use the 'dataurl' loader for '.png' files ".png": "dataurl"}, define={ # Replace strings during build time "process.env.API_KEY": JSON.stringify("xxx-xxxx-xxx"), "process.env.PRODUCTION": JSON.stringify(True), "process.env.NUMBER": JSON.stringify(123)}, log_level=lambda_.LogLevel.SILENT, # defaults to LogLevel.WARNING keep_names=True, # defaults to false tsconfig="custom-tsconfig.json", # use custom-tsconfig.json instead of default, metafile=True, # include meta file, defaults to false banner="/* comments */", # requires esbuild >= 0.9.0, defaults to none footer="/* comments */", # requires esbuild >= 0.9.0, defaults to none charset=lambda_.Charset.UTF8, # do not escape non-ASCII characters, defaults to Charset.ASCII format=lambda_.OutputFormat.ESM, # ECMAScript module output format, defaults to OutputFormat.CJS (OutputFormat.ESM requires Node.js 14.x) main_fields=["module", "main"], # prefer ECMAScript versions of dependencies inject=["./my-shim.js", "./other-shim.js"], # allows to automatically replace a global variable with an import from another file esbuild_args={ # Pass additional arguments to esbuild "--log-limit": "0", "--splitting": True} ) )
Attributes
- allow_all_outbound
Whether to allow the Lambda to send all network traffic.
If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets.
- Default:
true
- allow_public_subnet
Lambda Functions in a public subnet can NOT access the internet.
Use this property to acknowledge this limitation and still place the function in a public subnet.
- architecture
The system architectures compatible with this lambda function.
- Default:
Architecture.X86_64
- architectures
(deprecated) DEPRECATED.
- Default:
[Architecture.X86_64]
- Deprecated:
use
architecture
- Stability:
deprecated
- aws_sdk_connection_reuse
Whether to automatically reuse TCP connections when working with the AWS SDK for JavaScript.
This sets the
AWS_NODEJS_CONNECTION_REUSE_ENABLED
environment variable to1
.
- bundling
Bundling options.
- Default:
use default bundling options: no minify, no sourcemap, all
modules are bundled.
- code_signing_config
Code signing config associated with this function.
- Default:
Not Sign the Code
- current_version_options
Options for the
lambda.Version
resource automatically created by thefn.currentVersion
method.- Default:
default options as described in
VersionOptions
- dead_letter_queue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify
deadLetterTopic
property instead.- Default:
SQS queue with 14 day retention period if
deadLetterQueueEnabled
istrue
- dead_letter_queue_enabled
Enabled DLQ.
If
deadLetterQueue
is undefined, an SQS queue with default options will be defined for your Function.- Default:
false unless
deadLetterQueue
is set, which implies DLQ is enabled.
- dead_letter_topic
The SNS topic to use as a DLQ.
Note that if
deadLetterQueueEnabled
is set totrue
, an SQS queue will be created rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.- Default:
no SNS topic
- deps_lock_file_path
The path to the dependencies lock file (
yarn.lock
orpackage-lock.json
).This will be used as the source for the volume mounted in the Docker container.
Modules specified in
nodeModules
will be installed using the right installer (npm
oryarn
) along with this lock file.- Default:
the path is found by walking up parent directories searching for
a
yarn.lock
orpackage-lock.json
file
- description
A description of the function.
- Default:
No description.
- entry
Path to the entry file (JavaScript or TypeScript).
- Default:
Derived from the name of the defining file and the construct’s id.
If the
NodejsFunction
is defined instack.ts
withmy-handler
as id (new NodejsFunction(this, 'my-handler')
), the construct will look atstack.my-handler.ts
andstack.my-handler.js
.
- environment
Key-value pairs that Lambda caches and makes available for your Lambda functions.
Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code.
- Default:
No environment variables.
- environment_encryption
The AWS KMS key that’s used to encrypt your function’s environment variables.
- Default:
AWS Lambda creates and uses an AWS managed customer master key (CMK).
- ephemeral_storage_size
The size of the function’s /tmp directory in MiB.
- Default:
512 MiB
- events
Event sources for this function.
You can also add event sources using
addEventSource
.- Default:
No event sources.
- filesystem
The filesystem configuration for the lambda function.
- Default:
will not mount any filesystem
- function_name
A name for the function.
- Default:
AWS CloudFormation generates a unique physical ID and uses that
ID for the function’s name. For more information, see Name Type.
- handler
The name of the exported handler in the entry file.
- Default:
handler
- initial_policy
Initial policy statements to add to the created Lambda Role.
You can call
addToRolePolicy
to the created lambda to add statements post creation.- Default:
No policy statements are added to the created Lambda role.
- insights_version
Specify the version of CloudWatch Lambda insights to use for monitoring.
- Default:
No Lambda Insights
- See:
- layers
A list of layers to add to the function’s execution environment.
You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions.
- Default:
No layers.
- log_retention
The number of days log events are kept in CloudWatch Logs.
When updating this property, unsetting it doesn’t remove the log retention policy. To remove the retention policy, set the value to
INFINITE
.- Default:
logs.RetentionDays.INFINITE
- log_retention_retry_options
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
- Default:
Default AWS SDK retry options.
- log_retention_role
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
- Default:
A new role is created.
- max_event_age
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
- Default:
Duration.hours(6)
- memory_size
The amount of memory, in MB, that is allocated to your Lambda function.
Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide.
- Default:
128
- on_failure
The destination for failed invocations.
- Default:
no destination
- on_success
The destination for successful invocations.
- Default:
no destination
- profiling
Enable profiling.
- Default:
No profiling.
- See:
https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
- profiling_group
Profiling Group.
- Default:
A new profiling group will be created if
profiling
is set.
- See:
https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
- project_root
The path to the directory containing project config files (
package.json
ortsconfig.json
).- Default:
the directory containing the
depsLockFilePath
- reserved_concurrent_executions
The maximum of concurrent executions you want to reserve for the function.
- Default:
No specific limit - account limit.
- See:
https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html
- retry_attempts
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
- Default:
2
- role
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the ‘lambda.amazonaws.com’ service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are “service-role/AWSLambdaBasicExecutionRole” and “service-role/AWSLambdaVPCAccessExecutionRole”.
- Default:
A unique role will be generated for this lambda function.
Both supplied and generated roles can always be changed by calling
addToRolePolicy
.
- runtime
The runtime environment.
Only runtimes of the Node.js family are supported.
- Default:
Runtime.NODEJS_14_X
- security_group
(deprecated) What security group to associate with the Lambda’s network interfaces. This property is being deprecated, consider using securityGroups instead.
Only used if ‘vpc’ is supplied.
Use securityGroups property instead. Function constructor will throw an error if both are specified.
- Default:
If the function is placed within a VPC and a security group is
not specified, either by this or securityGroups prop, a dedicated security group will be created for this function.
- Deprecated:
This property is deprecated, use securityGroups instead
- Stability:
deprecated
- security_groups
The list of security groups to associate with the Lambda’s network interfaces.
Only used if ‘vpc’ is supplied.
- Default:
If the function is placed within a VPC and a security group is
not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
- timeout
The function execution time (in seconds) after which Lambda terminates the function.
Because the execution time affects cost, set this value based on the function’s expected execution time.
- Default:
Duration.seconds(3)
- tracing
Enable AWS X-Ray Tracing for Lambda Function.
- Default:
Tracing.Disabled
- vpc
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
- Default:
Function is not placed within a VPC.
- vpc_subnets
Where to place the network interfaces within the VPC.
Only used if ‘vpc’ is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed.
- Default:
the Vpc default strategy if not specified