ParamsAndSecretsLayerVersion

class aws_cdk.aws_lambda.ParamsAndSecretsLayerVersion(*args: Any, **kwargs)

Bases: object

Parameters and Secrets Extension layer version.

ExampleMetadata:

infused

Example:

import aws_cdk.aws_secretsmanager as sm
import aws_cdk.aws_ssm as ssm


secret = sm.Secret(self, "Secret")
parameter = ssm.StringParameter(self, "Parameter",
    parameter_name="mySsmParameterName",
    string_value="mySsmParameterValue"
)

params_and_secrets = lambda_.ParamsAndSecretsLayerVersion.from_version(lambda_.ParamsAndSecretsVersions.V1_0_103,
    cache_size=500,
    log_level=lambda_.ParamsAndSecretsLogLevel.DEBUG
)

lambda_function = lambda_.Function(self, "MyFunction",
    runtime=lambda_.Runtime.NODEJS_18_X,
    handler="index.handler",
    architecture=lambda_.Architecture.ARM_64,
    code=lambda_.Code.from_asset(path.join(__dirname, "lambda-handler")),
    params_and_secrets=params_and_secrets
)

secret.grant_read(lambda_function)
parameter.grant_read(lambda_function)

Static Methods

classmethod from_version(version, *, cache_enabled=None, cache_size=None, http_port=None, log_level=None, max_connections=None, parameter_store_timeout=None, parameter_store_ttl=None, secrets_manager_timeout=None, secrets_manager_ttl=None)

Use a specific version of the Parameters and Secrets Extension to generate a layer version.

Parameters:
  • version (ParamsAndSecretsVersions) –

  • cache_enabled (Optional[bool]) – Whether the Parameters and Secrets Extension will cache parameters and secrets. Default: true

  • cache_size (Union[int, float, None]) – The maximum number of secrets and parameters to cache. Must be a value from 0 to 1000. A value of 0 means there is no caching. Note: This variable is ignored if parameterStoreTtl and secretsManagerTtl are 0. Default: 1000

  • http_port (Union[int, float, None]) – The port for the local HTTP server. Valid port numbers are 1 - 65535. Default: 2773

  • log_level (Optional[ParamsAndSecretsLogLevel]) – The level of logging provided by the Parameters and Secrets Extension. Note: Set to debug to see the cache configuration. Default: - Logging level will be info

  • max_connections (Union[int, float, None]) – The maximum number of connection for HTTP clients that the Parameters and Secrets Extension uses to make requests to Parameter Store or Secrets Manager. There is no maximum limit. Minimum is 1. Note: Every running copy of this Lambda function may open the number of connections specified by this property. Thus, the total number of connections may exceed this number. Default: 3

  • parameter_store_timeout (Optional[Duration]) – The timeout for requests to Parameter Store. A value of 0 means that there is no timeout. Default: 0

  • parameter_store_ttl (Optional[Duration]) – The time-to-live of a parameter in the cache. A value of 0 means there is no caching. The maximum time-to-live is 300 seconds. Note: This variable is ignored if cacheSize is 0. Default: 300 seconds

  • secrets_manager_timeout (Optional[Duration]) – The timeout for requests to Secrets Manager. A value of 0 means that there is no timeout. Default: 0

  • secrets_manager_ttl (Optional[Duration]) – The time-to-live of a secret in the cache. A value of 0 means there is no caching. The maximum time-to-live is 300 seconds. Note: This variable is ignored if cacheSize is 0. Default: 300 seconds

Return type:

ParamsAndSecretsLayerVersion

classmethod from_version_arn(arn, *, cache_enabled=None, cache_size=None, http_port=None, log_level=None, max_connections=None, parameter_store_timeout=None, parameter_store_ttl=None, secrets_manager_timeout=None, secrets_manager_ttl=None)

Use the Parameters and Secrets Extension associated with the provided ARN.

Make sure the ARN is associated with the same region and architecture as your function.

Parameters:
  • arn (str) –

  • cache_enabled (Optional[bool]) – Whether the Parameters and Secrets Extension will cache parameters and secrets. Default: true

  • cache_size (Union[int, float, None]) – The maximum number of secrets and parameters to cache. Must be a value from 0 to 1000. A value of 0 means there is no caching. Note: This variable is ignored if parameterStoreTtl and secretsManagerTtl are 0. Default: 1000

  • http_port (Union[int, float, None]) – The port for the local HTTP server. Valid port numbers are 1 - 65535. Default: 2773

  • log_level (Optional[ParamsAndSecretsLogLevel]) – The level of logging provided by the Parameters and Secrets Extension. Note: Set to debug to see the cache configuration. Default: - Logging level will be info

  • max_connections (Union[int, float, None]) – The maximum number of connection for HTTP clients that the Parameters and Secrets Extension uses to make requests to Parameter Store or Secrets Manager. There is no maximum limit. Minimum is 1. Note: Every running copy of this Lambda function may open the number of connections specified by this property. Thus, the total number of connections may exceed this number. Default: 3

  • parameter_store_timeout (Optional[Duration]) – The timeout for requests to Parameter Store. A value of 0 means that there is no timeout. Default: 0

  • parameter_store_ttl (Optional[Duration]) – The time-to-live of a parameter in the cache. A value of 0 means there is no caching. The maximum time-to-live is 300 seconds. Note: This variable is ignored if cacheSize is 0. Default: 300 seconds

  • secrets_manager_timeout (Optional[Duration]) – The timeout for requests to Secrets Manager. A value of 0 means that there is no timeout. Default: 0

  • secrets_manager_ttl (Optional[Duration]) – The time-to-live of a secret in the cache. A value of 0 means there is no caching. The maximum time-to-live is 300 seconds. Note: This variable is ignored if cacheSize is 0. Default: 300 seconds

See:

https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets_lambda.html#retrieving-secrets_lambda_ARNs

Return type:

ParamsAndSecretsLayerVersion