The aws:lambda/functionEventInvokeConfig:FunctionEventInvokeConfig resource, part of the Pulumi AWS provider, configures error handling and destination routing for asynchronous Lambda function invocations. This guide focuses on three capabilities: destination routing to SQS, SNS, S3, and EventBridge; retry attempts and event age limits; and alias and version-specific configuration.
This resource applies only to asynchronous invocations (events queued by Lambda, not direct API calls). Configurations reference existing Lambda functions and destination resources, and require IAM permissions for the Lambda execution role to access those destinations. The examples are intentionally small. Combine them with your own Lambda functions, IAM policies, and destination infrastructure.
Route failures to SQS and successes to SNS
Production functions often need separate handling for successful and failed asynchronous invocations, routing failures to dead letter queues for investigation and successes to notification systems.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// SQS queue for failed invocations
const dlq = new aws.sqs.Queue("dlq", {
name: "lambda-dlq",
tags: {
Environment: "production",
Purpose: "lambda-error-handling",
},
});
// SNS topic for successful invocations
const success = new aws.sns.Topic("success", {
name: "lambda-success-notifications",
tags: {
Environment: "production",
Purpose: "lambda-success-notifications",
},
});
// Complete event invoke configuration
const example = new aws.lambda.FunctionEventInvokeConfig("example", {
functionName: exampleAwsLambdaFunction.functionName,
maximumEventAgeInSeconds: 300,
maximumRetryAttempts: 1,
destinationConfig: {
onFailure: {
destination: dlq.arn,
},
onSuccess: {
destination: success.arn,
},
},
});
import pulumi
import pulumi_aws as aws
# SQS queue for failed invocations
dlq = aws.sqs.Queue("dlq",
name="lambda-dlq",
tags={
"Environment": "production",
"Purpose": "lambda-error-handling",
})
# SNS topic for successful invocations
success = aws.sns.Topic("success",
name="lambda-success-notifications",
tags={
"Environment": "production",
"Purpose": "lambda-success-notifications",
})
# Complete event invoke configuration
example = aws.lambda_.FunctionEventInvokeConfig("example",
function_name=example_aws_lambda_function["functionName"],
maximum_event_age_in_seconds=300,
maximum_retry_attempts=1,
destination_config={
"on_failure": {
"destination": dlq.arn,
},
"on_success": {
"destination": success.arn,
},
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/sns"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/sqs"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// SQS queue for failed invocations
dlq, err := sqs.NewQueue(ctx, "dlq", &sqs.QueueArgs{
Name: pulumi.String("lambda-dlq"),
Tags: pulumi.StringMap{
"Environment": pulumi.String("production"),
"Purpose": pulumi.String("lambda-error-handling"),
},
})
if err != nil {
return err
}
// SNS topic for successful invocations
success, err := sns.NewTopic(ctx, "success", &sns.TopicArgs{
Name: pulumi.String("lambda-success-notifications"),
Tags: pulumi.StringMap{
"Environment": pulumi.String("production"),
"Purpose": pulumi.String("lambda-success-notifications"),
},
})
if err != nil {
return err
}
// Complete event invoke configuration
_, err = lambda.NewFunctionEventInvokeConfig(ctx, "example", &lambda.FunctionEventInvokeConfigArgs{
FunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),
MaximumEventAgeInSeconds: pulumi.Int(300),
MaximumRetryAttempts: pulumi.Int(1),
DestinationConfig: &lambda.FunctionEventInvokeConfigDestinationConfigArgs{
OnFailure: &lambda.FunctionEventInvokeConfigDestinationConfigOnFailureArgs{
Destination: dlq.Arn,
},
OnSuccess: &lambda.FunctionEventInvokeConfigDestinationConfigOnSuccessArgs{
Destination: success.Arn,
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
// SQS queue for failed invocations
var dlq = new Aws.Sqs.Queue("dlq", new()
{
Name = "lambda-dlq",
Tags =
{
{ "Environment", "production" },
{ "Purpose", "lambda-error-handling" },
},
});
// SNS topic for successful invocations
var success = new Aws.Sns.Topic("success", new()
{
Name = "lambda-success-notifications",
Tags =
{
{ "Environment", "production" },
{ "Purpose", "lambda-success-notifications" },
},
});
// Complete event invoke configuration
var example = new Aws.Lambda.FunctionEventInvokeConfig("example", new()
{
FunctionName = exampleAwsLambdaFunction.FunctionName,
MaximumEventAgeInSeconds = 300,
MaximumRetryAttempts = 1,
DestinationConfig = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigArgs
{
OnFailure = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigOnFailureArgs
{
Destination = dlq.Arn,
},
OnSuccess = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigOnSuccessArgs
{
Destination = success.Arn,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.sqs.Queue;
import com.pulumi.aws.sqs.QueueArgs;
import com.pulumi.aws.sns.Topic;
import com.pulumi.aws.sns.TopicArgs;
import com.pulumi.aws.lambda.FunctionEventInvokeConfig;
import com.pulumi.aws.lambda.FunctionEventInvokeConfigArgs;
import com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigArgs;
import com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigOnFailureArgs;
import com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigOnSuccessArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// SQS queue for failed invocations
var dlq = new Queue("dlq", QueueArgs.builder()
.name("lambda-dlq")
.tags(Map.ofEntries(
Map.entry("Environment", "production"),
Map.entry("Purpose", "lambda-error-handling")
))
.build());
// SNS topic for successful invocations
var success = new Topic("success", TopicArgs.builder()
.name("lambda-success-notifications")
.tags(Map.ofEntries(
Map.entry("Environment", "production"),
Map.entry("Purpose", "lambda-success-notifications")
))
.build());
// Complete event invoke configuration
var example = new FunctionEventInvokeConfig("example", FunctionEventInvokeConfigArgs.builder()
.functionName(exampleAwsLambdaFunction.functionName())
.maximumEventAgeInSeconds(300)
.maximumRetryAttempts(1)
.destinationConfig(FunctionEventInvokeConfigDestinationConfigArgs.builder()
.onFailure(FunctionEventInvokeConfigDestinationConfigOnFailureArgs.builder()
.destination(dlq.arn())
.build())
.onSuccess(FunctionEventInvokeConfigDestinationConfigOnSuccessArgs.builder()
.destination(success.arn())
.build())
.build())
.build());
}
}
resources:
# SQS queue for failed invocations
dlq:
type: aws:sqs:Queue
properties:
name: lambda-dlq
tags:
Environment: production
Purpose: lambda-error-handling
# SNS topic for successful invocations
success:
type: aws:sns:Topic
properties:
name: lambda-success-notifications
tags:
Environment: production
Purpose: lambda-success-notifications
# Complete event invoke configuration
example:
type: aws:lambda:FunctionEventInvokeConfig
properties:
functionName: ${exampleAwsLambdaFunction.functionName}
maximumEventAgeInSeconds: 300 # 5 minutes
maximumRetryAttempts: 1 # Retry once on failure
destinationConfig:
onFailure:
destination: ${dlq.arn}
onSuccess:
destination: ${success.arn}
When Lambda exhausts retries or the event ages out, it routes the event to the onFailure destination. Successful invocations go to onSuccess. The maximumRetryAttempts property controls how many times Lambda retries on error (0-2, defaults to 2). The maximumEventAgeInSeconds property sets how long Lambda keeps events in the queue (60-21600 seconds). Your Lambda execution role needs sqs:SendMessage and sns:Publish permissions for this to work.
Configure retry behavior without destinations
Some functions need custom retry logic without routing events to external destinations, common when the function handles errors internally or logs to CloudWatch.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.lambda.FunctionEventInvokeConfig("example", {
functionName: exampleAwsLambdaFunction.functionName,
maximumEventAgeInSeconds: 60,
maximumRetryAttempts: 0,
});
import pulumi
import pulumi_aws as aws
example = aws.lambda_.FunctionEventInvokeConfig("example",
function_name=example_aws_lambda_function["functionName"],
maximum_event_age_in_seconds=60,
maximum_retry_attempts=0)
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := lambda.NewFunctionEventInvokeConfig(ctx, "example", &lambda.FunctionEventInvokeConfigArgs{
FunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),
MaximumEventAgeInSeconds: pulumi.Int(60),
MaximumRetryAttempts: pulumi.Int(0),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Lambda.FunctionEventInvokeConfig("example", new()
{
FunctionName = exampleAwsLambdaFunction.FunctionName,
MaximumEventAgeInSeconds = 60,
MaximumRetryAttempts = 0,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lambda.FunctionEventInvokeConfig;
import com.pulumi.aws.lambda.FunctionEventInvokeConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new FunctionEventInvokeConfig("example", FunctionEventInvokeConfigArgs.builder()
.functionName(exampleAwsLambdaFunction.functionName())
.maximumEventAgeInSeconds(60)
.maximumRetryAttempts(0)
.build());
}
}
resources:
example:
type: aws:lambda:FunctionEventInvokeConfig
properties:
functionName: ${exampleAwsLambdaFunction.functionName}
maximumEventAgeInSeconds: 60 # 1 minute - fail fast
maximumRetryAttempts: 0 # No retries
Setting maximumRetryAttempts to 0 disables retries entirely. Setting maximumEventAgeInSeconds to 60 discards events after one minute. Without destinationConfig, Lambda doesn’t route events anywhere; they’re simply dropped after exhausting retries or aging out.
Apply configuration to a Lambda alias
Teams using aliases for traffic management need separate invoke configurations per alias. Production aliases often have stricter retry policies than development aliases.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.lambda.Alias("example", {
name: "production",
description: "Production alias",
functionName: exampleAwsLambdaFunction.functionName,
functionVersion: exampleAwsLambdaFunction.version,
});
const exampleFunctionEventInvokeConfig = new aws.lambda.FunctionEventInvokeConfig("example", {
functionName: exampleAwsLambdaFunction.functionName,
qualifier: example.name,
maximumEventAgeInSeconds: 1800,
maximumRetryAttempts: 2,
destinationConfig: {
onFailure: {
destination: productionDlq.arn,
},
},
});
import pulumi
import pulumi_aws as aws
example = aws.lambda_.Alias("example",
name="production",
description="Production alias",
function_name=example_aws_lambda_function["functionName"],
function_version=example_aws_lambda_function["version"])
example_function_event_invoke_config = aws.lambda_.FunctionEventInvokeConfig("example",
function_name=example_aws_lambda_function["functionName"],
qualifier=example.name,
maximum_event_age_in_seconds=1800,
maximum_retry_attempts=2,
destination_config={
"on_failure": {
"destination": production_dlq["arn"],
},
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := lambda.NewAlias(ctx, "example", &lambda.AliasArgs{
Name: pulumi.String("production"),
Description: pulumi.String("Production alias"),
FunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),
FunctionVersion: pulumi.Any(exampleAwsLambdaFunction.Version),
})
if err != nil {
return err
}
_, err = lambda.NewFunctionEventInvokeConfig(ctx, "example", &lambda.FunctionEventInvokeConfigArgs{
FunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),
Qualifier: example.Name,
MaximumEventAgeInSeconds: pulumi.Int(1800),
MaximumRetryAttempts: pulumi.Int(2),
DestinationConfig: &lambda.FunctionEventInvokeConfigDestinationConfigArgs{
OnFailure: &lambda.FunctionEventInvokeConfigDestinationConfigOnFailureArgs{
Destination: pulumi.Any(productionDlq.Arn),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Lambda.Alias("example", new()
{
Name = "production",
Description = "Production alias",
FunctionName = exampleAwsLambdaFunction.FunctionName,
FunctionVersion = exampleAwsLambdaFunction.Version,
});
var exampleFunctionEventInvokeConfig = new Aws.Lambda.FunctionEventInvokeConfig("example", new()
{
FunctionName = exampleAwsLambdaFunction.FunctionName,
Qualifier = example.Name,
MaximumEventAgeInSeconds = 1800,
MaximumRetryAttempts = 2,
DestinationConfig = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigArgs
{
OnFailure = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigOnFailureArgs
{
Destination = productionDlq.Arn,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.lambda.Alias;
import com.pulumi.aws.lambda.AliasArgs;
import com.pulumi.aws.lambda.FunctionEventInvokeConfig;
import com.pulumi.aws.lambda.FunctionEventInvokeConfigArgs;
import com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigArgs;
import com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigOnFailureArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Alias("example", AliasArgs.builder()
.name("production")
.description("Production alias")
.functionName(exampleAwsLambdaFunction.functionName())
.functionVersion(exampleAwsLambdaFunction.version())
.build());
var exampleFunctionEventInvokeConfig = new FunctionEventInvokeConfig("exampleFunctionEventInvokeConfig", FunctionEventInvokeConfigArgs.builder()
.functionName(exampleAwsLambdaFunction.functionName())
.qualifier(example.name())
.maximumEventAgeInSeconds(1800)
.maximumRetryAttempts(2)
.destinationConfig(FunctionEventInvokeConfigDestinationConfigArgs.builder()
.onFailure(FunctionEventInvokeConfigDestinationConfigOnFailureArgs.builder()
.destination(productionDlq.arn())
.build())
.build())
.build());
}
}
resources:
example:
type: aws:lambda:Alias
properties:
name: production
description: Production alias
functionName: ${exampleAwsLambdaFunction.functionName}
functionVersion: ${exampleAwsLambdaFunction.version}
exampleFunctionEventInvokeConfig:
type: aws:lambda:FunctionEventInvokeConfig
name: example
properties:
functionName: ${exampleAwsLambdaFunction.functionName}
qualifier: ${example.name}
maximumEventAgeInSeconds: 1800 # 30 minutes for production
maximumRetryAttempts: 2 # Default retry behavior
destinationConfig:
onFailure:
destination: ${productionDlq.arn}
The qualifier property targets a specific alias by name. Each alias can have its own invoke configuration. Here, the production alias retries twice and keeps events for 30 minutes before routing failures to a production-specific DLQ.
Send events to S3 and EventBridge
Beyond SQS and SNS, Lambda supports routing to S3 buckets for archival and EventBridge buses for event-driven workflows.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// S3 bucket for archiving successful events
const lambdaSuccessArchive = new aws.s3.Bucket("lambda_success_archive", {bucket: `lambda-success-archive-${bucketSuffix.hex}`});
// EventBridge custom bus for failed events
const lambdaFailures = new aws.cloudwatch.EventBus("lambda_failures", {name: "lambda-failure-events"});
const example = new aws.lambda.FunctionEventInvokeConfig("example", {
functionName: exampleAwsLambdaFunction.functionName,
destinationConfig: {
onFailure: {
destination: lambdaFailures.arn,
},
onSuccess: {
destination: lambdaSuccessArchive.arn,
},
},
});
import pulumi
import pulumi_aws as aws
# S3 bucket for archiving successful events
lambda_success_archive = aws.s3.Bucket("lambda_success_archive", bucket=f"lambda-success-archive-{bucket_suffix['hex']}")
# EventBridge custom bus for failed events
lambda_failures = aws.cloudwatch.EventBus("lambda_failures", name="lambda-failure-events")
example = aws.lambda_.FunctionEventInvokeConfig("example",
function_name=example_aws_lambda_function["functionName"],
destination_config={
"on_failure": {
"destination": lambda_failures.arn,
},
"on_success": {
"destination": lambda_success_archive.arn,
},
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cloudwatch"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lambda"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// S3 bucket for archiving successful events
lambdaSuccessArchive, err := s3.NewBucket(ctx, "lambda_success_archive", &s3.BucketArgs{
Bucket: pulumi.Sprintf("lambda-success-archive-%v", bucketSuffix.Hex),
})
if err != nil {
return err
}
// EventBridge custom bus for failed events
lambdaFailures, err := cloudwatch.NewEventBus(ctx, "lambda_failures", &cloudwatch.EventBusArgs{
Name: pulumi.String("lambda-failure-events"),
})
if err != nil {
return err
}
_, err = lambda.NewFunctionEventInvokeConfig(ctx, "example", &lambda.FunctionEventInvokeConfigArgs{
FunctionName: pulumi.Any(exampleAwsLambdaFunction.FunctionName),
DestinationConfig: &lambda.FunctionEventInvokeConfigDestinationConfigArgs{
OnFailure: &lambda.FunctionEventInvokeConfigDestinationConfigOnFailureArgs{
Destination: lambdaFailures.Arn,
},
OnSuccess: &lambda.FunctionEventInvokeConfigDestinationConfigOnSuccessArgs{
Destination: lambdaSuccessArchive.Arn,
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
// S3 bucket for archiving successful events
var lambdaSuccessArchive = new Aws.S3.Bucket("lambda_success_archive", new()
{
BucketName = $"lambda-success-archive-{bucketSuffix.Hex}",
});
// EventBridge custom bus for failed events
var lambdaFailures = new Aws.CloudWatch.EventBus("lambda_failures", new()
{
Name = "lambda-failure-events",
});
var example = new Aws.Lambda.FunctionEventInvokeConfig("example", new()
{
FunctionName = exampleAwsLambdaFunction.FunctionName,
DestinationConfig = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigArgs
{
OnFailure = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigOnFailureArgs
{
Destination = lambdaFailures.Arn,
},
OnSuccess = new Aws.Lambda.Inputs.FunctionEventInvokeConfigDestinationConfigOnSuccessArgs
{
Destination = lambdaSuccessArchive.Arn,
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.Bucket;
import com.pulumi.aws.s3.BucketArgs;
import com.pulumi.aws.cloudwatch.EventBus;
import com.pulumi.aws.cloudwatch.EventBusArgs;
import com.pulumi.aws.lambda.FunctionEventInvokeConfig;
import com.pulumi.aws.lambda.FunctionEventInvokeConfigArgs;
import com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigArgs;
import com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigOnFailureArgs;
import com.pulumi.aws.lambda.inputs.FunctionEventInvokeConfigDestinationConfigOnSuccessArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// S3 bucket for archiving successful events
var lambdaSuccessArchive = new Bucket("lambdaSuccessArchive", BucketArgs.builder()
.bucket(String.format("lambda-success-archive-%s", bucketSuffix.hex()))
.build());
// EventBridge custom bus for failed events
var lambdaFailures = new EventBus("lambdaFailures", EventBusArgs.builder()
.name("lambda-failure-events")
.build());
var example = new FunctionEventInvokeConfig("example", FunctionEventInvokeConfigArgs.builder()
.functionName(exampleAwsLambdaFunction.functionName())
.destinationConfig(FunctionEventInvokeConfigDestinationConfigArgs.builder()
.onFailure(FunctionEventInvokeConfigDestinationConfigOnFailureArgs.builder()
.destination(lambdaFailures.arn())
.build())
.onSuccess(FunctionEventInvokeConfigDestinationConfigOnSuccessArgs.builder()
.destination(lambdaSuccessArchive.arn())
.build())
.build())
.build());
}
}
resources:
# S3 bucket for archiving successful events
lambdaSuccessArchive:
type: aws:s3:Bucket
name: lambda_success_archive
properties:
bucket: lambda-success-archive-${bucketSuffix.hex}
# EventBridge custom bus for failed events
lambdaFailures:
type: aws:cloudwatch:EventBus
name: lambda_failures
properties:
name: lambda-failure-events
example:
type: aws:lambda:FunctionEventInvokeConfig
properties:
functionName: ${exampleAwsLambdaFunction.functionName}
destinationConfig:
onFailure:
destination: ${lambdaFailures.arn}
onSuccess:
destination: ${lambdaSuccessArchive.arn}
Lambda can route to four destination types: SQS, SNS, S3, and EventBridge. S3 destinations archive event payloads as objects. EventBridge destinations publish events to custom buses for downstream processing. Your Lambda execution role needs s3:PutObject and events:PutEvents permissions.
Beyond these examples
These snippets focus on specific invoke configuration features: destination routing (SQS, SNS, S3, EventBridge), retry and age limits, and alias and version targeting. They’re intentionally minimal rather than full error handling solutions.
The examples reference pre-existing infrastructure such as Lambda functions with execution roles, destination resources (SQS queues, SNS topics, S3 buckets, EventBridge buses), and IAM permissions for destination access. They focus on configuring invoke behavior rather than provisioning the Lambda function or destinations.
To keep things focused, common invoke configuration patterns are omitted, including:
- IAM policy configuration for destination permissions
- CloudWatch Logs integration (automatic, not configured here)
- Synchronous invocation error handling (not applicable)
- Cross-account destination routing
These omissions are intentional: the goal is to illustrate how each invoke configuration feature is wired, not provide drop-in error handling modules. See the Lambda FunctionEventInvokeConfig resource reference for all available configuration options.
Let's configure AWS Lambda Function Event Invoke Settings
Get started with Pulumi Cloud, then follow our quick setup guide to deploy this infrastructure.
Try Pulumi Cloud for FREEFrequently Asked Questions
Destinations & IAM Permissions
Why am I getting InvalidParameterValueException when setting a destination?
This generic error occurs when the Lambda function’s IAM role lacks necessary permissions for the destination service. Ensure the role has permissions like
sqs:SendMessage for SQS queues or sns:Publish for SNS topics.What destination types can I use for Lambda event invoke config?
You can use SQS queues, SNS topics, S3 buckets, and EventBridge event buses as destinations for both successful and failed invocations.
What's the difference between onFailure and onSuccess destinations?
onFailure destinations receive events when the function returns an error after all retries are exhausted. onSuccess destinations receive events when the function completes successfully.Retry & Timeout Configuration
What are the retry attempt limits for Lambda functions?
You can configure
maximumRetryAttempts between 0 and 2, with a default of 2 retries.What are the valid values for maximum event age?
The
maximumEventAgeInSeconds property accepts values between 60 seconds (1 minute) and 21,600 seconds (6 hours).Can I configure retry behavior without setting up destinations?
Yes, you can configure
maximumEventAgeInSeconds and maximumRetryAttempts without including a destinationConfig block.Versioning & Configuration
What properties are immutable after creation?
Both
functionName and qualifier are immutable. You cannot change which function or version/alias the configuration applies to without recreating the resource.How do I configure event invoke config for a specific Lambda version or alias?
Use the
qualifier property with a published version number, an alias name, or $LATEST to target the latest unpublished version.Using a different cloud?
Explore serverless guides for other cloud providers: