1. Packages
  2. AWS
  3. API Docs
  4. lambda
  5. Function
AWS v6.63.0 published on Wednesday, Dec 4, 2024 by Pulumi

aws.lambda.Function

Explore with Pulumi AI

aws logo
AWS v6.63.0 published on Wednesday, Dec 4, 2024 by Pulumi

    Provides a Lambda Function resource. Lambda allows you to trigger execution of code in response to events in AWS, enabling serverless backend solutions. The Lambda Function itself includes source code and runtime configuration.

    For information about Lambda and how to use it, see What is AWS Lambda?

    NOTE: Due to AWS Lambda improved VPC networking changes that began deploying in September 2019, EC2 subnets and security groups associated with Lambda Functions can take up to 45 minutes to successfully delete. To allow for successful deletion, the provider will wait for at least 45 minutes even if a shorter delete timeout is specified.

    NOTE: If you get a KMSAccessDeniedException: Lambda was unable to decrypt the environment variables because KMS access was denied error when invoking an aws.lambda.Function with environment variables, the IAM role associated with the function may have been deleted and recreated after the function was created. You can fix the problem two ways: 1) updating the function’s role to another role and then updating it back again to the recreated role, or 2) by using Pulumi to taint the function and apply your configuration again to recreate the function. (When you create a function, Lambda grants permissions on the KMS key to the function’s IAM role. If the IAM role is recreated, the grant is no longer valid. Changing the function’s role or recreating the function causes Lambda to update the grant.)

    To give an external source (like an EventBridge Rule, SNS, or S3) permission to access the Lambda function, use the aws.lambda.Permission resource. See Lambda Permission Model for more details. On the other hand, the role argument of this resource is the function’s execution role for identity and access to AWS services and resources.

    Example Usage

    Basic Example

    import * as pulumi from "@pulumi/pulumi";
    import * as archive from "@pulumi/archive";
    import * as aws from "@pulumi/aws";
    
    const assumeRole = aws.iam.getPolicyDocument({
        statements: [{
            effect: "Allow",
            principals: [{
                type: "Service",
                identifiers: ["lambda.amazonaws.com"],
            }],
            actions: ["sts:AssumeRole"],
        }],
    });
    const iamForLambda = new aws.iam.Role("iam_for_lambda", {
        name: "iam_for_lambda",
        assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json),
    });
    const lambda = archive.getFile({
        type: "zip",
        sourceFile: "lambda.js",
        outputPath: "lambda_function_payload.zip",
    });
    const testLambda = new aws.lambda.Function("test_lambda", {
        code: new pulumi.asset.FileArchive("lambda_function_payload.zip"),
        name: "lambda_function_name",
        role: iamForLambda.arn,
        handler: "index.test",
        sourceCodeHash: lambda.then(lambda => lambda.outputBase64sha256),
        runtime: aws.lambda.Runtime.NodeJS18dX,
        environment: {
            variables: {
                foo: "bar",
            },
        },
    });
    
    import pulumi
    import pulumi_archive as archive
    import pulumi_aws as aws
    
    assume_role = aws.iam.get_policy_document(statements=[{
        "effect": "Allow",
        "principals": [{
            "type": "Service",
            "identifiers": ["lambda.amazonaws.com"],
        }],
        "actions": ["sts:AssumeRole"],
    }])
    iam_for_lambda = aws.iam.Role("iam_for_lambda",
        name="iam_for_lambda",
        assume_role_policy=assume_role.json)
    lambda_ = archive.get_file(type="zip",
        source_file="lambda.js",
        output_path="lambda_function_payload.zip")
    test_lambda = aws.lambda_.Function("test_lambda",
        code=pulumi.FileArchive("lambda_function_payload.zip"),
        name="lambda_function_name",
        role=iam_for_lambda.arn,
        handler="index.test",
        source_code_hash=lambda_.output_base64sha256,
        runtime=aws.lambda_.Runtime.NODE_JS18D_X,
        environment={
            "variables": {
                "foo": "bar",
            },
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-archive/sdk/go/archive"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
    			Statements: []iam.GetPolicyDocumentStatement{
    				{
    					Effect: pulumi.StringRef("Allow"),
    					Principals: []iam.GetPolicyDocumentStatementPrincipal{
    						{
    							Type: "Service",
    							Identifiers: []string{
    								"lambda.amazonaws.com",
    							},
    						},
    					},
    					Actions: []string{
    						"sts:AssumeRole",
    					},
    				},
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		iamForLambda, err := iam.NewRole(ctx, "iam_for_lambda", &iam.RoleArgs{
    			Name:             pulumi.String("iam_for_lambda"),
    			AssumeRolePolicy: pulumi.String(assumeRole.Json),
    		})
    		if err != nil {
    			return err
    		}
    		lambda, err := archive.LookupFile(ctx, &archive.LookupFileArgs{
    			Type:       "zip",
    			SourceFile: pulumi.StringRef("lambda.js"),
    			OutputPath: "lambda_function_payload.zip",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = lambda.NewFunction(ctx, "test_lambda", &lambda.FunctionArgs{
    			Code:           pulumi.NewFileArchive("lambda_function_payload.zip"),
    			Name:           pulumi.String("lambda_function_name"),
    			Role:           iamForLambda.Arn,
    			Handler:        pulumi.String("index.test"),
    			SourceCodeHash: pulumi.String(lambda.OutputBase64sha256),
    			Runtime:        pulumi.String(lambda.RuntimeNodeJS18dX),
    			Environment: &lambda.FunctionEnvironmentArgs{
    				Variables: pulumi.StringMap{
    					"foo": pulumi.String("bar"),
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Archive = Pulumi.Archive;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
        {
            Statements = new[]
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Effect = "Allow",
                    Principals = new[]
                    {
                        new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                        {
                            Type = "Service",
                            Identifiers = new[]
                            {
                                "lambda.amazonaws.com",
                            },
                        },
                    },
                    Actions = new[]
                    {
                        "sts:AssumeRole",
                    },
                },
            },
        });
    
        var iamForLambda = new Aws.Iam.Role("iam_for_lambda", new()
        {
            Name = "iam_for_lambda",
            AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
        });
    
        var lambda = Archive.GetFile.Invoke(new()
        {
            Type = "zip",
            SourceFile = "lambda.js",
            OutputPath = "lambda_function_payload.zip",
        });
    
        var testLambda = new Aws.Lambda.Function("test_lambda", new()
        {
            Code = new FileArchive("lambda_function_payload.zip"),
            Name = "lambda_function_name",
            Role = iamForLambda.Arn,
            Handler = "index.test",
            SourceCodeHash = lambda.Apply(getFileResult => getFileResult.OutputBase64sha256),
            Runtime = Aws.Lambda.Runtime.NodeJS18dX,
            Environment = new Aws.Lambda.Inputs.FunctionEnvironmentArgs
            {
                Variables = 
                {
                    { "foo", "bar" },
                },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.iam.IamFunctions;
    import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
    import com.pulumi.aws.iam.Role;
    import com.pulumi.aws.iam.RoleArgs;
    import com.pulumi.archive.ArchiveFunctions;
    import com.pulumi.archive.inputs.GetFileArgs;
    import com.pulumi.aws.lambda.Function;
    import com.pulumi.aws.lambda.FunctionArgs;
    import com.pulumi.aws.lambda.inputs.FunctionEnvironmentArgs;
    import com.pulumi.asset.FileArchive;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
                .statements(GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                        .type("Service")
                        .identifiers("lambda.amazonaws.com")
                        .build())
                    .actions("sts:AssumeRole")
                    .build())
                .build());
    
            var iamForLambda = new Role("iamForLambda", RoleArgs.builder()
                .name("iam_for_lambda")
                .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
                .build());
    
            final var lambda = ArchiveFunctions.getFile(GetFileArgs.builder()
                .type("zip")
                .sourceFile("lambda.js")
                .outputPath("lambda_function_payload.zip")
                .build());
    
            var testLambda = new Function("testLambda", FunctionArgs.builder()
                .code(new FileArchive("lambda_function_payload.zip"))
                .name("lambda_function_name")
                .role(iamForLambda.arn())
                .handler("index.test")
                .sourceCodeHash(lambda.applyValue(getFileResult -> getFileResult.outputBase64sha256()))
                .runtime("nodejs18.x")
                .environment(FunctionEnvironmentArgs.builder()
                    .variables(Map.of("foo", "bar"))
                    .build())
                .build());
    
        }
    }
    
    resources:
      iamForLambda:
        type: aws:iam:Role
        name: iam_for_lambda
        properties:
          name: iam_for_lambda
          assumeRolePolicy: ${assumeRole.json}
      testLambda:
        type: aws:lambda:Function
        name: test_lambda
        properties:
          code:
            fn::FileArchive: lambda_function_payload.zip
          name: lambda_function_name
          role: ${iamForLambda.arn}
          handler: index.test
          sourceCodeHash: ${lambda.outputBase64sha256}
          runtime: nodejs18.x
          environment:
            variables:
              foo: bar
    variables:
      assumeRole:
        fn::invoke:
          Function: aws:iam:getPolicyDocument
          Arguments:
            statements:
              - effect: Allow
                principals:
                  - type: Service
                    identifiers:
                      - lambda.amazonaws.com
                actions:
                  - sts:AssumeRole
      lambda:
        fn::invoke:
          Function: archive:getFile
          Arguments:
            type: zip
            sourceFile: lambda.js
            outputPath: lambda_function_payload.zip
    

    Lambda Layers

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.lambda.LayerVersion("example", {});
    const exampleFunction = new aws.lambda.Function("example", {layers: [example.arn]});
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.lambda_.LayerVersion("example")
    example_function = aws.lambda_.Function("example", layers=[example.arn])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := lambda.NewLayerVersion(ctx, "example", nil)
    		if err != nil {
    			return err
    		}
    		_, err = lambda.NewFunction(ctx, "example", &lambda.FunctionArgs{
    			Layers: pulumi.StringArray{
    				example.Arn,
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.Lambda.LayerVersion("example");
    
        var exampleFunction = new Aws.Lambda.Function("example", new()
        {
            Layers = new[]
            {
                example.Arn,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.lambda.LayerVersion;
    import com.pulumi.aws.lambda.Function;
    import com.pulumi.aws.lambda.FunctionArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new LayerVersion("example");
    
            var exampleFunction = new Function("exampleFunction", FunctionArgs.builder()
                .layers(example.arn())
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:lambda:LayerVersion
      exampleFunction:
        type: aws:lambda:Function
        name: example
        properties:
          layers:
            - ${example.arn}
    

    Lambda Ephemeral Storage

    Lambda Function Ephemeral Storage(/tmp) allows you to configure the storage upto 10 GB. The default value set to 512 MB.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const assumeRole = aws.iam.getPolicyDocument({
        statements: [{
            effect: "Allow",
            principals: [{
                type: "Service",
                identifiers: ["lambda.amazonaws.com"],
            }],
            actions: ["sts:AssumeRole"],
        }],
    });
    const iamForLambda = new aws.iam.Role("iam_for_lambda", {
        name: "iam_for_lambda",
        assumeRolePolicy: assumeRole.then(assumeRole => assumeRole.json),
    });
    const testLambda = new aws.lambda.Function("test_lambda", {
        code: new pulumi.asset.FileArchive("lambda_function_payload.zip"),
        name: "lambda_function_name",
        role: iamForLambda.arn,
        handler: "index.test",
        runtime: aws.lambda.Runtime.NodeJS18dX,
        ephemeralStorage: {
            size: 10240,
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    assume_role = aws.iam.get_policy_document(statements=[{
        "effect": "Allow",
        "principals": [{
            "type": "Service",
            "identifiers": ["lambda.amazonaws.com"],
        }],
        "actions": ["sts:AssumeRole"],
    }])
    iam_for_lambda = aws.iam.Role("iam_for_lambda",
        name="iam_for_lambda",
        assume_role_policy=assume_role.json)
    test_lambda = aws.lambda_.Function("test_lambda",
        code=pulumi.FileArchive("lambda_function_payload.zip"),
        name="lambda_function_name",
        role=iam_for_lambda.arn,
        handler="index.test",
        runtime=aws.lambda_.Runtime.NODE_JS18D_X,
        ephemeral_storage={
            "size": 10240,
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		assumeRole, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
    			Statements: []iam.GetPolicyDocumentStatement{
    				{
    					Effect: pulumi.StringRef("Allow"),
    					Principals: []iam.GetPolicyDocumentStatementPrincipal{
    						{
    							Type: "Service",
    							Identifiers: []string{
    								"lambda.amazonaws.com",
    							},
    						},
    					},
    					Actions: []string{
    						"sts:AssumeRole",
    					},
    				},
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		iamForLambda, err := iam.NewRole(ctx, "iam_for_lambda", &iam.RoleArgs{
    			Name:             pulumi.String("iam_for_lambda"),
    			AssumeRolePolicy: pulumi.String(assumeRole.Json),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = lambda.NewFunction(ctx, "test_lambda", &lambda.FunctionArgs{
    			Code:    pulumi.NewFileArchive("lambda_function_payload.zip"),
    			Name:    pulumi.String("lambda_function_name"),
    			Role:    iamForLambda.Arn,
    			Handler: pulumi.String("index.test"),
    			Runtime: pulumi.String(lambda.RuntimeNodeJS18dX),
    			EphemeralStorage: &lambda.FunctionEphemeralStorageArgs{
    				Size: pulumi.Int(10240),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var assumeRole = Aws.Iam.GetPolicyDocument.Invoke(new()
        {
            Statements = new[]
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Effect = "Allow",
                    Principals = new[]
                    {
                        new Aws.Iam.Inputs.GetPolicyDocumentStatementPrincipalInputArgs
                        {
                            Type = "Service",
                            Identifiers = new[]
                            {
                                "lambda.amazonaws.com",
                            },
                        },
                    },
                    Actions = new[]
                    {
                        "sts:AssumeRole",
                    },
                },
            },
        });
    
        var iamForLambda = new Aws.Iam.Role("iam_for_lambda", new()
        {
            Name = "iam_for_lambda",
            AssumeRolePolicy = assumeRole.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
        });
    
        var testLambda = new Aws.Lambda.Function("test_lambda", new()
        {
            Code = new FileArchive("lambda_function_payload.zip"),
            Name = "lambda_function_name",
            Role = iamForLambda.Arn,
            Handler = "index.test",
            Runtime = Aws.Lambda.Runtime.NodeJS18dX,
            EphemeralStorage = new Aws.Lambda.Inputs.FunctionEphemeralStorageArgs
            {
                Size = 10240,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.iam.IamFunctions;
    import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
    import com.pulumi.aws.iam.Role;
    import com.pulumi.aws.iam.RoleArgs;
    import com.pulumi.aws.lambda.Function;
    import com.pulumi.aws.lambda.FunctionArgs;
    import com.pulumi.aws.lambda.inputs.FunctionEphemeralStorageArgs;
    import com.pulumi.asset.FileArchive;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var assumeRole = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
                .statements(GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .principals(GetPolicyDocumentStatementPrincipalArgs.builder()
                        .type("Service")
                        .identifiers("lambda.amazonaws.com")
                        .build())
                    .actions("sts:AssumeRole")
                    .build())
                .build());
    
            var iamForLambda = new Role("iamForLambda", RoleArgs.builder()
                .name("iam_for_lambda")
                .assumeRolePolicy(assumeRole.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
                .build());
    
            var testLambda = new Function("testLambda", FunctionArgs.builder()
                .code(new FileArchive("lambda_function_payload.zip"))
                .name("lambda_function_name")
                .role(iamForLambda.arn())
                .handler("index.test")
                .runtime("nodejs18.x")
                .ephemeralStorage(FunctionEphemeralStorageArgs.builder()
                    .size(10240)
                    .build())
                .build());
    
        }
    }
    
    resources:
      iamForLambda:
        type: aws:iam:Role
        name: iam_for_lambda
        properties:
          name: iam_for_lambda
          assumeRolePolicy: ${assumeRole.json}
      testLambda:
        type: aws:lambda:Function
        name: test_lambda
        properties:
          code:
            fn::FileArchive: lambda_function_payload.zip
          name: lambda_function_name
          role: ${iamForLambda.arn}
          handler: index.test
          runtime: nodejs18.x
          ephemeralStorage:
            size: 10240
    variables:
      assumeRole:
        fn::invoke:
          Function: aws:iam:getPolicyDocument
          Arguments:
            statements:
              - effect: Allow
                principals:
                  - type: Service
                    identifiers:
                      - lambda.amazonaws.com
                actions:
                  - sts:AssumeRole
    

    Lambda File Systems

    Lambda File Systems allow you to connect an Amazon Elastic File System (EFS) file system to a Lambda function to share data across function invocations, access existing data including large files, and save function state.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    // EFS file system
    const efsForLambda = new aws.efs.FileSystem("efs_for_lambda", {tags: {
        Name: "efs_for_lambda",
    }});
    // Mount target connects the file system to the subnet
    const alpha = new aws.efs.MountTarget("alpha", {
        fileSystemId: efsForLambda.id,
        subnetId: subnetForLambda.id,
        securityGroups: [sgForLambda.id],
    });
    // EFS access point used by lambda file system
    const accessPointForLambda = new aws.efs.AccessPoint("access_point_for_lambda", {
        fileSystemId: efsForLambda.id,
        rootDirectory: {
            path: "/lambda",
            creationInfo: {
                ownerGid: 1000,
                ownerUid: 1000,
                permissions: "777",
            },
        },
        posixUser: {
            gid: 1000,
            uid: 1000,
        },
    });
    // A lambda function connected to an EFS file system
    const example = new aws.lambda.Function("example", {
        fileSystemConfig: {
            arn: accessPointForLambda.arn,
            localMountPath: "/mnt/efs",
        },
        vpcConfig: {
            subnetIds: [subnetForLambda.id],
            securityGroupIds: [sgForLambda.id],
        },
    }, {
        dependsOn: [alpha],
    });
    
    import pulumi
    import pulumi_aws as aws
    
    # EFS file system
    efs_for_lambda = aws.efs.FileSystem("efs_for_lambda", tags={
        "Name": "efs_for_lambda",
    })
    # Mount target connects the file system to the subnet
    alpha = aws.efs.MountTarget("alpha",
        file_system_id=efs_for_lambda.id,
        subnet_id=subnet_for_lambda["id"],
        security_groups=[sg_for_lambda["id"]])
    # EFS access point used by lambda file system
    access_point_for_lambda = aws.efs.AccessPoint("access_point_for_lambda",
        file_system_id=efs_for_lambda.id,
        root_directory={
            "path": "/lambda",
            "creation_info": {
                "owner_gid": 1000,
                "owner_uid": 1000,
                "permissions": "777",
            },
        },
        posix_user={
            "gid": 1000,
            "uid": 1000,
        })
    # A lambda function connected to an EFS file system
    example = aws.lambda_.Function("example",
        file_system_config={
            "arn": access_point_for_lambda.arn,
            "local_mount_path": "/mnt/efs",
        },
        vpc_config={
            "subnet_ids": [subnet_for_lambda["id"]],
            "security_group_ids": [sg_for_lambda["id"]],
        },
        opts = pulumi.ResourceOptions(depends_on=[alpha]))
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/efs"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		// EFS file system
    		efsForLambda, err := efs.NewFileSystem(ctx, "efs_for_lambda", &efs.FileSystemArgs{
    			Tags: pulumi.StringMap{
    				"Name": pulumi.String("efs_for_lambda"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		// Mount target connects the file system to the subnet
    		alpha, err := efs.NewMountTarget(ctx, "alpha", &efs.MountTargetArgs{
    			FileSystemId: efsForLambda.ID(),
    			SubnetId:     pulumi.Any(subnetForLambda.Id),
    			SecurityGroups: pulumi.StringArray{
    				sgForLambda.Id,
    			},
    		})
    		if err != nil {
    			return err
    		}
    		// EFS access point used by lambda file system
    		accessPointForLambda, err := efs.NewAccessPoint(ctx, "access_point_for_lambda", &efs.AccessPointArgs{
    			FileSystemId: efsForLambda.ID(),
    			RootDirectory: &efs.AccessPointRootDirectoryArgs{
    				Path: pulumi.String("/lambda"),
    				CreationInfo: &efs.AccessPointRootDirectoryCreationInfoArgs{
    					OwnerGid:    pulumi.Int(1000),
    					OwnerUid:    pulumi.Int(1000),
    					Permissions: pulumi.String("777"),
    				},
    			},
    			PosixUser: &efs.AccessPointPosixUserArgs{
    				Gid: pulumi.Int(1000),
    				Uid: pulumi.Int(1000),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		// A lambda function connected to an EFS file system
    		_, err = lambda.NewFunction(ctx, "example", &lambda.FunctionArgs{
    			FileSystemConfig: &lambda.FunctionFileSystemConfigArgs{
    				Arn:            accessPointForLambda.Arn,
    				LocalMountPath: pulumi.String("/mnt/efs"),
    			},
    			VpcConfig: &lambda.FunctionVpcConfigArgs{
    				SubnetIds: pulumi.StringArray{
    					subnetForLambda.Id,
    				},
    				SecurityGroupIds: pulumi.StringArray{
    					sgForLambda.Id,
    				},
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			alpha,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        // EFS file system
        var efsForLambda = new Aws.Efs.FileSystem("efs_for_lambda", new()
        {
            Tags = 
            {
                { "Name", "efs_for_lambda" },
            },
        });
    
        // Mount target connects the file system to the subnet
        var alpha = new Aws.Efs.MountTarget("alpha", new()
        {
            FileSystemId = efsForLambda.Id,
            SubnetId = subnetForLambda.Id,
            SecurityGroups = new[]
            {
                sgForLambda.Id,
            },
        });
    
        // EFS access point used by lambda file system
        var accessPointForLambda = new Aws.Efs.AccessPoint("access_point_for_lambda", new()
        {
            FileSystemId = efsForLambda.Id,
            RootDirectory = new Aws.Efs.Inputs.AccessPointRootDirectoryArgs
            {
                Path = "/lambda",
                CreationInfo = new Aws.Efs.Inputs.AccessPointRootDirectoryCreationInfoArgs
                {
                    OwnerGid = 1000,
                    OwnerUid = 1000,
                    Permissions = "777",
                },
            },
            PosixUser = new Aws.Efs.Inputs.AccessPointPosixUserArgs
            {
                Gid = 1000,
                Uid = 1000,
            },
        });
    
        // A lambda function connected to an EFS file system
        var example = new Aws.Lambda.Function("example", new()
        {
            FileSystemConfig = new Aws.Lambda.Inputs.FunctionFileSystemConfigArgs
            {
                Arn = accessPointForLambda.Arn,
                LocalMountPath = "/mnt/efs",
            },
            VpcConfig = new Aws.Lambda.Inputs.FunctionVpcConfigArgs
            {
                SubnetIds = new[]
                {
                    subnetForLambda.Id,
                },
                SecurityGroupIds = new[]
                {
                    sgForLambda.Id,
                },
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                alpha,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.efs.FileSystem;
    import com.pulumi.aws.efs.FileSystemArgs;
    import com.pulumi.aws.efs.MountTarget;
    import com.pulumi.aws.efs.MountTargetArgs;
    import com.pulumi.aws.efs.AccessPoint;
    import com.pulumi.aws.efs.AccessPointArgs;
    import com.pulumi.aws.efs.inputs.AccessPointRootDirectoryArgs;
    import com.pulumi.aws.efs.inputs.AccessPointRootDirectoryCreationInfoArgs;
    import com.pulumi.aws.efs.inputs.AccessPointPosixUserArgs;
    import com.pulumi.aws.lambda.Function;
    import com.pulumi.aws.lambda.FunctionArgs;
    import com.pulumi.aws.lambda.inputs.FunctionFileSystemConfigArgs;
    import com.pulumi.aws.lambda.inputs.FunctionVpcConfigArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            // EFS file system
            var efsForLambda = new FileSystem("efsForLambda", FileSystemArgs.builder()
                .tags(Map.of("Name", "efs_for_lambda"))
                .build());
    
            // Mount target connects the file system to the subnet
            var alpha = new MountTarget("alpha", MountTargetArgs.builder()
                .fileSystemId(efsForLambda.id())
                .subnetId(subnetForLambda.id())
                .securityGroups(sgForLambda.id())
                .build());
    
            // EFS access point used by lambda file system
            var accessPointForLambda = new AccessPoint("accessPointForLambda", AccessPointArgs.builder()
                .fileSystemId(efsForLambda.id())
                .rootDirectory(AccessPointRootDirectoryArgs.builder()
                    .path("/lambda")
                    .creationInfo(AccessPointRootDirectoryCreationInfoArgs.builder()
                        .ownerGid(1000)
                        .ownerUid(1000)
                        .permissions("777")
                        .build())
                    .build())
                .posixUser(AccessPointPosixUserArgs.builder()
                    .gid(1000)
                    .uid(1000)
                    .build())
                .build());
    
            // A lambda function connected to an EFS file system
            var example = new Function("example", FunctionArgs.builder()
                .fileSystemConfig(FunctionFileSystemConfigArgs.builder()
                    .arn(accessPointForLambda.arn())
                    .localMountPath("/mnt/efs")
                    .build())
                .vpcConfig(FunctionVpcConfigArgs.builder()
                    .subnetIds(subnetForLambda.id())
                    .securityGroupIds(sgForLambda.id())
                    .build())
                .build(), CustomResourceOptions.builder()
                    .dependsOn(alpha)
                    .build());
    
        }
    }
    
    resources:
      # A lambda function connected to an EFS file system
      example:
        type: aws:lambda:Function
        properties:
          fileSystemConfig:
            arn: ${accessPointForLambda.arn}
            localMountPath: /mnt/efs
          vpcConfig:
            subnetIds:
              - ${subnetForLambda.id}
            securityGroupIds:
              - ${sgForLambda.id}
        options:
          dependson:
            - ${alpha}
      # EFS file system
      efsForLambda:
        type: aws:efs:FileSystem
        name: efs_for_lambda
        properties:
          tags:
            Name: efs_for_lambda
      # Mount target connects the file system to the subnet
      alpha:
        type: aws:efs:MountTarget
        properties:
          fileSystemId: ${efsForLambda.id}
          subnetId: ${subnetForLambda.id}
          securityGroups:
            - ${sgForLambda.id}
      # EFS access point used by lambda file system
      accessPointForLambda:
        type: aws:efs:AccessPoint
        name: access_point_for_lambda
        properties:
          fileSystemId: ${efsForLambda.id}
          rootDirectory:
            path: /lambda
            creationInfo:
              ownerGid: 1000
              ownerUid: 1000
              permissions: '777'
          posixUser:
            gid: 1000
            uid: 1000
    

    Lambda retries

    Lambda Functions allow you to configure error handling for asynchronous invocation. The settings that it supports are Maximum age of event and Retry attempts as stated in Lambda documentation for Configuring error handling for asynchronous invocation. To configure these settings, refer to the aws.lambda.FunctionEventInvokeConfig resource.

    CloudWatch Logging and Permissions

    For more information about CloudWatch Logs for Lambda, see the Lambda User Guide.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const config = new pulumi.Config();
    const lambdaFunctionName = config.get("lambdaFunctionName") || "lambda_function_name";
    // This is to optionally manage the CloudWatch Log Group for the Lambda Function.
    // If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
    const example = new aws.cloudwatch.LogGroup("example", {
        name: `/aws/lambda/${lambdaFunctionName}`,
        retentionInDays: 14,
    });
    // See also the following AWS managed policy: AWSLambdaBasicExecutionRole
    const lambdaLogging = aws.iam.getPolicyDocument({
        statements: [{
            effect: "Allow",
            actions: [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents",
            ],
            resources: ["arn:aws:logs:*:*:*"],
        }],
    });
    const lambdaLoggingPolicy = new aws.iam.Policy("lambda_logging", {
        name: "lambda_logging",
        path: "/",
        description: "IAM policy for logging from a lambda",
        policy: lambdaLogging.then(lambdaLogging => lambdaLogging.json),
    });
    const lambdaLogs = new aws.iam.RolePolicyAttachment("lambda_logs", {
        role: iamForLambda.name,
        policyArn: lambdaLoggingPolicy.arn,
    });
    const testLambda = new aws.lambda.Function("test_lambda", {
        name: lambdaFunctionName,
        loggingConfig: {
            logFormat: "Text",
        },
    }, {
        dependsOn: [
            lambdaLogs,
            example,
        ],
    });
    
    import pulumi
    import pulumi_aws as aws
    
    config = pulumi.Config()
    lambda_function_name = config.get("lambdaFunctionName")
    if lambda_function_name is None:
        lambda_function_name = "lambda_function_name"
    # This is to optionally manage the CloudWatch Log Group for the Lambda Function.
    # If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
    example = aws.cloudwatch.LogGroup("example",
        name=f"/aws/lambda/{lambda_function_name}",
        retention_in_days=14)
    # See also the following AWS managed policy: AWSLambdaBasicExecutionRole
    lambda_logging = aws.iam.get_policy_document(statements=[{
        "effect": "Allow",
        "actions": [
            "logs:CreateLogGroup",
            "logs:CreateLogStream",
            "logs:PutLogEvents",
        ],
        "resources": ["arn:aws:logs:*:*:*"],
    }])
    lambda_logging_policy = aws.iam.Policy("lambda_logging",
        name="lambda_logging",
        path="/",
        description="IAM policy for logging from a lambda",
        policy=lambda_logging.json)
    lambda_logs = aws.iam.RolePolicyAttachment("lambda_logs",
        role=iam_for_lambda["name"],
        policy_arn=lambda_logging_policy.arn)
    test_lambda = aws.lambda_.Function("test_lambda",
        name=lambda_function_name,
        logging_config={
            "log_format": "Text",
        },
        opts = pulumi.ResourceOptions(depends_on=[
                lambda_logs,
                example,
            ]))
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/iam"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/lambda"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		cfg := config.New(ctx, "")
    		lambdaFunctionName := "lambda_function_name"
    		if param := cfg.Get("lambdaFunctionName"); param != "" {
    			lambdaFunctionName = param
    		}
    		// This is to optionally manage the CloudWatch Log Group for the Lambda Function.
    		// If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
    		example, err := cloudwatch.NewLogGroup(ctx, "example", &cloudwatch.LogGroupArgs{
    			Name:            pulumi.Sprintf("/aws/lambda/%v", lambdaFunctionName),
    			RetentionInDays: pulumi.Int(14),
    		})
    		if err != nil {
    			return err
    		}
    		// See also the following AWS managed policy: AWSLambdaBasicExecutionRole
    		lambdaLogging, err := iam.GetPolicyDocument(ctx, &iam.GetPolicyDocumentArgs{
    			Statements: []iam.GetPolicyDocumentStatement{
    				{
    					Effect: pulumi.StringRef("Allow"),
    					Actions: []string{
    						"logs:CreateLogGroup",
    						"logs:CreateLogStream",
    						"logs:PutLogEvents",
    					},
    					Resources: []string{
    						"arn:aws:logs:*:*:*",
    					},
    				},
    			},
    		}, nil)
    		if err != nil {
    			return err
    		}
    		lambdaLoggingPolicy, err := iam.NewPolicy(ctx, "lambda_logging", &iam.PolicyArgs{
    			Name:        pulumi.String("lambda_logging"),
    			Path:        pulumi.String("/"),
    			Description: pulumi.String("IAM policy for logging from a lambda"),
    			Policy:      pulumi.String(lambdaLogging.Json),
    		})
    		if err != nil {
    			return err
    		}
    		lambdaLogs, err := iam.NewRolePolicyAttachment(ctx, "lambda_logs", &iam.RolePolicyAttachmentArgs{
    			Role:      pulumi.Any(iamForLambda.Name),
    			PolicyArn: lambdaLoggingPolicy.Arn,
    		})
    		if err != nil {
    			return err
    		}
    		_, err = lambda.NewFunction(ctx, "test_lambda", &lambda.FunctionArgs{
    			Name: pulumi.String(lambdaFunctionName),
    			LoggingConfig: &lambda.FunctionLoggingConfigArgs{
    				LogFormat: pulumi.String("Text"),
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			lambdaLogs,
    			example,
    		}))
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var config = new Config();
        var lambdaFunctionName = config.Get("lambdaFunctionName") ?? "lambda_function_name";
        // This is to optionally manage the CloudWatch Log Group for the Lambda Function.
        // If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
        var example = new Aws.CloudWatch.LogGroup("example", new()
        {
            Name = $"/aws/lambda/{lambdaFunctionName}",
            RetentionInDays = 14,
        });
    
        // See also the following AWS managed policy: AWSLambdaBasicExecutionRole
        var lambdaLogging = Aws.Iam.GetPolicyDocument.Invoke(new()
        {
            Statements = new[]
            {
                new Aws.Iam.Inputs.GetPolicyDocumentStatementInputArgs
                {
                    Effect = "Allow",
                    Actions = new[]
                    {
                        "logs:CreateLogGroup",
                        "logs:CreateLogStream",
                        "logs:PutLogEvents",
                    },
                    Resources = new[]
                    {
                        "arn:aws:logs:*:*:*",
                    },
                },
            },
        });
    
        var lambdaLoggingPolicy = new Aws.Iam.Policy("lambda_logging", new()
        {
            Name = "lambda_logging",
            Path = "/",
            Description = "IAM policy for logging from a lambda",
            PolicyDocument = lambdaLogging.Apply(getPolicyDocumentResult => getPolicyDocumentResult.Json),
        });
    
        var lambdaLogs = new Aws.Iam.RolePolicyAttachment("lambda_logs", new()
        {
            Role = iamForLambda.Name,
            PolicyArn = lambdaLoggingPolicy.Arn,
        });
    
        var testLambda = new Aws.Lambda.Function("test_lambda", new()
        {
            Name = lambdaFunctionName,
            LoggingConfig = new Aws.Lambda.Inputs.FunctionLoggingConfigArgs
            {
                LogFormat = "Text",
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                lambdaLogs,
                example,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.cloudwatch.LogGroup;
    import com.pulumi.aws.cloudwatch.LogGroupArgs;
    import com.pulumi.aws.iam.IamFunctions;
    import com.pulumi.aws.iam.inputs.GetPolicyDocumentArgs;
    import com.pulumi.aws.iam.Policy;
    import com.pulumi.aws.iam.PolicyArgs;
    import com.pulumi.aws.iam.RolePolicyAttachment;
    import com.pulumi.aws.iam.RolePolicyAttachmentArgs;
    import com.pulumi.aws.lambda.Function;
    import com.pulumi.aws.lambda.FunctionArgs;
    import com.pulumi.aws.lambda.inputs.FunctionLoggingConfigArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var config = ctx.config();
            final var lambdaFunctionName = config.get("lambdaFunctionName").orElse("lambda_function_name");
            // This is to optionally manage the CloudWatch Log Group for the Lambda Function.
            // If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
            var example = new LogGroup("example", LogGroupArgs.builder()
                .name(String.format("/aws/lambda/%s", lambdaFunctionName))
                .retentionInDays(14)
                .build());
    
            // See also the following AWS managed policy: AWSLambdaBasicExecutionRole
            final var lambdaLogging = IamFunctions.getPolicyDocument(GetPolicyDocumentArgs.builder()
                .statements(GetPolicyDocumentStatementArgs.builder()
                    .effect("Allow")
                    .actions(                
                        "logs:CreateLogGroup",
                        "logs:CreateLogStream",
                        "logs:PutLogEvents")
                    .resources("arn:aws:logs:*:*:*")
                    .build())
                .build());
    
            var lambdaLoggingPolicy = new Policy("lambdaLoggingPolicy", PolicyArgs.builder()
                .name("lambda_logging")
                .path("/")
                .description("IAM policy for logging from a lambda")
                .policy(lambdaLogging.applyValue(getPolicyDocumentResult -> getPolicyDocumentResult.json()))
                .build());
    
            var lambdaLogs = new RolePolicyAttachment("lambdaLogs", RolePolicyAttachmentArgs.builder()
                .role(iamForLambda.name())
                .policyArn(lambdaLoggingPolicy.arn())
                .build());
    
            var testLambda = new Function("testLambda", FunctionArgs.builder()
                .name(lambdaFunctionName)
                .loggingConfig(FunctionLoggingConfigArgs.builder()
                    .logFormat("Text")
                    .build())
                .build(), CustomResourceOptions.builder()
                    .dependsOn(                
                        lambdaLogs,
                        example)
                    .build());
    
        }
    }
    
    configuration:
      lambdaFunctionName:
        type: string
        default: lambda_function_name
    resources:
      testLambda:
        type: aws:lambda:Function
        name: test_lambda
        properties:
          name: ${lambdaFunctionName}
          loggingConfig:
            logFormat: Text
        options:
          dependson:
            - ${lambdaLogs}
            - ${example}
      # This is to optionally manage the CloudWatch Log Group for the Lambda Function.
      # If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
      example:
        type: aws:cloudwatch:LogGroup
        properties:
          name: /aws/lambda/${lambdaFunctionName}
          retentionInDays: 14
      lambdaLoggingPolicy:
        type: aws:iam:Policy
        name: lambda_logging
        properties:
          name: lambda_logging
          path: /
          description: IAM policy for logging from a lambda
          policy: ${lambdaLogging.json}
      lambdaLogs:
        type: aws:iam:RolePolicyAttachment
        name: lambda_logs
        properties:
          role: ${iamForLambda.name}
          policyArn: ${lambdaLoggingPolicy.arn}
    variables:
      # See also the following AWS managed policy: AWSLambdaBasicExecutionRole
      lambdaLogging:
        fn::invoke:
          Function: aws:iam:getPolicyDocument
          Arguments:
            statements:
              - effect: Allow
                actions:
                  - logs:CreateLogGroup
                  - logs:CreateLogStream
                  - logs:PutLogEvents
                resources:
                  - arn:aws:logs:*:*:*
    

    Specifying the Deployment Package

    AWS Lambda expects source code to be provided as a deployment package whose structure varies depending on which runtime is in use. See Runtimes for the valid values of runtime. The expected structure of the deployment package can be found in the AWS Lambda documentation for each runtime.

    Once you have created your deployment package you can specify it either directly as a local file (using the filename argument) or indirectly via Amazon S3 (using the s3_bucket, s3_key and s3_object_version arguments). When providing the deployment package via S3 it may be useful to use the aws.s3.BucketObjectv2 resource to upload it.

    For larger deployment packages it is recommended by Amazon to upload via S3, since the S3 API has better support for uploading large files efficiently.

    Create Function Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Function(name: string, args: FunctionArgs, opts?: CustomResourceOptions);
    @overload
    def Function(resource_name: str,
                 args: FunctionArgs,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def Function(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 role: Optional[str] = None,
                 package_type: Optional[str] = None,
                 timeout: Optional[int] = None,
                 dead_letter_config: Optional[_lambda_.FunctionDeadLetterConfigArgs] = None,
                 description: Optional[str] = None,
                 environment: Optional[_lambda_.FunctionEnvironmentArgs] = None,
                 ephemeral_storage: Optional[_lambda_.FunctionEphemeralStorageArgs] = None,
                 publish: Optional[bool] = None,
                 handler: Optional[str] = None,
                 image_config: Optional[_lambda_.FunctionImageConfigArgs] = None,
                 image_uri: Optional[str] = None,
                 kms_key_arn: Optional[str] = None,
                 layers: Optional[Sequence[str]] = None,
                 logging_config: Optional[_lambda_.FunctionLoggingConfigArgs] = None,
                 memory_size: Optional[int] = None,
                 vpc_config: Optional[_lambda_.FunctionVpcConfigArgs] = None,
                 code_signing_config_arn: Optional[str] = None,
                 file_system_config: Optional[_lambda_.FunctionFileSystemConfigArgs] = None,
                 replace_security_groups_on_destroy: Optional[bool] = None,
                 replacement_security_group_ids: Optional[Sequence[str]] = None,
                 reserved_concurrent_executions: Optional[int] = None,
                 code: Optional[pulumi.Archive] = None,
                 runtime: Optional[Union[str, lambda_.Runtime]] = None,
                 s3_bucket: Optional[str] = None,
                 s3_key: Optional[str] = None,
                 s3_object_version: Optional[str] = None,
                 skip_destroy: Optional[bool] = None,
                 snap_start: Optional[_lambda_.FunctionSnapStartArgs] = None,
                 source_code_hash: Optional[str] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 architectures: Optional[Sequence[str]] = None,
                 tracing_config: Optional[_lambda_.FunctionTracingConfigArgs] = None,
                 name: Optional[str] = None)
    func NewFunction(ctx *Context, name string, args FunctionArgs, opts ...ResourceOption) (*Function, error)
    public Function(string name, FunctionArgs args, CustomResourceOptions? opts = null)
    public Function(String name, FunctionArgs args)
    public Function(String name, FunctionArgs args, CustomResourceOptions options)
    
    type: aws:lambda:Function
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args FunctionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FunctionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FunctionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FunctionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FunctionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var examplefunctionResourceResourceFromLambdafunction = new Aws.Lambda.Function("examplefunctionResourceResourceFromLambdafunction", new()
    {
        Role = "string",
        PackageType = "string",
        Timeout = 0,
        DeadLetterConfig = new Aws.Lambda.Inputs.FunctionDeadLetterConfigArgs
        {
            TargetArn = "string",
        },
        Description = "string",
        Environment = new Aws.Lambda.Inputs.FunctionEnvironmentArgs
        {
            Variables = 
            {
                { "string", "string" },
            },
        },
        EphemeralStorage = new Aws.Lambda.Inputs.FunctionEphemeralStorageArgs
        {
            Size = 0,
        },
        Publish = false,
        Handler = "string",
        ImageConfig = new Aws.Lambda.Inputs.FunctionImageConfigArgs
        {
            Commands = new[]
            {
                "string",
            },
            EntryPoints = new[]
            {
                "string",
            },
            WorkingDirectory = "string",
        },
        ImageUri = "string",
        KmsKeyArn = "string",
        Layers = new[]
        {
            "string",
        },
        LoggingConfig = new Aws.Lambda.Inputs.FunctionLoggingConfigArgs
        {
            LogFormat = "string",
            ApplicationLogLevel = "string",
            LogGroup = "string",
            SystemLogLevel = "string",
        },
        MemorySize = 0,
        VpcConfig = new Aws.Lambda.Inputs.FunctionVpcConfigArgs
        {
            SecurityGroupIds = new[]
            {
                "string",
            },
            SubnetIds = new[]
            {
                "string",
            },
            Ipv6AllowedForDualStack = false,
            VpcId = "string",
        },
        CodeSigningConfigArn = "string",
        FileSystemConfig = new Aws.Lambda.Inputs.FunctionFileSystemConfigArgs
        {
            Arn = "string",
            LocalMountPath = "string",
        },
        ReplaceSecurityGroupsOnDestroy = false,
        ReplacementSecurityGroupIds = new[]
        {
            "string",
        },
        ReservedConcurrentExecutions = 0,
        Code = new FileArchive("./path/to/archive"),
        Runtime = "string",
        S3Bucket = "string",
        S3Key = "string",
        S3ObjectVersion = "string",
        SkipDestroy = false,
        SnapStart = new Aws.Lambda.Inputs.FunctionSnapStartArgs
        {
            ApplyOn = "string",
            OptimizationStatus = "string",
        },
        SourceCodeHash = "string",
        Tags = 
        {
            { "string", "string" },
        },
        Architectures = new[]
        {
            "string",
        },
        TracingConfig = new Aws.Lambda.Inputs.FunctionTracingConfigArgs
        {
            Mode = "string",
        },
        Name = "string",
    });
    
    example, err := lambda.NewFunction(ctx, "examplefunctionResourceResourceFromLambdafunction", &lambda.FunctionArgs{
    	Role:        pulumi.String("string"),
    	PackageType: pulumi.String("string"),
    	Timeout:     pulumi.Int(0),
    	DeadLetterConfig: &lambda.FunctionDeadLetterConfigArgs{
    		TargetArn: pulumi.String("string"),
    	},
    	Description: pulumi.String("string"),
    	Environment: &lambda.FunctionEnvironmentArgs{
    		Variables: pulumi.StringMap{
    			"string": pulumi.String("string"),
    		},
    	},
    	EphemeralStorage: &lambda.FunctionEphemeralStorageArgs{
    		Size: pulumi.Int(0),
    	},
    	Publish: pulumi.Bool(false),
    	Handler: pulumi.String("string"),
    	ImageConfig: &lambda.FunctionImageConfigArgs{
    		Commands: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		EntryPoints: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		WorkingDirectory: pulumi.String("string"),
    	},
    	ImageUri:  pulumi.String("string"),
    	KmsKeyArn: pulumi.String("string"),
    	Layers: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	LoggingConfig: &lambda.FunctionLoggingConfigArgs{
    		LogFormat:           pulumi.String("string"),
    		ApplicationLogLevel: pulumi.String("string"),
    		LogGroup:            pulumi.String("string"),
    		SystemLogLevel:      pulumi.String("string"),
    	},
    	MemorySize: pulumi.Int(0),
    	VpcConfig: &lambda.FunctionVpcConfigArgs{
    		SecurityGroupIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		SubnetIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Ipv6AllowedForDualStack: pulumi.Bool(false),
    		VpcId:                   pulumi.String("string"),
    	},
    	CodeSigningConfigArn: pulumi.String("string"),
    	FileSystemConfig: &lambda.FunctionFileSystemConfigArgs{
    		Arn:            pulumi.String("string"),
    		LocalMountPath: pulumi.String("string"),
    	},
    	ReplaceSecurityGroupsOnDestroy: pulumi.Bool(false),
    	ReplacementSecurityGroupIds: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	ReservedConcurrentExecutions: pulumi.Int(0),
    	Code:                         pulumi.NewFileArchive("./path/to/archive"),
    	Runtime:                      pulumi.String("string"),
    	S3Bucket:                     pulumi.String("string"),
    	S3Key:                        pulumi.String("string"),
    	S3ObjectVersion:              pulumi.String("string"),
    	SkipDestroy:                  pulumi.Bool(false),
    	SnapStart: &lambda.FunctionSnapStartArgs{
    		ApplyOn:            pulumi.String("string"),
    		OptimizationStatus: pulumi.String("string"),
    	},
    	SourceCodeHash: pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Architectures: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	TracingConfig: &lambda.FunctionTracingConfigArgs{
    		Mode: pulumi.String("string"),
    	},
    	Name: pulumi.String("string"),
    })
    
    var examplefunctionResourceResourceFromLambdafunction = new Function("examplefunctionResourceResourceFromLambdafunction", FunctionArgs.builder()
        .role("string")
        .packageType("string")
        .timeout(0)
        .deadLetterConfig(FunctionDeadLetterConfigArgs.builder()
            .targetArn("string")
            .build())
        .description("string")
        .environment(FunctionEnvironmentArgs.builder()
            .variables(Map.of("string", "string"))
            .build())
        .ephemeralStorage(FunctionEphemeralStorageArgs.builder()
            .size(0)
            .build())
        .publish(false)
        .handler("string")
        .imageConfig(FunctionImageConfigArgs.builder()
            .commands("string")
            .entryPoints("string")
            .workingDirectory("string")
            .build())
        .imageUri("string")
        .kmsKeyArn("string")
        .layers("string")
        .loggingConfig(FunctionLoggingConfigArgs.builder()
            .logFormat("string")
            .applicationLogLevel("string")
            .logGroup("string")
            .systemLogLevel("string")
            .build())
        .memorySize(0)
        .vpcConfig(FunctionVpcConfigArgs.builder()
            .securityGroupIds("string")
            .subnetIds("string")
            .ipv6AllowedForDualStack(false)
            .vpcId("string")
            .build())
        .codeSigningConfigArn("string")
        .fileSystemConfig(FunctionFileSystemConfigArgs.builder()
            .arn("string")
            .localMountPath("string")
            .build())
        .replaceSecurityGroupsOnDestroy(false)
        .replacementSecurityGroupIds("string")
        .reservedConcurrentExecutions(0)
        .code(new FileArchive("./path/to/archive"))
        .runtime("string")
        .s3Bucket("string")
        .s3Key("string")
        .s3ObjectVersion("string")
        .skipDestroy(false)
        .snapStart(FunctionSnapStartArgs.builder()
            .applyOn("string")
            .optimizationStatus("string")
            .build())
        .sourceCodeHash("string")
        .tags(Map.of("string", "string"))
        .architectures("string")
        .tracingConfig(FunctionTracingConfigArgs.builder()
            .mode("string")
            .build())
        .name("string")
        .build());
    
    examplefunction_resource_resource_from_lambdafunction = aws.lambda_.Function("examplefunctionResourceResourceFromLambdafunction",
        role="string",
        package_type="string",
        timeout=0,
        dead_letter_config={
            "target_arn": "string",
        },
        description="string",
        environment={
            "variables": {
                "string": "string",
            },
        },
        ephemeral_storage={
            "size": 0,
        },
        publish=False,
        handler="string",
        image_config={
            "commands": ["string"],
            "entry_points": ["string"],
            "working_directory": "string",
        },
        image_uri="string",
        kms_key_arn="string",
        layers=["string"],
        logging_config={
            "log_format": "string",
            "application_log_level": "string",
            "log_group": "string",
            "system_log_level": "string",
        },
        memory_size=0,
        vpc_config={
            "security_group_ids": ["string"],
            "subnet_ids": ["string"],
            "ipv6_allowed_for_dual_stack": False,
            "vpc_id": "string",
        },
        code_signing_config_arn="string",
        file_system_config={
            "arn": "string",
            "local_mount_path": "string",
        },
        replace_security_groups_on_destroy=False,
        replacement_security_group_ids=["string"],
        reserved_concurrent_executions=0,
        code=pulumi.FileArchive("./path/to/archive"),
        runtime="string",
        s3_bucket="string",
        s3_key="string",
        s3_object_version="string",
        skip_destroy=False,
        snap_start={
            "apply_on": "string",
            "optimization_status": "string",
        },
        source_code_hash="string",
        tags={
            "string": "string",
        },
        architectures=["string"],
        tracing_config={
            "mode": "string",
        },
        name="string")
    
    const examplefunctionResourceResourceFromLambdafunction = new aws.lambda.Function("examplefunctionResourceResourceFromLambdafunction", {
        role: "string",
        packageType: "string",
        timeout: 0,
        deadLetterConfig: {
            targetArn: "string",
        },
        description: "string",
        environment: {
            variables: {
                string: "string",
            },
        },
        ephemeralStorage: {
            size: 0,
        },
        publish: false,
        handler: "string",
        imageConfig: {
            commands: ["string"],
            entryPoints: ["string"],
            workingDirectory: "string",
        },
        imageUri: "string",
        kmsKeyArn: "string",
        layers: ["string"],
        loggingConfig: {
            logFormat: "string",
            applicationLogLevel: "string",
            logGroup: "string",
            systemLogLevel: "string",
        },
        memorySize: 0,
        vpcConfig: {
            securityGroupIds: ["string"],
            subnetIds: ["string"],
            ipv6AllowedForDualStack: false,
            vpcId: "string",
        },
        codeSigningConfigArn: "string",
        fileSystemConfig: {
            arn: "string",
            localMountPath: "string",
        },
        replaceSecurityGroupsOnDestroy: false,
        replacementSecurityGroupIds: ["string"],
        reservedConcurrentExecutions: 0,
        code: new pulumi.asset.FileArchive("./path/to/archive"),
        runtime: "string",
        s3Bucket: "string",
        s3Key: "string",
        s3ObjectVersion: "string",
        skipDestroy: false,
        snapStart: {
            applyOn: "string",
            optimizationStatus: "string",
        },
        sourceCodeHash: "string",
        tags: {
            string: "string",
        },
        architectures: ["string"],
        tracingConfig: {
            mode: "string",
        },
        name: "string",
    });
    
    type: aws:lambda:Function
    properties:
        architectures:
            - string
        code:
            fn::FileArchive: ./path/to/archive
        codeSigningConfigArn: string
        deadLetterConfig:
            targetArn: string
        description: string
        environment:
            variables:
                string: string
        ephemeralStorage:
            size: 0
        fileSystemConfig:
            arn: string
            localMountPath: string
        handler: string
        imageConfig:
            commands:
                - string
            entryPoints:
                - string
            workingDirectory: string
        imageUri: string
        kmsKeyArn: string
        layers:
            - string
        loggingConfig:
            applicationLogLevel: string
            logFormat: string
            logGroup: string
            systemLogLevel: string
        memorySize: 0
        name: string
        packageType: string
        publish: false
        replaceSecurityGroupsOnDestroy: false
        replacementSecurityGroupIds:
            - string
        reservedConcurrentExecutions: 0
        role: string
        runtime: string
        s3Bucket: string
        s3Key: string
        s3ObjectVersion: string
        skipDestroy: false
        snapStart:
            applyOn: string
            optimizationStatus: string
        sourceCodeHash: string
        tags:
            string: string
        timeout: 0
        tracingConfig:
            mode: string
        vpcConfig:
            ipv6AllowedForDualStack: false
            securityGroupIds:
                - string
            subnetIds:
                - string
            vpcId: string
    

    Function Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Function resource accepts the following input properties:

    Role string

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    Architectures List<string>
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    Code Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    CodeSigningConfigArn string
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    DeadLetterConfig FunctionDeadLetterConfig
    Configuration block. Detailed below.
    Description string
    Description of what your Lambda Function does.
    Environment FunctionEnvironment
    Configuration block. Detailed below.
    EphemeralStorage FunctionEphemeralStorage
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    FileSystemConfig FunctionFileSystemConfig
    Configuration block. Detailed below.
    Handler string
    Function entrypoint in your code.
    ImageConfig FunctionImageConfig
    Configuration block. Detailed below.
    ImageUri string
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    KmsKeyArn string
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    Layers List<string>
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    LoggingConfig FunctionLoggingConfig
    Configuration block used to specify advanced logging settings. Detailed below.
    MemorySize int
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    Name string
    Unique name for your Lambda Function.
    PackageType string
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    Publish bool
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    ReplaceSecurityGroupsOnDestroy bool
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    ReplacementSecurityGroupIds List<string>
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    ReservedConcurrentExecutions int
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    Runtime string | Pulumi.Aws.Lambda.Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    S3Bucket string
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    S3Key string
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    S3ObjectVersion string
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    SkipDestroy bool
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    SnapStart FunctionSnapStart
    Snap start settings block. Detailed below.
    SourceCodeHash string
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    Tags Dictionary<string, string>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    Timeout int
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    TracingConfig FunctionTracingConfig
    Configuration block. Detailed below.
    VpcConfig FunctionVpcConfig
    Configuration block. Detailed below.
    Role string

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    Architectures []string
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    Code pulumi.Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    CodeSigningConfigArn string
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    DeadLetterConfig FunctionDeadLetterConfigArgs
    Configuration block. Detailed below.
    Description string
    Description of what your Lambda Function does.
    Environment FunctionEnvironmentArgs
    Configuration block. Detailed below.
    EphemeralStorage FunctionEphemeralStorageArgs
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    FileSystemConfig FunctionFileSystemConfigArgs
    Configuration block. Detailed below.
    Handler string
    Function entrypoint in your code.
    ImageConfig FunctionImageConfigArgs
    Configuration block. Detailed below.
    ImageUri string
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    KmsKeyArn string
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    Layers []string
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    LoggingConfig FunctionLoggingConfigArgs
    Configuration block used to specify advanced logging settings. Detailed below.
    MemorySize int
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    Name string
    Unique name for your Lambda Function.
    PackageType string
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    Publish bool
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    ReplaceSecurityGroupsOnDestroy bool
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    ReplacementSecurityGroupIds []string
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    ReservedConcurrentExecutions int
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    Runtime string | Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    S3Bucket string
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    S3Key string
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    S3ObjectVersion string
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    SkipDestroy bool
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    SnapStart FunctionSnapStartArgs
    Snap start settings block. Detailed below.
    SourceCodeHash string
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    Tags map[string]string
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    Timeout int
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    TracingConfig FunctionTracingConfigArgs
    Configuration block. Detailed below.
    VpcConfig FunctionVpcConfigArgs
    Configuration block. Detailed below.
    role String

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    architectures List<String>
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    code Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    codeSigningConfigArn String
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    deadLetterConfig FunctionDeadLetterConfig
    Configuration block. Detailed below.
    description String
    Description of what your Lambda Function does.
    environment FunctionEnvironment
    Configuration block. Detailed below.
    ephemeralStorage FunctionEphemeralStorage
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    fileSystemConfig FunctionFileSystemConfig
    Configuration block. Detailed below.
    handler String
    Function entrypoint in your code.
    imageConfig FunctionImageConfig
    Configuration block. Detailed below.
    imageUri String
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    kmsKeyArn String
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    layers List<String>
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    loggingConfig FunctionLoggingConfig
    Configuration block used to specify advanced logging settings. Detailed below.
    memorySize Integer
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    name String
    Unique name for your Lambda Function.
    packageType String
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    publish Boolean
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    replaceSecurityGroupsOnDestroy Boolean
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    replacementSecurityGroupIds List<String>
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    reservedConcurrentExecutions Integer
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    runtime String | Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    s3Bucket String
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    s3Key String
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    s3ObjectVersion String
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    skipDestroy Boolean
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    snapStart FunctionSnapStart
    Snap start settings block. Detailed below.
    sourceCodeHash String
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    tags Map<String,String>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    timeout Integer
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    tracingConfig FunctionTracingConfig
    Configuration block. Detailed below.
    vpcConfig FunctionVpcConfig
    Configuration block. Detailed below.
    role ARN

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    architectures string[]
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    code pulumi.asset.Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    codeSigningConfigArn string
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    deadLetterConfig FunctionDeadLetterConfig
    Configuration block. Detailed below.
    description string
    Description of what your Lambda Function does.
    environment FunctionEnvironment
    Configuration block. Detailed below.
    ephemeralStorage FunctionEphemeralStorage
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    fileSystemConfig FunctionFileSystemConfig
    Configuration block. Detailed below.
    handler string
    Function entrypoint in your code.
    imageConfig FunctionImageConfig
    Configuration block. Detailed below.
    imageUri string
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    kmsKeyArn string
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    layers string[]
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    loggingConfig FunctionLoggingConfig
    Configuration block used to specify advanced logging settings. Detailed below.
    memorySize number
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    name string
    Unique name for your Lambda Function.
    packageType string
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    publish boolean
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    replaceSecurityGroupsOnDestroy boolean
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    replacementSecurityGroupIds string[]
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    reservedConcurrentExecutions number
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    runtime string | Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    s3Bucket string
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    s3Key string
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    s3ObjectVersion string
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    skipDestroy boolean
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    snapStart FunctionSnapStart
    Snap start settings block. Detailed below.
    sourceCodeHash string
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    tags {[key: string]: string}
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    timeout number
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    tracingConfig FunctionTracingConfig
    Configuration block. Detailed below.
    vpcConfig FunctionVpcConfig
    Configuration block. Detailed below.
    role str

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    architectures Sequence[str]
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    code pulumi.Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    code_signing_config_arn str
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    dead_letter_config lambda_.FunctionDeadLetterConfigArgs
    Configuration block. Detailed below.
    description str
    Description of what your Lambda Function does.
    environment lambda_.FunctionEnvironmentArgs
    Configuration block. Detailed below.
    ephemeral_storage lambda_.FunctionEphemeralStorageArgs
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    file_system_config lambda_.FunctionFileSystemConfigArgs
    Configuration block. Detailed below.
    handler str
    Function entrypoint in your code.
    image_config lambda_.FunctionImageConfigArgs
    Configuration block. Detailed below.
    image_uri str
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    kms_key_arn str
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    layers Sequence[str]
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    logging_config lambda_.FunctionLoggingConfigArgs
    Configuration block used to specify advanced logging settings. Detailed below.
    memory_size int
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    name str
    Unique name for your Lambda Function.
    package_type str
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    publish bool
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    replace_security_groups_on_destroy bool
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    replacement_security_group_ids Sequence[str]
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    reserved_concurrent_executions int
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    runtime str | lambda_.Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    s3_bucket str
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    s3_key str
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    s3_object_version str
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    skip_destroy bool
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    snap_start lambda_.FunctionSnapStartArgs
    Snap start settings block. Detailed below.
    source_code_hash str
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    tags Mapping[str, str]
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    timeout int
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    tracing_config lambda_.FunctionTracingConfigArgs
    Configuration block. Detailed below.
    vpc_config lambda_.FunctionVpcConfigArgs
    Configuration block. Detailed below.
    role

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    architectures List<String>
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    code Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    codeSigningConfigArn String
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    deadLetterConfig Property Map
    Configuration block. Detailed below.
    description String
    Description of what your Lambda Function does.
    environment Property Map
    Configuration block. Detailed below.
    ephemeralStorage Property Map
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    fileSystemConfig Property Map
    Configuration block. Detailed below.
    handler String
    Function entrypoint in your code.
    imageConfig Property Map
    Configuration block. Detailed below.
    imageUri String
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    kmsKeyArn String
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    layers List<String>
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    loggingConfig Property Map
    Configuration block used to specify advanced logging settings. Detailed below.
    memorySize Number
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    name String
    Unique name for your Lambda Function.
    packageType String
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    publish Boolean
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    replaceSecurityGroupsOnDestroy Boolean
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    replacementSecurityGroupIds List<String>
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    reservedConcurrentExecutions Number
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    runtime String | "dotnet6" | "dotnet7" | "dotnet8" | "java11" | "java17" | "java21" | "java8.al2" | "nodejs18.x" | "nodejs20.x" | "provided.al2" | "provided.al2023" | "python3.10" | "python3.11" | "python3.12" | "python3.8" | "python3.9" | "ruby3.2" | "dotnet5.0" | "dotnetcore2.1" | "dotnetcore3.1" | "go1.x" | "java8" | "nodejs10.x" | "nodejs12.x" | "nodejs14.x" | "nodejs16.x" | "provided" | "python2.7" | "python3.6" | "python3.7" | "ruby2.5" | "ruby2.7"
    Identifier of the function's runtime. See Runtimes for valid values.
    s3Bucket String
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    s3Key String
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    s3ObjectVersion String
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    skipDestroy Boolean
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    snapStart Property Map
    Snap start settings block. Detailed below.
    sourceCodeHash String
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    tags Map<String>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    timeout Number
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    tracingConfig Property Map
    Configuration block. Detailed below.
    vpcConfig Property Map
    Configuration block. Detailed below.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Function resource produces the following output properties:

    Arn string
    Amazon Resource Name (ARN) identifying your Lambda Function.
    CodeSha256 string
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    Id string
    The provider-assigned unique ID for this managed resource.
    InvokeArn string
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    LastModified string
    Date this resource was last modified.
    QualifiedArn string
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    QualifiedInvokeArn string
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    SigningJobArn string
    ARN of the signing job.
    SigningProfileVersionArn string
    ARN of the signing profile version.
    SourceCodeSize int
    Size in bytes of the function .zip file.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Version string
    Latest published version of your Lambda Function.
    Arn string
    Amazon Resource Name (ARN) identifying your Lambda Function.
    CodeSha256 string
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    Id string
    The provider-assigned unique ID for this managed resource.
    InvokeArn string
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    LastModified string
    Date this resource was last modified.
    QualifiedArn string
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    QualifiedInvokeArn string
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    SigningJobArn string
    ARN of the signing job.
    SigningProfileVersionArn string
    ARN of the signing profile version.
    SourceCodeSize int
    Size in bytes of the function .zip file.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Version string
    Latest published version of your Lambda Function.
    arn String
    Amazon Resource Name (ARN) identifying your Lambda Function.
    codeSha256 String
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    id String
    The provider-assigned unique ID for this managed resource.
    invokeArn String
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    lastModified String
    Date this resource was last modified.
    qualifiedArn String
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    qualifiedInvokeArn String
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    signingJobArn String
    ARN of the signing job.
    signingProfileVersionArn String
    ARN of the signing profile version.
    sourceCodeSize Integer
    Size in bytes of the function .zip file.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    version String
    Latest published version of your Lambda Function.
    arn string
    Amazon Resource Name (ARN) identifying your Lambda Function.
    codeSha256 string
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    id string
    The provider-assigned unique ID for this managed resource.
    invokeArn string
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    lastModified string
    Date this resource was last modified.
    qualifiedArn string
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    qualifiedInvokeArn string
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    signingJobArn string
    ARN of the signing job.
    signingProfileVersionArn string
    ARN of the signing profile version.
    sourceCodeSize number
    Size in bytes of the function .zip file.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    version string
    Latest published version of your Lambda Function.
    arn str
    Amazon Resource Name (ARN) identifying your Lambda Function.
    code_sha256 str
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    id str
    The provider-assigned unique ID for this managed resource.
    invoke_arn str
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    last_modified str
    Date this resource was last modified.
    qualified_arn str
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    qualified_invoke_arn str
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    signing_job_arn str
    ARN of the signing job.
    signing_profile_version_arn str
    ARN of the signing profile version.
    source_code_size int
    Size in bytes of the function .zip file.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    version str
    Latest published version of your Lambda Function.
    arn String
    Amazon Resource Name (ARN) identifying your Lambda Function.
    codeSha256 String
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    id String
    The provider-assigned unique ID for this managed resource.
    invokeArn String
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    lastModified String
    Date this resource was last modified.
    qualifiedArn String
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    qualifiedInvokeArn String
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    signingJobArn String
    ARN of the signing job.
    signingProfileVersionArn String
    ARN of the signing profile version.
    sourceCodeSize Number
    Size in bytes of the function .zip file.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    version String
    Latest published version of your Lambda Function.

    Look up Existing Function Resource

    Get an existing Function resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FunctionState, opts?: CustomResourceOptions): Function
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            architectures: Optional[Sequence[str]] = None,
            arn: Optional[str] = None,
            code: Optional[pulumi.Archive] = None,
            code_sha256: Optional[str] = None,
            code_signing_config_arn: Optional[str] = None,
            dead_letter_config: Optional[_lambda_.FunctionDeadLetterConfigArgs] = None,
            description: Optional[str] = None,
            environment: Optional[_lambda_.FunctionEnvironmentArgs] = None,
            ephemeral_storage: Optional[_lambda_.FunctionEphemeralStorageArgs] = None,
            file_system_config: Optional[_lambda_.FunctionFileSystemConfigArgs] = None,
            handler: Optional[str] = None,
            image_config: Optional[_lambda_.FunctionImageConfigArgs] = None,
            image_uri: Optional[str] = None,
            invoke_arn: Optional[str] = None,
            kms_key_arn: Optional[str] = None,
            last_modified: Optional[str] = None,
            layers: Optional[Sequence[str]] = None,
            logging_config: Optional[_lambda_.FunctionLoggingConfigArgs] = None,
            memory_size: Optional[int] = None,
            name: Optional[str] = None,
            package_type: Optional[str] = None,
            publish: Optional[bool] = None,
            qualified_arn: Optional[str] = None,
            qualified_invoke_arn: Optional[str] = None,
            replace_security_groups_on_destroy: Optional[bool] = None,
            replacement_security_group_ids: Optional[Sequence[str]] = None,
            reserved_concurrent_executions: Optional[int] = None,
            role: Optional[str] = None,
            runtime: Optional[Union[str, lambda_.Runtime]] = None,
            s3_bucket: Optional[str] = None,
            s3_key: Optional[str] = None,
            s3_object_version: Optional[str] = None,
            signing_job_arn: Optional[str] = None,
            signing_profile_version_arn: Optional[str] = None,
            skip_destroy: Optional[bool] = None,
            snap_start: Optional[_lambda_.FunctionSnapStartArgs] = None,
            source_code_hash: Optional[str] = None,
            source_code_size: Optional[int] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            timeout: Optional[int] = None,
            tracing_config: Optional[_lambda_.FunctionTracingConfigArgs] = None,
            version: Optional[str] = None,
            vpc_config: Optional[_lambda_.FunctionVpcConfigArgs] = None) -> Function
    func GetFunction(ctx *Context, name string, id IDInput, state *FunctionState, opts ...ResourceOption) (*Function, error)
    public static Function Get(string name, Input<string> id, FunctionState? state, CustomResourceOptions? opts = null)
    public static Function get(String name, Output<String> id, FunctionState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Architectures List<string>
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    Arn string
    Amazon Resource Name (ARN) identifying your Lambda Function.
    Code Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    CodeSha256 string
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    CodeSigningConfigArn string
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    DeadLetterConfig FunctionDeadLetterConfig
    Configuration block. Detailed below.
    Description string
    Description of what your Lambda Function does.
    Environment FunctionEnvironment
    Configuration block. Detailed below.
    EphemeralStorage FunctionEphemeralStorage
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    FileSystemConfig FunctionFileSystemConfig
    Configuration block. Detailed below.
    Handler string
    Function entrypoint in your code.
    ImageConfig FunctionImageConfig
    Configuration block. Detailed below.
    ImageUri string
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    InvokeArn string
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    KmsKeyArn string
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    LastModified string
    Date this resource was last modified.
    Layers List<string>
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    LoggingConfig FunctionLoggingConfig
    Configuration block used to specify advanced logging settings. Detailed below.
    MemorySize int
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    Name string
    Unique name for your Lambda Function.
    PackageType string
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    Publish bool
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    QualifiedArn string
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    QualifiedInvokeArn string
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    ReplaceSecurityGroupsOnDestroy bool
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    ReplacementSecurityGroupIds List<string>
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    ReservedConcurrentExecutions int
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    Role string

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    Runtime string | Pulumi.Aws.Lambda.Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    S3Bucket string
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    S3Key string
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    S3ObjectVersion string
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    SigningJobArn string
    ARN of the signing job.
    SigningProfileVersionArn string
    ARN of the signing profile version.
    SkipDestroy bool
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    SnapStart FunctionSnapStart
    Snap start settings block. Detailed below.
    SourceCodeHash string
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    SourceCodeSize int
    Size in bytes of the function .zip file.
    Tags Dictionary<string, string>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Timeout int
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    TracingConfig FunctionTracingConfig
    Configuration block. Detailed below.
    Version string
    Latest published version of your Lambda Function.
    VpcConfig FunctionVpcConfig
    Configuration block. Detailed below.
    Architectures []string
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    Arn string
    Amazon Resource Name (ARN) identifying your Lambda Function.
    Code pulumi.Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    CodeSha256 string
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    CodeSigningConfigArn string
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    DeadLetterConfig FunctionDeadLetterConfigArgs
    Configuration block. Detailed below.
    Description string
    Description of what your Lambda Function does.
    Environment FunctionEnvironmentArgs
    Configuration block. Detailed below.
    EphemeralStorage FunctionEphemeralStorageArgs
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    FileSystemConfig FunctionFileSystemConfigArgs
    Configuration block. Detailed below.
    Handler string
    Function entrypoint in your code.
    ImageConfig FunctionImageConfigArgs
    Configuration block. Detailed below.
    ImageUri string
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    InvokeArn string
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    KmsKeyArn string
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    LastModified string
    Date this resource was last modified.
    Layers []string
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    LoggingConfig FunctionLoggingConfigArgs
    Configuration block used to specify advanced logging settings. Detailed below.
    MemorySize int
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    Name string
    Unique name for your Lambda Function.
    PackageType string
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    Publish bool
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    QualifiedArn string
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    QualifiedInvokeArn string
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    ReplaceSecurityGroupsOnDestroy bool
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    ReplacementSecurityGroupIds []string
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    ReservedConcurrentExecutions int
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    Role string

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    Runtime string | Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    S3Bucket string
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    S3Key string
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    S3ObjectVersion string
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    SigningJobArn string
    ARN of the signing job.
    SigningProfileVersionArn string
    ARN of the signing profile version.
    SkipDestroy bool
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    SnapStart FunctionSnapStartArgs
    Snap start settings block. Detailed below.
    SourceCodeHash string
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    SourceCodeSize int
    Size in bytes of the function .zip file.
    Tags map[string]string
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    Timeout int
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    TracingConfig FunctionTracingConfigArgs
    Configuration block. Detailed below.
    Version string
    Latest published version of your Lambda Function.
    VpcConfig FunctionVpcConfigArgs
    Configuration block. Detailed below.
    architectures List<String>
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    arn String
    Amazon Resource Name (ARN) identifying your Lambda Function.
    code Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    codeSha256 String
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    codeSigningConfigArn String
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    deadLetterConfig FunctionDeadLetterConfig
    Configuration block. Detailed below.
    description String
    Description of what your Lambda Function does.
    environment FunctionEnvironment
    Configuration block. Detailed below.
    ephemeralStorage FunctionEphemeralStorage
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    fileSystemConfig FunctionFileSystemConfig
    Configuration block. Detailed below.
    handler String
    Function entrypoint in your code.
    imageConfig FunctionImageConfig
    Configuration block. Detailed below.
    imageUri String
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    invokeArn String
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    kmsKeyArn String
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    lastModified String
    Date this resource was last modified.
    layers List<String>
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    loggingConfig FunctionLoggingConfig
    Configuration block used to specify advanced logging settings. Detailed below.
    memorySize Integer
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    name String
    Unique name for your Lambda Function.
    packageType String
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    publish Boolean
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    qualifiedArn String
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    qualifiedInvokeArn String
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    replaceSecurityGroupsOnDestroy Boolean
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    replacementSecurityGroupIds List<String>
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    reservedConcurrentExecutions Integer
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    role String

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    runtime String | Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    s3Bucket String
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    s3Key String
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    s3ObjectVersion String
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    signingJobArn String
    ARN of the signing job.
    signingProfileVersionArn String
    ARN of the signing profile version.
    skipDestroy Boolean
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    snapStart FunctionSnapStart
    Snap start settings block. Detailed below.
    sourceCodeHash String
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    sourceCodeSize Integer
    Size in bytes of the function .zip file.
    tags Map<String,String>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    timeout Integer
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    tracingConfig FunctionTracingConfig
    Configuration block. Detailed below.
    version String
    Latest published version of your Lambda Function.
    vpcConfig FunctionVpcConfig
    Configuration block. Detailed below.
    architectures string[]
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    arn string
    Amazon Resource Name (ARN) identifying your Lambda Function.
    code pulumi.asset.Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    codeSha256 string
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    codeSigningConfigArn string
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    deadLetterConfig FunctionDeadLetterConfig
    Configuration block. Detailed below.
    description string
    Description of what your Lambda Function does.
    environment FunctionEnvironment
    Configuration block. Detailed below.
    ephemeralStorage FunctionEphemeralStorage
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    fileSystemConfig FunctionFileSystemConfig
    Configuration block. Detailed below.
    handler string
    Function entrypoint in your code.
    imageConfig FunctionImageConfig
    Configuration block. Detailed below.
    imageUri string
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    invokeArn string
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    kmsKeyArn string
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    lastModified string
    Date this resource was last modified.
    layers string[]
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    loggingConfig FunctionLoggingConfig
    Configuration block used to specify advanced logging settings. Detailed below.
    memorySize number
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    name string
    Unique name for your Lambda Function.
    packageType string
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    publish boolean
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    qualifiedArn string
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    qualifiedInvokeArn string
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    replaceSecurityGroupsOnDestroy boolean
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    replacementSecurityGroupIds string[]
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    reservedConcurrentExecutions number
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    role ARN

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    runtime string | Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    s3Bucket string
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    s3Key string
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    s3ObjectVersion string
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    signingJobArn string
    ARN of the signing job.
    signingProfileVersionArn string
    ARN of the signing profile version.
    skipDestroy boolean
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    snapStart FunctionSnapStart
    Snap start settings block. Detailed below.
    sourceCodeHash string
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    sourceCodeSize number
    Size in bytes of the function .zip file.
    tags {[key: string]: string}
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    timeout number
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    tracingConfig FunctionTracingConfig
    Configuration block. Detailed below.
    version string
    Latest published version of your Lambda Function.
    vpcConfig FunctionVpcConfig
    Configuration block. Detailed below.
    architectures Sequence[str]
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    arn str
    Amazon Resource Name (ARN) identifying your Lambda Function.
    code pulumi.Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    code_sha256 str
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    code_signing_config_arn str
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    dead_letter_config lambda_.FunctionDeadLetterConfigArgs
    Configuration block. Detailed below.
    description str
    Description of what your Lambda Function does.
    environment lambda_.FunctionEnvironmentArgs
    Configuration block. Detailed below.
    ephemeral_storage lambda_.FunctionEphemeralStorageArgs
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    file_system_config lambda_.FunctionFileSystemConfigArgs
    Configuration block. Detailed below.
    handler str
    Function entrypoint in your code.
    image_config lambda_.FunctionImageConfigArgs
    Configuration block. Detailed below.
    image_uri str
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    invoke_arn str
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    kms_key_arn str
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    last_modified str
    Date this resource was last modified.
    layers Sequence[str]
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    logging_config lambda_.FunctionLoggingConfigArgs
    Configuration block used to specify advanced logging settings. Detailed below.
    memory_size int
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    name str
    Unique name for your Lambda Function.
    package_type str
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    publish bool
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    qualified_arn str
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    qualified_invoke_arn str
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    replace_security_groups_on_destroy bool
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    replacement_security_group_ids Sequence[str]
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    reserved_concurrent_executions int
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    role str

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    runtime str | lambda_.Runtime
    Identifier of the function's runtime. See Runtimes for valid values.
    s3_bucket str
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    s3_key str
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    s3_object_version str
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    signing_job_arn str
    ARN of the signing job.
    signing_profile_version_arn str
    ARN of the signing profile version.
    skip_destroy bool
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    snap_start lambda_.FunctionSnapStartArgs
    Snap start settings block. Detailed below.
    source_code_hash str
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    source_code_size int
    Size in bytes of the function .zip file.
    tags Mapping[str, str]
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    timeout int
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    tracing_config lambda_.FunctionTracingConfigArgs
    Configuration block. Detailed below.
    version str
    Latest published version of your Lambda Function.
    vpc_config lambda_.FunctionVpcConfigArgs
    Configuration block. Detailed below.
    architectures List<String>
    Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same.
    arn String
    Amazon Resource Name (ARN) identifying your Lambda Function.
    code Archive
    Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
    codeSha256 String
    Base64-encoded representation of raw SHA-256 sum of the zip file.
    codeSigningConfigArn String
    To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
    deadLetterConfig Property Map
    Configuration block. Detailed below.
    description String
    Description of what your Lambda Function does.
    environment Property Map
    Configuration block. Detailed below.
    ephemeralStorage Property Map
    The amount of Ephemeral storage(/tmp) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of 512MB. Detailed below.
    fileSystemConfig Property Map
    Configuration block. Detailed below.
    handler String
    Function entrypoint in your code.
    imageConfig Property Map
    Configuration block. Detailed below.
    imageUri String
    ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
    invokeArn String
    ARN to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    kmsKeyArn String
    Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
    lastModified String
    Date this resource was last modified.
    layers List<String>
    List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
    loggingConfig Property Map
    Configuration block used to specify advanced logging settings. Detailed below.
    memorySize Number
    Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. See Limits
    name String
    Unique name for your Lambda Function.
    packageType String
    Lambda deployment package type. Valid values are Zip and Image. Defaults to Zip.
    publish Boolean
    Whether to publish creation/change as new Lambda Function Version. Defaults to false.
    qualifiedArn String
    ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
    qualifiedInvokeArn String
    Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws.apigateway.Integration's uri.
    replaceSecurityGroupsOnDestroy Boolean
    Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations. By default, the security groups will be replaced with the default security group in the function's configured VPC. Set the replacement_security_group_ids attribute to use a custom list of security groups for replacement.
    replacementSecurityGroupIds List<String>
    List of security group IDs to assign to the function's VPC configuration prior to destruction. replace_security_groups_on_destroy must be set to true to use this attribute.
    reservedConcurrentExecutions Number
    Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency
    role

    Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.

    The following arguments are optional:

    runtime String | "dotnet6" | "dotnet7" | "dotnet8" | "java11" | "java17" | "java21" | "java8.al2" | "nodejs18.x" | "nodejs20.x" | "provided.al2" | "provided.al2023" | "python3.10" | "python3.11" | "python3.12" | "python3.8" | "python3.9" | "ruby3.2" | "dotnet5.0" | "dotnetcore2.1" | "dotnetcore3.1" | "go1.x" | "java8" | "nodejs10.x" | "nodejs12.x" | "nodejs14.x" | "nodejs16.x" | "provided" | "python2.7" | "python3.6" | "python3.7" | "ruby2.5" | "ruby2.7"
    Identifier of the function's runtime. See Runtimes for valid values.
    s3Bucket String
    S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
    s3Key String
    S3 key of an object containing the function's deployment package. When s3_bucket is set, s3_key is required.
    s3ObjectVersion String
    Object version containing the function's deployment package. Conflicts with filename and image_uri.
    signingJobArn String
    ARN of the signing job.
    signingProfileVersionArn String
    ARN of the signing profile version.
    skipDestroy Boolean
    Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Pulumi state.
    snapStart Property Map
    Snap start settings block. Detailed below.
    sourceCodeHash String
    Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
    sourceCodeSize Number
    Size in bytes of the function .zip file.
    tags Map<String>
    Map of tags to assign to the object. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    timeout Number
    Amount of time your Lambda Function has to run in seconds. Defaults to 3. See Limits.
    tracingConfig Property Map
    Configuration block. Detailed below.
    version String
    Latest published version of your Lambda Function.
    vpcConfig Property Map
    Configuration block. Detailed below.

    Supporting Types

    FunctionDeadLetterConfig, FunctionDeadLetterConfigArgs

    TargetArn string
    ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the sns:Publish or sqs:SendMessage action on this ARN, depending on which service is targeted.
    TargetArn string
    ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the sns:Publish or sqs:SendMessage action on this ARN, depending on which service is targeted.
    targetArn String
    ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the sns:Publish or sqs:SendMessage action on this ARN, depending on which service is targeted.
    targetArn string
    ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the sns:Publish or sqs:SendMessage action on this ARN, depending on which service is targeted.
    target_arn str
    ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the sns:Publish or sqs:SendMessage action on this ARN, depending on which service is targeted.
    targetArn String
    ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the sns:Publish or sqs:SendMessage action on this ARN, depending on which service is targeted.

    FunctionEnvironment, FunctionEnvironmentArgs

    Variables Dictionary<string, string>
    Map of environment variables that are accessible from the function code during execution. If provided at least one key must be present.
    Variables map[string]string
    Map of environment variables that are accessible from the function code during execution. If provided at least one key must be present.
    variables Map<String,String>
    Map of environment variables that are accessible from the function code during execution. If provided at least one key must be present.
    variables {[key: string]: string}
    Map of environment variables that are accessible from the function code during execution. If provided at least one key must be present.
    variables Mapping[str, str]
    Map of environment variables that are accessible from the function code during execution. If provided at least one key must be present.
    variables Map<String>
    Map of environment variables that are accessible from the function code during execution. If provided at least one key must be present.

    FunctionEphemeralStorage, FunctionEphemeralStorageArgs

    Size int
    The size of the Lambda function Ephemeral storage(/tmp) represented in MB. The minimum supported ephemeral_storage value defaults to 512MB and the maximum supported value is 10240MB.
    Size int
    The size of the Lambda function Ephemeral storage(/tmp) represented in MB. The minimum supported ephemeral_storage value defaults to 512MB and the maximum supported value is 10240MB.
    size Integer
    The size of the Lambda function Ephemeral storage(/tmp) represented in MB. The minimum supported ephemeral_storage value defaults to 512MB and the maximum supported value is 10240MB.
    size number
    The size of the Lambda function Ephemeral storage(/tmp) represented in MB. The minimum supported ephemeral_storage value defaults to 512MB and the maximum supported value is 10240MB.
    size int
    The size of the Lambda function Ephemeral storage(/tmp) represented in MB. The minimum supported ephemeral_storage value defaults to 512MB and the maximum supported value is 10240MB.
    size Number
    The size of the Lambda function Ephemeral storage(/tmp) represented in MB. The minimum supported ephemeral_storage value defaults to 512MB and the maximum supported value is 10240MB.

    FunctionFileSystemConfig, FunctionFileSystemConfigArgs

    Arn string
    Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
    LocalMountPath string
    Path where the function can access the file system, starting with /mnt/.
    Arn string
    Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
    LocalMountPath string
    Path where the function can access the file system, starting with /mnt/.
    arn String
    Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
    localMountPath String
    Path where the function can access the file system, starting with /mnt/.
    arn string
    Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
    localMountPath string
    Path where the function can access the file system, starting with /mnt/.
    arn str
    Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
    local_mount_path str
    Path where the function can access the file system, starting with /mnt/.
    arn String
    Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
    localMountPath String
    Path where the function can access the file system, starting with /mnt/.

    FunctionImageConfig, FunctionImageConfigArgs

    Commands List<string>
    Parameters that you want to pass in with entry_point.
    EntryPoints List<string>
    Entry point to your application, which is typically the location of the runtime executable.
    WorkingDirectory string
    Working directory.
    Commands []string
    Parameters that you want to pass in with entry_point.
    EntryPoints []string
    Entry point to your application, which is typically the location of the runtime executable.
    WorkingDirectory string
    Working directory.
    commands List<String>
    Parameters that you want to pass in with entry_point.
    entryPoints List<String>
    Entry point to your application, which is typically the location of the runtime executable.
    workingDirectory String
    Working directory.
    commands string[]
    Parameters that you want to pass in with entry_point.
    entryPoints string[]
    Entry point to your application, which is typically the location of the runtime executable.
    workingDirectory string
    Working directory.
    commands Sequence[str]
    Parameters that you want to pass in with entry_point.
    entry_points Sequence[str]
    Entry point to your application, which is typically the location of the runtime executable.
    working_directory str
    Working directory.
    commands List<String>
    Parameters that you want to pass in with entry_point.
    entryPoints List<String>
    Entry point to your application, which is typically the location of the runtime executable.
    workingDirectory String
    Working directory.

    FunctionLoggingConfig, FunctionLoggingConfigArgs

    LogFormat string
    select between Text and structured JSON format for your function's logs.
    ApplicationLogLevel string
    for JSON structured logs, choose the detail level of the logs your application sends to CloudWatch when using supported logging libraries.
    LogGroup string
    the CloudWatch log group your function sends logs to.
    SystemLogLevel string
    for JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as ERROR, DEBUG, or INFO.
    LogFormat string
    select between Text and structured JSON format for your function's logs.
    ApplicationLogLevel string
    for JSON structured logs, choose the detail level of the logs your application sends to CloudWatch when using supported logging libraries.
    LogGroup string
    the CloudWatch log group your function sends logs to.
    SystemLogLevel string
    for JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as ERROR, DEBUG, or INFO.
    logFormat String
    select between Text and structured JSON format for your function's logs.
    applicationLogLevel String
    for JSON structured logs, choose the detail level of the logs your application sends to CloudWatch when using supported logging libraries.
    logGroup String
    the CloudWatch log group your function sends logs to.
    systemLogLevel String
    for JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as ERROR, DEBUG, or INFO.
    logFormat string
    select between Text and structured JSON format for your function's logs.
    applicationLogLevel string
    for JSON structured logs, choose the detail level of the logs your application sends to CloudWatch when using supported logging libraries.
    logGroup string
    the CloudWatch log group your function sends logs to.
    systemLogLevel string
    for JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as ERROR, DEBUG, or INFO.
    log_format str
    select between Text and structured JSON format for your function's logs.
    application_log_level str
    for JSON structured logs, choose the detail level of the logs your application sends to CloudWatch when using supported logging libraries.
    log_group str
    the CloudWatch log group your function sends logs to.
    system_log_level str
    for JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as ERROR, DEBUG, or INFO.
    logFormat String
    select between Text and structured JSON format for your function's logs.
    applicationLogLevel String
    for JSON structured logs, choose the detail level of the logs your application sends to CloudWatch when using supported logging libraries.
    logGroup String
    the CloudWatch log group your function sends logs to.
    systemLogLevel String
    for JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as ERROR, DEBUG, or INFO.

    FunctionSnapStart, FunctionSnapStartArgs

    ApplyOn string
    Conditions where snap start is enabled. Valid values are PublishedVersions.
    OptimizationStatus string
    Optimization status of the snap start configuration. Valid values are On and Off.
    ApplyOn string
    Conditions where snap start is enabled. Valid values are PublishedVersions.
    OptimizationStatus string
    Optimization status of the snap start configuration. Valid values are On and Off.
    applyOn String
    Conditions where snap start is enabled. Valid values are PublishedVersions.
    optimizationStatus String
    Optimization status of the snap start configuration. Valid values are On and Off.
    applyOn string
    Conditions where snap start is enabled. Valid values are PublishedVersions.
    optimizationStatus string
    Optimization status of the snap start configuration. Valid values are On and Off.
    apply_on str
    Conditions where snap start is enabled. Valid values are PublishedVersions.
    optimization_status str
    Optimization status of the snap start configuration. Valid values are On and Off.
    applyOn String
    Conditions where snap start is enabled. Valid values are PublishedVersions.
    optimizationStatus String
    Optimization status of the snap start configuration. Valid values are On and Off.

    FunctionTracingConfig, FunctionTracingConfigArgs

    Mode string
    Whether to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are PassThrough and Active. If PassThrough, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". If Active, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
    Mode string
    Whether to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are PassThrough and Active. If PassThrough, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". If Active, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
    mode String
    Whether to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are PassThrough and Active. If PassThrough, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". If Active, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
    mode string
    Whether to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are PassThrough and Active. If PassThrough, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". If Active, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
    mode str
    Whether to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are PassThrough and Active. If PassThrough, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". If Active, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
    mode String
    Whether to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are PassThrough and Active. If PassThrough, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". If Active, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.

    FunctionVpcConfig, FunctionVpcConfigArgs

    SecurityGroupIds List<string>
    List of security group IDs associated with the Lambda function.
    SubnetIds List<string>
    List of subnet IDs associated with the Lambda function.
    Ipv6AllowedForDualStack bool
    Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Default is false.
    VpcId string
    ID of the VPC.
    SecurityGroupIds []string
    List of security group IDs associated with the Lambda function.
    SubnetIds []string
    List of subnet IDs associated with the Lambda function.
    Ipv6AllowedForDualStack bool
    Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Default is false.
    VpcId string
    ID of the VPC.
    securityGroupIds List<String>
    List of security group IDs associated with the Lambda function.
    subnetIds List<String>
    List of subnet IDs associated with the Lambda function.
    ipv6AllowedForDualStack Boolean
    Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Default is false.
    vpcId String
    ID of the VPC.
    securityGroupIds string[]
    List of security group IDs associated with the Lambda function.
    subnetIds string[]
    List of subnet IDs associated with the Lambda function.
    ipv6AllowedForDualStack boolean
    Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Default is false.
    vpcId string
    ID of the VPC.
    security_group_ids Sequence[str]
    List of security group IDs associated with the Lambda function.
    subnet_ids Sequence[str]
    List of subnet IDs associated with the Lambda function.
    ipv6_allowed_for_dual_stack bool
    Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Default is false.
    vpc_id str
    ID of the VPC.
    securityGroupIds List<String>
    List of security group IDs associated with the Lambda function.
    subnetIds List<String>
    List of subnet IDs associated with the Lambda function.
    ipv6AllowedForDualStack Boolean
    Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Default is false.
    vpcId String
    ID of the VPC.

    Runtime, RuntimeArgs

    Dotnet6
    dotnet6
    Dotnet7
    dotnet7
    Dotnet8
    dotnet8
    Java11
    java11
    Java17
    java17
    Java21
    java21
    Java8AL2
    java8.al2
    NodeJS18dX
    nodejs18.x
    NodeJS20dX
    nodejs20.x
    CustomAL2
    provided.al2
    CustomAL2023
    provided.al2023
    Python3d10
    python3.10
    Python3d11
    python3.11
    Python3d12
    python3.12
    Python3d8
    python3.8
    Python3d9
    python3.9
    Ruby3d2
    ruby3.2
    Dotnet5d0
    dotnet5.0

    Deprecated: This runtime is now deprecated

    DotnetCore2d1
    dotnetcore2.1

    Deprecated: This runtime is now deprecated

    DotnetCore3d1
    dotnetcore3.1

    Deprecated: This runtime is now deprecated

    Go1dx
    go1.x

    Deprecated: This runtime is now deprecated

    Java8
    java8

    Deprecated: This runtime is now deprecated

    NodeJS10dX
    nodejs10.x

    Deprecated: This runtime is now deprecated

    NodeJS12dX
    nodejs12.x

    Deprecated: This runtime is now deprecated

    NodeJS14dX
    nodejs14.x

    Deprecated: This runtime is now deprecated

    NodeJS16dX
    nodejs16.x

    Deprecated: This runtime is now deprecated

    Custom
    provided

    Deprecated: This runtime is now deprecated

    Python2d7
    python2.7

    Deprecated: This runtime is now deprecated

    Python3d6
    python3.6

    Deprecated: This runtime is now deprecated

    Python3d7
    python3.7

    Deprecated: This runtime is now deprecated

    Ruby2d5
    ruby2.5

    Deprecated: This runtime is now deprecated

    Ruby2d7
    ruby2.7

    Deprecated: This runtime is now deprecated

    RuntimeDotnet6
    dotnet6
    RuntimeDotnet7
    dotnet7
    RuntimeDotnet8
    dotnet8
    RuntimeJava11
    java11
    RuntimeJava17
    java17
    RuntimeJava21
    java21
    RuntimeJava8AL2
    java8.al2
    RuntimeNodeJS18dX
    nodejs18.x
    RuntimeNodeJS20dX
    nodejs20.x
    RuntimeCustomAL2
    provided.al2
    RuntimeCustomAL2023
    provided.al2023
    RuntimePython3d10
    python3.10
    RuntimePython3d11
    python3.11
    RuntimePython3d12
    python3.12
    RuntimePython3d8
    python3.8
    RuntimePython3d9
    python3.9
    RuntimeRuby3d2
    ruby3.2
    RuntimeDotnet5d0
    dotnet5.0

    Deprecated: This runtime is now deprecated

    RuntimeDotnetCore2d1
    dotnetcore2.1

    Deprecated: This runtime is now deprecated

    RuntimeDotnetCore3d1
    dotnetcore3.1

    Deprecated: This runtime is now deprecated

    RuntimeGo1dx
    go1.x

    Deprecated: This runtime is now deprecated

    RuntimeJava8
    java8

    Deprecated: This runtime is now deprecated

    RuntimeNodeJS10dX
    nodejs10.x

    Deprecated: This runtime is now deprecated

    RuntimeNodeJS12dX
    nodejs12.x

    Deprecated: This runtime is now deprecated

    RuntimeNodeJS14dX
    nodejs14.x

    Deprecated: This runtime is now deprecated

    RuntimeNodeJS16dX
    nodejs16.x

    Deprecated: This runtime is now deprecated

    RuntimeCustom
    provided

    Deprecated: This runtime is now deprecated

    RuntimePython2d7
    python2.7

    Deprecated: This runtime is now deprecated

    RuntimePython3d6
    python3.6

    Deprecated: This runtime is now deprecated

    RuntimePython3d7
    python3.7

    Deprecated: This runtime is now deprecated

    RuntimeRuby2d5
    ruby2.5

    Deprecated: This runtime is now deprecated

    RuntimeRuby2d7
    ruby2.7

    Deprecated: This runtime is now deprecated

    Dotnet6
    dotnet6
    Dotnet7
    dotnet7
    Dotnet8
    dotnet8
    Java11
    java11
    Java17
    java17
    Java21
    java21
    Java8AL2
    java8.al2
    NodeJS18dX
    nodejs18.x
    NodeJS20dX
    nodejs20.x
    CustomAL2
    provided.al2
    CustomAL2023
    provided.al2023
    Python3d10
    python3.10
    Python3d11
    python3.11
    Python3d12
    python3.12
    Python3d8
    python3.8
    Python3d9
    python3.9
    Ruby3d2
    ruby3.2
    Dotnet5d0
    dotnet5.0

    Deprecated: This runtime is now deprecated

    DotnetCore2d1
    dotnetcore2.1

    Deprecated: This runtime is now deprecated

    DotnetCore3d1
    dotnetcore3.1

    Deprecated: This runtime is now deprecated

    Go1dx
    go1.x

    Deprecated: This runtime is now deprecated

    Java8
    java8

    Deprecated: This runtime is now deprecated

    NodeJS10dX
    nodejs10.x

    Deprecated: This runtime is now deprecated

    NodeJS12dX
    nodejs12.x

    Deprecated: This runtime is now deprecated

    NodeJS14dX
    nodejs14.x

    Deprecated: This runtime is now deprecated

    NodeJS16dX
    nodejs16.x

    Deprecated: This runtime is now deprecated

    Custom
    provided

    Deprecated: This runtime is now deprecated

    Python2d7
    python2.7

    Deprecated: This runtime is now deprecated

    Python3d6
    python3.6

    Deprecated: This runtime is now deprecated

    Python3d7
    python3.7

    Deprecated: This runtime is now deprecated

    Ruby2d5
    ruby2.5

    Deprecated: This runtime is now deprecated

    Ruby2d7
    ruby2.7

    Deprecated: This runtime is now deprecated

    Dotnet6
    dotnet6
    Dotnet7
    dotnet7
    Dotnet8
    dotnet8
    Java11
    java11
    Java17
    java17
    Java21
    java21
    Java8AL2
    java8.al2
    NodeJS18dX
    nodejs18.x
    NodeJS20dX
    nodejs20.x
    CustomAL2
    provided.al2
    CustomAL2023
    provided.al2023
    Python3d10
    python3.10
    Python3d11
    python3.11
    Python3d12
    python3.12
    Python3d8
    python3.8
    Python3d9
    python3.9
    Ruby3d2
    ruby3.2
    Dotnet5d0
    dotnet5.0

    Deprecated: This runtime is now deprecated

    DotnetCore2d1
    dotnetcore2.1

    Deprecated: This runtime is now deprecated

    DotnetCore3d1
    dotnetcore3.1

    Deprecated: This runtime is now deprecated

    Go1dx
    go1.x

    Deprecated: This runtime is now deprecated

    Java8
    java8

    Deprecated: This runtime is now deprecated

    NodeJS10dX
    nodejs10.x

    Deprecated: This runtime is now deprecated

    NodeJS12dX
    nodejs12.x

    Deprecated: This runtime is now deprecated

    NodeJS14dX
    nodejs14.x

    Deprecated: This runtime is now deprecated

    NodeJS16dX
    nodejs16.x

    Deprecated: This runtime is now deprecated

    Custom
    provided

    Deprecated: This runtime is now deprecated

    Python2d7
    python2.7

    Deprecated: This runtime is now deprecated

    Python3d6
    python3.6

    Deprecated: This runtime is now deprecated

    Python3d7
    python3.7

    Deprecated: This runtime is now deprecated

    Ruby2d5
    ruby2.5

    Deprecated: This runtime is now deprecated

    Ruby2d7
    ruby2.7

    Deprecated: This runtime is now deprecated

    DOTNET6
    dotnet6
    DOTNET7
    dotnet7
    DOTNET8
    dotnet8
    JAVA11
    java11
    JAVA17
    java17
    JAVA21
    java21
    JAVA8_AL2
    java8.al2
    NODE_JS18D_X
    nodejs18.x
    NODE_JS20D_X
    nodejs20.x
    CUSTOM_AL2
    provided.al2
    CUSTOM_AL2023
    provided.al2023
    PYTHON3D10
    python3.10
    PYTHON3D11
    python3.11
    PYTHON3D12
    python3.12
    PYTHON3D8
    python3.8
    PYTHON3D9
    python3.9
    RUBY3D2
    ruby3.2
    DOTNET5D0
    dotnet5.0

    Deprecated: This runtime is now deprecated

    DOTNET_CORE2D1
    dotnetcore2.1

    Deprecated: This runtime is now deprecated

    DOTNET_CORE3D1
    dotnetcore3.1

    Deprecated: This runtime is now deprecated

    GO1DX
    go1.x

    Deprecated: This runtime is now deprecated

    JAVA8
    java8

    Deprecated: This runtime is now deprecated

    NODE_JS10D_X
    nodejs10.x

    Deprecated: This runtime is now deprecated

    NODE_JS12D_X
    nodejs12.x

    Deprecated: This runtime is now deprecated

    NODE_JS14D_X
    nodejs14.x

    Deprecated: This runtime is now deprecated

    NODE_JS16D_X
    nodejs16.x

    Deprecated: This runtime is now deprecated

    CUSTOM
    provided

    Deprecated: This runtime is now deprecated

    PYTHON2D7
    python2.7

    Deprecated: This runtime is now deprecated

    PYTHON3D6
    python3.6

    Deprecated: This runtime is now deprecated

    PYTHON3D7
    python3.7

    Deprecated: This runtime is now deprecated

    RUBY2D5
    ruby2.5

    Deprecated: This runtime is now deprecated

    RUBY2D7
    ruby2.7

    Deprecated: This runtime is now deprecated

    "dotnet6"
    dotnet6
    "dotnet7"
    dotnet7
    "dotnet8"
    dotnet8
    "java11"
    java11
    "java17"
    java17
    "java21"
    java21
    "java8.al2"
    java8.al2
    "nodejs18.x"
    nodejs18.x
    "nodejs20.x"
    nodejs20.x
    "provided.al2"
    provided.al2
    "provided.al2023"
    provided.al2023
    "python3.10"
    python3.10
    "python3.11"
    python3.11
    "python3.12"
    python3.12
    "python3.8"
    python3.8
    "python3.9"
    python3.9
    "ruby3.2"
    ruby3.2
    "dotnet5.0"
    dotnet5.0

    Deprecated: This runtime is now deprecated

    "dotnetcore2.1"
    dotnetcore2.1

    Deprecated: This runtime is now deprecated

    "dotnetcore3.1"
    dotnetcore3.1

    Deprecated: This runtime is now deprecated

    "go1.x"
    go1.x

    Deprecated: This runtime is now deprecated

    "java8"
    java8

    Deprecated: This runtime is now deprecated

    "nodejs10.x"
    nodejs10.x

    Deprecated: This runtime is now deprecated

    "nodejs12.x"
    nodejs12.x

    Deprecated: This runtime is now deprecated

    "nodejs14.x"
    nodejs14.x

    Deprecated: This runtime is now deprecated

    "nodejs16.x"
    nodejs16.x

    Deprecated: This runtime is now deprecated

    "provided"
    provided

    Deprecated: This runtime is now deprecated

    "python2.7"
    python2.7

    Deprecated: This runtime is now deprecated

    "python3.6"
    python3.6

    Deprecated: This runtime is now deprecated

    "python3.7"
    python3.7

    Deprecated: This runtime is now deprecated

    "ruby2.5"
    ruby2.5

    Deprecated: This runtime is now deprecated

    "ruby2.7"
    ruby2.7

    Deprecated: This runtime is now deprecated

    Import

    Using pulumi import, import Lambda Functions using the function_name. For example:

    $ pulumi import aws:lambda/function:Function test_lambda my_test_lambda_function
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.63.0 published on Wednesday, Dec 4, 2024 by Pulumi