AWS Classic
Function
Provides a Lambda Function resource. Lambda allows you to trigger execution of code in response to events in AWS, enabling serverless backend solutions. The Lambda Function itself includes source code and runtime configuration.
For information about Lambda and how to use it, see What is AWS Lambda?
To give an external source (like a CloudWatch Event Rule, SNS, or S3) permission to access the Lambda function, use the
aws.lambda.Permission
resource. See [Lambda ****Permission Model][4] for more details. On the other hand, therole
argument of this resource is the function’s execution role for identity and access to AWS services and resources.
NOTE: Due to AWS Lambda improved VPC networking changes that began deploying in September 2019, EC2 subnets and security groups associated with Lambda Functions can take up to 45 minutes to successfully delete.
To give an external source (like an EventBridge Rule, SNS, or S3) permission to access the Lambda function, use the
aws.lambda.Permission
resource. See Lambda Permission Model for more details. On the other hand, therole
argument of this resource is the function’s execution role for identity and access to AWS services and resources.
Example Usage
Basic Example
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var iamForLambda = new Aws.Iam.Role("iamForLambda", new Aws.Iam.RoleArgs
{
AssumeRolePolicy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": ""sts:AssumeRole"",
""Principal"": {
""Service"": ""lambda.amazonaws.com""
},
""Effect"": ""Allow"",
""Sid"": """"
}
]
}
",
});
var testLambda = new Aws.Lambda.Function("testLambda", new Aws.Lambda.FunctionArgs
{
Code = new FileArchive("lambda_function_payload.zip"),
Role = iamForLambda.Arn,
Handler = "index.test",
Runtime = "nodejs12.x",
Environment = new Aws.Lambda.Inputs.FunctionEnvironmentArgs
{
Variables =
{
{ "foo", "bar" },
},
},
});
}
}
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
iamForLambda, err := iam.NewRole(ctx, "iamForLambda", &iam.RoleArgs{
AssumeRolePolicy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": \"sts:AssumeRole\",\n", " \"Principal\": {\n", " \"Service\": \"lambda.amazonaws.com\"\n", " },\n", " \"Effect\": \"Allow\",\n", " \"Sid\": \"\"\n", " }\n", " ]\n", "}\n")),
})
if err != nil {
return err
}
_, err = lambda.NewFunction(ctx, "testLambda", &lambda.FunctionArgs{
Code: pulumi.NewFileArchive("lambda_function_payload.zip"),
Role: iamForLambda.Arn,
Handler: pulumi.String("index.test"),
Runtime: pulumi.String("nodejs12.x"),
Environment: &lambda.FunctionEnvironmentArgs{
Variables: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var iamForLambda = new Role("iamForLambda", RoleArgs.builder()
.assumeRolePolicy("""
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
""")
.build());
var testLambda = new Function("testLambda", FunctionArgs.builder()
.code(new FileArchive("lambda_function_payload.zip"))
.role(iamForLambda.arn())
.handler("index.test")
.runtime("nodejs12.x")
.environment(FunctionEnvironmentArgs.builder()
.variables(Map.of("foo", "bar"))
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
iam_for_lambda = aws.iam.Role("iamForLambda", assume_role_policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
""")
test_lambda = aws.lambda_.Function("testLambda",
code=pulumi.FileArchive("lambda_function_payload.zip"),
role=iam_for_lambda.arn,
handler="index.test",
runtime="nodejs12.x",
environment=aws.lambda..FunctionEnvironmentArgs(
variables={
"foo": "bar",
},
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const iamForLambda = new aws.iam.Role("iamForLambda", {assumeRolePolicy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
`});
const testLambda = new aws.lambda.Function("testLambda", {
code: new pulumi.asset.FileArchive("lambda_function_payload.zip"),
role: iamForLambda.arn,
handler: "index.test",
runtime: "nodejs12.x",
environment: {
variables: {
foo: "bar",
},
},
});
resources:
iamForLambda:
type: aws:iam:Role
properties:
assumeRolePolicy: |
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
testLambda:
type: aws:lambda:Function
properties:
code:
Fn::FileArchive: lambda_function_payload.zip
role: ${iamForLambda.arn}
handler: index.test
runtime: nodejs12.x
environment:
variables:
foo: bar
Lambda Layers
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var exampleLayerVersion = new Aws.Lambda.LayerVersion("exampleLayerVersion", new Aws.Lambda.LayerVersionArgs
{
});
// ... other configuration ...
var exampleFunction = new Aws.Lambda.Function("exampleFunction", new Aws.Lambda.FunctionArgs
{
Layers =
{
exampleLayerVersion.Arn,
},
});
}
}
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleLayerVersion, err := lambda.NewLayerVersion(ctx, "exampleLayerVersion", nil)
if err != nil {
return err
}
_, err = lambda.NewFunction(ctx, "exampleFunction", &lambda.FunctionArgs{
Layers: pulumi.StringArray{
exampleLayerVersion.Arn,
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleLayerVersion = new LayerVersion("exampleLayerVersion");
var exampleFunction = new Function("exampleFunction", FunctionArgs.builder()
.layers(exampleLayerVersion.arn())
.build());
}
}
import pulumi
import pulumi_aws as aws
example_layer_version = aws.lambda_.LayerVersion("exampleLayerVersion")
# ... other configuration ...
example_function = aws.lambda_.Function("exampleFunction", layers=[example_layer_version.arn])
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const exampleLayerVersion = new aws.lambda.LayerVersion("exampleLayerVersion", {});
// ... other configuration ...
const exampleFunction = new aws.lambda.Function("exampleFunction", {layers: [exampleLayerVersion.arn]});
resources:
exampleLayerVersion:
type: aws:lambda:LayerVersion
exampleFunction:
type: aws:lambda:Function
properties:
layers:
- ${exampleLayerVersion.arn}
Lambda Ephemeral Storage
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var iamForLambda = new Aws.Iam.Role("iamForLambda", new Aws.Iam.RoleArgs
{
AssumeRolePolicy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": ""sts:AssumeRole"",
""Principal"": {
""Service"": ""lambda.amazonaws.com""
},
""Effect"": ""Allow"",
""Sid"": """"
}
]
}
",
});
var testLambda = new Aws.Lambda.Function("testLambda", new Aws.Lambda.FunctionArgs
{
Code = new FileArchive("lambda_function_payload.zip"),
Role = iamForLambda.Arn,
Handler = "index.test",
Runtime = "nodejs14.x",
EphemeralStorage = new Aws.Lambda.Inputs.FunctionEphemeralStorageArgs
{
Size = 10240,
},
});
}
}
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
iamForLambda, err := iam.NewRole(ctx, "iamForLambda", &iam.RoleArgs{
AssumeRolePolicy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": \"sts:AssumeRole\",\n", " \"Principal\": {\n", " \"Service\": \"lambda.amazonaws.com\"\n", " },\n", " \"Effect\": \"Allow\",\n", " \"Sid\": \"\"\n", " }\n", " ]\n", "}\n")),
})
if err != nil {
return err
}
_, err = lambda.NewFunction(ctx, "testLambda", &lambda.FunctionArgs{
Code: pulumi.NewFileArchive("lambda_function_payload.zip"),
Role: iamForLambda.Arn,
Handler: pulumi.String("index.test"),
Runtime: pulumi.String("nodejs14.x"),
EphemeralStorage: &lambda.FunctionEphemeralStorageArgs{
Size: pulumi.Int(10240),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var iamForLambda = new Role("iamForLambda", RoleArgs.builder()
.assumeRolePolicy("""
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
""")
.build());
var testLambda = new Function("testLambda", FunctionArgs.builder()
.code(new FileArchive("lambda_function_payload.zip"))
.role(iamForLambda.arn())
.handler("index.test")
.runtime("nodejs14.x")
.ephemeralStorage(FunctionEphemeralStorageArgs.builder()
.size(10240)
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
iam_for_lambda = aws.iam.Role("iamForLambda", assume_role_policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
""")
test_lambda = aws.lambda_.Function("testLambda",
code=pulumi.FileArchive("lambda_function_payload.zip"),
role=iam_for_lambda.arn,
handler="index.test",
runtime="nodejs14.x",
ephemeral_storage=aws.lambda..FunctionEphemeralStorageArgs(
size=10240,
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const iamForLambda = new aws.iam.Role("iamForLambda", {assumeRolePolicy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
`});
const testLambda = new aws.lambda.Function("testLambda", {
code: new pulumi.asset.FileArchive("lambda_function_payload.zip"),
role: iamForLambda.arn,
handler: "index.test",
runtime: "nodejs14.x",
ephemeralStorage: {
size: 10240,
},
});
resources:
iamForLambda:
type: aws:iam:Role
properties:
assumeRolePolicy: |
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
testLambda:
type: aws:lambda:Function
properties:
code:
Fn::FileArchive: lambda_function_payload.zip
role: ${iamForLambda.arn}
handler: index.test
runtime: nodejs14.x
ephemeralStorage:
size: 10240
Lambda File Systems
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
// EFS file system
var efsForLambda = new Aws.Efs.FileSystem("efsForLambda", new Aws.Efs.FileSystemArgs
{
Tags =
{
{ "Name", "efs_for_lambda" },
},
});
// Mount target connects the file system to the subnet
var alpha = new Aws.Efs.MountTarget("alpha", new Aws.Efs.MountTargetArgs
{
FileSystemId = efsForLambda.Id,
SubnetId = aws_subnet.Subnet_for_lambda.Id,
SecurityGroups =
{
aws_security_group.Sg_for_lambda.Id,
},
});
// EFS access point used by lambda file system
var accessPointForLambda = new Aws.Efs.AccessPoint("accessPointForLambda", new Aws.Efs.AccessPointArgs
{
FileSystemId = efsForLambda.Id,
RootDirectory = new Aws.Efs.Inputs.AccessPointRootDirectoryArgs
{
Path = "/lambda",
CreationInfo = new Aws.Efs.Inputs.AccessPointRootDirectoryCreationInfoArgs
{
OwnerGid = 1000,
OwnerUid = 1000,
Permissions = "777",
},
},
PosixUser = new Aws.Efs.Inputs.AccessPointPosixUserArgs
{
Gid = 1000,
Uid = 1000,
},
});
// A lambda function connected to an EFS file system
// ... other configuration ...
var example = new Aws.Lambda.Function("example", new Aws.Lambda.FunctionArgs
{
FileSystemConfig = new Aws.Lambda.Inputs.FunctionFileSystemConfigArgs
{
Arn = accessPointForLambda.Arn,
LocalMountPath = "/mnt/efs",
},
VpcConfig = new Aws.Lambda.Inputs.FunctionVpcConfigArgs
{
SubnetIds =
{
aws_subnet.Subnet_for_lambda.Id,
},
SecurityGroupIds =
{
aws_security_group.Sg_for_lambda.Id,
},
},
}, new CustomResourceOptions
{
DependsOn =
{
alpha,
},
});
}
}
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/efs"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
efsForLambda, err := efs.NewFileSystem(ctx, "efsForLambda", &efs.FileSystemArgs{
Tags: pulumi.StringMap{
"Name": pulumi.String("efs_for_lambda"),
},
})
if err != nil {
return err
}
alpha, err := efs.NewMountTarget(ctx, "alpha", &efs.MountTargetArgs{
FileSystemId: efsForLambda.ID(),
SubnetId: pulumi.Any(aws_subnet.Subnet_for_lambda.Id),
SecurityGroups: pulumi.StringArray{
pulumi.Any(aws_security_group.Sg_for_lambda.Id),
},
})
if err != nil {
return err
}
accessPointForLambda, err := efs.NewAccessPoint(ctx, "accessPointForLambda", &efs.AccessPointArgs{
FileSystemId: efsForLambda.ID(),
RootDirectory: &efs.AccessPointRootDirectoryArgs{
Path: pulumi.String("/lambda"),
CreationInfo: &efs.AccessPointRootDirectoryCreationInfoArgs{
OwnerGid: pulumi.Int(1000),
OwnerUid: pulumi.Int(1000),
Permissions: pulumi.String("777"),
},
},
PosixUser: &efs.AccessPointPosixUserArgs{
Gid: pulumi.Int(1000),
Uid: pulumi.Int(1000),
},
})
if err != nil {
return err
}
_, err = lambda.NewFunction(ctx, "example", &lambda.FunctionArgs{
FileSystemConfig: &lambda.FunctionFileSystemConfigArgs{
Arn: accessPointForLambda.Arn,
LocalMountPath: pulumi.String("/mnt/efs"),
},
VpcConfig: &lambda.FunctionVpcConfigArgs{
SubnetIds: pulumi.StringArray{
pulumi.Any(aws_subnet.Subnet_for_lambda.Id),
},
SecurityGroupIds: pulumi.StringArray{
pulumi.Any(aws_security_group.Sg_for_lambda.Id),
},
},
}, pulumi.DependsOn([]pulumi.Resource{
alpha,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
import com.pulumi.resources.CustomResourceOptions;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var efsForLambda = new FileSystem("efsForLambda", FileSystemArgs.builder()
.tags(Map.of("Name", "efs_for_lambda"))
.build());
var alpha = new MountTarget("alpha", MountTargetArgs.builder()
.fileSystemId(efsForLambda.id())
.subnetId(aws_subnet.subnet_for_lambda().id())
.securityGroups(aws_security_group.sg_for_lambda().id())
.build());
var accessPointForLambda = new AccessPoint("accessPointForLambda", AccessPointArgs.builder()
.fileSystemId(efsForLambda.id())
.rootDirectory(AccessPointRootDirectoryArgs.builder()
.path("/lambda")
.creationInfo(AccessPointRootDirectoryCreationInfoArgs.builder()
.ownerGid(1000)
.ownerUid(1000)
.permissions("777")
.build())
.build())
.posixUser(AccessPointPosixUserArgs.builder()
.gid(1000)
.uid(1000)
.build())
.build());
var example = new Function("example", FunctionArgs.builder()
.fileSystemConfig(FunctionFileSystemConfigArgs.builder()
.arn(accessPointForLambda.arn())
.localMountPath("/mnt/efs")
.build())
.vpcConfig(FunctionVpcConfigArgs.builder()
.subnetIds(aws_subnet.subnet_for_lambda().id())
.securityGroupIds(aws_security_group.sg_for_lambda().id())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(alpha)
.build());
}
}
import pulumi
import pulumi_aws as aws
# EFS file system
efs_for_lambda = aws.efs.FileSystem("efsForLambda", tags={
"Name": "efs_for_lambda",
})
# Mount target connects the file system to the subnet
alpha = aws.efs.MountTarget("alpha",
file_system_id=efs_for_lambda.id,
subnet_id=aws_subnet["subnet_for_lambda"]["id"],
security_groups=[aws_security_group["sg_for_lambda"]["id"]])
# EFS access point used by lambda file system
access_point_for_lambda = aws.efs.AccessPoint("accessPointForLambda",
file_system_id=efs_for_lambda.id,
root_directory=aws.efs.AccessPointRootDirectoryArgs(
path="/lambda",
creation_info=aws.efs.AccessPointRootDirectoryCreationInfoArgs(
owner_gid=1000,
owner_uid=1000,
permissions="777",
),
),
posix_user=aws.efs.AccessPointPosixUserArgs(
gid=1000,
uid=1000,
))
# A lambda function connected to an EFS file system
# ... other configuration ...
example = aws.lambda_.Function("example",
file_system_config=aws.lambda..FunctionFileSystemConfigArgs(
arn=access_point_for_lambda.arn,
local_mount_path="/mnt/efs",
),
vpc_config=aws.lambda..FunctionVpcConfigArgs(
subnet_ids=[aws_subnet["subnet_for_lambda"]["id"]],
security_group_ids=[aws_security_group["sg_for_lambda"]["id"]],
),
opts=pulumi.ResourceOptions(depends_on=[alpha]))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
// EFS file system
const efsForLambda = new aws.efs.FileSystem("efsForLambda", {tags: {
Name: "efs_for_lambda",
}});
// Mount target connects the file system to the subnet
const alpha = new aws.efs.MountTarget("alpha", {
fileSystemId: efsForLambda.id,
subnetId: aws_subnet.subnet_for_lambda.id,
securityGroups: [aws_security_group.sg_for_lambda.id],
});
// EFS access point used by lambda file system
const accessPointForLambda = new aws.efs.AccessPoint("accessPointForLambda", {
fileSystemId: efsForLambda.id,
rootDirectory: {
path: "/lambda",
creationInfo: {
ownerGid: 1000,
ownerUid: 1000,
permissions: "777",
},
},
posixUser: {
gid: 1000,
uid: 1000,
},
});
// A lambda function connected to an EFS file system
// ... other configuration ...
const example = new aws.lambda.Function("example", {
fileSystemConfig: {
arn: accessPointForLambda.arn,
localMountPath: "/mnt/efs",
},
vpcConfig: {
subnetIds: [aws_subnet.subnet_for_lambda.id],
securityGroupIds: [aws_security_group.sg_for_lambda.id],
},
}, {
dependsOn: [alpha],
});
resources:
example:
type: aws:lambda:Function
properties:
fileSystemConfig:
arn: ${accessPointForLambda.arn}
localMountPath: /mnt/efs
vpcConfig:
subnetIds:
- ${aws_subnet.subnet_for_lambda.id}
securityGroupIds:
- ${aws_security_group.sg_for_lambda.id}
options:
dependson:
- ${alpha}
efsForLambda:
type: aws:efs:FileSystem
properties:
tags:
Name: efs_for_lambda
alpha:
type: aws:efs:MountTarget
properties:
fileSystemId: ${efsForLambda.id}
subnetId: ${aws_subnet.subnet_for_lambda.id}
securityGroups:
- ${aws_security_group.sg_for_lambda.id}
accessPointForLambda:
type: aws:efs:AccessPoint
properties:
fileSystemId: ${efsForLambda.id}
rootDirectory:
path: /lambda
creationInfo:
ownerGid: 1000
ownerUid: 1000
permissions: 777
posixUser:
gid: 1000
uid: 1000
CloudWatch Logging and Permissions
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var config = new Config();
var lambdaFunctionName = config.Get("lambdaFunctionName") ?? "lambda_function_name";
// This is to optionally manage the CloudWatch Log Group for the Lambda Function.
// If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
var example = new Aws.CloudWatch.LogGroup("example", new Aws.CloudWatch.LogGroupArgs
{
RetentionInDays = 14,
});
// See also the following AWS managed policy: AWSLambdaBasicExecutionRole
var lambdaLogging = new Aws.Iam.Policy("lambdaLogging", new Aws.Iam.PolicyArgs
{
Path = "/",
Description = "IAM policy for logging from a lambda",
Policy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": [
""logs:CreateLogGroup"",
""logs:CreateLogStream"",
""logs:PutLogEvents""
],
""Resource"": ""arn:aws:logs:*:*:*"",
""Effect"": ""Allow""
}
]
}
",
});
var lambdaLogs = new Aws.Iam.RolePolicyAttachment("lambdaLogs", new Aws.Iam.RolePolicyAttachmentArgs
{
Role = aws_iam_role.Iam_for_lambda.Name,
PolicyArn = lambdaLogging.Arn,
});
var testLambda = new Aws.Lambda.Function("testLambda", new Aws.Lambda.FunctionArgs
{
}, new CustomResourceOptions
{
DependsOn =
{
lambdaLogs,
example,
},
});
}
}
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudwatch"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi/config"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
cfg := config.New(ctx, "")
lambdaFunctionName := "lambda_function_name"
if param := cfg.Get("lambdaFunctionName"); param != "" {
lambdaFunctionName = param
}
example, err := cloudwatch.NewLogGroup(ctx, "example", &cloudwatch.LogGroupArgs{
RetentionInDays: pulumi.Int(14),
})
if err != nil {
return err
}
lambdaLogging, err := iam.NewPolicy(ctx, "lambdaLogging", &iam.PolicyArgs{
Path: pulumi.String("/"),
Description: pulumi.String("IAM policy for logging from a lambda"),
Policy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": [\n", " \"logs:CreateLogGroup\",\n", " \"logs:CreateLogStream\",\n", " \"logs:PutLogEvents\"\n", " ],\n", " \"Resource\": \"arn:aws:logs:*:*:*\",\n", " \"Effect\": \"Allow\"\n", " }\n", " ]\n", "}\n")),
})
if err != nil {
return err
}
lambdaLogs, err := iam.NewRolePolicyAttachment(ctx, "lambdaLogs", &iam.RolePolicyAttachmentArgs{
Role: pulumi.Any(aws_iam_role.Iam_for_lambda.Name),
PolicyArn: lambdaLogging.Arn,
})
if err != nil {
return err
}
_, err = lambda.NewFunction(ctx, "testLambda", nil, pulumi.DependsOn([]pulumi.Resource{
lambdaLogs,
example,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
import com.pulumi.resources.CustomResourceOptions;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var config = ctx.config();
final var lambdaFunctionName = config.get("lambdaFunctionName").orElse("lambda_function_name");
var example = new LogGroup("example", LogGroupArgs.builder()
.retentionInDays(14)
.build());
var lambdaLogging = new Policy("lambdaLogging", PolicyArgs.builder()
.path("/")
.description("IAM policy for logging from a lambda")
.policy("""
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*",
"Effect": "Allow"
}
]
}
""")
.build());
var lambdaLogs = new RolePolicyAttachment("lambdaLogs", RolePolicyAttachmentArgs.builder()
.role(aws_iam_role.iam_for_lambda().name())
.policyArn(lambdaLogging.arn())
.build());
var testLambda = new Function("testLambda", FunctionArgs.Empty, CustomResourceOptions.builder()
.dependsOn(
lambdaLogs,
example)
.build());
}
}
import pulumi
import pulumi_aws as aws
config = pulumi.Config()
lambda_function_name = config.get("lambdaFunctionName")
if lambda_function_name is None:
lambda_function_name = "lambda_function_name"
# This is to optionally manage the CloudWatch Log Group for the Lambda Function.
# If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
example = aws.cloudwatch.LogGroup("example", retention_in_days=14)
# See also the following AWS managed policy: AWSLambdaBasicExecutionRole
lambda_logging = aws.iam.Policy("lambdaLogging",
path="/",
description="IAM policy for logging from a lambda",
policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*",
"Effect": "Allow"
}
]
}
""")
lambda_logs = aws.iam.RolePolicyAttachment("lambdaLogs",
role=aws_iam_role["iam_for_lambda"]["name"],
policy_arn=lambda_logging.arn)
test_lambda = aws.lambda_.Function("testLambda", opts=pulumi.ResourceOptions(depends_on=[
lambda_logs,
example,
]))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const config = new pulumi.Config();
const lambdaFunctionName = config.get("lambdaFunctionName") || "lambda_function_name";
// This is to optionally manage the CloudWatch Log Group for the Lambda Function.
// If skipping this resource configuration, also add "logs:CreateLogGroup" to the IAM policy below.
const example = new aws.cloudwatch.LogGroup("example", {retentionInDays: 14});
// See also the following AWS managed policy: AWSLambdaBasicExecutionRole
const lambdaLogging = new aws.iam.Policy("lambdaLogging", {
path: "/",
description: "IAM policy for logging from a lambda",
policy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*",
"Effect": "Allow"
}
]
}
`,
});
const lambdaLogs = new aws.iam.RolePolicyAttachment("lambdaLogs", {
role: aws_iam_role.iam_for_lambda.name,
policyArn: lambdaLogging.arn,
});
const testLambda = new aws.lambda.Function("testLambda", {}, {
dependsOn: [
lambdaLogs,
example,
],
});
configuration:
lambdaFunctionName:
type: string
default: lambda_function_name
resources:
testLambda:
type: aws:lambda:Function
options:
dependson:
- ${lambdaLogs}
- ${example}
example:
type: aws:cloudwatch:LogGroup
properties:
retentionInDays: 14
lambdaLogging:
type: aws:iam:Policy
properties:
path: /
description: IAM policy for logging from a lambda
policy: |
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*",
"Effect": "Allow"
}
]
}
lambdaLogs:
type: aws:iam:RolePolicyAttachment
properties:
role: ${aws_iam_role.iam_for_lambda.name}
policyArn: ${lambdaLogging.arn}
Lambda with Targetted Architecture
using Pulumi;
using Aws = Pulumi.Aws;
class MyStack : Stack
{
public MyStack()
{
var iamForLambda = new Aws.Iam.Role("iamForLambda", new Aws.Iam.RoleArgs
{
AssumeRolePolicy = @"{
""Version"": ""2012-10-17"",
""Statement"": [
{
""Action"": ""sts:AssumeRole"",
""Principal"": {
""Service"": ""lambda.amazonaws.com""
},
""Effect"": ""Allow"",
""Sid"": """"
}
]
}
",
});
var testLambda = new Aws.Lambda.Function("testLambda", new Aws.Lambda.FunctionArgs
{
Code = new FileArchive("lambda_function_payload.zip"),
Role = iamForLambda.Arn,
Handler = "index.test",
Runtime = "nodejs12.x",
Architectures =
{
"arm64",
},
Environment = new Aws.Lambda.Inputs.FunctionEnvironmentArgs
{
Variables =
{
{ "foo", "bar" },
},
},
});
}
}
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/lambda"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
iamForLambda, err := iam.NewRole(ctx, "iamForLambda", &iam.RoleArgs{
AssumeRolePolicy: pulumi.Any(fmt.Sprintf("%v%v%v%v%v%v%v%v%v%v%v%v%v", "{\n", " \"Version\": \"2012-10-17\",\n", " \"Statement\": [\n", " {\n", " \"Action\": \"sts:AssumeRole\",\n", " \"Principal\": {\n", " \"Service\": \"lambda.amazonaws.com\"\n", " },\n", " \"Effect\": \"Allow\",\n", " \"Sid\": \"\"\n", " }\n", " ]\n", "}\n")),
})
if err != nil {
return err
}
_, err = lambda.NewFunction(ctx, "testLambda", &lambda.FunctionArgs{
Code: pulumi.NewFileArchive("lambda_function_payload.zip"),
Role: iamForLambda.Arn,
Handler: pulumi.String("index.test"),
Runtime: pulumi.String("nodejs12.x"),
Architectures: pulumi.StringArray{
pulumi.String("arm64"),
},
Environment: &lambda.FunctionEnvironmentArgs{
Variables: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import java.util.*;
import java.io.*;
import java.nio.*;
import com.pulumi.*;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var iamForLambda = new Role("iamForLambda", RoleArgs.builder()
.assumeRolePolicy("""
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
""")
.build());
var testLambda = new Function("testLambda", FunctionArgs.builder()
.code(new FileArchive("lambda_function_payload.zip"))
.role(iamForLambda.arn())
.handler("index.test")
.runtime("nodejs12.x")
.architectures("arm64")
.environment(FunctionEnvironmentArgs.builder()
.variables(Map.of("foo", "bar"))
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
iam_for_lambda = aws.iam.Role("iamForLambda", assume_role_policy="""{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
""")
test_lambda = aws.lambda_.Function("testLambda",
code=pulumi.FileArchive("lambda_function_payload.zip"),
role=iam_for_lambda.arn,
handler="index.test",
runtime="nodejs12.x",
architectures=["arm64"],
environment=aws.lambda..FunctionEnvironmentArgs(
variables={
"foo": "bar",
},
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const iamForLambda = new aws.iam.Role("iamForLambda", {assumeRolePolicy: `{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
`});
const testLambda = new aws.lambda.Function("testLambda", {
code: new pulumi.asset.FileArchive("lambda_function_payload.zip"),
role: iamForLambda.arn,
handler: "index.test",
runtime: "nodejs12.x",
architectures: ["arm64"],
environment: {
variables: {
foo: "bar",
},
},
});
resources:
iamForLambda:
type: aws:iam:Role
properties:
assumeRolePolicy: |
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow",
"Sid": ""
}
]
}
testLambda:
type: aws:lambda:Function
properties:
code:
Fn::FileArchive: lambda_function_payload.zip
role: ${iamForLambda.arn}
handler: index.test
runtime: nodejs12.x
architectures:
- arm64
environment:
variables:
foo: bar
Create a Function Resource
new Function(name: string, args: FunctionArgs, opts?: CustomResourceOptions);
@overload
def Function(resource_name: str,
opts: Optional[ResourceOptions] = None,
architectures: Optional[Sequence[str]] = None,
code: Optional[pulumi.Archive] = None,
code_signing_config_arn: Optional[str] = None,
dead_letter_config: Optional[_lambda_.FunctionDeadLetterConfigArgs] = None,
description: Optional[str] = None,
environment: Optional[_lambda_.FunctionEnvironmentArgs] = None,
ephemeral_storage: Optional[_lambda_.FunctionEphemeralStorageArgs] = None,
file_system_config: Optional[_lambda_.FunctionFileSystemConfigArgs] = None,
handler: Optional[str] = None,
image_config: Optional[_lambda_.FunctionImageConfigArgs] = None,
image_uri: Optional[str] = None,
kms_key_arn: Optional[str] = None,
layers: Optional[Sequence[str]] = None,
memory_size: Optional[int] = None,
name: Optional[str] = None,
package_type: Optional[str] = None,
publish: Optional[bool] = None,
reserved_concurrent_executions: Optional[int] = None,
role: Optional[str] = None,
runtime: Optional[Union[str, _lambda_.Runtime]] = None,
s3_bucket: Optional[str] = None,
s3_key: Optional[str] = None,
s3_object_version: Optional[str] = None,
source_code_hash: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
timeout: Optional[int] = None,
tracing_config: Optional[_lambda_.FunctionTracingConfigArgs] = None,
vpc_config: Optional[_lambda_.FunctionVpcConfigArgs] = None)
@overload
def Function(resource_name: str,
args: FunctionArgs,
opts: Optional[ResourceOptions] = None)
func NewFunction(ctx *Context, name string, args FunctionArgs, opts ...ResourceOption) (*Function, error)
public Function(string name, FunctionArgs args, CustomResourceOptions? opts = null)
public Function(String name, FunctionArgs args)
public Function(String name, FunctionArgs args, CustomResourceOptions options)
type: aws:lambda:Function
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FunctionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Function Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Function resource accepts the following input properties:
- Role string
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- Architectures List<string>
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- Code Archive
Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- Code
Signing stringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- Dead
Letter FunctionConfig Dead Letter Config Args Configuration block. Detailed below.
- Description string
Description of what your Lambda Function does.
- Environment
Function
Environment Args Configuration block. Detailed below.
- Ephemeral
Storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- File
System FunctionConfig File System Config Args Configuration block. Detailed below.
- Handler string
Function entrypoint in your code.
- Image
Config FunctionImage Config Args Configuration block. Detailed below.
- Image
Uri string ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- Kms
Key stringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- Layers List<string>
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- Memory
Size int Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- Name string
Unique name for your Lambda Function.
- Package
Type string Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- Publish bool
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- Reserved
Concurrent intExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- Runtime
string | Pulumi.
Aws. Lambda. Runtime Identifier of the function's runtime. See Runtimes for valid values.
- S3Bucket string
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- S3Key string
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- S3Object
Version string Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- Source
Code stringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- Dictionary<string, string>
Map of tags to assign to the object.
- Timeout int
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- Tracing
Config FunctionTracing Config Args Configuration block. Detailed below.
- Vpc
Config FunctionVpc Config Args Configuration block. Detailed below.
- Role string
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- Architectures []string
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- Code
pulumi.
Archive Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- Code
Signing stringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- Dead
Letter FunctionConfig Dead Letter Config Args Configuration block. Detailed below.
- Description string
Description of what your Lambda Function does.
- Environment
Function
Environment Args Configuration block. Detailed below.
- Ephemeral
Storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- File
System FunctionConfig File System Config Args Configuration block. Detailed below.
- Handler string
Function entrypoint in your code.
- Image
Config FunctionImage Config Args Configuration block. Detailed below.
- Image
Uri string ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- Kms
Key stringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- Layers []string
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- Memory
Size int Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- Name string
Unique name for your Lambda Function.
- Package
Type string Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- Publish bool
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- Reserved
Concurrent intExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- Runtime string | Runtime
Identifier of the function's runtime. See Runtimes for valid values.
- S3Bucket string
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- S3Key string
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- S3Object
Version string Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- Source
Code stringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- map[string]string
Map of tags to assign to the object.
- Timeout int
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- Tracing
Config FunctionTracing Config Args Configuration block. Detailed below.
- Vpc
Config FunctionVpc Config Args Configuration block. Detailed below.
- role String
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- architectures List<String>
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- code Archive
Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- code
Signing StringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- dead
Letter FunctionConfig Dead Letter Config Args Configuration block. Detailed below.
- description String
Description of what your Lambda Function does.
- environment
Function
Environment Args Configuration block. Detailed below.
- ephemeral
Storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- file
System FunctionConfig File System Config Args Configuration block. Detailed below.
- handler String
Function entrypoint in your code.
- image
Config FunctionImage Config Args Configuration block. Detailed below.
- image
Uri String ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- kms
Key StringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- layers List<String>
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- memory
Size Integer Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- name String
Unique name for your Lambda Function.
- package
Type String Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- publish Boolean
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- reserved
Concurrent IntegerExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- runtime String | Runtime
Identifier of the function's runtime. See Runtimes for valid values.
- s3Bucket String
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- s3Key String
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- s3Object
Version String Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- source
Code StringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- Map<String,String>
Map of tags to assign to the object.
- timeout Integer
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- tracing
Config FunctionTracing Config Args Configuration block. Detailed below.
- vpc
Config FunctionVpc Config Args Configuration block. Detailed below.
- role ARN
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- architectures string[]
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- code
pulumi.asset.
Archive Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- code
Signing stringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- dead
Letter FunctionConfig Dead Letter Config Args Configuration block. Detailed below.
- description string
Description of what your Lambda Function does.
- environment
Function
Environment Args Configuration block. Detailed below.
- ephemeral
Storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- file
System FunctionConfig File System Config Args Configuration block. Detailed below.
- handler string
Function entrypoint in your code.
- image
Config FunctionImage Config Args Configuration block. Detailed below.
- image
Uri string ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- kms
Key stringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- layers string[]
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- memory
Size number Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- name string
Unique name for your Lambda Function.
- package
Type string Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- publish boolean
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- reserved
Concurrent numberExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- runtime string | Runtime
Identifier of the function's runtime. See Runtimes for valid values.
- s3Bucket string
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- s3Key string
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- s3Object
Version string Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- source
Code stringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- {[key: string]: string}
Map of tags to assign to the object.
- timeout number
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- tracing
Config FunctionTracing Config Args Configuration block. Detailed below.
- vpc
Config FunctionVpc Config Args Configuration block. Detailed below.
- role str
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- architectures Sequence[str]
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- code
pulumi.
Archive Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- code_
signing_ strconfig_ arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- dead_
letter_ Functionconfig Dead Letter Config Args Configuration block. Detailed below.
- description str
Description of what your Lambda Function does.
- environment
Function
Environment Args Configuration block. Detailed below.
- ephemeral_
storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- file_
system_ Functionconfig File System Config Args Configuration block. Detailed below.
- handler str
Function entrypoint in your code.
- image_
config FunctionImage Config Args Configuration block. Detailed below.
- image_
uri str ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- kms_
key_ strarn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- layers Sequence[str]
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- memory_
size int Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- name str
Unique name for your Lambda Function.
- package_
type str Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- publish bool
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- reserved_
concurrent_ intexecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- runtime str | Runtime
Identifier of the function's runtime. See Runtimes for valid values.
- s3_
bucket str S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- s3_
key str S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- s3_
object_ strversion Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- source_
code_ strhash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- Mapping[str, str]
Map of tags to assign to the object.
- timeout int
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- tracing_
config FunctionTracing Config Args Configuration block. Detailed below.
- vpc_
config FunctionVpc Config Args Configuration block. Detailed below.
- role
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- architectures List<String>
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- code Archive
Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- code
Signing StringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- dead
Letter Property MapConfig Configuration block. Detailed below.
- description String
Description of what your Lambda Function does.
- environment Property Map
Configuration block. Detailed below.
- ephemeral
Storage Property Map The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- file
System Property MapConfig Configuration block. Detailed below.
- handler String
Function entrypoint in your code.
- image
Config Property Map Configuration block. Detailed below.
- image
Uri String ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- kms
Key StringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- layers List<String>
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- memory
Size Number Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- name String
Unique name for your Lambda Function.
- package
Type String Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- publish Boolean
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- reserved
Concurrent NumberExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- runtime String | "dotnetcore2.1" | "dotnetcore3.1" | "dotnet6" | "go1.x" | "java8" | "java8.al2" | "java11" | "ruby2.5" | "ruby2.7" | "nodejs10.x" | "nodejs12.x" | "nodejs14.x" | "nodejs16.x" | "python2.7" | "python3.6" | "python3.7" | "python3.8" | "python3.9" | "provided" | "provided.al2"
Identifier of the function's runtime. See Runtimes for valid values.
- s3Bucket String
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- s3Key String
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- s3Object
Version String Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- source
Code StringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- Map<String>
Map of tags to assign to the object.
- timeout Number
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- tracing
Config Property Map Configuration block. Detailed below.
- vpc
Config Property Map Configuration block. Detailed below.
Outputs
All input properties are implicitly available as output properties. Additionally, the Function resource produces the following output properties:
- Arn string
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- Id string
The provider-assigned unique ID for this managed resource.
- Invoke
Arn string ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- Last
Modified string Date this resource was last modified.
- Qualified
Arn string ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- Signing
Job stringArn ARN of the signing job.
- Signing
Profile stringVersion Arn ARN of the signing profile version.
- Source
Code intSize Size in bytes of the function .zip file.
- Dictionary<string, string>
A map of tags assigned to the resource, including those inherited from the provider .
- Version string
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- Arn string
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- Id string
The provider-assigned unique ID for this managed resource.
- Invoke
Arn string ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- Last
Modified string Date this resource was last modified.
- Qualified
Arn string ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- Signing
Job stringArn ARN of the signing job.
- Signing
Profile stringVersion Arn ARN of the signing profile version.
- Source
Code intSize Size in bytes of the function .zip file.
- map[string]string
A map of tags assigned to the resource, including those inherited from the provider .
- Version string
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- arn String
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- id String
The provider-assigned unique ID for this managed resource.
- invoke
Arn String ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- last
Modified String Date this resource was last modified.
- qualified
Arn String ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- signing
Job StringArn ARN of the signing job.
- signing
Profile StringVersion Arn ARN of the signing profile version.
- source
Code IntegerSize Size in bytes of the function .zip file.
- Map<String,String>
A map of tags assigned to the resource, including those inherited from the provider .
- version String
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- arn string
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- id string
The provider-assigned unique ID for this managed resource.
- invoke
Arn string ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- last
Modified string Date this resource was last modified.
- qualified
Arn string ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- signing
Job stringArn ARN of the signing job.
- signing
Profile stringVersion Arn ARN of the signing profile version.
- source
Code numberSize Size in bytes of the function .zip file.
- {[key: string]: string}
A map of tags assigned to the resource, including those inherited from the provider .
- version string
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- arn str
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- id str
The provider-assigned unique ID for this managed resource.
- invoke_
arn str ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- last_
modified str Date this resource was last modified.
- qualified_
arn str ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- signing_
job_ strarn ARN of the signing job.
- signing_
profile_ strversion_ arn ARN of the signing profile version.
- source_
code_ intsize Size in bytes of the function .zip file.
- Mapping[str, str]
A map of tags assigned to the resource, including those inherited from the provider .
- version str
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- arn String
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- id String
The provider-assigned unique ID for this managed resource.
- invoke
Arn String ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- last
Modified String Date this resource was last modified.
- qualified
Arn String ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- signing
Job StringArn ARN of the signing job.
- signing
Profile StringVersion Arn ARN of the signing profile version.
- source
Code NumberSize Size in bytes of the function .zip file.
- Map<String>
A map of tags assigned to the resource, including those inherited from the provider .
- version String
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
Look up an Existing Function Resource
Get an existing Function resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FunctionState, opts?: CustomResourceOptions): Function
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
architectures: Optional[Sequence[str]] = None,
arn: Optional[str] = None,
code: Optional[pulumi.Archive] = None,
code_signing_config_arn: Optional[str] = None,
dead_letter_config: Optional[_lambda_.FunctionDeadLetterConfigArgs] = None,
description: Optional[str] = None,
environment: Optional[_lambda_.FunctionEnvironmentArgs] = None,
ephemeral_storage: Optional[_lambda_.FunctionEphemeralStorageArgs] = None,
file_system_config: Optional[_lambda_.FunctionFileSystemConfigArgs] = None,
handler: Optional[str] = None,
image_config: Optional[_lambda_.FunctionImageConfigArgs] = None,
image_uri: Optional[str] = None,
invoke_arn: Optional[str] = None,
kms_key_arn: Optional[str] = None,
last_modified: Optional[str] = None,
layers: Optional[Sequence[str]] = None,
memory_size: Optional[int] = None,
name: Optional[str] = None,
package_type: Optional[str] = None,
publish: Optional[bool] = None,
qualified_arn: Optional[str] = None,
reserved_concurrent_executions: Optional[int] = None,
role: Optional[str] = None,
runtime: Optional[Union[str, _lambda_.Runtime]] = None,
s3_bucket: Optional[str] = None,
s3_key: Optional[str] = None,
s3_object_version: Optional[str] = None,
signing_job_arn: Optional[str] = None,
signing_profile_version_arn: Optional[str] = None,
source_code_hash: Optional[str] = None,
source_code_size: Optional[int] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
timeout: Optional[int] = None,
tracing_config: Optional[_lambda_.FunctionTracingConfigArgs] = None,
version: Optional[str] = None,
vpc_config: Optional[_lambda_.FunctionVpcConfigArgs] = None) -> Function
func GetFunction(ctx *Context, name string, id IDInput, state *FunctionState, opts ...ResourceOption) (*Function, error)
public static Function Get(string name, Input<string> id, FunctionState? state, CustomResourceOptions? opts = null)
public static Function get(String name, Output<String> id, FunctionState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Architectures List<string>
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- Arn string
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- Code Archive
Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- Code
Signing stringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- Dead
Letter FunctionConfig Dead Letter Config Args Configuration block. Detailed below.
- Description string
Description of what your Lambda Function does.
- Environment
Function
Environment Args Configuration block. Detailed below.
- Ephemeral
Storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- File
System FunctionConfig File System Config Args Configuration block. Detailed below.
- Handler string
Function entrypoint in your code.
- Image
Config FunctionImage Config Args Configuration block. Detailed below.
- Image
Uri string ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- Invoke
Arn string ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- Kms
Key stringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- Last
Modified string Date this resource was last modified.
- Layers List<string>
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- Memory
Size int Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- Name string
Unique name for your Lambda Function.
- Package
Type string Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- Publish bool
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- Qualified
Arn string ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- Reserved
Concurrent intExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- Role string
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- Runtime
string | Pulumi.
Aws. Lambda. Runtime Identifier of the function's runtime. See Runtimes for valid values.
- S3Bucket string
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- S3Key string
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- S3Object
Version string Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- Signing
Job stringArn ARN of the signing job.
- Signing
Profile stringVersion Arn ARN of the signing profile version.
- Source
Code stringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- Source
Code intSize Size in bytes of the function .zip file.
- Dictionary<string, string>
Map of tags to assign to the object.
- Dictionary<string, string>
A map of tags assigned to the resource, including those inherited from the provider .
- Timeout int
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- Tracing
Config FunctionTracing Config Args Configuration block. Detailed below.
- Version string
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- Vpc
Config FunctionVpc Config Args Configuration block. Detailed below.
- Architectures []string
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- Arn string
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- Code
pulumi.
Archive Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- Code
Signing stringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- Dead
Letter FunctionConfig Dead Letter Config Args Configuration block. Detailed below.
- Description string
Description of what your Lambda Function does.
- Environment
Function
Environment Args Configuration block. Detailed below.
- Ephemeral
Storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- File
System FunctionConfig File System Config Args Configuration block. Detailed below.
- Handler string
Function entrypoint in your code.
- Image
Config FunctionImage Config Args Configuration block. Detailed below.
- Image
Uri string ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- Invoke
Arn string ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- Kms
Key stringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- Last
Modified string Date this resource was last modified.
- Layers []string
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- Memory
Size int Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- Name string
Unique name for your Lambda Function.
- Package
Type string Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- Publish bool
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- Qualified
Arn string ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- Reserved
Concurrent intExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- Role string
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- Runtime string | Runtime
Identifier of the function's runtime. See Runtimes for valid values.
- S3Bucket string
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- S3Key string
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- S3Object
Version string Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- Signing
Job stringArn ARN of the signing job.
- Signing
Profile stringVersion Arn ARN of the signing profile version.
- Source
Code stringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- Source
Code intSize Size in bytes of the function .zip file.
- map[string]string
Map of tags to assign to the object.
- map[string]string
A map of tags assigned to the resource, including those inherited from the provider .
- Timeout int
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- Tracing
Config FunctionTracing Config Args Configuration block. Detailed below.
- Version string
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- Vpc
Config FunctionVpc Config Args Configuration block. Detailed below.
- architectures List<String>
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- arn String
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- code Archive
Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- code
Signing StringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- dead
Letter FunctionConfig Dead Letter Config Args Configuration block. Detailed below.
- description String
Description of what your Lambda Function does.
- environment
Function
Environment Args Configuration block. Detailed below.
- ephemeral
Storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- file
System FunctionConfig File System Config Args Configuration block. Detailed below.
- handler String
Function entrypoint in your code.
- image
Config FunctionImage Config Args Configuration block. Detailed below.
- image
Uri String ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- invoke
Arn String ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- kms
Key StringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- last
Modified String Date this resource was last modified.
- layers List<String>
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- memory
Size Integer Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- name String
Unique name for your Lambda Function.
- package
Type String Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- publish Boolean
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- qualified
Arn String ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- reserved
Concurrent IntegerExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- role String
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- runtime String | Runtime
Identifier of the function's runtime. See Runtimes for valid values.
- s3Bucket String
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- s3Key String
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- s3Object
Version String Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- signing
Job StringArn ARN of the signing job.
- signing
Profile StringVersion Arn ARN of the signing profile version.
- source
Code StringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- source
Code IntegerSize Size in bytes of the function .zip file.
- Map<String,String>
Map of tags to assign to the object.
- Map<String,String>
A map of tags assigned to the resource, including those inherited from the provider .
- timeout Integer
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- tracing
Config FunctionTracing Config Args Configuration block. Detailed below.
- version String
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- vpc
Config FunctionVpc Config Args Configuration block. Detailed below.
- architectures string[]
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- arn string
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- code
pulumi.asset.
Archive Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- code
Signing stringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- dead
Letter FunctionConfig Dead Letter Config Args Configuration block. Detailed below.
- description string
Description of what your Lambda Function does.
- environment
Function
Environment Args Configuration block. Detailed below.
- ephemeral
Storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- file
System FunctionConfig File System Config Args Configuration block. Detailed below.
- handler string
Function entrypoint in your code.
- image
Config FunctionImage Config Args Configuration block. Detailed below.
- image
Uri string ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- invoke
Arn string ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- kms
Key stringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- last
Modified string Date this resource was last modified.
- layers string[]
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- memory
Size number Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- name string
Unique name for your Lambda Function.
- package
Type string Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- publish boolean
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- qualified
Arn string ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- reserved
Concurrent numberExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- role ARN
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- runtime string | Runtime
Identifier of the function's runtime. See Runtimes for valid values.
- s3Bucket string
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- s3Key string
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- s3Object
Version string Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- signing
Job stringArn ARN of the signing job.
- signing
Profile stringVersion Arn ARN of the signing profile version.
- source
Code stringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- source
Code numberSize Size in bytes of the function .zip file.
- {[key: string]: string}
Map of tags to assign to the object.
- {[key: string]: string}
A map of tags assigned to the resource, including those inherited from the provider .
- timeout number
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- tracing
Config FunctionTracing Config Args Configuration block. Detailed below.
- version string
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- vpc
Config FunctionVpc Config Args Configuration block. Detailed below.
- architectures Sequence[str]
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- arn str
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- code
pulumi.
Archive Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- code_
signing_ strconfig_ arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- dead_
letter_ Functionconfig Dead Letter Config Args Configuration block. Detailed below.
- description str
Description of what your Lambda Function does.
- environment
Function
Environment Args Configuration block. Detailed below.
- ephemeral_
storage FunctionEphemeral Storage Args The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- file_
system_ Functionconfig File System Config Args Configuration block. Detailed below.
- handler str
Function entrypoint in your code.
- image_
config FunctionImage Config Args Configuration block. Detailed below.
- image_
uri str ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- invoke_
arn str ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- kms_
key_ strarn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- last_
modified str Date this resource was last modified.
- layers Sequence[str]
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- memory_
size int Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- name str
Unique name for your Lambda Function.
- package_
type str Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- publish bool
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- qualified_
arn str ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- reserved_
concurrent_ intexecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- role str
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- runtime str | Runtime
Identifier of the function's runtime. See Runtimes for valid values.
- s3_
bucket str S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- s3_
key str S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- s3_
object_ strversion Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- signing_
job_ strarn ARN of the signing job.
- signing_
profile_ strversion_ arn ARN of the signing profile version.
- source_
code_ strhash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- source_
code_ intsize Size in bytes of the function .zip file.
- Mapping[str, str]
Map of tags to assign to the object.
- Mapping[str, str]
A map of tags assigned to the resource, including those inherited from the provider .
- timeout int
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- tracing_
config FunctionTracing Config Args Configuration block. Detailed below.
- version str
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- vpc_
config FunctionVpc Config Args Configuration block. Detailed below.
- architectures List<String>
Instruction set architecture for your Lambda function. Valid values are
["x86_64"]
and["arm64"]
. Default is["x86_64"]
. Removing this attribute, function's architecture stay the same.- arn String
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- code Archive
Path to the function's deployment package within the local filesystem. Conflicts with
image_uri
,s3_bucket
,s3_key
, ands3_object_version
.- code
Signing StringConfig Arn To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
- dead
Letter Property MapConfig Configuration block. Detailed below.
- description String
Description of what your Lambda Function does.
- environment Property Map
Configuration block. Detailed below.
- ephemeral
Storage Property Map The amount of Ephemeral storage(
/tmp
) to allocate for the Lambda Function in MB. This parameter is used to expand the total amount of Ephemeral storage available, beyond the default amount of512
MB. Detailed below.- file
System Property MapConfig Configuration block. Detailed below.
- handler String
Function entrypoint in your code.
- image
Config Property Map Configuration block. Detailed below.
- image
Uri String ECR image URI containing the function's deployment package. Conflicts with
filename
,s3_bucket
,s3_key
, ands3_object_version
.- invoke
Arn String ARN to be used for invoking Lambda Function from API Gateway - to be used in
aws.apigateway.Integration
'suri
.- kms
Key StringArn Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and the provider will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration.
- last
Modified String Date this resource was last modified.
- layers List<String>
List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See Lambda Layers
- memory
Size Number Amount of memory in MB your Lambda Function can use at runtime. Defaults to
128
. See Limits- name String
Unique name for your Lambda Function.
- package
Type String Lambda deployment package type. Valid values are
Zip
andImage
. Defaults toZip
.- publish Boolean
Whether to publish creation/change as new Lambda Function Version. Defaults to
false
.- qualified
Arn String ARN identifying your Lambda Function Version (if versioning is enabled via
publish = true
).- reserved
Concurrent NumberExecutions Amount of reserved concurrent executions for this lambda function. A value of
0
disables lambda from being triggered and-1
removes any concurrency limitations. Defaults to Unreserved Concurrency Limits-1
. See Managing Concurrency- role
Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
- runtime String | "dotnetcore2.1" | "dotnetcore3.1" | "dotnet6" | "go1.x" | "java8" | "java8.al2" | "java11" | "ruby2.5" | "ruby2.7" | "nodejs10.x" | "nodejs12.x" | "nodejs14.x" | "nodejs16.x" | "python2.7" | "python3.6" | "python3.7" | "python3.8" | "python3.9" | "provided" | "provided.al2"
Identifier of the function's runtime. See Runtimes for valid values.
- s3Bucket String
S3 bucket location containing the function's deployment package. Conflicts with
filename
andimage_uri
. This bucket must reside in the same AWS region where you are creating the Lambda function.- s3Key String
S3 key of an object containing the function's deployment package. Conflicts with
filename
andimage_uri
.- s3Object
Version String Object version containing the function's deployment package. Conflicts with
filename
andimage_uri
.- signing
Job StringArn ARN of the signing job.
- signing
Profile StringVersion Arn ARN of the signing profile version.
- source
Code StringHash Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either
filename
ors3_key
. The usual way to set this isfilebase64sha256("file.zip")
, where "file.zip" is the local filename of the lambda function source archive.- source
Code NumberSize Size in bytes of the function .zip file.
- Map<String>
Map of tags to assign to the object.
- Map<String>
A map of tags assigned to the resource, including those inherited from the provider .
- timeout Number
Amount of time your Lambda Function has to run in seconds. Defaults to
3
. See Limits.- tracing
Config Property Map Configuration block. Detailed below.
- version String
Latest published version of your Lambda Function.
vpc_config.vpc_id
- ID of the VPC.
- vpc
Config Property Map Configuration block. Detailed below.
Supporting Types
FunctionDeadLetterConfig
- Target
Arn string ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the
sns:Publish
orsqs:SendMessage
action on this ARN, depending on which service is targeted.
- Target
Arn string ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the
sns:Publish
orsqs:SendMessage
action on this ARN, depending on which service is targeted.
- target
Arn String ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the
sns:Publish
orsqs:SendMessage
action on this ARN, depending on which service is targeted.
- target
Arn string ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the
sns:Publish
orsqs:SendMessage
action on this ARN, depending on which service is targeted.
- target_
arn str ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the
sns:Publish
orsqs:SendMessage
action on this ARN, depending on which service is targeted.
- target
Arn String ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the
sns:Publish
orsqs:SendMessage
action on this ARN, depending on which service is targeted.
FunctionEnvironment
- Variables Dictionary<string, string>
Map of environment variables that are accessible from the function code during execution.
- Variables map[string]string
Map of environment variables that are accessible from the function code during execution.
- variables Map<String,String>
Map of environment variables that are accessible from the function code during execution.
- variables {[key: string]: string}
Map of environment variables that are accessible from the function code during execution.
- variables Mapping[str, str]
Map of environment variables that are accessible from the function code during execution.
- variables Map<String>
Map of environment variables that are accessible from the function code during execution.
FunctionEphemeralStorage
- Size int
The size of the Lambda function Ephemeral storage(
/tmp
) represented in MB. The minimum supportedephemeral_storage
value defaults to512
MB and the maximum supported value is10240
MB.
- Size int
The size of the Lambda function Ephemeral storage(
/tmp
) represented in MB. The minimum supportedephemeral_storage
value defaults to512
MB and the maximum supported value is10240
MB.
- size Integer
The size of the Lambda function Ephemeral storage(
/tmp
) represented in MB. The minimum supportedephemeral_storage
value defaults to512
MB and the maximum supported value is10240
MB.
- size number
The size of the Lambda function Ephemeral storage(
/tmp
) represented in MB. The minimum supportedephemeral_storage
value defaults to512
MB and the maximum supported value is10240
MB.
- size int
The size of the Lambda function Ephemeral storage(
/tmp
) represented in MB. The minimum supportedephemeral_storage
value defaults to512
MB and the maximum supported value is10240
MB.
- size Number
The size of the Lambda function Ephemeral storage(
/tmp
) represented in MB. The minimum supportedephemeral_storage
value defaults to512
MB and the maximum supported value is10240
MB.
FunctionFileSystemConfig
- Arn string
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- Local
Mount stringPath Path where the function can access the file system, starting with /mnt/.
- Arn string
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- Local
Mount stringPath Path where the function can access the file system, starting with /mnt/.
- arn String
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- local
Mount StringPath Path where the function can access the file system, starting with /mnt/.
- arn string
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- local
Mount stringPath Path where the function can access the file system, starting with /mnt/.
- arn str
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- local_
mount_ strpath Path where the function can access the file system, starting with /mnt/.
- arn String
Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
- local
Mount StringPath Path where the function can access the file system, starting with /mnt/.
FunctionImageConfig
- Commands List<string>
Parameters that you want to pass in with
entry_point
.- Entry
Points List<string> Entry point to your application, which is typically the location of the runtime executable.
- Working
Directory string Working directory.
- Commands []string
Parameters that you want to pass in with
entry_point
.- Entry
Points []string Entry point to your application, which is typically the location of the runtime executable.
- Working
Directory string Working directory.
- commands List<String>
Parameters that you want to pass in with
entry_point
.- entry
Points List<String> Entry point to your application, which is typically the location of the runtime executable.
- working
Directory String Working directory.
- commands string[]
Parameters that you want to pass in with
entry_point
.- entry
Points string[] Entry point to your application, which is typically the location of the runtime executable.
- working
Directory string Working directory.
- commands Sequence[str]
Parameters that you want to pass in with
entry_point
.- entry_
points Sequence[str] Entry point to your application, which is typically the location of the runtime executable.
- working_
directory str Working directory.
- commands List<String>
Parameters that you want to pass in with
entry_point
.- entry
Points List<String> Entry point to your application, which is typically the location of the runtime executable.
- working
Directory String Working directory.
FunctionTracingConfig
- Mode string
Whether to to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are
PassThrough
andActive
. IfPassThrough
, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". IfActive
, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
- Mode string
Whether to to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are
PassThrough
andActive
. IfPassThrough
, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". IfActive
, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
- mode String
Whether to to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are
PassThrough
andActive
. IfPassThrough
, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". IfActive
, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
- mode string
Whether to to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are
PassThrough
andActive
. IfPassThrough
, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". IfActive
, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
- mode str
Whether to to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are
PassThrough
andActive
. IfPassThrough
, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". IfActive
, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
- mode String
Whether to to sample and trace a subset of incoming requests with AWS X-Ray. Valid values are
PassThrough
andActive
. IfPassThrough
, Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1". IfActive
, Lambda will respect any tracing header it receives from an upstream service. If no tracing header is received, Lambda will call X-Ray for a tracing decision.
FunctionVpcConfig
- Security
Group List<string>Ids List of security group IDs associated with the Lambda function.
- Subnet
Ids List<string> List of subnet IDs associated with the Lambda function.
- Vpc
Id string
- Security
Group []stringIds List of security group IDs associated with the Lambda function.
- Subnet
Ids []string List of subnet IDs associated with the Lambda function.
- Vpc
Id string
- security
Group List<String>Ids List of security group IDs associated with the Lambda function.
- subnet
Ids List<String> List of subnet IDs associated with the Lambda function.
- vpc
Id String
- security
Group string[]Ids List of security group IDs associated with the Lambda function.
- subnet
Ids string[] List of subnet IDs associated with the Lambda function.
- vpc
Id string
- security_
group_ Sequence[str]ids List of security group IDs associated with the Lambda function.
- subnet_
ids Sequence[str] List of subnet IDs associated with the Lambda function.
- vpc_
id str
- security
Group List<String>Ids List of security group IDs associated with the Lambda function.
- subnet
Ids List<String> List of subnet IDs associated with the Lambda function.
- vpc
Id String
Runtime
- Dotnet
Core2d1 - dotnetcore2.1
This runtime is now deprecated
- Dotnet
Core3d1 - dotnetcore3.1
- Dotnet6
- dotnet6
- Go1dx
- go1.x
- Java8
- java8
- Java8AL2
- java8.al2
- Java11
- java11
- Ruby2d5
- ruby2.5
This runtime is now deprecated
- Ruby2d7
- ruby2.7
- Node
JS10d X - nodejs10.x
This runtime is now deprecated
- Node
JS12d X - nodejs12.x
- Node
JS14d X - nodejs14.x
- Node
JS16d X - nodejs16.x
- Python2d7
- python2.7
This runtime is now deprecated
- Python3d6
- python3.6
- Python3d7
- python3.7
- Python3d8
- python3.8
- Python3d9
- python3.9
- Custom
- provided
- Custom
AL2 - provided.al2
- Runtime
Dotnet Core2d1 - dotnetcore2.1
This runtime is now deprecated
- Runtime
Dotnet Core3d1 - dotnetcore3.1
- Runtime
Dotnet6 - dotnet6
- Runtime
Go1dx - go1.x
- Runtime
Java8 - java8
- Runtime
Java8AL2 - java8.al2
- Runtime
Java11 - java11
- Runtime
Ruby2d5 - ruby2.5
This runtime is now deprecated
- Runtime
Ruby2d7 - ruby2.7
- Runtime
Node JS10d X - nodejs10.x
This runtime is now deprecated
- Runtime
Node JS12d X - nodejs12.x
- Runtime
Node JS14d X - nodejs14.x
- Runtime
Node JS16d X - nodejs16.x
- Runtime
Python2d7 - python2.7
This runtime is now deprecated
- Runtime
Python3d6 - python3.6
- Runtime
Python3d7 - python3.7
- Runtime
Python3d8 - python3.8
- Runtime
Python3d9 - python3.9
- Runtime
Custom - provided
- Runtime
Custom AL2 - provided.al2
- Dotnet
Core2d1 - dotnetcore2.1
This runtime is now deprecated
- Dotnet
Core3d1 - dotnetcore3.1
- Dotnet6
- dotnet6
- Go1dx
- go1.x
- Java8
- java8
- Java8AL2
- java8.al2
- Java11
- java11
- Ruby2d5
- ruby2.5
This runtime is now deprecated
- Ruby2d7
- ruby2.7
- Node
JS10d X - nodejs10.x
This runtime is now deprecated
- Node
JS12d X - nodejs12.x
- Node
JS14d X - nodejs14.x
- Node
JS16d X - nodejs16.x
- Python2d7
- python2.7
This runtime is now deprecated
- Python3d6
- python3.6
- Python3d7
- python3.7
- Python3d8
- python3.8
- Python3d9
- python3.9
- Custom
- provided
- Custom
AL2 - provided.al2
- Dotnet
Core2d1 - dotnetcore2.1
This runtime is now deprecated
- Dotnet
Core3d1 - dotnetcore3.1
- Dotnet6
- dotnet6
- Go1dx
- go1.x
- Java8
- java8
- Java8AL2
- java8.al2
- Java11
- java11
- Ruby2d5
- ruby2.5
This runtime is now deprecated
- Ruby2d7
- ruby2.7
- Node
JS10d X - nodejs10.x
This runtime is now deprecated
- Node
JS12d X - nodejs12.x
- Node
JS14d X - nodejs14.x
- Node
JS16d X - nodejs16.x
- Python2d7
- python2.7
This runtime is now deprecated
- Python3d6
- python3.6
- Python3d7
- python3.7
- Python3d8
- python3.8
- Python3d9
- python3.9
- Custom
- provided
- Custom
AL2 - provided.al2
- DOTNET_CORE2D1
- dotnetcore2.1
This runtime is now deprecated
- DOTNET_CORE3D1
- dotnetcore3.1
- DOTNET6
- dotnet6
- GO1DX
- go1.x
- JAVA8
- java8
- JAVA8_AL2
- java8.al2
- JAVA11
- java11
- RUBY2D5
- ruby2.5
This runtime is now deprecated
- RUBY2D7
- ruby2.7
- NODE_JS10D_X
- nodejs10.x
This runtime is now deprecated
- NODE_JS12D_X
- nodejs12.x
- NODE_JS14D_X
- nodejs14.x
- NODE_JS16D_X
- nodejs16.x
- PYTHON2D7
- python2.7
This runtime is now deprecated
- PYTHON3D6
- python3.6
- PYTHON3D7
- python3.7
- PYTHON3D8
- python3.8
- PYTHON3D9
- python3.9
- CUSTOM
- provided
- CUSTOM_AL2
- provided.al2
- "dotnetcore2.1"
- dotnetcore2.1
This runtime is now deprecated
- "dotnetcore3.1"
- dotnetcore3.1
- "dotnet6"
- dotnet6
- "go1.x"
- go1.x
- "java8"
- java8
- "java8.al2"
- java8.al2
- "java11"
- java11
- "ruby2.5"
- ruby2.5
This runtime is now deprecated
- "ruby2.7"
- ruby2.7
- "nodejs10.x"
- nodejs10.x
This runtime is now deprecated
- "nodejs12.x"
- nodejs12.x
- "nodejs14.x"
- nodejs14.x
- "nodejs16.x"
- nodejs16.x
- "python2.7"
- python2.7
This runtime is now deprecated
- "python3.6"
- python3.6
- "python3.7"
- python3.7
- "python3.8"
- python3.8
- "python3.9"
- python3.9
- "provided"
- provided
- "provided.al2"
- provided.al2
Import
Lambda Functions can be imported using the function_name
, e.g.,
$ pulumi import aws:lambda/function:Function test_lambda my_test_lambda_function
Package Details
- Repository
- https://github.com/pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
aws
Terraform Provider.