awslambda

package
v2.159.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 19, 2024 License: Apache-2.0 Imports: 22 Imported by: 145

README

AWS Lambda Construct Library

This construct library allows you to define AWS Lambda Functions.

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

Handler Code

The lambda.Code class includes static convenience methods for various types of runtime code.

  • lambda.Code.fromBucket(bucket, key[, objectVersion]) - specify an S3 object that contains the archive of your runtime code.
  • lambda.Code.fromInline(code) - inline the handle code as a string. This is limited to supported runtimes.
  • lambda.Code.fromAsset(path) - specify a directory or a .zip file in the local filesystem which will be zipped and uploaded to S3 before deployment. See also bundling asset code.
  • lambda.Code.fromDockerBuild(path, options) - use the result of a Docker build as code. The runtime code is expected to be located at /asset in the image and will be zipped and uploaded to S3 as an asset.
  • lambda.Code.fromCustomCommand(output, command, customCommandOptions) - supply a command that is invoked during cdk synth. That command is meant to direct the generated code to output (a zip file or a directory), which is then used as the code for the created AWS Lambda.

The following example shows how to define a Python function and deploy the code from the local directory my-lambda-handler to it:

lambda.NewFunction(this, jsii.String("MyLambda"), &FunctionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("my-lambda-handler"))),
	Handler: jsii.String("index.main"),
	Runtime: lambda.Runtime_PYTHON_3_9(),
})

When deploying a stack that contains this code, the directory will be zip archived and then uploaded to an S3 bucket, then the exact location of the S3 objects will be passed when the stack is deployed.

During synthesis, the CDK expects to find a directory on disk at the asset directory specified. Note that we are referencing the asset directory relatively to our CDK project directory. This is especially important when we want to share this construct through a library. Different programming languages will have different techniques for bundling resources into libraries.

Docker Images

Lambda functions allow specifying their handlers within docker images. The docker image can be an image from ECR or a local asset that the CDK will package and load into ECR.

The following DockerImageFunction construct uses a local folder with a Dockerfile as the asset that will be used as the function handler.

lambda.NewDockerImageFunction(this, jsii.String("AssetFunction"), &DockerImageFunctionProps{
	Code: lambda.DockerImageCode_FromImageAsset(path.join(__dirname, jsii.String("docker-handler"))),
})

You can also specify an image that already exists in ECR as the function handler.

import ecr "github.com/aws/aws-cdk-go/awscdk"

repo := ecr.NewRepository(this, jsii.String("Repository"))

lambda.NewDockerImageFunction(this, jsii.String("ECRFunction"), &DockerImageFunctionProps{
	Code: lambda.DockerImageCode_FromEcr(repo),
})

The props for these docker image resources allow overriding the image's CMD, ENTRYPOINT, and WORKDIR configurations as well as choosing a specific tag or digest. See their docs for more information.

To deploy a DockerImageFunction on Lambda arm64 architecture, specify Architecture.ARM_64 in architecture. This will bundle docker image assets for arm64 architecture with --platform linux/arm64 even if build within an x86_64 host.

With that being said, if you are bundling DockerImageFunction for Lambda amd64 architecture from a arm64 machine like a Macbook with arm64 CPU, you would need to specify architecture: lambda.Architecture.X86_64 as well. This ensures the --platform argument is passed to the image assets bundling process so you can bundle up X86_64 images from the arm64 machine.

lambda.NewDockerImageFunction(this, jsii.String("AssetFunction"), &DockerImageFunctionProps{
	Code: lambda.DockerImageCode_FromImageAsset(path.join(__dirname, jsii.String("docker-arm64-handler"))),
	Architecture: lambda.Architecture_ARM_64(),
})

Execution Role

Lambda functions assume an IAM role during execution. In CDK by default, Lambda functions will use an autogenerated Role if one is not provided.

The autogenerated Role is automatically given permissions to execute the Lambda function. To reference the autogenerated Role:

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

role := fn.Role

You can also provide your own IAM role. Provided IAM roles will not automatically be given permissions to execute the Lambda function. To provide a role and grant it appropriate permissions:

myRole := iam.NewRole(this, jsii.String("My Role"), &RoleProps{
	AssumedBy: iam.NewServicePrincipal(jsii.String("lambda.amazonaws.com")),
})

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	Role: myRole,
})

myRole.AddManagedPolicy(iam.ManagedPolicy_FromAwsManagedPolicyName(jsii.String("service-role/AWSLambdaBasicExecutionRole")))
myRole.AddManagedPolicy(iam.ManagedPolicy_FromAwsManagedPolicyName(jsii.String("service-role/AWSLambdaVPCAccessExecutionRole")))

Function Timeout

AWS Lambda functions have a default timeout of 3 seconds, but this can be increased up to 15 minutes. The timeout is available as a property of Function so that you can reference it elsewhere in your stack. For instance, you could use it to create a CloudWatch alarm to report when your function timed out:

import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"


fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	Timeout: awscdk.Duration_Minutes(jsii.Number(5)),
})

if fn.Timeout {
	cloudwatch.NewAlarm(this, jsii.String("MyAlarm"), &AlarmProps{
		Metric: fn.metricDuration().With(&MetricOptions{
			Statistic: jsii.String("Maximum"),
		}),
		EvaluationPeriods: jsii.Number(1),
		DatapointsToAlarm: jsii.Number(1),
		Threshold: fn.*Timeout.ToMilliseconds(),
		TreatMissingData: cloudwatch.TreatMissingData_IGNORE,
		AlarmName: jsii.String("My Lambda Timeout"),
	})
}

Advanced Logging

You can have more control over your function logs, by specifying the log format (Json or plain text), the system log level, the application log level, as well as choosing the log group:

import "github.com/aws/aws-cdk-go/awscdk"

var logGroup iLogGroup


lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("foo")),
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	LoggingFormat: lambda.LoggingFormat_JSON,
	SystemLogLevelV2: lambda.SystemLogLevel_INFO,
	ApplicationLogLevelV2: lambda.ApplicationLogLevel_INFO,
	LogGroup: logGroup,
})

To use applicationLogLevelV2 and/or systemLogLevelV2 you must set loggingFormat to LoggingFormat.JSON.

Resource-based Policies

AWS Lambda supports resource-based policies for controlling access to Lambda functions and layers on a per-resource basis. In particular, this allows you to give permission to AWS services, AWS Organizations, or other AWS accounts to modify and invoke your functions.

Grant function access to AWS services
// Grant permissions to a service
var fn function

principal := iam.NewServicePrincipal(jsii.String("my-service"))

fn.GrantInvoke(principal)

// Equivalent to:
fn.AddPermission(jsii.String("my-service Invocation"), &Permission{
	Principal: principal,
})

You can also restrict permissions given to AWS services by providing a source account or ARN (representing the account and identifier of the resource that accesses the function or layer).

Important:

By default fn.grantInvoke() grants permission to the principal to invoke any version of the function, including all past ones. If you only want the principal to be granted permission to invoke the latest version or the unqualified Lambda ARN, use grantInvokeLatestVersion(grantee).

var fn function

principal := iam.NewServicePrincipal(jsii.String("my-service"))
// Grant invoke only to latest version and unqualified lambda arn
fn.GrantInvokeLatestVersion(principal)

If you want to grant access for invoking a specific version of Lambda function, you can use fn.grantInvokeVersion(grantee, version)

var fn function
var version iVersion

principal := iam.NewServicePrincipal(jsii.String("my-service"))
// Grant invoke only to the specific version
fn.GrantInvokeVersion(principal, version)

For more information, see Granting function access to AWS services in the AWS Lambda Developer Guide.

Grant function access to an AWS Organization
// Grant permissions to an entire AWS organization
var fn function

org := iam.NewOrganizationPrincipal(jsii.String("o-xxxxxxxxxx"))

fn.GrantInvoke(org)

In the above example, the principal will be * and all users in the organization o-xxxxxxxxxx will get function invocation permissions.

You can restrict permissions given to the organization by specifying an AWS account or role as the principal:

// Grant permission to an account ONLY IF they are part of the organization
var fn function

account := iam.NewAccountPrincipal(jsii.String("123456789012"))

fn.GrantInvoke(account.InOrganization(jsii.String("o-xxxxxxxxxx")))

For more information, see Granting function access to an organization in the AWS Lambda Developer Guide.

Grant function access to other AWS accounts
// Grant permission to other AWS account
var fn function

account := iam.NewAccountPrincipal(jsii.String("123456789012"))

fn.GrantInvoke(account)

For more information, see Granting function access to other accounts in the AWS Lambda Developer Guide.

Grant function access to unowned principals

Providing an unowned principal (such as account principals, generic ARN principals, service principals, and principals in other accounts) to a call to fn.grantInvoke will result in a resource-based policy being created. If the principal in question has conditions limiting the source account or ARN of the operation (see above), these conditions will be automatically added to the resource policy.

var fn function

servicePrincipal := iam.NewServicePrincipal(jsii.String("my-service"))
sourceArn := "arn:aws:s3:::my-bucket"
sourceAccount := "111122223333"
servicePrincipalWithConditions := servicePrincipal.WithConditions(map[string]interface{}{
	"ArnLike": map[string]*string{
		"aws:SourceArn": sourceArn,
	},
	"StringEquals": map[string]*string{
		"aws:SourceAccount": sourceAccount,
	},
})

fn.GrantInvoke(servicePrincipalWithConditions)
Grant function access to a CompositePrincipal

To grant invoke permissions to a CompositePrincipal use the grantInvokeCompositePrincipal method:

var fn function

compositePrincipal := iam.NewCompositePrincipal(
iam.NewOrganizationPrincipal(jsii.String("o-zzzzzzzzzz")),
iam.NewServicePrincipal(jsii.String("apigateway.amazonaws.com")))

fn.GrantInvokeCompositePrincipal(compositePrincipal)

Versions

You can use versions to manage the deployment of your AWS Lambda functions. For example, you can publish a new version of a function for beta testing without affecting users of the stable production version.

The function version includes the following information:

  • The function code and all associated dependencies.
  • The Lambda runtime that executes the function.
  • All of the function settings, including the environment variables.
  • A unique Amazon Resource Name (ARN) to identify this version of the function.

You could create a version to your lambda function using the Version construct.

var fn function

version := lambda.NewVersion(this, jsii.String("MyVersion"), &VersionProps{
	Lambda: fn,
})

The major caveat to know here is that a function version must always point to a specific 'version' of the function. When the function is modified, the version will continue to point to the 'then version' of the function.

One way to ensure that the lambda.Version always points to the latest version of your lambda.Function is to set an environment variable which changes at least as often as your code does. This makes sure the function always has the latest code. For instance -

codeVersion := "stringOrMethodToGetCodeVersion"
fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	Environment: map[string]*string{
		"CodeVersionString": codeVersion,
	},
})

The fn.latestVersion property returns a lambda.IVersion which represents the $LATEST pseudo-version.

However, most AWS services require a specific AWS Lambda version, and won't allow you to use $LATEST. Therefore, you would normally want to use lambda.currentVersion.

The fn.currentVersion property can be used to obtain a lambda.Version resource that represents the AWS Lambda function defined in your application. Any change to your function's code or configuration will result in the creation of a new version resource. You can specify options for this version through the currentVersionOptions property.

NOTE: The currentVersion property is only supported when your AWS Lambda function uses either lambda.Code.fromAsset or lambda.Code.fromInline. Other types of code providers (such as lambda.Code.fromBucket) require that you define a lambda.Version resource directly since the CDK is unable to determine if their contents had changed.

currentVersion: Updated hashing logic

To produce a new lambda version each time the lambda function is modified, the currentVersion property under the hood, computes a new logical id based on the properties of the function. This informs CloudFormation that a new AWS::Lambda::Version resource should be created pointing to the updated Lambda function.

However, a bug was introduced in this calculation that caused the logical id to change when it was not required (ex: when the Function's Tags property, or when the DependsOn clause was modified). This caused the deployment to fail since the Lambda service does not allow creating duplicate versions.

This has been fixed in the AWS CDK but existing users need to opt-in via a feature flag. Users who have run cdk init since this fix will be opted in, by default.

Otherwise, you will need to enable the feature flag @aws-cdk/aws-lambda:recognizeVersionProps. Since CloudFormation does not allow duplicate versions, you will also need to make some modification to your function so that a new version can be created. To efficiently and trivially modify all your lambda functions at once, you can attach the FunctionVersionUpgrade aspect to the stack, which slightly alters the function description. This aspect is intended for one-time use to upgrade the version of all your functions at the same time, and can safely be removed after deploying once.

stack := awscdk.Newstack()
awscdk.Aspects_Of(stack).Add(lambda.NewFunctionVersionUpgrade(awscdklibcxapi.LAMBDA_RECOGNIZE_VERSION_PROPS))

When the new logic is in effect, you may rarely come across the following error: The following properties are not recognized as version properties. This will occur, typically when property overrides are used, when a new property introduced in AWS::Lambda::Function is used that CDK is still unaware of.

To overcome this error, use the API Function.classifyVersionProperty() to record whether a new version should be generated when this property is changed. This can be typically determined by checking whether the property can be modified using the UpdateFunctionConfiguration API or not.

currentVersion: Updated hashing logic for layer versions

An additional update to the hashing logic fixes two issues surrounding layers. Prior to this change, updating the lambda layer version would have no effect on the function version. Also, the order of lambda layers provided to the function was unnecessarily baked into the hash.

This has been fixed in the AWS CDK starting with version 2.27. If you ran cdk init with an earlier version, you will need to opt-in via a feature flag. If you run cdk init with v2.27 or later, this fix will be opted in, by default.

Existing users will need to enable the feature flag @aws-cdk/aws-lambda:recognizeLayerVersion. Since CloudFormation does not allow duplicate versions, they will also need to make some modification to their function so that a new version can be created. To efficiently and trivially modify all your lambda functions at once, users can attach the FunctionVersionUpgrade aspect to the stack, which slightly alters the function description. This aspect is intended for one-time use to upgrade the version of all your functions at the same time, and can safely be removed after deploying once.

stack := awscdk.Newstack()
awscdk.Aspects_Of(stack).Add(lambda.NewFunctionVersionUpgrade(awscdklibcxapi.LAMBDA_RECOGNIZE_LAYER_VERSION))

Aliases

You can define one or more aliases for your AWS Lambda function. A Lambda alias is like a pointer to a specific Lambda function version. Users can access the function version using the alias ARN.

The version.addAlias() method can be used to define an AWS Lambda alias that points to a specific version.

The following example defines an alias named live which will always point to a version that represents the function as defined in your CDK app. When you change your lambda code or configuration, a new resource will be created. You can specify options for the current version through the currentVersionOptions property.

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	CurrentVersionOptions: &VersionOptions{
		RemovalPolicy: awscdk.RemovalPolicy_RETAIN,
		 // retain old versions
		RetryAttempts: jsii.Number(1),
	},
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

fn.AddAlias(jsii.String("live"))

Function URL

A function URL is a dedicated HTTP(S) endpoint for your Lambda function. When you create a function URL, Lambda automatically generates a unique URL endpoint for you. Function URLs can be created for the latest version Lambda Functions, or Function Aliases (but not for Versions).

Function URLs are dual stack-enabled, supporting IPv4 and IPv6, and cross-origin resource sharing (CORS) configuration. After you configure a function URL for your function, you can invoke your function through its HTTP(S) endpoint via a web browser, curl, Postman, or any HTTP client. To invoke a function using IAM authentication your HTTP client must support SigV4 signing.

See the Invoking Function URLs section of the AWS Lambda Developer Guide for more information on the input and output payloads of Functions invoked in this way.

IAM-authenticated Function URLs

To create a Function URL which can be called by an IAM identity, call addFunctionUrl(), followed by grantInvokeFunctionUrl():

// Can be a Function or an Alias
var fn function
var myRole role


fnUrl := fn.AddFunctionUrl()
fnUrl.GrantInvokeUrl(myRole)

awscdk.NewCfnOutput(this, jsii.String("TheUrl"), &CfnOutputProps{
	// The .url attributes will return the unique Function URL
	Value: fnUrl.Url,
})

Calls to this URL need to be signed with SigV4.

Anonymous Function URLs

To create a Function URL which can be called anonymously, pass authType: FunctionUrlAuthType.NONE to addFunctionUrl():

// Can be a Function or an Alias
var fn function


fnUrl := fn.AddFunctionUrl(&FunctionUrlOptions{
	AuthType: lambda.FunctionUrlAuthType_NONE,
})

awscdk.NewCfnOutput(this, jsii.String("TheUrl"), &CfnOutputProps{
	Value: fnUrl.Url,
})
CORS configuration for Function URLs

If you want your Function URLs to be invokable from a web page in browser, you will need to configure cross-origin resource sharing to allow the call (if you do not do this, your browser will refuse to make the call):

var fn function


fn.AddFunctionUrl(&FunctionUrlOptions{
	AuthType: lambda.FunctionUrlAuthType_NONE,
	Cors: &FunctionUrlCorsOptions{
		// Allow this to be called from websites on https://example.com.
		// Can also be ['*'] to allow all domain.
		AllowedOrigins: []*string{
			jsii.String("https://example.com"),
		},
	},
})
Invoke Mode for Function URLs

Invoke mode determines how AWS Lambda invokes your function. You can configure the invoke mode when creating a Function URL using the invokeMode property

var fn function


fn.AddFunctionUrl(&FunctionUrlOptions{
	AuthType: lambda.FunctionUrlAuthType_NONE,
	InvokeMode: lambda.InvokeMode_RESPONSE_STREAM,
})

If the invokeMode property is not specified, the default BUFFERED mode will be used.

Layers

The lambda.LayerVersion class can be used to define Lambda layers and manage granting permissions to other AWS accounts or organizations.

layer := lambda.NewLayerVersion(stack, jsii.String("MyLayer"), &LayerVersionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("layer-code"))),
	CompatibleRuntimes: []runtime{
		lambda.*runtime_NODEJS_LATEST(),
	},
	License: jsii.String("Apache-2.0"),
	Description: jsii.String("A layer to test the L2 construct"),
})

// To grant usage by other AWS accounts
layer.addPermission(jsii.String("remote-account-grant"), &LayerVersionPermission{
	AccountId: awsAccountId,
})

// To grant usage to all accounts in some AWS Ogranization
// layer.grantUsage({ accountId: '*', organizationId });

// To grant usage to all accounts in some AWS Ogranization
// layer.grantUsage({ accountId: '*', organizationId });
lambda.NewFunction(stack, jsii.String("MyLayeredLambda"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("foo")),
	Handler: jsii.String("index.handler"),
	Runtime: lambda.*runtime_NODEJS_LATEST(),
	Layers: []iLayerVersion{
		layer,
	},
})

By default, updating a layer creates a new layer version, and CloudFormation will delete the old version as part of the stack update.

Alternatively, a removal policy can be used to retain the old version:

lambda.NewLayerVersion(this, jsii.String("MyLayer"), &LayerVersionProps{
	RemovalPolicy: awscdk.RemovalPolicy_RETAIN,
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

Architecture

Lambda functions, by default, run on compute systems that have the 64 bit x86 architecture.

The AWS Lambda service also runs compute on the ARM architecture, which can reduce cost for some workloads.

A lambda function can be configured to be run on one of these platforms:

lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	Architecture: lambda.Architecture_ARM_64(),
})

Similarly, lambda layer versions can also be tagged with architectures it is compatible with.

lambda.NewLayerVersion(this, jsii.String("MyLayer"), &LayerVersionProps{
	RemovalPolicy: awscdk.RemovalPolicy_RETAIN,
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	CompatibleArchitectures: []architecture{
		lambda.*architecture_X86_64(),
		lambda.*architecture_ARM_64(),
	},
})

Lambda Insights

Lambda functions can be configured to use CloudWatch Lambda Insights which provides low-level runtime metrics for a Lambda functions.

lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	InsightsVersion: lambda.LambdaInsightsVersion_VERSION_1_0_98_0(),
})

If the version of insights is not yet available in the CDK, you can also provide the ARN directly as so -

layerArn := "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:14"
lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	InsightsVersion: lambda.LambdaInsightsVersion_FromInsightVersionArn(layerArn),
})

If you are deploying an ARM_64 Lambda Function, you must specify a Lambda Insights Version >= 1_0_119_0.

lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Architecture: lambda.Architecture_ARM_64(),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	InsightsVersion: lambda.LambdaInsightsVersion_VERSION_1_0_119_0(),
})
Parameters and Secrets Extension

Lambda functions can be configured to use the Parameters and Secrets Extension. The Parameters and Secrets Extension can be used to retrieve and cache secrets from Secrets Manager or parameters from Parameter Store in Lambda functions without using an SDK.

import sm "github.com/aws/aws-cdk-go/awscdk"
import ssm "github.com/aws/aws-cdk-go/awscdk"


secret := sm.NewSecret(this, jsii.String("Secret"))
parameter := ssm.NewStringParameter(this, jsii.String("Parameter"), &StringParameterProps{
	ParameterName: jsii.String("mySsmParameterName"),
	StringValue: jsii.String("mySsmParameterValue"),
})

paramsAndSecrets := lambda.ParamsAndSecretsLayerVersion_FromVersion(lambda.ParamsAndSecretsVersions_V1_0_103, &ParamsAndSecretsOptions{
	CacheSize: jsii.Number(500),
	LogLevel: lambda.ParamsAndSecretsLogLevel_DEBUG,
})

lambdaFunction := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Architecture: lambda.Architecture_ARM_64(),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	ParamsAndSecrets: ParamsAndSecrets,
})

secret.grantRead(lambdaFunction)
parameter.grantRead(lambdaFunction)

If the version of Parameters and Secrets Extension is not yet available in the CDK, you can also provide the ARN directly as so:

import sm "github.com/aws/aws-cdk-go/awscdk"
import ssm "github.com/aws/aws-cdk-go/awscdk"


secret := sm.NewSecret(this, jsii.String("Secret"))
parameter := ssm.NewStringParameter(this, jsii.String("Parameter"), &StringParameterProps{
	ParameterName: jsii.String("mySsmParameterName"),
	StringValue: jsii.String("mySsmParameterValue"),
})

layerArn := "arn:aws:lambda:us-east-1:177933569100:layer:AWS-Parameters-and-Secrets-Lambda-Extension:4"
paramsAndSecrets := lambda.ParamsAndSecretsLayerVersion_FromVersionArn(layerArn, &ParamsAndSecretsOptions{
	CacheSize: jsii.Number(500),
})

lambdaFunction := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Architecture: lambda.Architecture_ARM_64(),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	ParamsAndSecrets: ParamsAndSecrets,
})

secret.grantRead(lambdaFunction)
parameter.grantRead(lambdaFunction)

Event Rule Target

You can use an AWS Lambda function as a target for an Amazon CloudWatch event rule:

import "github.com/aws/aws-cdk-go/awscdk"
import targets "github.com/aws/aws-cdk-go/awscdk"

var fn function

rule := events.NewRule(this, jsii.String("Schedule Rule"), &RuleProps{
	Schedule: events.Schedule_Cron(&CronOptions{
		Minute: jsii.String("0"),
		Hour: jsii.String("4"),
	}),
})
rule.AddTarget(targets.NewLambdaFunction(fn))

Event Sources

AWS Lambda supports a variety of event sources.

In most cases, it is possible to trigger a function as a result of an event by using one of the add<Event>Notification methods on the source construct. For example, the s3.Bucket construct has an onEvent method which can be used to trigger a Lambda when an event, such as PutObject occurs on an S3 bucket.

An alternative way to add event sources to a function is to use function.addEventSource(source). This method accepts an IEventSource object. The module @aws-cdk/aws-lambda-event-sources includes classes for the various event sources supported by AWS Lambda.

For example, the following code adds an SQS queue as an event source for a function:

import eventsources "github.com/aws/aws-cdk-go/awscdk"
import sqs "github.com/aws/aws-cdk-go/awscdk"

var fn function

queue := sqs.NewQueue(this, jsii.String("Queue"))
fn.AddEventSource(eventsources.NewSqsEventSource(queue))

The following code adds an S3 bucket notification as an event source:

import eventsources "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var fn function

bucket := s3.NewBucket(this, jsii.String("Bucket"))
fn.AddEventSource(eventsources.NewS3EventSource(bucket, &S3EventSourceProps{
	Events: []eventType{
		s3.*eventType_OBJECT_CREATED,
		s3.*eventType_OBJECT_REMOVED,
	},
	Filters: []notificationKeyFilter{
		&notificationKeyFilter{
			Prefix: jsii.String("subdir/"),
		},
	},
}))

The following code adds an DynamoDB notification as an event source filtering insert events:

import eventsources "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var fn function

table := dynamodb.NewTable(this, jsii.String("Table"), &TableProps{
	PartitionKey: &Attribute{
		Name: jsii.String("id"),
		Type: dynamodb.AttributeType_STRING,
	},
	Stream: dynamodb.StreamViewType_NEW_IMAGE,
})
fn.AddEventSource(eventsources.NewDynamoEventSource(table, &DynamoEventSourceProps{
	StartingPosition: lambda.StartingPosition_LATEST,
	Filters: []map[string]interface{}{
		lambda.FilterCriteria_Filter(map[string]interface{}{
			"eventName": lambda.FilterRule_isEqual(jsii.String("INSERT")),
		}),
	},
}))

By default, Lambda will encrypt Filter Criteria using AWS managed keys. But if you want to use a self managed KMS key to encrypt the filters, You can specify the self managed key using the filterEncryption property.

import eventsources "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var fn function

table := dynamodb.NewTable(this, jsii.String("Table"), &TableProps{
	PartitionKey: &Attribute{
		Name: jsii.String("id"),
		Type: dynamodb.AttributeType_STRING,
	},
	Stream: dynamodb.StreamViewType_NEW_IMAGE,
})
// Your self managed KMS key
myKey := awscdk.Key_FromKeyArn(this, jsii.String("SourceBucketEncryptionKey"), jsii.String("arn:aws:kms:us-east-1:123456789012:key/<key-id>"))

fn.AddEventSource(eventsources.NewDynamoEventSource(table, &DynamoEventSourceProps{
	StartingPosition: lambda.StartingPosition_LATEST,
	Filters: []map[string]interface{}{
		lambda.FilterCriteria_Filter(map[string]interface{}{
			"eventName": lambda.FilterRule_isEqual(jsii.String("INSERT")),
		}),
	},
	FilterEncryption: myKey,
}))

Lambda requires allow kms:Decrypt on Lambda principal lambda.amazonaws.com to use the key for Filter Criteria Encryption. If you create the KMS key in the stack, CDK will automatically add this permission to the Key when you creates eventSourceMapping. However, if you import the key using function like Key.fromKeyArn then you need to add the following permission to the KMS key before using it to encrypt Filter Criteria

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "Service": "lambda.amazonaws.com"
            },
            "Action": "kms:Decrypt",
            "Resource": "*"
        }
    ]
}

See the documentation for the @aws-cdk/aws-lambda-event-sources module for more details.

Imported Lambdas

When referencing an imported lambda in the CDK, use fromFunctionArn() for most use cases:

fn := lambda.Function_FromFunctionArn(this, jsii.String("Function"), jsii.String("arn:aws:lambda:us-east-1:123456789012:function:MyFn"))

The fromFunctionAttributes() API is available for more specific use cases:

fn := lambda.Function_FromFunctionAttributes(this, jsii.String("Function"), &FunctionAttributes{
	FunctionArn: jsii.String("arn:aws:lambda:us-east-1:123456789012:function:MyFn"),
	// The following are optional properties for specific use cases and should be used with caution:

	// Use Case: imported function is in the same account as the stack. This tells the CDK that it
	// can modify the function's permissions.
	SameEnvironment: jsii.Boolean(true),

	// Use Case: imported function is in a different account and user commits to ensuring that the
	// imported function has the correct permissions outside the CDK.
	SkipPermissions: jsii.Boolean(true),
})

Function.fromFunctionArn() and Function.fromFunctionAttributes() will attempt to parse the Function's Region and Account ID from the ARN. addPermissions will only work on the Function object if the Region and Account ID are deterministically the same as the scope of the Stack the referenced Function object is created in. If the containing Stack is environment-agnostic or the Function ARN is a Token, this comparison will fail, and calls to Function.addPermission will do nothing. If you know Function permissions can safely be added, you can use Function.fromFunctionName() instead, or pass sameEnvironment: true to Function.fromFunctionAttributes().

fn := lambda.Function_FromFunctionName(this, jsii.String("Function"), jsii.String("MyFn"))

Lambda with DLQ

A dead-letter queue can be automatically created for a Lambda function by setting the deadLetterQueueEnabled: true configuration. In such case CDK creates a sqs.Queue as deadLetterQueue.

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	DeadLetterQueueEnabled: jsii.Boolean(true),
})

It is also possible to provide a dead-letter queue instead of getting a new queue created:

import sqs "github.com/aws/aws-cdk-go/awscdk"


dlq := sqs.NewQueue(this, jsii.String("DLQ"))
fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	DeadLetterQueue: dlq,
})

You can also use a sns.Topic instead of an sqs.Queue as dead-letter queue:

import sns "github.com/aws/aws-cdk-go/awscdk"


dlt := sns.NewTopic(this, jsii.String("DLQ"))
fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("// your code here")),
	DeadLetterTopic: dlt,
})

See the AWS documentation to learn more about AWS Lambdas and DLQs.

Lambda with X-Ray Tracing

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	Tracing: lambda.Tracing_ACTIVE,
})

See the AWS documentation to learn more about AWS Lambda's X-Ray support.

Lambda with AWS Distro for OpenTelemetry layer

To have automatic integration with XRay without having to add dependencies or change your code, you can use the AWS Distro for OpenTelemetry Lambda (ADOT) layer. Consuming the latest ADOT layer can be done with the following snippet:

import "github.com/aws/aws-cdk-go/awscdk"


fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	AdotInstrumentation: &AdotInstrumentationConfig{
		LayerVersion: awscdk.AdotLayerVersion_FromJavaScriptSdkLayerVersion(awscdk.AdotLambdaLayerJavaScriptSdkVersion_LATEST()),
		ExecWrapper: awscdk.AdotLambdaExecWrapper_REGULAR_HANDLER,
	},
})

To use a different layer version, use one of the following helper functions for the layerVersion prop:

  • AdotLayerVersion.fromJavaScriptSdkLayerVersion
  • AdotLayerVersion.fromPythonSdkLayerVersion
  • AdotLayerVersion.fromJavaSdkLayerVersion
  • AdotLayerVersion.fromJavaAutoInstrumentationSdkLayerVersion
  • AdotLayerVersion.fromGenericSdkLayerVersion

Each helper function expects a version value from a corresponding enum-like class as below:

  • AdotLambdaLayerJavaScriptSdkVersion
  • AdotLambdaLayerPythonSdkVersion
  • AdotLambdaLayerJavaSdkVersion
  • AdotLambdaLayerJavaAutoInstrumentationSdkVersion
  • AdotLambdaLayerGenericSdkVersion

For more examples, see our the integration test.

If you want to retrieve the ARN of the ADOT Lambda layer without enabling ADOT in a Lambda function:

var fn function

layerArn := lambda.AdotLambdaLayerJavaSdkVersion_V1_19_0().layerArn(fn.Stack, fn.Architecture)

When using the AdotLambdaLayerPythonSdkVersion the AdotLambdaExecWrapper needs to be AdotLambdaExecWrapper.INSTRUMENT_HANDLER as per AWS Distro for OpenTelemetry Lambda Support For Python

Lambda with Profiling

The following code configures the lambda function with CodeGuru profiling. By default, this creates a new CodeGuru profiling group -

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_PYTHON_3_9(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(jsii.String("lambda-handler")),
	Profiling: jsii.Boolean(true),
})

The profilingGroup property can be used to configure an existing CodeGuru profiler group.

CodeGuru profiling is supported for all Java runtimes and Python3.6+ runtimes.

See the AWS documentation to learn more about AWS Lambda's Profiling support.

Lambda with Reserved Concurrent Executions

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	ReservedConcurrentExecutions: jsii.Number(100),
})

https://docs.aws.amazon.com/lambda/latest/dg/invocation-recursion.html

Lambda with SnapStart

SnapStart is currently supported only on Java 11 and later Java managed runtimes. SnapStart does not support provisioned concurrency, Amazon Elastic File System (Amazon EFS), or ephemeral storage greater than 512 MB. After you enable Lambda SnapStart for a particular Lambda function, publishing a new version of the function will trigger an optimization process.

See the AWS documentation to learn more about AWS Lambda SnapStart

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("handler.zip"))),
	Runtime: lambda.Runtime_JAVA_11(),
	Handler: jsii.String("example.Handler::handleRequest"),
	SnapStart: lambda.SnapStartConf_ON_PUBLISHED_VERSIONS(),
})

version := fn.currentVersion

AutoScaling

You can use Application AutoScaling to automatically configure the provisioned concurrency for your functions. AutoScaling can be set to track utilization or be based on a schedule. To configure AutoScaling on a function alias:

import autoscaling "github.com/aws/aws-cdk-go/awscdk"

var fn function

alias := fn.AddAlias(jsii.String("prod"))

// Create AutoScaling target
as := alias.AddAutoScaling(&AutoScalingOptions{
	MaxCapacity: jsii.Number(50),
})

// Configure Target Tracking
as.ScaleOnUtilization(&UtilizationScalingOptions{
	UtilizationTarget: jsii.Number(0.5),
})

// Configure Scheduled Scaling
as.ScaleOnSchedule(jsii.String("ScaleUpInTheMorning"), &ScalingSchedule{
	Schedule: autoscaling.Schedule_Cron(&CronOptions{
		Hour: jsii.String("8"),
		Minute: jsii.String("0"),
	}),
	MinCapacity: jsii.Number(20),
})
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws-samples/dummy/cxapi"
import "github.com/aws/aws-cdk-go/awscdk"

/**
* Stack verification steps:
* aws application-autoscaling describe-scalable-targets --service-namespace lambda --resource-ids function:<function name>:prod
* has a minCapacity of 3 and maxCapacity of 50
*/
type testStack struct {
	stack
}

func newTestStack(scope app, id *string) *testStack {
	this := &testStack{}
	cdk.NewStack_Override(this, scope, id)

	fn := lambda.NewFunction(this, jsii.String("MyLambda"), &FunctionProps{
		Code: lambda.NewInlineCode(jsii.String("exports.handler = async () => { console.log('hello world'); };")),
		Handler: jsii.String("index.handler"),
		Runtime: lambda.Runtime_NODEJS_LATEST(),
	})

	version := fn.currentVersion

	alias := lambda.NewAlias(this, jsii.String("Alias"), &AliasProps{
		AliasName: jsii.String("prod"),
		Version: Version,
	})

	scalingTarget := alias.AddAutoScaling(&AutoScalingOptions{
		MinCapacity: jsii.Number(3),
		MaxCapacity: jsii.Number(50),
	})

	scalingTarget.ScaleOnUtilization(&UtilizationScalingOptions{
		UtilizationTarget: jsii.Number(0.5),
	})

	scalingTarget.ScaleOnSchedule(jsii.String("ScaleUpInTheMorning"), &ScalingSchedule{
		Schedule: appscaling.Schedule_Cron(&CronOptions{
			Hour: jsii.String("8"),
			Minute: jsii.String("0"),
		}),
		MinCapacity: jsii.Number(20),
	})

	scalingTarget.ScaleOnSchedule(jsii.String("ScaleDownAtNight"), &ScalingSchedule{
		Schedule: appscaling.Schedule_*Cron(&CronOptions{
			Hour: jsii.String("20"),
			Minute: jsii.String("0"),
		}),
		MaxCapacity: jsii.Number(20),
	})

	cdk.NewCfnOutput(this, jsii.String("FunctionName"), &CfnOutputProps{
		Value: fn.FunctionName,
	})
	return this
}

app := cdk.NewApp()

stack := NewTestStack(app, jsii.String("aws-lambda-autoscaling"))

// Changes the function description when the feature flag is present
// to validate the changed function hash.
cdk.Aspects_Of(stack).Add(lambda.NewFunctionVersionUpgrade(cxapi.LAMBDA_RECOGNIZE_LAYER_VERSION))

app.Synth()

See the AWS documentation on autoscaling lambda functions.

Log Group

By default, Lambda functions automatically create a log group with the name /aws/lambda/<function-name> upon first execution with log data set to never expire. This is convenient, but prevents you from changing any of the properties of this auto-created log group using the AWS CDK. For example you cannot set log retention or assign a data protection policy.

To fully customize the logging behavior of your Lambda function, create a logs.LogGroup ahead of time and use the logGroup property to instruct the Lambda function to send logs to it. This way you can use the full features set supported by Amazon CloudWatch Logs.

import "github.com/aws/aws-cdk-go/awscdk"


myLogGroup := awscdk.NewLogGroup(this, jsii.String("MyLogGroupWithLogGroupName"), &LogGroupProps{
	LogGroupName: jsii.String("customLogGroup"),
})

lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("foo")),
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	LogGroup: myLogGroup,
})

Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.

Lambda with Recursive Loop protection

Recursive loop protection is to stop unintended loops. The customers are opted in by default for Lambda to detect and terminate unintended loops between Lambda and other AWS Services. The property can be assigned two values here, "Allow" and "Terminate".

The default value is set to "Terminate", which lets the Lambda to detect and terminate the recursive loops.

When the value is set to "Allow", the customers opt out of recursive loop detection and Lambda does not terminate recursive loops if any.

See the AWS documentation to learn more about AWS Lambda Recusrive Loop Detection

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("handler.zip"))),
	Runtime: lambda.Runtime_JAVA_11(),
	Handler: jsii.String("example.Handler::handleRequest"),
	RecursiveLoop: lambda.RecursiveLoop_TERMINATE,
})
Legacy Log Retention

As an alternative to providing a custom, user controlled log group, the legacy logRetention property can be used to set a different expiration period. This feature uses a Custom Resource to change the log retention of the automatically created log group.

By default, CDK uses the AWS SDK retry options when creating a log group. The logRetentionRetryOptions property allows you to customize the maximum number of retries and base backoff duration.

Note that a CloudFormation custom resource is added to the stack that pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention period (never expire, by default). This Custom Resource will also create a log group to log events of the custom resource. The log retention period for this addtional log group is hard-coded to 1 day.

Further note that, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention to never expire even if it was configured with a different value.

FileSystem Access

You can configure a function to mount an Amazon Elastic File System (Amazon EFS) to a directory in your runtime environment with the filesystem property. To access Amazon EFS from lambda function, the Amazon EFS access point will be required.

The following sample allows the lambda function to mount the Amazon EFS access point to /mnt/msg in the runtime environment and access the filesystem with the POSIX identity defined in posixUser.

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import efs "github.com/aws/aws-cdk-go/awscdk"


// create a new VPC
vpc := ec2.NewVpc(this, jsii.String("VPC"))

// create a new Amazon EFS filesystem
fileSystem := efs.NewFileSystem(this, jsii.String("Efs"), &FileSystemProps{
	Vpc: Vpc,
})

// create a new access point from the filesystem
accessPoint := fileSystem.AddAccessPoint(jsii.String("AccessPoint"), &AccessPointOptions{
	// set /export/lambda as the root of the access point
	Path: jsii.String("/export/lambda"),
	// as /export/lambda does not exist in a new efs filesystem, the efs will create the directory with the following createAcl
	CreateAcl: &Acl{
		OwnerUid: jsii.String("1001"),
		OwnerGid: jsii.String("1001"),
		Permissions: jsii.String("750"),
	},
	// enforce the POSIX identity so lambda function will access with this identity
	PosixUser: &PosixUser{
		Uid: jsii.String("1001"),
		Gid: jsii.String("1001"),
	},
})

fn := lambda.NewFunction(this, jsii.String("MyLambda"), &FunctionProps{
	// mount the access point to /mnt/msg in the lambda runtime environment
	Filesystem: lambda.FileSystem_FromEfsAccessPoint(accessPoint, jsii.String("/mnt/msg")),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	Vpc: Vpc,
})

IPv6 support

You can configure IPv6 connectivity for lambda function by setting Ipv6AllowedForDualStack to true. It allows Lambda functions to specify whether the IPv6 traffic should be allowed when using dual-stack VPCs. To access IPv6 network using Lambda, Dual-stack VPC is required. Using dual-stack VPC a function communicates with subnet over either of IPv4 or IPv6.

import "github.com/aws/aws-cdk-go/awscdk"


natProvider := ec2.NatProvider_Gateway()

// create dual-stack VPC
vpc := ec2.NewVpc(this, jsii.String("DualStackVpc"), &VpcProps{
	IpProtocol: ec2.IpProtocol_DUAL_STACK,
	SubnetConfiguration: []subnetConfiguration{
		&subnetConfiguration{
			Name: jsii.String("Ipv6Public1"),
			SubnetType: ec2.SubnetType_PUBLIC,
		},
		&subnetConfiguration{
			Name: jsii.String("Ipv6Public2"),
			SubnetType: ec2.SubnetType_PUBLIC,
		},
		&subnetConfiguration{
			Name: jsii.String("Ipv6Private1"),
			SubnetType: ec2.SubnetType_PRIVATE_WITH_EGRESS,
		},
	},
	NatGatewayProvider: natProvider,
})

natGatewayId := natProvider.ConfiguredGateways[0].GatewayId
(vpc.PrivateSubnets[0].(privateSubnet)).AddIpv6Nat64Route(natGatewayId)

fn := lambda.NewFunction(this, jsii.String("Lambda_with_IPv6_VPC"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("def main(event, context): pass")),
	Handler: jsii.String("index.main"),
	Runtime: lambda.Runtime_PYTHON_3_9(),
	Vpc: Vpc,
	Ipv6AllowedForDualStack: jsii.Boolean(true),
})

Outbound traffic

By default, when creating a Lambda function, it would add a security group outbound rule to allow sending all network traffic (except IPv6). This is controlled by allowAllOutbound in function properties, which has a default value of true.

To allow outbound IPv6 traffic by default, explicitly set allowAllIpv6Outbound to true in function properties as shown below (the default value for allowAllIpv6Outbound is false):

import ec2 "github.com/aws/aws-cdk-go/awscdk"


vpc := ec2.NewVpc(this, jsii.String("Vpc"))

fn := lambda.NewFunction(this, jsii.String("LambdaWithIpv6Outbound"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("def main(event, context): pass")),
	Handler: jsii.String("index.main"),
	Runtime: lambda.Runtime_PYTHON_3_9(),
	Vpc: vpc,
	AllowAllIpv6Outbound: jsii.Boolean(true),
})

Do not specify allowAllOutbound or allowAllIpv6Outbound property if the securityGroups or securityGroup property is set. Instead, configure these properties directly on the security group.

Ephemeral Storage

You can configure ephemeral storage on a function to control the amount of storage it gets for reading or writing data, allowing you to use AWS Lambda for ETL jobs, ML inference, or other data-intensive workloads. The ephemeral storage will be accessible in the functions' /tmp directory.

import "github.com/aws/aws-cdk-go/awscdk"


fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	EphemeralStorageSize: awscdk.Size_Mebibytes(jsii.Number(1024)),
})

Read more about using this feature in this AWS blog post.

Singleton Function

The SingletonFunction construct is a way to guarantee that a lambda function will be guaranteed to be part of the stack, once and only once, irrespective of how many times the construct is declared to be part of the stack. This is guaranteed as long as the uuid property and the optional lambdaPurpose property stay the same whenever they're declared into the stack.

A typical use case of this function is when a higher level construct needs to declare a Lambda function as part of it but needs to guarantee that the function is declared once. However, a user of this higher level construct can declare it any number of times and with different properties. Using SingletonFunction here with a fixed uuid will guarantee this.

For example, the AwsCustomResource construct requires only one single lambda function for all api calls that are made.

Bundling Asset Code

When using lambda.Code.fromAsset(path) it is possible to bundle the code by running a command in a Docker container. The asset path will be mounted at /asset-input. The Docker container is responsible for putting content at /asset-output. The content at /asset-output will be zipped and used as Lambda code.

Example with Python:

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("my-python-handler")), &AssetOptions{
		Bundling: &BundlingOptions{
			Image: lambda.Runtime_PYTHON_3_9().BundlingImage,
			Command: []*string{
				jsii.String("bash"),
				jsii.String("-c"),
				jsii.String("pip install -r requirements.txt -t /asset-output && cp -au . /asset-output"),
			},
		},
	}),
	Runtime: lambda.Runtime_PYTHON_3_9(),
	Handler: jsii.String("index.handler"),
})

Runtimes expose a bundlingImage property that points to the AWS SAM build image.

Use cdk.DockerImage.fromRegistry(image) to use an existing image or cdk.DockerImage.fromBuild(path) to build a specific image:

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	Code: lambda.Code_FromAsset(jsii.String("/path/to/handler"), &AssetOptions{
		Bundling: &BundlingOptions{
			Image: awscdk.DockerImage_FromBuild(jsii.String("/path/to/dir/with/DockerFile"), &DockerBuildOptions{
				BuildArgs: map[string]*string{
					"ARG1": jsii.String("value1"),
				},
			}),
			Command: []*string{
				jsii.String("my"),
				jsii.String("cool"),
				jsii.String("command"),
			},
		},
	}),
	Runtime: lambda.Runtime_PYTHON_3_9(),
	Handler: jsii.String("index.handler"),
})

Language-specific APIs

Language-specific higher level constructs are provided in separate modules:

Code Signing

Code signing for AWS Lambda helps to ensure that only trusted code runs in your Lambda functions. When enabled, AWS Lambda checks every code deployment and verifies that the code package is signed by a trusted source. For more information, see Configuring code signing for AWS Lambda. The following code configures a function with code signing.

import "github.com/aws/aws-cdk-go/awscdk"


signingProfile := signer.NewSigningProfile(this, jsii.String("SigningProfile"), &SigningProfileProps{
	Platform: signer.Platform_AWS_LAMBDA_SHA384_ECDSA(),
})

codeSigningConfig := lambda.NewCodeSigningConfig(this, jsii.String("CodeSigningConfig"), &CodeSigningConfigProps{
	SigningProfiles: []iSigningProfile{
		signingProfile,
	},
})

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	CodeSigningConfig: CodeSigningConfig,
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

Runtime updates

Lambda runtime management controls help reduce the risk of impact to your workloads in the rare event of a runtime version incompatibility. For more information, see Runtime management controls

lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	RuntimeManagementMode: lambda.RuntimeManagementMode_AUTO(),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

If you want to set the "Manual" setting, using the ARN of the runtime version as the argument.

lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	RuntimeManagementMode: lambda.RuntimeManagementMode_Manual(jsii.String("runtimeVersion-arn")),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

Exclude Patterns for Assets

When using lambda.Code.fromAsset(path) an exclude property allows you to ignore particular files for assets by providing patterns for file paths to exclude. Note that this has no effect on Assets bundled using the bundling property.

The ignoreMode property can be used with the exclude property to specify the file paths to ignore based on the .gitignore specification or the .dockerignore specification. The default behavior is to ignore file paths based on simple glob patterns.

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("my-python-handler")), &AssetOptions{
		Exclude: []*string{
			jsii.String("*.ignore"),
		},
		IgnoreMode: awscdk.IgnoreMode_DOCKER,
	}),
	Runtime: lambda.Runtime_PYTHON_3_9(),
	Handler: jsii.String("index.handler"),
})

You can also write to include only certain files by using a negation.

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("my-python-handler")), &AssetOptions{
		Exclude: []*string{
			jsii.String("*"),
			jsii.String("!index.py"),
		},
	}),
	Runtime: lambda.Runtime_PYTHON_3_9(),
	Handler: jsii.String("index.handler"),
})

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Alias_IsConstruct

func Alias_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func Alias_IsOwnedResource added in v2.32.0

func Alias_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func Alias_IsResource

func Alias_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func CfnAlias_CFN_RESOURCE_TYPE_NAME

func CfnAlias_CFN_RESOURCE_TYPE_NAME() *string

func CfnAlias_IsCfnElement

func CfnAlias_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnAlias_IsCfnResource

func CfnAlias_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnAlias_IsConstruct

func CfnAlias_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CfnCodeSigningConfig_CFN_RESOURCE_TYPE_NAME

func CfnCodeSigningConfig_CFN_RESOURCE_TYPE_NAME() *string

func CfnCodeSigningConfig_IsCfnElement

func CfnCodeSigningConfig_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnCodeSigningConfig_IsCfnResource

func CfnCodeSigningConfig_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnCodeSigningConfig_IsConstruct

func CfnCodeSigningConfig_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CfnEventInvokeConfig_CFN_RESOURCE_TYPE_NAME

func CfnEventInvokeConfig_CFN_RESOURCE_TYPE_NAME() *string

func CfnEventInvokeConfig_IsCfnElement

func CfnEventInvokeConfig_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnEventInvokeConfig_IsCfnResource

func CfnEventInvokeConfig_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnEventInvokeConfig_IsConstruct

func CfnEventInvokeConfig_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CfnEventSourceMapping_CFN_RESOURCE_TYPE_NAME

func CfnEventSourceMapping_CFN_RESOURCE_TYPE_NAME() *string

func CfnEventSourceMapping_IsCfnElement

func CfnEventSourceMapping_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnEventSourceMapping_IsCfnResource

func CfnEventSourceMapping_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnEventSourceMapping_IsConstruct

func CfnEventSourceMapping_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CfnFunction_CFN_RESOURCE_TYPE_NAME

func CfnFunction_CFN_RESOURCE_TYPE_NAME() *string

func CfnFunction_IsCfnElement

func CfnFunction_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnFunction_IsCfnResource

func CfnFunction_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnFunction_IsConstruct

func CfnFunction_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CfnLayerVersionPermission_CFN_RESOURCE_TYPE_NAME

func CfnLayerVersionPermission_CFN_RESOURCE_TYPE_NAME() *string

func CfnLayerVersionPermission_IsCfnElement

func CfnLayerVersionPermission_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnLayerVersionPermission_IsCfnResource

func CfnLayerVersionPermission_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnLayerVersionPermission_IsConstruct

func CfnLayerVersionPermission_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CfnLayerVersion_CFN_RESOURCE_TYPE_NAME

func CfnLayerVersion_CFN_RESOURCE_TYPE_NAME() *string

func CfnLayerVersion_IsCfnElement

func CfnLayerVersion_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnLayerVersion_IsCfnResource

func CfnLayerVersion_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnLayerVersion_IsConstruct

func CfnLayerVersion_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CfnPermission_CFN_RESOURCE_TYPE_NAME

func CfnPermission_CFN_RESOURCE_TYPE_NAME() *string

func CfnPermission_IsCfnElement

func CfnPermission_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnPermission_IsCfnResource

func CfnPermission_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnPermission_IsConstruct

func CfnPermission_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CfnUrl_CFN_RESOURCE_TYPE_NAME added in v2.21.0

func CfnUrl_CFN_RESOURCE_TYPE_NAME() *string

func CfnUrl_IsCfnElement added in v2.21.0

func CfnUrl_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnUrl_IsCfnResource added in v2.21.0

func CfnUrl_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnUrl_IsConstruct added in v2.21.0

func CfnUrl_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CfnVersion_CFN_RESOURCE_TYPE_NAME

func CfnVersion_CFN_RESOURCE_TYPE_NAME() *string

func CfnVersion_IsCfnElement

func CfnVersion_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnVersion_IsCfnResource

func CfnVersion_IsCfnResource(x interface{}) *bool

Check whether the given object is a CfnResource.

func CfnVersion_IsConstruct

func CfnVersion_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CodeSigningConfig_IsConstruct

func CodeSigningConfig_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func CodeSigningConfig_IsOwnedResource added in v2.32.0

func CodeSigningConfig_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func CodeSigningConfig_IsResource

func CodeSigningConfig_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func DockerImageFunction_ClassifyVersionProperty

func DockerImageFunction_ClassifyVersionProperty(propertyName *string, locked *bool)

Record whether specific properties in the `AWS::Lambda::Function` resource should also be associated to the Version resource.

See 'currentVersion' section in the module README for more details.

func DockerImageFunction_IsConstruct

func DockerImageFunction_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func DockerImageFunction_IsOwnedResource added in v2.32.0

func DockerImageFunction_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func DockerImageFunction_IsResource

func DockerImageFunction_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func DockerImageFunction_MetricAll

func DockerImageFunction_MetricAll(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Return the given named metric for this Lambda.

func DockerImageFunction_MetricAllConcurrentExecutions

func DockerImageFunction_MetricAllConcurrentExecutions(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of concurrent executions across all Lambdas. Default: max over 5 minutes.

func DockerImageFunction_MetricAllDuration

func DockerImageFunction_MetricAllDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the Duration executing all Lambdas. Default: average over 5 minutes.

func DockerImageFunction_MetricAllErrors

func DockerImageFunction_MetricAllErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of Errors executing all Lambdas. Default: sum over 5 minutes.

func DockerImageFunction_MetricAllInvocations

func DockerImageFunction_MetricAllInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of invocations of all Lambdas. Default: sum over 5 minutes.

func DockerImageFunction_MetricAllThrottles

func DockerImageFunction_MetricAllThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of throttled invocations of all Lambdas. Default: sum over 5 minutes.

func DockerImageFunction_MetricAllUnreservedConcurrentExecutions

func DockerImageFunction_MetricAllUnreservedConcurrentExecutions(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of unreserved concurrent executions across all Lambdas. Default: max over 5 minutes.

func EventInvokeConfig_IsConstruct

func EventInvokeConfig_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func EventInvokeConfig_IsOwnedResource added in v2.32.0

func EventInvokeConfig_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func EventInvokeConfig_IsResource

func EventInvokeConfig_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func EventSourceMapping_IsConstruct

func EventSourceMapping_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func EventSourceMapping_IsOwnedResource added in v2.32.0

func EventSourceMapping_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func EventSourceMapping_IsResource

func EventSourceMapping_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func FilterCriteria_Filter added in v2.42.0

func FilterCriteria_Filter(filter *map[string]interface{}) *map[string]interface{}

Filter for event source.

func FilterRule_BeginsWith added in v2.42.0

func FilterRule_BeginsWith(elem *string) *[]*map[string]*string

Begins with comparison operator.

func FilterRule_Between added in v2.42.0

func FilterRule_Between(first *float64, second *float64) *[]*map[string]*[]interface{}

Numeric range comparison operator.

func FilterRule_Empty added in v2.42.0

func FilterRule_Empty() *[]*string

Empty comparison operator.

func FilterRule_Exists added in v2.42.0

func FilterRule_Exists() *[]*map[string]*bool

Exists comparison operator.

func FilterRule_IsEqual added in v2.42.0

func FilterRule_IsEqual(item interface{}) interface{}

Equals comparison operator.

func FilterRule_NotEquals added in v2.42.0

func FilterRule_NotEquals(elem *string) *[]*map[string]*[]*string

Not equals comparison operator.

func FilterRule_NotExists added in v2.42.0

func FilterRule_NotExists() *[]*map[string]*bool

Not exists comparison operator.

func FilterRule_Null added in v2.42.0

func FilterRule_Null() *[]*string

Null comparison operator.

func FilterRule_Or added in v2.42.0

func FilterRule_Or(elem ...*string) *[]*string

Or comparison operator.

func FunctionBase_IsConstruct

func FunctionBase_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func FunctionBase_IsOwnedResource added in v2.32.0

func FunctionBase_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func FunctionBase_IsResource

func FunctionBase_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func FunctionUrl_IsConstruct added in v2.21.0

func FunctionUrl_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func FunctionUrl_IsOwnedResource added in v2.32.0

func FunctionUrl_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func FunctionUrl_IsResource added in v2.21.0

func FunctionUrl_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func Function_ClassifyVersionProperty

func Function_ClassifyVersionProperty(propertyName *string, locked *bool)

Record whether specific properties in the `AWS::Lambda::Function` resource should also be associated to the Version resource.

See 'currentVersion' section in the module README for more details.

func Function_IsConstruct

func Function_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func Function_IsOwnedResource added in v2.32.0

func Function_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func Function_IsResource

func Function_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func Function_MetricAll

func Function_MetricAll(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Return the given named metric for this Lambda.

func Function_MetricAllConcurrentExecutions

func Function_MetricAllConcurrentExecutions(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of concurrent executions across all Lambdas. Default: max over 5 minutes.

func Function_MetricAllDuration

func Function_MetricAllDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the Duration executing all Lambdas. Default: average over 5 minutes.

func Function_MetricAllErrors

func Function_MetricAllErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of Errors executing all Lambdas. Default: sum over 5 minutes.

func Function_MetricAllInvocations

func Function_MetricAllInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of invocations of all Lambdas. Default: sum over 5 minutes.

func Function_MetricAllThrottles

func Function_MetricAllThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of throttled invocations of all Lambdas. Default: sum over 5 minutes.

func Function_MetricAllUnreservedConcurrentExecutions

func Function_MetricAllUnreservedConcurrentExecutions(props *awscloudwatch.MetricOptions) awscloudwatch.Metric

Metric for the number of unreserved concurrent executions across all Lambdas. Default: max over 5 minutes.

func Handler_FROM_IMAGE

func Handler_FROM_IMAGE() *string

func LayerVersion_IsConstruct

func LayerVersion_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func LayerVersion_IsOwnedResource added in v2.32.0

func LayerVersion_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func LayerVersion_IsResource

func LayerVersion_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func NewAdotLayerVersion_Override added in v2.57.0

func NewAdotLayerVersion_Override(a AdotLayerVersion)

func NewAlias_Override

func NewAlias_Override(a Alias, scope constructs.Construct, id *string, props *AliasProps)

func NewAssetCode_Override

func NewAssetCode_Override(a AssetCode, path *string, options *awss3assets.AssetOptions)

func NewAssetImageCode_Override

func NewAssetImageCode_Override(a AssetImageCode, directory *string, props *AssetImageCodeProps)

func NewCfnAlias_Override

func NewCfnAlias_Override(c CfnAlias, scope constructs.Construct, id *string, props *CfnAliasProps)

func NewCfnCodeSigningConfig_Override

func NewCfnCodeSigningConfig_Override(c CfnCodeSigningConfig, scope constructs.Construct, id *string, props *CfnCodeSigningConfigProps)

func NewCfnEventInvokeConfig_Override

func NewCfnEventInvokeConfig_Override(c CfnEventInvokeConfig, scope constructs.Construct, id *string, props *CfnEventInvokeConfigProps)

func NewCfnEventSourceMapping_Override

func NewCfnEventSourceMapping_Override(c CfnEventSourceMapping, scope constructs.Construct, id *string, props *CfnEventSourceMappingProps)

func NewCfnFunction_Override

func NewCfnFunction_Override(c CfnFunction, scope constructs.Construct, id *string, props *CfnFunctionProps)

func NewCfnLayerVersionPermission_Override

func NewCfnLayerVersionPermission_Override(c CfnLayerVersionPermission, scope constructs.Construct, id *string, props *CfnLayerVersionPermissionProps)

func NewCfnLayerVersion_Override

func NewCfnLayerVersion_Override(c CfnLayerVersion, scope constructs.Construct, id *string, props *CfnLayerVersionProps)

func NewCfnParametersCode_Override

func NewCfnParametersCode_Override(c CfnParametersCode, props *CfnParametersCodeProps)

func NewCfnPermission_Override

func NewCfnPermission_Override(c CfnPermission, scope constructs.Construct, id *string, props *CfnPermissionProps)

func NewCfnUrl_Override added in v2.21.0

func NewCfnUrl_Override(c CfnUrl, scope constructs.Construct, id *string, props *CfnUrlProps)

func NewCfnVersion_Override

func NewCfnVersion_Override(c CfnVersion, scope constructs.Construct, id *string, props *CfnVersionProps)

func NewCodeSigningConfig_Override

func NewCodeSigningConfig_Override(c CodeSigningConfig, scope constructs.Construct, id *string, props *CodeSigningConfigProps)

func NewCode_Override

func NewCode_Override(c Code)

func NewDockerImageCode_Override

func NewDockerImageCode_Override(d DockerImageCode)

func NewDockerImageFunction_Override

func NewDockerImageFunction_Override(d DockerImageFunction, scope constructs.Construct, id *string, props *DockerImageFunctionProps)

func NewEcrImageCode_Override

func NewEcrImageCode_Override(e EcrImageCode, repository awsecr.IRepository, props *EcrImageCodeProps)

func NewEventInvokeConfig_Override

func NewEventInvokeConfig_Override(e EventInvokeConfig, scope constructs.Construct, id *string, props *EventInvokeConfigProps)

func NewEventSourceMapping_Override

func NewEventSourceMapping_Override(e EventSourceMapping, scope constructs.Construct, id *string, props *EventSourceMappingProps)

func NewFileSystem_Override

func NewFileSystem_Override(f FileSystem, config *FileSystemConfig)

func NewFilterCriteria_Override added in v2.42.0

func NewFilterCriteria_Override(f FilterCriteria)

func NewFilterRule_Override added in v2.42.0

func NewFilterRule_Override(f FilterRule)

func NewFunctionBase_Override

func NewFunctionBase_Override(f FunctionBase, scope constructs.Construct, id *string, props *awscdk.ResourceProps)

func NewFunctionUrl_Override added in v2.21.0

func NewFunctionUrl_Override(f FunctionUrl, scope constructs.Construct, id *string, props *FunctionUrlProps)

func NewFunctionVersionUpgrade_Override added in v2.27.0

func NewFunctionVersionUpgrade_Override(f FunctionVersionUpgrade, featureFlag *string, enabled *bool)

func NewFunction_Override

func NewFunction_Override(f Function, scope constructs.Construct, id *string, props *FunctionProps)

func NewInlineCode_Override

func NewInlineCode_Override(i InlineCode, code *string)

func NewLambdaInsightsVersion_Override

func NewLambdaInsightsVersion_Override(l LambdaInsightsVersion)

func NewLayerVersion_Override

func NewLayerVersion_Override(l LayerVersion, scope constructs.Construct, id *string, props *LayerVersionProps)

func NewQualifiedFunctionBase_Override

func NewQualifiedFunctionBase_Override(q QualifiedFunctionBase, scope constructs.Construct, id *string, props *awscdk.ResourceProps)

func NewRuntimeManagementMode_Override added in v2.64.0

func NewRuntimeManagementMode_Override(r RuntimeManagementMode, mode *string, arn *string)

func NewRuntime_Override

func NewRuntime_Override(r Runtime, name *string, family RuntimeFamily, props *LambdaRuntimeProps)

func NewS3Code_Override

func NewS3Code_Override(s S3Code, bucket awss3.IBucket, key *string, objectVersion *string)

func NewSingletonFunction_Override

func NewSingletonFunction_Override(s SingletonFunction, scope constructs.Construct, id *string, props *SingletonFunctionProps)

func NewSnapStartConf_Override added in v2.94.0

func NewSnapStartConf_Override(s SnapStartConf)

func NewVersion_Override

func NewVersion_Override(v Version, scope constructs.Construct, id *string, props *VersionProps)

func QualifiedFunctionBase_IsConstruct

func QualifiedFunctionBase_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func QualifiedFunctionBase_IsOwnedResource added in v2.32.0

func QualifiedFunctionBase_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func QualifiedFunctionBase_IsResource

func QualifiedFunctionBase_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func Runtime_ALL

func Runtime_ALL() *[]Runtime

func SingletonFunction_IsConstruct

func SingletonFunction_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func SingletonFunction_IsOwnedResource added in v2.32.0

func SingletonFunction_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func SingletonFunction_IsResource

func SingletonFunction_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func Version_IsConstruct

func Version_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Use this method instead of `instanceof` to properly detect `Construct` instances, even when the construct library is symlinked.

Explanation: in JavaScript, multiple copies of the `constructs` library on disk are seen as independent, completely different libraries. As a consequence, the class `Construct` in each copy of the `constructs` library is seen as a different class, and an instance of one class will not test as `instanceof` the other class. `npm install` will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the `constructs` library can be accidentally installed, and `instanceof` will behave unpredictably. It is safest to avoid using `instanceof`, and using this type-testing method instead.

Returns: true if `x` is an object created from a class which extends `Construct`.

func Version_IsOwnedResource added in v2.32.0

func Version_IsOwnedResource(construct constructs.IConstruct) *bool

Returns true if the construct was created by CDK, and false otherwise.

func Version_IsResource

func Version_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

Types

type AdotInstrumentationConfig added in v2.57.0

type AdotInstrumentationConfig struct {
	// The startup script to run, see ADOT documentation to pick the right script for your use case: https://aws-otel.github.io/docs/getting-started/lambda.
	ExecWrapper AdotLambdaExecWrapper `field:"required" json:"execWrapper" yaml:"execWrapper"`
	// The ADOT Lambda layer.
	LayerVersion AdotLayerVersion `field:"required" json:"layerVersion" yaml:"layerVersion"`
}

Properties for an ADOT instrumentation in Lambda.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	AdotInstrumentation: &AdotInstrumentationConfig{
		LayerVersion: awscdk.AdotLayerVersion_FromJavaScriptSdkLayerVersion(awscdk.AdotLambdaLayerJavaScriptSdkVersion_LATEST()),
		ExecWrapper: awscdk.AdotLambdaExecWrapper_REGULAR_HANDLER,
	},
})

type AdotLambdaExecWrapper added in v2.57.0

type AdotLambdaExecWrapper string

The wrapper script to be used for the Lambda function in order to enable auto instrumentation with ADOT.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	AdotInstrumentation: &AdotInstrumentationConfig{
		LayerVersion: awscdk.AdotLayerVersion_FromJavaScriptSdkLayerVersion(awscdk.AdotLambdaLayerJavaScriptSdkVersion_LATEST()),
		ExecWrapper: awscdk.AdotLambdaExecWrapper_REGULAR_HANDLER,
	},
})
const (
	// Wrapping regular Lambda handlers.
	AdotLambdaExecWrapper_REGULAR_HANDLER AdotLambdaExecWrapper = "REGULAR_HANDLER"
	// Wrapping regular handlers (implementing RequestHandler) proxied through API Gateway, enabling HTTP context propagation.
	AdotLambdaExecWrapper_PROXY_HANDLER AdotLambdaExecWrapper = "PROXY_HANDLER"
	// Wrapping streaming handlers (implementing RequestStreamHandler), enabling HTTP context propagation for HTTP requests.
	AdotLambdaExecWrapper_STREAM_HANDLER AdotLambdaExecWrapper = "STREAM_HANDLER"
	// Wrapping python lambda handlers see https://aws-otel.github.io/docs/getting-started/lambda/lambda-python.
	AdotLambdaExecWrapper_INSTRUMENT_HANDLER AdotLambdaExecWrapper = "INSTRUMENT_HANDLER"
	// Wrapping SQS-triggered function handlers (implementing RequestHandler).
	AdotLambdaExecWrapper_SQS_HANDLER AdotLambdaExecWrapper = "SQS_HANDLER"
)

type AdotLambdaLayerGenericVersion added in v2.57.0

type AdotLambdaLayerGenericVersion interface {
	LayerVersion() *string
	// The ARN of the Lambda layer.
	LayerArn(scope constructs.IConstruct, architecture Architecture) *string
}

The collection of versions of the ADOT Lambda Layer for generic purpose.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

adotLambdaLayerGenericVersion := awscdk.Aws_lambda.AdotLambdaLayerGenericVersion_LATEST()

func AdotLambdaLayerGenericVersion_LATEST added in v2.57.0

func AdotLambdaLayerGenericVersion_LATEST() AdotLambdaLayerGenericVersion

func AdotLambdaLayerGenericVersion_V0_102_1 added in v2.150.0

func AdotLambdaLayerGenericVersion_V0_102_1() AdotLambdaLayerGenericVersion

func AdotLambdaLayerGenericVersion_V0_62_1 added in v2.57.0

func AdotLambdaLayerGenericVersion_V0_62_1() AdotLambdaLayerGenericVersion

func AdotLambdaLayerGenericVersion_V0_82_0 added in v2.94.0

func AdotLambdaLayerGenericVersion_V0_82_0() AdotLambdaLayerGenericVersion

func AdotLambdaLayerGenericVersion_V0_84_0 added in v2.101.0

func AdotLambdaLayerGenericVersion_V0_84_0() AdotLambdaLayerGenericVersion

func AdotLambdaLayerGenericVersion_V0_88_0 added in v2.106.0

func AdotLambdaLayerGenericVersion_V0_88_0() AdotLambdaLayerGenericVersion

func AdotLambdaLayerGenericVersion_V0_90_1 added in v2.122.0

func AdotLambdaLayerGenericVersion_V0_90_1() AdotLambdaLayerGenericVersion

func AdotLambdaLayerGenericVersion_V0_98_0 added in v2.145.0

func AdotLambdaLayerGenericVersion_V0_98_0() AdotLambdaLayerGenericVersion

type AdotLambdaLayerJavaAutoInstrumentationVersion added in v2.57.0

type AdotLambdaLayerJavaAutoInstrumentationVersion interface {
	LayerVersion() *string
	// The ARN of the Lambda layer.
	LayerArn(scope constructs.IConstruct, architecture Architecture) *string
}

The collection of versions of the ADOT Lambda Layer for Java auto-instrumentation.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

adotLambdaLayerJavaAutoInstrumentationVersion := awscdk.Aws_lambda.AdotLambdaLayerJavaAutoInstrumentationVersion_LATEST()

func AdotLambdaLayerJavaAutoInstrumentationVersion_LATEST added in v2.57.0

func AdotLambdaLayerJavaAutoInstrumentationVersion_LATEST() AdotLambdaLayerJavaAutoInstrumentationVersion

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_19_2 added in v2.57.0

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_19_2() AdotLambdaLayerJavaAutoInstrumentationVersion

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_28_1 added in v2.94.0

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_28_1() AdotLambdaLayerJavaAutoInstrumentationVersion

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_30_0 added in v2.101.0

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_30_0() AdotLambdaLayerJavaAutoInstrumentationVersion

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_31_0 added in v2.106.0

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_31_0() AdotLambdaLayerJavaAutoInstrumentationVersion

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_32_0 added in v2.122.0

func AdotLambdaLayerJavaAutoInstrumentationVersion_V1_32_0() AdotLambdaLayerJavaAutoInstrumentationVersion

type AdotLambdaLayerJavaScriptSdkVersion added in v2.57.0

type AdotLambdaLayerJavaScriptSdkVersion interface {
	LayerVersion() *string
	// The ARN of the Lambda layer.
	LayerArn(scope constructs.IConstruct, architecture Architecture) *string
}

The collection of versions of the ADOT Lambda Layer for JavaScript SDK.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	AdotInstrumentation: &AdotInstrumentationConfig{
		LayerVersion: awscdk.AdotLayerVersion_FromJavaScriptSdkLayerVersion(awscdk.AdotLambdaLayerJavaScriptSdkVersion_LATEST()),
		ExecWrapper: awscdk.AdotLambdaExecWrapper_REGULAR_HANDLER,
	},
})

func AdotLambdaLayerJavaScriptSdkVersion_LATEST added in v2.57.0

func AdotLambdaLayerJavaScriptSdkVersion_LATEST() AdotLambdaLayerJavaScriptSdkVersion

func AdotLambdaLayerJavaScriptSdkVersion_V1_15_0_1 added in v2.94.0

func AdotLambdaLayerJavaScriptSdkVersion_V1_15_0_1() AdotLambdaLayerJavaScriptSdkVersion

func AdotLambdaLayerJavaScriptSdkVersion_V1_16_0 added in v2.101.0

func AdotLambdaLayerJavaScriptSdkVersion_V1_16_0() AdotLambdaLayerJavaScriptSdkVersion

func AdotLambdaLayerJavaScriptSdkVersion_V1_17_1 added in v2.106.0

func AdotLambdaLayerJavaScriptSdkVersion_V1_17_1() AdotLambdaLayerJavaScriptSdkVersion

func AdotLambdaLayerJavaScriptSdkVersion_V1_18_1 added in v2.122.0

func AdotLambdaLayerJavaScriptSdkVersion_V1_18_1() AdotLambdaLayerJavaScriptSdkVersion

func AdotLambdaLayerJavaScriptSdkVersion_V1_7_0 added in v2.57.0

func AdotLambdaLayerJavaScriptSdkVersion_V1_7_0() AdotLambdaLayerJavaScriptSdkVersion

type AdotLambdaLayerJavaSdkVersion added in v2.57.0

type AdotLambdaLayerJavaSdkVersion interface {
	LayerVersion() *string
	// The ARN of the Lambda layer.
	LayerArn(scope constructs.IConstruct, architecture Architecture) *string
}

The collection of versions of the ADOT Lambda Layer for Java SDK.

Example:

var fn function

layerArn := lambda.AdotLambdaLayerJavaSdkVersion_V1_19_0().layerArn(fn.Stack, fn.Architecture)

func AdotLambdaLayerJavaSdkVersion_LATEST added in v2.57.0

func AdotLambdaLayerJavaSdkVersion_LATEST() AdotLambdaLayerJavaSdkVersion

func AdotLambdaLayerJavaSdkVersion_V1_19_0 added in v2.57.0

func AdotLambdaLayerJavaSdkVersion_V1_19_0() AdotLambdaLayerJavaSdkVersion

func AdotLambdaLayerJavaSdkVersion_V1_28_1 added in v2.94.0

func AdotLambdaLayerJavaSdkVersion_V1_28_1() AdotLambdaLayerJavaSdkVersion

func AdotLambdaLayerJavaSdkVersion_V1_30_0 added in v2.101.0

func AdotLambdaLayerJavaSdkVersion_V1_30_0() AdotLambdaLayerJavaSdkVersion

func AdotLambdaLayerJavaSdkVersion_V1_31_0 added in v2.106.0

func AdotLambdaLayerJavaSdkVersion_V1_31_0() AdotLambdaLayerJavaSdkVersion

func AdotLambdaLayerJavaSdkVersion_V1_32_0 added in v2.122.0

func AdotLambdaLayerJavaSdkVersion_V1_32_0() AdotLambdaLayerJavaSdkVersion

type AdotLambdaLayerPythonSdkVersion added in v2.57.0

type AdotLambdaLayerPythonSdkVersion interface {
	LayerVersion() *string
	// The ARN of the Lambda layer.
	LayerArn(scope constructs.IConstruct, architecture Architecture) *string
}

The collection of versions of the ADOT Lambda Layer for Python SDK.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

adotLambdaLayerPythonSdkVersion := awscdk.Aws_lambda.AdotLambdaLayerPythonSdkVersion_LATEST()

func AdotLambdaLayerPythonSdkVersion_LATEST added in v2.57.0

func AdotLambdaLayerPythonSdkVersion_LATEST() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_13_0 added in v2.57.0

func AdotLambdaLayerPythonSdkVersion_V1_13_0() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_14_0 added in v2.88.0

func AdotLambdaLayerPythonSdkVersion_V1_14_0() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_15_0 added in v2.88.0

func AdotLambdaLayerPythonSdkVersion_V1_15_0() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_16_0 added in v2.88.0

func AdotLambdaLayerPythonSdkVersion_V1_16_0() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_17_0 added in v2.88.0

func AdotLambdaLayerPythonSdkVersion_V1_17_0() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_18_0 added in v2.88.0

func AdotLambdaLayerPythonSdkVersion_V1_18_0() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_19_0_1 added in v2.94.0

func AdotLambdaLayerPythonSdkVersion_V1_19_0_1() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_20_0 added in v2.101.0

func AdotLambdaLayerPythonSdkVersion_V1_20_0() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_20_0_1 added in v2.106.0

func AdotLambdaLayerPythonSdkVersion_V1_20_0_1() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_21_0 added in v2.122.0

func AdotLambdaLayerPythonSdkVersion_V1_21_0() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_24_0 added in v2.145.0

func AdotLambdaLayerPythonSdkVersion_V1_24_0() AdotLambdaLayerPythonSdkVersion

func AdotLambdaLayerPythonSdkVersion_V1_25_0 added in v2.150.0

func AdotLambdaLayerPythonSdkVersion_V1_25_0() AdotLambdaLayerPythonSdkVersion

type AdotLayerVersion added in v2.57.0

type AdotLayerVersion interface {
}

An ADOT Lambda layer version that's specific to a lambda layer type and an architecture.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	AdotInstrumentation: &AdotInstrumentationConfig{
		LayerVersion: awscdk.AdotLayerVersion_FromJavaScriptSdkLayerVersion(awscdk.AdotLambdaLayerJavaScriptSdkVersion_LATEST()),
		ExecWrapper: awscdk.AdotLambdaExecWrapper_REGULAR_HANDLER,
	},
})

func AdotLayerVersion_FromGenericLayerVersion added in v2.57.0

func AdotLayerVersion_FromGenericLayerVersion(version AdotLambdaLayerGenericVersion) AdotLayerVersion

The ADOT Lambda layer for generic use cases.

func AdotLayerVersion_FromJavaAutoInstrumentationLayerVersion added in v2.57.0

func AdotLayerVersion_FromJavaAutoInstrumentationLayerVersion(version AdotLambdaLayerJavaAutoInstrumentationVersion) AdotLayerVersion

The ADOT Lambda layer for Java auto instrumentation.

func AdotLayerVersion_FromJavaScriptSdkLayerVersion added in v2.57.0

func AdotLayerVersion_FromJavaScriptSdkLayerVersion(version AdotLambdaLayerJavaScriptSdkVersion) AdotLayerVersion

The ADOT Lambda layer for JavaScript SDK.

func AdotLayerVersion_FromJavaSdkLayerVersion added in v2.57.0

func AdotLayerVersion_FromJavaSdkLayerVersion(version AdotLambdaLayerJavaSdkVersion) AdotLayerVersion

The ADOT Lambda layer for Java SDK.

func AdotLayerVersion_FromPythonSdkLayerVersion added in v2.57.0

func AdotLayerVersion_FromPythonSdkLayerVersion(version AdotLambdaLayerPythonSdkVersion) AdotLayerVersion

The ADOT Lambda layer for Python SDK.

type Alias

type Alias interface {
	QualifiedFunctionBase
	IAlias
	// Name of this alias.
	AliasName() *string
	// The architecture of this Lambda Function.
	Architecture() Architecture
	// Whether the addPermission() call adds any permissions.
	//
	// True for new Lambdas, false for version $LATEST and imported Lambdas
	// from different accounts.
	CanCreatePermissions() *bool
	// Access the Connections object.
	//
	// Will fail if not a VPC-enabled Lambda Function.
	Connections() awsec2.Connections
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// ARN of this alias.
	//
	// Used to be able to use Alias in place of a regular Lambda. Lambda accepts
	// ARNs everywhere it accepts function names.
	FunctionArn() *string
	// ARN of this alias.
	//
	// Used to be able to use Alias in place of a regular Lambda. Lambda accepts
	// ARNs everywhere it accepts function names.
	FunctionName() *string
	// The principal this Lambda Function is running as.
	GrantPrincipal() awsiam.IPrincipal
	// Whether or not this Lambda function was bound to a VPC.
	//
	// If this is is `false`, trying to access the `connections` object will fail.
	IsBoundToVpc() *bool
	// The underlying `IFunction`.
	Lambda() IFunction
	// The `$LATEST` version of this function.
	//
	// Note that this is reference to a non-specific AWS Lambda version, which
	// means the function this version refers to can return different results in
	// different invocations.
	//
	// To obtain a reference to an explicit version which references the current
	// function configuration, use `lambdaFunction.currentVersion` instead.
	LatestVersion() IVersion
	// The tree node.
	Node() constructs.Node
	// The construct node where permissions are attached.
	PermissionsNode() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The qualifier of the version or alias of this function.
	//
	// A qualifier is the identifier that's appended to a version or alias ARN.
	Qualifier() *string
	// The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
	ResourceArnsForGrantInvoke() *[]*string
	// The IAM role associated with this function.
	//
	// Undefined if the function was imported without a role.
	Role() awsiam.IRole
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The underlying Lambda function version.
	Version() IVersion
	// Configure provisioned concurrency autoscaling on a function alias.
	//
	// Returns a scalable attribute that can call
	// `scaleOnUtilization()` and `scaleOnSchedule()`.
	AddAutoScaling(options *AutoScalingOptions) IScalableFunctionAttribute
	// Adds an event source to this function.
	//
	// Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
	//
	// The following example adds an SQS Queue as an event source:
	// “`
	// import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
	// myFunction.addEventSource(new SqsEventSource(myQueue));
	// “`.
	AddEventSource(source IEventSource)
	// Adds an event source that maps to this AWS Lambda function.
	AddEventSourceMapping(id *string, options *EventSourceMappingOptions) EventSourceMapping
	// Adds a url to this lambda function.
	AddFunctionUrl(options *FunctionUrlOptions) FunctionUrl
	// Adds a permission to the Lambda resource policy.
	// See: Permission for details.
	//
	AddPermission(id *string, permission *Permission)
	// Adds a statement to the IAM role assumed by the instance.
	AddToRolePolicy(statement awsiam.PolicyStatement)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Configures options for asynchronous invocation.
	ConfigureAsyncInvoke(options *EventInvokeConfigOptions)
	// A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function.
	//
	// - function.currentVersion is invoked before or after the permission is created.
	//
	// This applies only to permissions on Lambda functions, not versions or aliases.
	// This function is overridden as a noOp for QualifiedFunctionBase.
	ConsiderWarningOnInvokeFunctionPermissions(_scope constructs.Construct, _action *string)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity permissions to invoke this Lambda.
	GrantInvoke(grantee awsiam.IGrantable) awsiam.Grant
	// Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
	GrantInvokeCompositePrincipal(compositePrincipal awsiam.CompositePrincipal) *[]awsiam.Grant
	// Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
	GrantInvokeLatestVersion(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke the given version of this Lambda.
	GrantInvokeVersion(grantee awsiam.IGrantable, version IVersion) awsiam.Grant
	// Return the given named metric for this Function.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How long execution of this Lambda takes.
	//
	// Average over 5 minutes.
	MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How many invocations of this Lambda fail.
	//
	// Sum over 5 minutes.
	MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is invoked.
	//
	// Sum over 5 minutes.
	MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is throttled.
	//
	// Sum over 5 minutes.
	MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Returns a string representation of this construct.
	ToString() *string
	WarnInvokeFunctionPermissions(scope constructs.Construct)
}

A new alias to a particular version of a Lambda function.

Example:

lambdaCode := lambda.Code_FromCfnParameters()
func := lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	Code: lambdaCode,
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_LATEST(),
})
// used to make sure each CDK synthesis produces a different Version
version := func.currentVersion
alias := lambda.NewAlias(this, jsii.String("LambdaAlias"), &AliasProps{
	AliasName: jsii.String("Prod"),
	Version: Version,
})

codedeploy.NewLambdaDeploymentGroup(this, jsii.String("DeploymentGroup"), &LambdaDeploymentGroupProps{
	Alias: Alias,
	DeploymentConfig: codedeploy.LambdaDeploymentConfig_LINEAR_10PERCENT_EVERY_1MINUTE(),
})

func NewAlias

func NewAlias(scope constructs.Construct, id *string, props *AliasProps) Alias

type AliasAttributes

type AliasAttributes struct {
	AliasName    *string  `field:"required" json:"aliasName" yaml:"aliasName"`
	AliasVersion IVersion `field:"required" json:"aliasVersion" yaml:"aliasVersion"`
}

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var version version

aliasAttributes := &AliasAttributes{
	AliasName: jsii.String("aliasName"),
	AliasVersion: version,
}

type AliasOptions

type AliasOptions struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// Additional versions with individual weights this alias points to.
	//
	// Individual additional version weights specified here should add up to
	// (less than) one. All remaining weight is routed to the default
	// version.
	//
	// For example, the config is
	//
	//    version: "1"
	//    additionalVersions: [{ version: "2", weight: 0.05 }]
	//
	// Then 5% of traffic will be routed to function version 2, while
	// the remaining 95% of traffic will be routed to function version 1.
	// Default: No additional versions.
	//
	AdditionalVersions *[]*VersionWeight `field:"optional" json:"additionalVersions" yaml:"additionalVersions"`
	// Description for the alias.
	// Default: No description.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Specifies a provisioned concurrency configuration for a function's alias.
	// Default: No provisioned concurrency.
	//
	ProvisionedConcurrentExecutions *float64 `field:"optional" json:"provisionedConcurrentExecutions" yaml:"provisionedConcurrentExecutions"`
}

Options for `lambda.Alias`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var destination iDestination
var version version

aliasOptions := &AliasOptions{
	AdditionalVersions: []versionWeight{
		&versionWeight{
			Version: version,
			Weight: jsii.Number(123),
		},
	},
	Description: jsii.String("description"),
	MaxEventAge: cdk.Duration_Minutes(jsii.Number(30)),
	OnFailure: destination,
	OnSuccess: destination,
	ProvisionedConcurrentExecutions: jsii.Number(123),
	RetryAttempts: jsii.Number(123),
}

type AliasProps

type AliasProps struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// Additional versions with individual weights this alias points to.
	//
	// Individual additional version weights specified here should add up to
	// (less than) one. All remaining weight is routed to the default
	// version.
	//
	// For example, the config is
	//
	//    version: "1"
	//    additionalVersions: [{ version: "2", weight: 0.05 }]
	//
	// Then 5% of traffic will be routed to function version 2, while
	// the remaining 95% of traffic will be routed to function version 1.
	// Default: No additional versions.
	//
	AdditionalVersions *[]*VersionWeight `field:"optional" json:"additionalVersions" yaml:"additionalVersions"`
	// Description for the alias.
	// Default: No description.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Specifies a provisioned concurrency configuration for a function's alias.
	// Default: No provisioned concurrency.
	//
	ProvisionedConcurrentExecutions *float64 `field:"optional" json:"provisionedConcurrentExecutions" yaml:"provisionedConcurrentExecutions"`
	// Name of this alias.
	AliasName *string `field:"required" json:"aliasName" yaml:"aliasName"`
	// Function version this alias refers to.
	//
	// Use lambda.currentVersion to reference a version with your latest changes.
	Version IVersion `field:"required" json:"version" yaml:"version"`
}

Properties for a new Lambda alias.

Example:

lambdaCode := lambda.Code_FromCfnParameters()
func := lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	Code: lambdaCode,
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_LATEST(),
})
// used to make sure each CDK synthesis produces a different Version
version := func.currentVersion
alias := lambda.NewAlias(this, jsii.String("LambdaAlias"), &AliasProps{
	AliasName: jsii.String("Prod"),
	Version: Version,
})

codedeploy.NewLambdaDeploymentGroup(this, jsii.String("DeploymentGroup"), &LambdaDeploymentGroupProps{
	Alias: Alias,
	DeploymentConfig: codedeploy.LambdaDeploymentConfig_LINEAR_10PERCENT_EVERY_1MINUTE(),
})

type ApplicationLogLevel added in v2.110.0

type ApplicationLogLevel string

Lambda service automatically captures logs generated by the function code (known as application logs) and sends these logs to a default CloudWatch log group named after the Lambda function.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

var logGroup iLogGroup

lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("foo")),
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	LoggingFormat: lambda.LoggingFormat_JSON,
	SystemLogLevelV2: lambda.SystemLogLevel_INFO,
	ApplicationLogLevelV2: lambda.ApplicationLogLevel_INFO,
	LogGroup: logGroup,
})
const (
	// Lambda will capture only logs at info level.
	ApplicationLogLevel_INFO ApplicationLogLevel = "INFO"
	// Lambda will capture only logs at debug level.
	ApplicationLogLevel_DEBUG ApplicationLogLevel = "DEBUG"
	// Lambda will capture only logs at warn level.
	ApplicationLogLevel_WARN ApplicationLogLevel = "WARN"
	// Lambda will capture only logs at trace level.
	ApplicationLogLevel_TRACE ApplicationLogLevel = "TRACE"
	// Lambda will capture only logs at error level.
	ApplicationLogLevel_ERROR ApplicationLogLevel = "ERROR"
	// Lambda will capture only logs at fatal level.
	ApplicationLogLevel_FATAL ApplicationLogLevel = "FATAL"
)

type Architecture

type Architecture interface {
	// The platform to use for this architecture when building with Docker.
	DockerPlatform() *string
	// The name of the architecture as recognized by the AWS Lambda service APIs.
	Name() *string
	// Returns a string representation of the architecture using the name.
	ToString() *string
}

Architectures supported by AWS Lambda.

Example:

lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Architecture: lambda.Architecture_ARM_64(),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	InsightsVersion: lambda.LambdaInsightsVersion_VERSION_1_0_119_0(),
})

func Architecture_ARM_64

func Architecture_ARM_64() Architecture

func Architecture_Custom

func Architecture_Custom(name *string, dockerPlatform *string) Architecture

Used to specify a custom architecture name.

Use this if the architecture name is not yet supported by the CDK.

func Architecture_X86_64

func Architecture_X86_64() Architecture

type AssetCode

type AssetCode interface {
	Code
	// Determines whether this Code is inline code or not.
	IsInline() *bool
	// The path to the asset file or directory.
	Path() *string
	// Called when the lambda or layer is initialized to allow this object to bind to the stack, add resources and have fun.
	Bind(scope constructs.Construct) *CodeConfig
	// Called after the CFN function resource has been created to allow the code class to bind to it.
	//
	// Specifically it's required to allow assets to add
	// metadata for tooling like SAM CLI to be able to find their origins.
	BindToResource(resource awscdk.CfnResource, options *ResourceBindOptions)
}

Lambda code from a local directory.

Example:

// Lambda function containing logic that evaluates compliance with the rule.
evalComplianceFn := lambda.NewFunction(this, jsii.String("CustomFunction"), &FunctionProps{
	Code: lambda.AssetCode_FromInline(jsii.String("exports.handler = (event) => console.log(event);")),
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_18_X(),
})

// A custom rule that runs on configuration changes of EC2 instances
customRule := config.NewCustomRule(this, jsii.String("Custom"), &CustomRuleProps{
	ConfigurationChanges: jsii.Boolean(true),
	LambdaFunction: evalComplianceFn,
	RuleScope: config.RuleScope_FromResource(config.ResourceType_EC2_INSTANCE()),
})

// A rule to detect stack drifts
driftRule := config.NewCloudFormationStackDriftDetectionCheck(this, jsii.String("Drift"))

// Topic to which compliance notification events will be published
complianceTopic := sns.NewTopic(this, jsii.String("ComplianceTopic"))

// Send notification on compliance change events
driftRule.onComplianceChange(jsii.String("ComplianceChange"), &OnEventOptions{
	Target: targets.NewSnsTopic(complianceTopic),
})

func AssetCode_FromAsset

func AssetCode_FromAsset(path *string, options *awss3assets.AssetOptions) AssetCode

Loads the function code from a local disk path.

func AssetCode_FromCustomCommand added in v2.144.0

func AssetCode_FromCustomCommand(output *string, command *[]*string, options *CustomCommandOptions) AssetCode

Runs a command to build the code asset that will be used.

func AssetCode_FromDockerBuild

func AssetCode_FromDockerBuild(path *string, options *DockerBuildAssetOptions) AssetCode

Loads the function code from an asset created by a Docker build.

By default, the asset is expected to be located at `/asset` in the image.

func AssetImageCode_FromAsset

func AssetImageCode_FromAsset(path *string, options *awss3assets.AssetOptions) AssetCode

Loads the function code from a local disk path.

func AssetImageCode_FromCustomCommand added in v2.144.0

func AssetImageCode_FromCustomCommand(output *string, command *[]*string, options *CustomCommandOptions) AssetCode

Runs a command to build the code asset that will be used.

func AssetImageCode_FromDockerBuild

func AssetImageCode_FromDockerBuild(path *string, options *DockerBuildAssetOptions) AssetCode

Loads the function code from an asset created by a Docker build.

By default, the asset is expected to be located at `/asset` in the image.

func CfnParametersCode_FromAsset

func CfnParametersCode_FromAsset(path *string, options *awss3assets.AssetOptions) AssetCode

Loads the function code from a local disk path.

func CfnParametersCode_FromCustomCommand added in v2.144.0

func CfnParametersCode_FromCustomCommand(output *string, command *[]*string, options *CustomCommandOptions) AssetCode

Runs a command to build the code asset that will be used.

func CfnParametersCode_FromDockerBuild

func CfnParametersCode_FromDockerBuild(path *string, options *DockerBuildAssetOptions) AssetCode

Loads the function code from an asset created by a Docker build.

By default, the asset is expected to be located at `/asset` in the image.

func Code_FromAsset

func Code_FromAsset(path *string, options *awss3assets.AssetOptions) AssetCode

Loads the function code from a local disk path.

func Code_FromCustomCommand added in v2.144.0

func Code_FromCustomCommand(output *string, command *[]*string, options *CustomCommandOptions) AssetCode

Runs a command to build the code asset that will be used.

func Code_FromDockerBuild

func Code_FromDockerBuild(path *string, options *DockerBuildAssetOptions) AssetCode

Loads the function code from an asset created by a Docker build.

By default, the asset is expected to be located at `/asset` in the image.

func EcrImageCode_FromAsset

func EcrImageCode_FromAsset(path *string, options *awss3assets.AssetOptions) AssetCode

Loads the function code from a local disk path.

func EcrImageCode_FromCustomCommand added in v2.144.0

func EcrImageCode_FromCustomCommand(output *string, command *[]*string, options *CustomCommandOptions) AssetCode

Runs a command to build the code asset that will be used.

func EcrImageCode_FromDockerBuild

func EcrImageCode_FromDockerBuild(path *string, options *DockerBuildAssetOptions) AssetCode

Loads the function code from an asset created by a Docker build.

By default, the asset is expected to be located at `/asset` in the image.

func InlineCode_FromAsset

func InlineCode_FromAsset(path *string, options *awss3assets.AssetOptions) AssetCode

Loads the function code from a local disk path.

func InlineCode_FromCustomCommand added in v2.144.0

func InlineCode_FromCustomCommand(output *string, command *[]*string, options *CustomCommandOptions) AssetCode

Runs a command to build the code asset that will be used.

func InlineCode_FromDockerBuild

func InlineCode_FromDockerBuild(path *string, options *DockerBuildAssetOptions) AssetCode

Loads the function code from an asset created by a Docker build.

By default, the asset is expected to be located at `/asset` in the image.

func NewAssetCode

func NewAssetCode(path *string, options *awss3assets.AssetOptions) AssetCode

func S3Code_FromAsset

func S3Code_FromAsset(path *string, options *awss3assets.AssetOptions) AssetCode

Loads the function code from a local disk path.

func S3Code_FromCustomCommand added in v2.144.0

func S3Code_FromCustomCommand(output *string, command *[]*string, options *CustomCommandOptions) AssetCode

Runs a command to build the code asset that will be used.

func S3Code_FromDockerBuild

func S3Code_FromDockerBuild(path *string, options *DockerBuildAssetOptions) AssetCode

Loads the function code from an asset created by a Docker build.

By default, the asset is expected to be located at `/asset` in the image.

type AssetImageCode

type AssetImageCode interface {
	Code
	// Determines whether this Code is inline code or not.
	IsInline() *bool
	// Called when the lambda or layer is initialized to allow this object to bind to the stack, add resources and have fun.
	Bind(scope constructs.Construct) *CodeConfig
	// Called after the CFN function resource has been created to allow the code class to bind to it.
	//
	// Specifically it's required to allow assets to add
	// metadata for tooling like SAM CLI to be able to find their origins.
	BindToResource(resource awscdk.CfnResource, options *ResourceBindOptions)
}

Represents an ECR image that will be constructed from the specified asset and can be bound as Lambda code.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var networkMode networkMode
var platform platform

assetImageCode := awscdk.Aws_lambda.NewAssetImageCode(jsii.String("directory"), &AssetImageCodeProps{
	AssetName: jsii.String("assetName"),
	BuildArgs: map[string]*string{
		"buildArgsKey": jsii.String("buildArgs"),
	},
	BuildSecrets: map[string]*string{
		"buildSecretsKey": jsii.String("buildSecrets"),
	},
	BuildSsh: jsii.String("buildSsh"),
	CacheDisabled: jsii.Boolean(false),
	CacheFrom: []dockerCacheOption{
		&dockerCacheOption{
			Type: jsii.String("type"),

			// the properties below are optional
			Params: map[string]*string{
				"paramsKey": jsii.String("params"),
			},
		},
	},
	CacheTo: &dockerCacheOption{
		Type: jsii.String("type"),

		// the properties below are optional
		Params: map[string]*string{
			"paramsKey": jsii.String("params"),
		},
	},
	Cmd: []*string{
		jsii.String("cmd"),
	},
	Entrypoint: []*string{
		jsii.String("entrypoint"),
	},
	Exclude: []*string{
		jsii.String("exclude"),
	},
	ExtraHash: jsii.String("extraHash"),
	File: jsii.String("file"),
	FollowSymlinks: cdk.SymlinkFollowMode_NEVER,
	IgnoreMode: cdk.IgnoreMode_GLOB,
	Invalidation: &DockerImageAssetInvalidationOptions{
		BuildArgs: jsii.Boolean(false),
		BuildSecrets: jsii.Boolean(false),
		BuildSsh: jsii.Boolean(false),
		ExtraHash: jsii.Boolean(false),
		File: jsii.Boolean(false),
		NetworkMode: jsii.Boolean(false),
		Outputs: jsii.Boolean(false),
		Platform: jsii.Boolean(false),
		RepositoryName: jsii.Boolean(false),
		Target: jsii.Boolean(false),
	},
	NetworkMode: networkMode,
	Outputs: []*string{
		jsii.String("outputs"),
	},
	Platform: platform,
	Target: jsii.String("target"),
	WorkingDirectory: jsii.String("workingDirectory"),
})

func AssetCode_FromAssetImage

func AssetCode_FromAssetImage(directory *string, props *AssetImageCodeProps) AssetImageCode

Create an ECR image from the specified asset and bind it as the Lambda code.

func AssetImageCode_FromAssetImage

func AssetImageCode_FromAssetImage(directory *string, props *AssetImageCodeProps) AssetImageCode

Create an ECR image from the specified asset and bind it as the Lambda code.

func CfnParametersCode_FromAssetImage

func CfnParametersCode_FromAssetImage(directory *string, props *AssetImageCodeProps) AssetImageCode

Create an ECR image from the specified asset and bind it as the Lambda code.

func Code_FromAssetImage

func Code_FromAssetImage(directory *string, props *AssetImageCodeProps) AssetImageCode

Create an ECR image from the specified asset and bind it as the Lambda code.

func EcrImageCode_FromAssetImage

func EcrImageCode_FromAssetImage(directory *string, props *AssetImageCodeProps) AssetImageCode

Create an ECR image from the specified asset and bind it as the Lambda code.

func InlineCode_FromAssetImage

func InlineCode_FromAssetImage(directory *string, props *AssetImageCodeProps) AssetImageCode

Create an ECR image from the specified asset and bind it as the Lambda code.

func NewAssetImageCode

func NewAssetImageCode(directory *string, props *AssetImageCodeProps) AssetImageCode

func S3Code_FromAssetImage

func S3Code_FromAssetImage(directory *string, props *AssetImageCodeProps) AssetImageCode

Create an ECR image from the specified asset and bind it as the Lambda code.

type AssetImageCodeProps

type AssetImageCodeProps struct {
	// File paths matching the patterns will be excluded.
	//
	// See `ignoreMode` to set the matching behavior.
	// Has no effect on Assets bundled using the `bundling` property.
	// Default: - nothing is excluded.
	//
	Exclude *[]*string `field:"optional" json:"exclude" yaml:"exclude"`
	// A strategy for how to handle symlinks.
	// Default: SymlinkFollowMode.NEVER
	//
	FollowSymlinks awscdk.SymlinkFollowMode `field:"optional" json:"followSymlinks" yaml:"followSymlinks"`
	// The ignore behavior to use for `exclude` patterns.
	// Default: IgnoreMode.GLOB
	//
	IgnoreMode awscdk.IgnoreMode `field:"optional" json:"ignoreMode" yaml:"ignoreMode"`
	// Extra information to encode into the fingerprint (e.g. build instructions and other inputs).
	// Default: - hash is only based on source content.
	//
	ExtraHash *string `field:"optional" json:"extraHash" yaml:"extraHash"`
	// Unique identifier of the docker image asset and its potential revisions.
	//
	// Required if using AppScopedStagingSynthesizer.
	// Default: - no asset name.
	//
	AssetName *string `field:"optional" json:"assetName" yaml:"assetName"`
	// Build args to pass to the `docker build` command.
	//
	// Since Docker build arguments are resolved before deployment, keys and
	// values cannot refer to unresolved tokens (such as `lambda.functionArn` or
	// `queue.queueUrl`).
	// Default: - no build args are passed.
	//
	BuildArgs *map[string]*string `field:"optional" json:"buildArgs" yaml:"buildArgs"`
	// Build secrets.
	//
	// Docker BuildKit must be enabled to use build secrets.
	//
	// Example:
	//   import { DockerBuildSecret } from 'aws-cdk-lib';
	//
	//   const buildSecrets = {
	//     'MY_SECRET': DockerBuildSecret.fromSrc('file.txt')
	//   };
	//
	// See: https://docs.docker.com/build/buildkit/
	//
	// Default: - no build secrets.
	//
	BuildSecrets *map[string]*string `field:"optional" json:"buildSecrets" yaml:"buildSecrets"`
	// SSH agent socket or keys to pass to the `docker build` command.
	//
	// Docker BuildKit must be enabled to use the ssh flag.
	// See: https://docs.docker.com/build/buildkit/
	//
	// Default: - no --ssh flag.
	//
	BuildSsh *string `field:"optional" json:"buildSsh" yaml:"buildSsh"`
	// Disable the cache and pass `--no-cache` to the `docker build` command.
	// Default: - cache is used.
	//
	CacheDisabled *bool `field:"optional" json:"cacheDisabled" yaml:"cacheDisabled"`
	// Cache from options to pass to the `docker build` command.
	// See: https://docs.docker.com/build/cache/backends/
	//
	// Default: - no cache from options are passed to the build command.
	//
	CacheFrom *[]*awsecrassets.DockerCacheOption `field:"optional" json:"cacheFrom" yaml:"cacheFrom"`
	// Cache to options to pass to the `docker build` command.
	// See: https://docs.docker.com/build/cache/backends/
	//
	// Default: - no cache to options are passed to the build command.
	//
	CacheTo *awsecrassets.DockerCacheOption `field:"optional" json:"cacheTo" yaml:"cacheTo"`
	// Path to the Dockerfile (relative to the directory).
	// Default: 'Dockerfile'.
	//
	File *string `field:"optional" json:"file" yaml:"file"`
	// Options to control which parameters are used to invalidate the asset hash.
	// Default: - hash all parameters.
	//
	Invalidation *awsecrassets.DockerImageAssetInvalidationOptions `field:"optional" json:"invalidation" yaml:"invalidation"`
	// Networking mode for the RUN commands during build.
	//
	// Support docker API 1.25+.
	// Default: - no networking mode specified (the default networking mode `NetworkMode.DEFAULT` will be used)
	//
	NetworkMode awsecrassets.NetworkMode `field:"optional" json:"networkMode" yaml:"networkMode"`
	// Outputs to pass to the `docker build` command.
	// See: https://docs.docker.com/engine/reference/commandline/build/#custom-build-outputs
	//
	// Default: - no outputs are passed to the build command (default outputs are used).
	//
	Outputs *[]*string `field:"optional" json:"outputs" yaml:"outputs"`
	// Platform to build for.
	//
	// _Requires Docker Buildx_.
	// Default: - no platform specified (the current machine architecture will be used).
	//
	Platform awsecrassets.Platform `field:"optional" json:"platform" yaml:"platform"`
	// Docker target to build to.
	// Default: - no target.
	//
	Target *string `field:"optional" json:"target" yaml:"target"`
	// Specify or override the CMD on the specified Docker image or Dockerfile.
	//
	// This needs to be in the 'exec form', viz., `[ 'executable', 'param1', 'param2' ]`.
	// See: https://docs.docker.com/engine/reference/builder/#cmd
	//
	// Default: - use the CMD specified in the docker image or Dockerfile.
	//
	Cmd *[]*string `field:"optional" json:"cmd" yaml:"cmd"`
	// Specify or override the ENTRYPOINT on the specified Docker image or Dockerfile.
	//
	// An ENTRYPOINT allows you to configure a container that will run as an executable.
	// This needs to be in the 'exec form', viz., `[ 'executable', 'param1', 'param2' ]`.
	// See: https://docs.docker.com/engine/reference/builder/#entrypoint
	//
	// Default: - use the ENTRYPOINT in the docker image or Dockerfile.
	//
	Entrypoint *[]*string `field:"optional" json:"entrypoint" yaml:"entrypoint"`
	// Specify or override the WORKDIR on the specified Docker image or Dockerfile.
	//
	// A WORKDIR allows you to configure the working directory the container will use.
	// See: https://docs.docker.com/engine/reference/builder/#workdir
	//
	// Default: - use the WORKDIR in the docker image or Dockerfile.
	//
	WorkingDirectory *string `field:"optional" json:"workingDirectory" yaml:"workingDirectory"`
}

Properties to initialize a new AssetImage.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var networkMode networkMode
var platform platform

assetImageCodeProps := &AssetImageCodeProps{
	AssetName: jsii.String("assetName"),
	BuildArgs: map[string]*string{
		"buildArgsKey": jsii.String("buildArgs"),
	},
	BuildSecrets: map[string]*string{
		"buildSecretsKey": jsii.String("buildSecrets"),
	},
	BuildSsh: jsii.String("buildSsh"),
	CacheDisabled: jsii.Boolean(false),
	CacheFrom: []dockerCacheOption{
		&dockerCacheOption{
			Type: jsii.String("type"),

			// the properties below are optional
			Params: map[string]*string{
				"paramsKey": jsii.String("params"),
			},
		},
	},
	CacheTo: &dockerCacheOption{
		Type: jsii.String("type"),

		// the properties below are optional
		Params: map[string]*string{
			"paramsKey": jsii.String("params"),
		},
	},
	Cmd: []*string{
		jsii.String("cmd"),
	},
	Entrypoint: []*string{
		jsii.String("entrypoint"),
	},
	Exclude: []*string{
		jsii.String("exclude"),
	},
	ExtraHash: jsii.String("extraHash"),
	File: jsii.String("file"),
	FollowSymlinks: cdk.SymlinkFollowMode_NEVER,
	IgnoreMode: cdk.IgnoreMode_GLOB,
	Invalidation: &DockerImageAssetInvalidationOptions{
		BuildArgs: jsii.Boolean(false),
		BuildSecrets: jsii.Boolean(false),
		BuildSsh: jsii.Boolean(false),
		ExtraHash: jsii.Boolean(false),
		File: jsii.Boolean(false),
		NetworkMode: jsii.Boolean(false),
		Outputs: jsii.Boolean(false),
		Platform: jsii.Boolean(false),
		RepositoryName: jsii.Boolean(false),
		Target: jsii.Boolean(false),
	},
	NetworkMode: networkMode,
	Outputs: []*string{
		jsii.String("outputs"),
	},
	Platform: platform,
	Target: jsii.String("target"),
	WorkingDirectory: jsii.String("workingDirectory"),
}

type AutoScalingOptions

type AutoScalingOptions struct {
	// Maximum capacity to scale to.
	MaxCapacity *float64 `field:"required" json:"maxCapacity" yaml:"maxCapacity"`
	// Minimum capacity to scale to.
	// Default: 1.
	//
	MinCapacity *float64 `field:"optional" json:"minCapacity" yaml:"minCapacity"`
}

Properties for enabling Lambda autoscaling.

Example:

import autoscaling "github.com/aws/aws-cdk-go/awscdk"

var fn function

alias := fn.AddAlias(jsii.String("prod"))

// Create AutoScaling target
as := alias.AddAutoScaling(&AutoScalingOptions{
	MaxCapacity: jsii.Number(50),
})

// Configure Target Tracking
as.ScaleOnUtilization(&UtilizationScalingOptions{
	UtilizationTarget: jsii.Number(0.5),
})

// Configure Scheduled Scaling
as.ScaleOnSchedule(jsii.String("ScaleUpInTheMorning"), &ScalingSchedule{
	Schedule: autoscaling.Schedule_Cron(&CronOptions{
		Hour: jsii.String("8"),
		Minute: jsii.String("0"),
	}),
	MinCapacity: jsii.Number(20),
})

type CfnAlias

type CfnAlias interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The Amazon Resource Name (ARN) of the alias.
	AttrAliasArn() *string
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// A description of the alias.
	Description() *string
	SetDescription(val *string)
	// The name or ARN of the Lambda function.
	FunctionName() *string
	SetFunctionName(val *string)
	// The function version that the alias invokes.
	FunctionVersion() *string
	SetFunctionVersion(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The name of the alias.
	Name() *string
	SetName(val *string)
	// The tree node.
	Node() constructs.Node
	// Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.
	ProvisionedConcurrencyConfig() interface{}
	SetProvisionedConcurrencyConfig(val interface{})
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.
	RoutingConfig() interface{}
	SetRoutingConfig(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

The `AWS::Lambda::Alias` resource creates an [alias](https://docs.aws.amazon.com/lambda/latest/dg/configuration-aliases.html) for a Lambda function version. Use aliases to provide clients with a function identifier that you can update to invoke a different version.

You can also map an alias to split invocation requests between two versions. Use the `RoutingConfig` parameter to specify a second version and the percentage of invocation requests that it receives.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnAlias := awscdk.Aws_lambda.NewCfnAlias(this, jsii.String("MyCfnAlias"), &CfnAliasProps{
	FunctionName: jsii.String("functionName"),
	FunctionVersion: jsii.String("functionVersion"),
	Name: jsii.String("name"),

	// the properties below are optional
	Description: jsii.String("description"),
	ProvisionedConcurrencyConfig: &ProvisionedConcurrencyConfigurationProperty{
		ProvisionedConcurrentExecutions: jsii.Number(123),
	},
	RoutingConfig: &AliasRoutingConfigurationProperty{
		AdditionalVersionWeights: []interface{}{
			&VersionWeightProperty{
				FunctionVersion: jsii.String("functionVersion"),
				FunctionWeight: jsii.Number(123),
			},
		},
	},
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html

func NewCfnAlias

func NewCfnAlias(scope constructs.Construct, id *string, props *CfnAliasProps) CfnAlias

type CfnAliasProps

type CfnAliasProps struct {
	// The name or ARN of the Lambda function.
	//
	// **Name formats** - *Function name* - `MyFunction` .
	// - *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .
	// - *Partial ARN* - `123456789012:function:MyFunction` .
	//
	// The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-functionname
	//
	FunctionName *string `field:"required" json:"functionName" yaml:"functionName"`
	// The function version that the alias invokes.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-functionversion
	//
	FunctionVersion *string `field:"required" json:"functionVersion" yaml:"functionVersion"`
	// The name of the alias.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-name
	//
	Name *string `field:"required" json:"name" yaml:"name"`
	// A description of the alias.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-description
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Specifies a [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's alias.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-provisionedconcurrencyconfig
	//
	ProvisionedConcurrencyConfig interface{} `field:"optional" json:"provisionedConcurrencyConfig" yaml:"provisionedConcurrencyConfig"`
	// The [routing configuration](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) of the alias.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html#cfn-lambda-alias-routingconfig
	//
	RoutingConfig interface{} `field:"optional" json:"routingConfig" yaml:"routingConfig"`
}

Properties for defining a `CfnAlias`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnAliasProps := &CfnAliasProps{
	FunctionName: jsii.String("functionName"),
	FunctionVersion: jsii.String("functionVersion"),
	Name: jsii.String("name"),

	// the properties below are optional
	Description: jsii.String("description"),
	ProvisionedConcurrencyConfig: &ProvisionedConcurrencyConfigurationProperty{
		ProvisionedConcurrentExecutions: jsii.Number(123),
	},
	RoutingConfig: &AliasRoutingConfigurationProperty{
		AdditionalVersionWeights: []interface{}{
			&VersionWeightProperty{
				FunctionVersion: jsii.String("functionVersion"),
				FunctionWeight: jsii.Number(123),
			},
		},
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-alias.html

type CfnAlias_AliasRoutingConfigurationProperty

type CfnAlias_AliasRoutingConfigurationProperty struct {
	// The second version, and the percentage of traffic that's routed to it.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-alias-aliasroutingconfiguration.html#cfn-lambda-alias-aliasroutingconfiguration-additionalversionweights
	//
	AdditionalVersionWeights interface{} `field:"optional" json:"additionalVersionWeights" yaml:"additionalVersionWeights"`
}

The [traffic-shifting](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) configuration of a Lambda function alias.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

aliasRoutingConfigurationProperty := &AliasRoutingConfigurationProperty{
	AdditionalVersionWeights: []interface{}{
		&VersionWeightProperty{
			FunctionVersion: jsii.String("functionVersion"),
			FunctionWeight: jsii.Number(123),
		},
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-alias-aliasroutingconfiguration.html

type CfnAlias_ProvisionedConcurrencyConfigurationProperty

type CfnAlias_ProvisionedConcurrencyConfigurationProperty struct {
	// The amount of provisioned concurrency to allocate for the alias.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-alias-provisionedconcurrencyconfiguration.html#cfn-lambda-alias-provisionedconcurrencyconfiguration-provisionedconcurrentexecutions
	//
	ProvisionedConcurrentExecutions *float64 `field:"required" json:"provisionedConcurrentExecutions" yaml:"provisionedConcurrentExecutions"`
}

A provisioned concurrency configuration for a function's alias.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

provisionedConcurrencyConfigurationProperty := &ProvisionedConcurrencyConfigurationProperty{
	ProvisionedConcurrentExecutions: jsii.Number(123),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-alias-provisionedconcurrencyconfiguration.html

type CfnAlias_VersionWeightProperty

type CfnAlias_VersionWeightProperty struct {
	// The qualifier of the second version.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-alias-versionweight.html#cfn-lambda-alias-versionweight-functionversion
	//
	FunctionVersion *string `field:"required" json:"functionVersion" yaml:"functionVersion"`
	// The percentage of traffic that the alias routes to the second version.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-alias-versionweight.html#cfn-lambda-alias-versionweight-functionweight
	//
	FunctionWeight *float64 `field:"required" json:"functionWeight" yaml:"functionWeight"`
}

The [traffic-shifting](https://docs.aws.amazon.com/lambda/latest/dg/lambda-traffic-shifting-using-aliases.html) configuration of a Lambda function alias.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

versionWeightProperty := &VersionWeightProperty{
	FunctionVersion: jsii.String("functionVersion"),
	FunctionWeight: jsii.Number(123),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-alias-versionweight.html

type CfnCodeSigningConfig

type CfnCodeSigningConfig interface {
	awscdk.CfnResource
	awscdk.IInspectable
	awscdk.ITaggableV2
	// List of allowed publishers.
	AllowedPublishers() interface{}
	SetAllowedPublishers(val interface{})
	// The Amazon Resource Name (ARN) of the code signing configuration.
	AttrCodeSigningConfigArn() *string
	// The code signing configuration ID.
	AttrCodeSigningConfigId() *string
	// Tag Manager which manages the tags for this resource.
	CdkTagManager() awscdk.TagManager
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// The code signing policy controls the validation failure action for signature mismatch or expiry.
	CodeSigningPolicies() interface{}
	SetCodeSigningPolicies(val interface{})
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// Code signing configuration description.
	Description() *string
	SetDescription(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The tree node.
	Node() constructs.Node
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// A list of tags to apply to CodeSigningConfig resource.
	Tags() *[]*awscdk.CfnTag
	SetTags(val *[]*awscdk.CfnTag)
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

Details about a [Code signing configuration](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnCodeSigningConfig := awscdk.Aws_lambda.NewCfnCodeSigningConfig(this, jsii.String("MyCfnCodeSigningConfig"), &CfnCodeSigningConfigProps{
	AllowedPublishers: &AllowedPublishersProperty{
		SigningProfileVersionArns: []*string{
			jsii.String("signingProfileVersionArns"),
		},
	},

	// the properties below are optional
	CodeSigningPolicies: &CodeSigningPoliciesProperty{
		UntrustedArtifactOnDeployment: jsii.String("untrustedArtifactOnDeployment"),
	},
	Description: jsii.String("description"),
	Tags: []cfnTag{
		&cfnTag{
			Key: jsii.String("key"),
			Value: jsii.String("value"),
		},
	},
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html

func NewCfnCodeSigningConfig

func NewCfnCodeSigningConfig(scope constructs.Construct, id *string, props *CfnCodeSigningConfigProps) CfnCodeSigningConfig

type CfnCodeSigningConfigProps

type CfnCodeSigningConfigProps struct {
	// List of allowed publishers.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html#cfn-lambda-codesigningconfig-allowedpublishers
	//
	AllowedPublishers interface{} `field:"required" json:"allowedPublishers" yaml:"allowedPublishers"`
	// The code signing policy controls the validation failure action for signature mismatch or expiry.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html#cfn-lambda-codesigningconfig-codesigningpolicies
	//
	CodeSigningPolicies interface{} `field:"optional" json:"codeSigningPolicies" yaml:"codeSigningPolicies"`
	// Code signing configuration description.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html#cfn-lambda-codesigningconfig-description
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// A list of tags to apply to CodeSigningConfig resource.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html#cfn-lambda-codesigningconfig-tags
	//
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
}

Properties for defining a `CfnCodeSigningConfig`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnCodeSigningConfigProps := &CfnCodeSigningConfigProps{
	AllowedPublishers: &AllowedPublishersProperty{
		SigningProfileVersionArns: []*string{
			jsii.String("signingProfileVersionArns"),
		},
	},

	// the properties below are optional
	CodeSigningPolicies: &CodeSigningPoliciesProperty{
		UntrustedArtifactOnDeployment: jsii.String("untrustedArtifactOnDeployment"),
	},
	Description: jsii.String("description"),
	Tags: []cfnTag{
		&cfnTag{
			Key: jsii.String("key"),
			Value: jsii.String("value"),
		},
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-codesigningconfig.html

type CfnCodeSigningConfig_AllowedPublishersProperty

type CfnCodeSigningConfig_AllowedPublishersProperty struct {
	// The Amazon Resource Name (ARN) for each of the signing profiles.
	//
	// A signing profile defines a trusted user who can sign a code package.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-allowedpublishers.html#cfn-lambda-codesigningconfig-allowedpublishers-signingprofileversionarns
	//
	SigningProfileVersionArns *[]*string `field:"required" json:"signingProfileVersionArns" yaml:"signingProfileVersionArns"`
}

List of signing profiles that can sign a code package.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

allowedPublishersProperty := &AllowedPublishersProperty{
	SigningProfileVersionArns: []*string{
		jsii.String("signingProfileVersionArns"),
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-allowedpublishers.html

type CfnCodeSigningConfig_CodeSigningPoliciesProperty

type CfnCodeSigningConfig_CodeSigningPoliciesProperty struct {
	// Code signing configuration policy for deployment validation failure.
	//
	// If you set the policy to `Enforce` , Lambda blocks the deployment request if signature validation checks fail. If you set the policy to `Warn` , Lambda allows the deployment and creates a CloudWatch log.
	//
	// Default value: `Warn`.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-codesigningpolicies.html#cfn-lambda-codesigningconfig-codesigningpolicies-untrustedartifactondeployment
	//
	// Default: - "Warn".
	//
	UntrustedArtifactOnDeployment *string `field:"required" json:"untrustedArtifactOnDeployment" yaml:"untrustedArtifactOnDeployment"`
}

Code signing configuration [policies](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html#config-codesigning-policies) specify the validation failure action for signature mismatch or expiry.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

codeSigningPoliciesProperty := &CodeSigningPoliciesProperty{
	UntrustedArtifactOnDeployment: jsii.String("untrustedArtifactOnDeployment"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-codesigningconfig-codesigningpolicies.html

type CfnEventInvokeConfig

type CfnEventInvokeConfig interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// A destination for events after they have been sent to a function for processing.
	DestinationConfig() interface{}
	SetDestinationConfig(val interface{})
	// The name of the Lambda function.
	FunctionName() *string
	SetFunctionName(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The maximum age of a request that Lambda sends to a function for processing.
	MaximumEventAgeInSeconds() *float64
	SetMaximumEventAgeInSeconds(val *float64)
	// The maximum number of times to retry when the function returns an error.
	MaximumRetryAttempts() *float64
	SetMaximumRetryAttempts(val *float64)
	// The tree node.
	Node() constructs.Node
	// The identifier of a version or alias.
	Qualifier() *string
	SetQualifier(val *string)
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

The `AWS::Lambda::EventInvokeConfig` resource configures options for [asynchronous invocation](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html) on a version or an alias.

By default, Lambda retries an asynchronous invocation twice if the function returns an error. It retains events in a queue for up to six hours. When an event fails all processing attempts or stays in the asynchronous invocation queue for too long, Lambda discards it.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnEventInvokeConfig := awscdk.Aws_lambda.NewCfnEventInvokeConfig(this, jsii.String("MyCfnEventInvokeConfig"), &CfnEventInvokeConfigProps{
	FunctionName: jsii.String("functionName"),
	Qualifier: jsii.String("qualifier"),

	// the properties below are optional
	DestinationConfig: &DestinationConfigProperty{
		OnFailure: &OnFailureProperty{
			Destination: jsii.String("destination"),
		},
		OnSuccess: &OnSuccessProperty{
			Destination: jsii.String("destination"),
		},
	},
	MaximumEventAgeInSeconds: jsii.Number(123),
	MaximumRetryAttempts: jsii.Number(123),
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html

func NewCfnEventInvokeConfig

func NewCfnEventInvokeConfig(scope constructs.Construct, id *string, props *CfnEventInvokeConfigProps) CfnEventInvokeConfig

type CfnEventInvokeConfigProps

type CfnEventInvokeConfigProps struct {
	// The name of the Lambda function.
	//
	// *Minimum* : `1`
	//
	// *Maximum* : `64`
	//
	// *Pattern* : `([a-zA-Z0-9-_]+)`.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html#cfn-lambda-eventinvokeconfig-functionname
	//
	FunctionName *string `field:"required" json:"functionName" yaml:"functionName"`
	// The identifier of a version or alias.
	//
	// - *Version* - A version number.
	// - *Alias* - An alias name.
	// - *Latest* - To specify the unpublished version, use `$LATEST` .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html#cfn-lambda-eventinvokeconfig-qualifier
	//
	Qualifier *string `field:"required" json:"qualifier" yaml:"qualifier"`
	// A destination for events after they have been sent to a function for processing.
	//
	// **Destinations** - *Function* - The Amazon Resource Name (ARN) of a Lambda function.
	// - *Queue* - The ARN of a standard SQS queue.
	// - *Topic* - The ARN of a standard SNS topic.
	// - *Event Bus* - The ARN of an Amazon EventBridge event bus.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html#cfn-lambda-eventinvokeconfig-destinationconfig
	//
	DestinationConfig interface{} `field:"optional" json:"destinationConfig" yaml:"destinationConfig"`
	// The maximum age of a request that Lambda sends to a function for processing.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html#cfn-lambda-eventinvokeconfig-maximumeventageinseconds
	//
	MaximumEventAgeInSeconds *float64 `field:"optional" json:"maximumEventAgeInSeconds" yaml:"maximumEventAgeInSeconds"`
	// The maximum number of times to retry when the function returns an error.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html#cfn-lambda-eventinvokeconfig-maximumretryattempts
	//
	MaximumRetryAttempts *float64 `field:"optional" json:"maximumRetryAttempts" yaml:"maximumRetryAttempts"`
}

Properties for defining a `CfnEventInvokeConfig`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnEventInvokeConfigProps := &CfnEventInvokeConfigProps{
	FunctionName: jsii.String("functionName"),
	Qualifier: jsii.String("qualifier"),

	// the properties below are optional
	DestinationConfig: &DestinationConfigProperty{
		OnFailure: &OnFailureProperty{
			Destination: jsii.String("destination"),
		},
		OnSuccess: &OnSuccessProperty{
			Destination: jsii.String("destination"),
		},
	},
	MaximumEventAgeInSeconds: jsii.Number(123),
	MaximumRetryAttempts: jsii.Number(123),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventinvokeconfig.html

type CfnEventInvokeConfig_DestinationConfigProperty

type CfnEventInvokeConfig_DestinationConfigProperty struct {
	// The destination configuration for failed invocations.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-destinationconfig.html#cfn-lambda-eventinvokeconfig-destinationconfig-onfailure
	//
	OnFailure interface{} `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination configuration for successful invocations.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-destinationconfig.html#cfn-lambda-eventinvokeconfig-destinationconfig-onsuccess
	//
	OnSuccess interface{} `field:"optional" json:"onSuccess" yaml:"onSuccess"`
}

A configuration object that specifies the destination of an event after Lambda processes it.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

destinationConfigProperty := &DestinationConfigProperty{
	OnFailure: &OnFailureProperty{
		Destination: jsii.String("destination"),
	},
	OnSuccess: &OnSuccessProperty{
		Destination: jsii.String("destination"),
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-destinationconfig.html

type CfnEventInvokeConfig_OnFailureProperty

type CfnEventInvokeConfig_OnFailureProperty struct {
	// The Amazon Resource Name (ARN) of the destination resource.
	//
	// To retain records of [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations) , you can configure an Amazon SNS topic, Amazon SQS queue, Lambda function, or Amazon EventBridge event bus as the destination.
	//
	// To retain records of failed invocations from [Kinesis and DynamoDB event sources](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#event-source-mapping-destinations) , you can configure an Amazon SNS topic or Amazon SQS queue as the destination.
	//
	// To retain records of failed invocations from [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination) , you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-onfailure.html#cfn-lambda-eventinvokeconfig-onfailure-destination
	//
	Destination *string `field:"required" json:"destination" yaml:"destination"`
}

A destination for events that failed processing.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

onFailureProperty := &OnFailureProperty{
	Destination: jsii.String("destination"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-onfailure.html

type CfnEventInvokeConfig_OnSuccessProperty

type CfnEventInvokeConfig_OnSuccessProperty struct {
	// The Amazon Resource Name (ARN) of the destination resource.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-onsuccess.html#cfn-lambda-eventinvokeconfig-onsuccess-destination
	//
	Destination *string `field:"required" json:"destination" yaml:"destination"`
}

A destination for events that were processed successfully.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

onSuccessProperty := &OnSuccessProperty{
	Destination: jsii.String("destination"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventinvokeconfig-onsuccess.html

type CfnEventSourceMapping

type CfnEventSourceMapping interface {
	awscdk.CfnResource
	awscdk.IInspectable
	awscdk.ITaggableV2
	// Specific configuration settings for an MSK event source.
	AmazonManagedKafkaEventSourceConfig() interface{}
	SetAmazonManagedKafkaEventSourceConfig(val interface{})
	AttrEventSourceMappingArn() *string
	// Event Source Mapping Identifier UUID.
	AttrId() *string
	// The maximum number of items to retrieve in a single batch.
	BatchSize() *float64
	SetBatchSize(val *float64)
	// (Streams) If the function returns an error, split the batch in two and retry.
	BisectBatchOnFunctionError() interface{}
	SetBisectBatchOnFunctionError(val interface{})
	// Tag Manager which manages the tags for this resource.
	CdkTagManager() awscdk.TagManager
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// A configuration object that specifies the destination of an event after Lambda processes it.
	DestinationConfig() interface{}
	SetDestinationConfig(val interface{})
	// Document db event source config.
	DocumentDbEventSourceConfig() interface{}
	SetDocumentDbEventSourceConfig(val interface{})
	// Disables the event source mapping to pause polling and invocation.
	Enabled() interface{}
	SetEnabled(val interface{})
	// The Amazon Resource Name (ARN) of the event source.
	EventSourceArn() *string
	SetEventSourceArn(val *string)
	// The filter criteria to control event filtering.
	FilterCriteria() interface{}
	SetFilterCriteria(val interface{})
	// The name of the Lambda function.
	FunctionName() *string
	SetFunctionName(val *string)
	// (Streams) A list of response types supported by the function.
	FunctionResponseTypes() *[]*string
	SetFunctionResponseTypes(val *[]*string)
	// The Amazon Resource Name (ARN) of the KMS key.
	KmsKeyArn() *string
	SetKmsKeyArn(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// (Streams) The maximum amount of time to gather records before invoking the function, in seconds.
	MaximumBatchingWindowInSeconds() *float64
	SetMaximumBatchingWindowInSeconds(val *float64)
	// (Streams) The maximum age of a record that Lambda sends to a function for processing.
	MaximumRecordAgeInSeconds() *float64
	SetMaximumRecordAgeInSeconds(val *float64)
	// (Streams) The maximum number of times to retry when the function returns an error.
	MaximumRetryAttempts() *float64
	SetMaximumRetryAttempts(val *float64)
	// The tree node.
	Node() constructs.Node
	// (Streams) The number of batches to process from each shard concurrently.
	ParallelizationFactor() *float64
	SetParallelizationFactor(val *float64)
	// (ActiveMQ) A list of ActiveMQ queues.
	Queues() *[]*string
	SetQueues(val *[]*string)
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// The scaling configuration for the event source.
	ScalingConfig() interface{}
	SetScalingConfig(val interface{})
	// The configuration used by AWS Lambda to access a self-managed event source.
	SelfManagedEventSource() interface{}
	SetSelfManagedEventSource(val interface{})
	// Specific configuration settings for a Self-Managed Apache Kafka event source.
	SelfManagedKafkaEventSourceConfig() interface{}
	SetSelfManagedKafkaEventSourceConfig(val interface{})
	// A list of SourceAccessConfiguration.
	SourceAccessConfigurations() interface{}
	SetSourceAccessConfigurations(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// The position in a stream from which to start reading.
	StartingPosition() *string
	SetStartingPosition(val *string)
	// With StartingPosition set to AT_TIMESTAMP, the time from which to start reading, in Unix time seconds.
	StartingPositionTimestamp() *float64
	SetStartingPositionTimestamp(val *float64)
	Tags() *[]*awscdk.CfnTag
	SetTags(val *[]*awscdk.CfnTag)
	// (Kafka) A list of Kafka topics.
	Topics() *[]*string
	SetTopics(val *[]*string)
	// (Streams) Tumbling window (non-overlapping time window) duration to perform aggregations.
	TumblingWindowInSeconds() *float64
	SetTumblingWindowInSeconds(val *float64)
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

The `AWS::Lambda::EventSourceMapping` resource creates a mapping between an event source and an AWS Lambda function.

Lambda reads items from the event source and triggers the function.

For details about each event source type, see the following topics. In particular, each of the topics describes the required and optional parameters for the specific event source.

- [Configuring a Dynamo DB stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-dynamodb-eventsourcemapping) - [Configuring a Kinesis stream as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html#services-kinesis-eventsourcemapping) - [Configuring an SQS queue as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-eventsource) - [Configuring an MQ broker as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html#services-mq-eventsourcemapping) - [Configuring MSK as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html) - [Configuring Self-Managed Apache Kafka as an event source](https://docs.aws.amazon.com/lambda/latest/dg/kafka-smaa.html) - [Configuring Amazon DocumentDB as an event source](https://docs.aws.amazon.com/lambda/latest/dg/with-documentdb.html)

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnEventSourceMapping := awscdk.Aws_lambda.NewCfnEventSourceMapping(this, jsii.String("MyCfnEventSourceMapping"), &CfnEventSourceMappingProps{
	FunctionName: jsii.String("functionName"),

	// the properties below are optional
	AmazonManagedKafkaEventSourceConfig: &AmazonManagedKafkaEventSourceConfigProperty{
		ConsumerGroupId: jsii.String("consumerGroupId"),
	},
	BatchSize: jsii.Number(123),
	BisectBatchOnFunctionError: jsii.Boolean(false),
	DestinationConfig: &DestinationConfigProperty{
		OnFailure: &OnFailureProperty{
			Destination: jsii.String("destination"),
		},
	},
	DocumentDbEventSourceConfig: &DocumentDBEventSourceConfigProperty{
		CollectionName: jsii.String("collectionName"),
		DatabaseName: jsii.String("databaseName"),
		FullDocument: jsii.String("fullDocument"),
	},
	Enabled: jsii.Boolean(false),
	EventSourceArn: jsii.String("eventSourceArn"),
	FilterCriteria: &FilterCriteriaProperty{
		Filters: []interface{}{
			&FilterProperty{
				Pattern: jsii.String("pattern"),
			},
		},
	},
	FunctionResponseTypes: []*string{
		jsii.String("functionResponseTypes"),
	},
	KmsKeyArn: jsii.String("kmsKeyArn"),
	MaximumBatchingWindowInSeconds: jsii.Number(123),
	MaximumRecordAgeInSeconds: jsii.Number(123),
	MaximumRetryAttempts: jsii.Number(123),
	ParallelizationFactor: jsii.Number(123),
	Queues: []*string{
		jsii.String("queues"),
	},
	ScalingConfig: &ScalingConfigProperty{
		MaximumConcurrency: jsii.Number(123),
	},
	SelfManagedEventSource: &SelfManagedEventSourceProperty{
		Endpoints: &EndpointsProperty{
			KafkaBootstrapServers: []*string{
				jsii.String("kafkaBootstrapServers"),
			},
		},
	},
	SelfManagedKafkaEventSourceConfig: &SelfManagedKafkaEventSourceConfigProperty{
		ConsumerGroupId: jsii.String("consumerGroupId"),
	},
	SourceAccessConfigurations: []interface{}{
		&SourceAccessConfigurationProperty{
			Type: jsii.String("type"),
			Uri: jsii.String("uri"),
		},
	},
	StartingPosition: jsii.String("startingPosition"),
	StartingPositionTimestamp: jsii.Number(123),
	Tags: []cfnTag{
		&cfnTag{
			Key: jsii.String("key"),
			Value: jsii.String("value"),
		},
	},
	Topics: []*string{
		jsii.String("topics"),
	},
	TumblingWindowInSeconds: jsii.Number(123),
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html

func NewCfnEventSourceMapping

func NewCfnEventSourceMapping(scope constructs.Construct, id *string, props *CfnEventSourceMappingProps) CfnEventSourceMapping

type CfnEventSourceMappingProps

type CfnEventSourceMappingProps struct {
	// The name of the Lambda function.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-functionname
	//
	FunctionName *string `field:"required" json:"functionName" yaml:"functionName"`
	// Specific configuration settings for an MSK event source.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-amazonmanagedkafkaeventsourceconfig
	//
	AmazonManagedKafkaEventSourceConfig interface{} `field:"optional" json:"amazonManagedKafkaEventSourceConfig" yaml:"amazonManagedKafkaEventSourceConfig"`
	// The maximum number of items to retrieve in a single batch.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-batchsize
	//
	BatchSize *float64 `field:"optional" json:"batchSize" yaml:"batchSize"`
	// (Streams) If the function returns an error, split the batch in two and retry.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-bisectbatchonfunctionerror
	//
	BisectBatchOnFunctionError interface{} `field:"optional" json:"bisectBatchOnFunctionError" yaml:"bisectBatchOnFunctionError"`
	// A configuration object that specifies the destination of an event after Lambda processes it.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-destinationconfig
	//
	DestinationConfig interface{} `field:"optional" json:"destinationConfig" yaml:"destinationConfig"`
	// Document db event source config.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-documentdbeventsourceconfig
	//
	DocumentDbEventSourceConfig interface{} `field:"optional" json:"documentDbEventSourceConfig" yaml:"documentDbEventSourceConfig"`
	// Disables the event source mapping to pause polling and invocation.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-enabled
	//
	Enabled interface{} `field:"optional" json:"enabled" yaml:"enabled"`
	// The Amazon Resource Name (ARN) of the event source.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-eventsourcearn
	//
	EventSourceArn *string `field:"optional" json:"eventSourceArn" yaml:"eventSourceArn"`
	// The filter criteria to control event filtering.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-filtercriteria
	//
	FilterCriteria interface{} `field:"optional" json:"filterCriteria" yaml:"filterCriteria"`
	// (Streams) A list of response types supported by the function.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-functionresponsetypes
	//
	FunctionResponseTypes *[]*string `field:"optional" json:"functionResponseTypes" yaml:"functionResponseTypes"`
	// The Amazon Resource Name (ARN) of the KMS key.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-kmskeyarn
	//
	KmsKeyArn *string `field:"optional" json:"kmsKeyArn" yaml:"kmsKeyArn"`
	// (Streams) The maximum amount of time to gather records before invoking the function, in seconds.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumbatchingwindowinseconds
	//
	MaximumBatchingWindowInSeconds *float64 `field:"optional" json:"maximumBatchingWindowInSeconds" yaml:"maximumBatchingWindowInSeconds"`
	// (Streams) The maximum age of a record that Lambda sends to a function for processing.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumrecordageinseconds
	//
	MaximumRecordAgeInSeconds *float64 `field:"optional" json:"maximumRecordAgeInSeconds" yaml:"maximumRecordAgeInSeconds"`
	// (Streams) The maximum number of times to retry when the function returns an error.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-maximumretryattempts
	//
	MaximumRetryAttempts *float64 `field:"optional" json:"maximumRetryAttempts" yaml:"maximumRetryAttempts"`
	// (Streams) The number of batches to process from each shard concurrently.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-parallelizationfactor
	//
	ParallelizationFactor *float64 `field:"optional" json:"parallelizationFactor" yaml:"parallelizationFactor"`
	// (ActiveMQ) A list of ActiveMQ queues.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-queues
	//
	Queues *[]*string `field:"optional" json:"queues" yaml:"queues"`
	// The scaling configuration for the event source.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-scalingconfig
	//
	ScalingConfig interface{} `field:"optional" json:"scalingConfig" yaml:"scalingConfig"`
	// The configuration used by AWS Lambda to access a self-managed event source.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-selfmanagedeventsource
	//
	SelfManagedEventSource interface{} `field:"optional" json:"selfManagedEventSource" yaml:"selfManagedEventSource"`
	// Specific configuration settings for a Self-Managed Apache Kafka event source.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-selfmanagedkafkaeventsourceconfig
	//
	SelfManagedKafkaEventSourceConfig interface{} `field:"optional" json:"selfManagedKafkaEventSourceConfig" yaml:"selfManagedKafkaEventSourceConfig"`
	// A list of SourceAccessConfiguration.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-sourceaccessconfigurations
	//
	SourceAccessConfigurations interface{} `field:"optional" json:"sourceAccessConfigurations" yaml:"sourceAccessConfigurations"`
	// The position in a stream from which to start reading.
	//
	// Required for Amazon Kinesis and Amazon DynamoDB Streams sources.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingposition
	//
	StartingPosition *string `field:"optional" json:"startingPosition" yaml:"startingPosition"`
	// With StartingPosition set to AT_TIMESTAMP, the time from which to start reading, in Unix time seconds.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-startingpositiontimestamp
	//
	StartingPositionTimestamp *float64 `field:"optional" json:"startingPositionTimestamp" yaml:"startingPositionTimestamp"`
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-tags
	//
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
	// (Kafka) A list of Kafka topics.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-topics
	//
	Topics *[]*string `field:"optional" json:"topics" yaml:"topics"`
	// (Streams) Tumbling window (non-overlapping time window) duration to perform aggregations.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html#cfn-lambda-eventsourcemapping-tumblingwindowinseconds
	//
	TumblingWindowInSeconds *float64 `field:"optional" json:"tumblingWindowInSeconds" yaml:"tumblingWindowInSeconds"`
}

Properties for defining a `CfnEventSourceMapping`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnEventSourceMappingProps := &CfnEventSourceMappingProps{
	FunctionName: jsii.String("functionName"),

	// the properties below are optional
	AmazonManagedKafkaEventSourceConfig: &AmazonManagedKafkaEventSourceConfigProperty{
		ConsumerGroupId: jsii.String("consumerGroupId"),
	},
	BatchSize: jsii.Number(123),
	BisectBatchOnFunctionError: jsii.Boolean(false),
	DestinationConfig: &DestinationConfigProperty{
		OnFailure: &OnFailureProperty{
			Destination: jsii.String("destination"),
		},
	},
	DocumentDbEventSourceConfig: &DocumentDBEventSourceConfigProperty{
		CollectionName: jsii.String("collectionName"),
		DatabaseName: jsii.String("databaseName"),
		FullDocument: jsii.String("fullDocument"),
	},
	Enabled: jsii.Boolean(false),
	EventSourceArn: jsii.String("eventSourceArn"),
	FilterCriteria: &FilterCriteriaProperty{
		Filters: []interface{}{
			&FilterProperty{
				Pattern: jsii.String("pattern"),
			},
		},
	},
	FunctionResponseTypes: []*string{
		jsii.String("functionResponseTypes"),
	},
	KmsKeyArn: jsii.String("kmsKeyArn"),
	MaximumBatchingWindowInSeconds: jsii.Number(123),
	MaximumRecordAgeInSeconds: jsii.Number(123),
	MaximumRetryAttempts: jsii.Number(123),
	ParallelizationFactor: jsii.Number(123),
	Queues: []*string{
		jsii.String("queues"),
	},
	ScalingConfig: &ScalingConfigProperty{
		MaximumConcurrency: jsii.Number(123),
	},
	SelfManagedEventSource: &SelfManagedEventSourceProperty{
		Endpoints: &EndpointsProperty{
			KafkaBootstrapServers: []*string{
				jsii.String("kafkaBootstrapServers"),
			},
		},
	},
	SelfManagedKafkaEventSourceConfig: &SelfManagedKafkaEventSourceConfigProperty{
		ConsumerGroupId: jsii.String("consumerGroupId"),
	},
	SourceAccessConfigurations: []interface{}{
		&SourceAccessConfigurationProperty{
			Type: jsii.String("type"),
			Uri: jsii.String("uri"),
		},
	},
	StartingPosition: jsii.String("startingPosition"),
	StartingPositionTimestamp: jsii.Number(123),
	Tags: []cfnTag{
		&cfnTag{
			Key: jsii.String("key"),
			Value: jsii.String("value"),
		},
	},
	Topics: []*string{
		jsii.String("topics"),
	},
	TumblingWindowInSeconds: jsii.Number(123),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html

type CfnEventSourceMapping_AmazonManagedKafkaEventSourceConfigProperty added in v2.39.0

type CfnEventSourceMapping_AmazonManagedKafkaEventSourceConfigProperty struct {
	// The identifier for the Kafka Consumer Group to join.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-amazonmanagedkafkaeventsourceconfig.html#cfn-lambda-eventsourcemapping-amazonmanagedkafkaeventsourceconfig-consumergroupid
	//
	ConsumerGroupId *string `field:"optional" json:"consumerGroupId" yaml:"consumerGroupId"`
}

Specific configuration settings for an MSK event source.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

amazonManagedKafkaEventSourceConfigProperty := &AmazonManagedKafkaEventSourceConfigProperty{
	ConsumerGroupId: jsii.String("consumerGroupId"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-amazonmanagedkafkaeventsourceconfig.html

type CfnEventSourceMapping_DestinationConfigProperty

type CfnEventSourceMapping_DestinationConfigProperty struct {
	// A destination for records of invocations that failed processing.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-destinationconfig.html#cfn-lambda-eventsourcemapping-destinationconfig-onfailure
	//
	OnFailure interface{} `field:"optional" json:"onFailure" yaml:"onFailure"`
}

A configuration object that specifies the destination of an event after Lambda processes it.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

destinationConfigProperty := &DestinationConfigProperty{
	OnFailure: &OnFailureProperty{
		Destination: jsii.String("destination"),
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-destinationconfig.html

type CfnEventSourceMapping_DocumentDBEventSourceConfigProperty added in v2.70.0

type CfnEventSourceMapping_DocumentDBEventSourceConfigProperty struct {
	// The collection name to connect to.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-documentdbeventsourceconfig.html#cfn-lambda-eventsourcemapping-documentdbeventsourceconfig-collectionname
	//
	CollectionName *string `field:"optional" json:"collectionName" yaml:"collectionName"`
	// The database name to connect to.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-documentdbeventsourceconfig.html#cfn-lambda-eventsourcemapping-documentdbeventsourceconfig-databasename
	//
	DatabaseName *string `field:"optional" json:"databaseName" yaml:"databaseName"`
	// Include full document in change stream response.
	//
	// The default option will only send the changes made to documents to Lambda. If you want the complete document sent to Lambda, set this to UpdateLookup.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-documentdbeventsourceconfig.html#cfn-lambda-eventsourcemapping-documentdbeventsourceconfig-fulldocument
	//
	FullDocument *string `field:"optional" json:"fullDocument" yaml:"fullDocument"`
}

Document db event source config.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

documentDBEventSourceConfigProperty := &DocumentDBEventSourceConfigProperty{
	CollectionName: jsii.String("collectionName"),
	DatabaseName: jsii.String("databaseName"),
	FullDocument: jsii.String("fullDocument"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-documentdbeventsourceconfig.html

type CfnEventSourceMapping_EndpointsProperty

type CfnEventSourceMapping_EndpointsProperty struct {
	// A list of Kafka server endpoints.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-endpoints.html#cfn-lambda-eventsourcemapping-endpoints-kafkabootstrapservers
	//
	KafkaBootstrapServers *[]*string `field:"optional" json:"kafkaBootstrapServers" yaml:"kafkaBootstrapServers"`
}

The endpoints used by AWS Lambda to access a self-managed event source.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

endpointsProperty := &EndpointsProperty{
	KafkaBootstrapServers: []*string{
		jsii.String("kafkaBootstrapServers"),
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-endpoints.html

type CfnEventSourceMapping_FilterCriteriaProperty added in v2.13.0

type CfnEventSourceMapping_FilterCriteriaProperty struct {
	// List of filters of this FilterCriteria.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html#cfn-lambda-eventsourcemapping-filtercriteria-filters
	//
	Filters interface{} `field:"optional" json:"filters" yaml:"filters"`
}

The filter criteria to control event filtering.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

filterCriteriaProperty := &FilterCriteriaProperty{
	Filters: []interface{}{
		&FilterProperty{
			Pattern: jsii.String("pattern"),
		},
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filtercriteria.html

type CfnEventSourceMapping_FilterProperty added in v2.13.0

type CfnEventSourceMapping_FilterProperty struct {
	// The filter pattern that defines which events should be passed for invocations.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filter.html#cfn-lambda-eventsourcemapping-filter-pattern
	//
	Pattern *string `field:"optional" json:"pattern" yaml:"pattern"`
}

The filter object that defines parameters for ESM filtering.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

filterProperty := &FilterProperty{
	Pattern: jsii.String("pattern"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-filter.html

type CfnEventSourceMapping_OnFailureProperty

type CfnEventSourceMapping_OnFailureProperty struct {
	// The Amazon Resource Name (ARN) of the destination resource.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-onfailure.html#cfn-lambda-eventsourcemapping-onfailure-destination
	//
	Destination *string `field:"optional" json:"destination" yaml:"destination"`
}

A destination for records of invocations that failed processing.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

onFailureProperty := &OnFailureProperty{
	Destination: jsii.String("destination"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-onfailure.html

type CfnEventSourceMapping_ScalingConfigProperty added in v2.55.0

type CfnEventSourceMapping_ScalingConfigProperty struct {
	// The maximum number of concurrent functions that an event source can invoke.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-scalingconfig.html#cfn-lambda-eventsourcemapping-scalingconfig-maximumconcurrency
	//
	MaximumConcurrency *float64 `field:"optional" json:"maximumConcurrency" yaml:"maximumConcurrency"`
}

The scaling configuration for the event source.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

scalingConfigProperty := &ScalingConfigProperty{
	MaximumConcurrency: jsii.Number(123),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-scalingconfig.html

type CfnEventSourceMapping_SelfManagedEventSourceProperty

type CfnEventSourceMapping_SelfManagedEventSourceProperty struct {
	// The endpoints used by AWS Lambda to access a self-managed event source.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-selfmanagedeventsource.html#cfn-lambda-eventsourcemapping-selfmanagedeventsource-endpoints
	//
	Endpoints interface{} `field:"optional" json:"endpoints" yaml:"endpoints"`
}

The configuration used by AWS Lambda to access a self-managed event source.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

selfManagedEventSourceProperty := &SelfManagedEventSourceProperty{
	Endpoints: &EndpointsProperty{
		KafkaBootstrapServers: []*string{
			jsii.String("kafkaBootstrapServers"),
		},
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-selfmanagedeventsource.html

type CfnEventSourceMapping_SelfManagedKafkaEventSourceConfigProperty added in v2.39.0

type CfnEventSourceMapping_SelfManagedKafkaEventSourceConfigProperty struct {
	// The identifier for the Kafka Consumer Group to join.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-selfmanagedkafkaeventsourceconfig.html#cfn-lambda-eventsourcemapping-selfmanagedkafkaeventsourceconfig-consumergroupid
	//
	ConsumerGroupId *string `field:"optional" json:"consumerGroupId" yaml:"consumerGroupId"`
}

Specific configuration settings for a Self-Managed Apache Kafka event source.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

selfManagedKafkaEventSourceConfigProperty := &SelfManagedKafkaEventSourceConfigProperty{
	ConsumerGroupId: jsii.String("consumerGroupId"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-selfmanagedkafkaeventsourceconfig.html

type CfnEventSourceMapping_SourceAccessConfigurationProperty

type CfnEventSourceMapping_SourceAccessConfigurationProperty struct {
	// The type of source access configuration.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html#cfn-lambda-eventsourcemapping-sourceaccessconfiguration-type
	//
	Type *string `field:"optional" json:"type" yaml:"type"`
	// The URI for the source access configuration resource.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html#cfn-lambda-eventsourcemapping-sourceaccessconfiguration-uri
	//
	Uri *string `field:"optional" json:"uri" yaml:"uri"`
}

The configuration used by AWS Lambda to access event source.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

sourceAccessConfigurationProperty := &SourceAccessConfigurationProperty{
	Type: jsii.String("type"),
	Uri: jsii.String("uri"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html

type CfnFunction

type CfnFunction interface {
	awscdk.CfnResource
	awscdk.IInspectable
	awscdk.ITaggable
	// The instruction set architecture that the function supports.
	Architectures() *[]*string
	SetArchitectures(val *[]*string)
	AttrArn() *string
	// The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.
	AttrSnapStartResponse() awscdk.IResolvable
	// When set to “PublishedVersions“, Lambda creates a snapshot of the execution environment when you publish a function version.
	AttrSnapStartResponseApplyOn() *string
	// When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using), this response element indicates whether SnapStart is activated for the specified function version.
	AttrSnapStartResponseOptimizationStatus() *string
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template.  Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template.
	Code() interface{}
	SetCode(val interface{})
	// To enable code signing for this function, specify the ARN of a code-signing configuration.
	CodeSigningConfigArn() *string
	SetCodeSigningConfigArn(val *string)
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// The [dead-letter queue](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) for failed asynchronous invocations.
	DeadLetterConfig() interface{}
	SetDeadLetterConfig(val interface{})
	// A description of the function.
	Description() *string
	SetDescription(val *string)
	// A function's environment variable settings.
	Environment() interface{}
	SetEnvironment(val interface{})
	// The size of the function's “/tmp“ directory in MB.
	EphemeralStorage() interface{}
	SetEphemeralStorage(val interface{})
	// Connection settings for an Amazon EFS file system.
	FileSystemConfigs() interface{}
	SetFileSystemConfigs(val interface{})
	// The name of the Lambda function, up to 64 characters in length.
	FunctionName() *string
	SetFunctionName(val *string)
	// The name of the method within your code that Lambda calls to run your function.
	Handler() *string
	SetHandler(val *string)
	// Configuration values that override the container image Dockerfile settings.
	ImageConfig() interface{}
	SetImageConfig(val interface{})
	// The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption). When [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) is activated, Lambda also uses this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). If you don't provide a customer managed key, Lambda uses a default service key.
	KmsKeyArn() *string
	SetKmsKeyArn(val *string)
	// A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.
	Layers() *[]*string
	SetLayers(val *[]*string)
	// The function's Amazon CloudWatch Logs configuration settings.
	LoggingConfig() interface{}
	SetLoggingConfig(val interface{})
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.
	MemorySize() *float64
	SetMemorySize(val *float64)
	// The tree node.
	Node() constructs.Node
	// The type of deployment package.
	PackageType() *string
	SetPackageType(val *string)
	// This property is set to terminate unintended recursions.
	RecursiveLoop() *string
	SetRecursiveLoop(val *string)
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// The number of simultaneous executions to reserve for the function.
	ReservedConcurrentExecutions() *float64
	SetReservedConcurrentExecutions(val *float64)
	// The Amazon Resource Name (ARN) of the function's execution role.
	Role() *string
	SetRole(val *string)
	// The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.  The following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels).  For a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported).
	Runtime() *string
	SetRuntime(val *string)
	// Sets the runtime management configuration for a function's version.
	RuntimeManagementConfig() interface{}
	SetRuntimeManagementConfig(val interface{})
	// The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.
	SnapStart() interface{}
	SetSnapStart(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// Tag Manager which manages the tags for this resource.
	Tags() awscdk.TagManager
	// A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.
	TagsRaw() *[]*awscdk.CfnTag
	SetTagsRaw(val *[]*awscdk.CfnTag)
	// The amount of time (in seconds) that Lambda allows a function to run before stopping it.
	Timeout() *float64
	SetTimeout(val *float64)
	// The function's [](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) tracing configuration. To sample and record incoming requests, set “Mode“ to “Active“.
	TracingConfig() interface{}
	SetTracingConfig(val interface{})
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// The VPC security groups and subnets that are attached to a Lambda function.
	VpcConfig() interface{}
	SetVpcConfig(val interface{})
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

The `AWS::Lambda::Function` resource creates a Lambda function.

To create a function, you need a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) and an [execution role](https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html) . The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use AWS services, such as Amazon CloudWatch Logs for log streaming and AWS X-Ray for request tracing.

You set the package type to `Image` if the deployment package is a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) . For these functions, include the URI of the container image in the Amazon ECR registry in the [`ImageUri` property of the `Code` property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-imageuri) . You do not need to specify the handler and runtime properties.

You set the package type to `Zip` if the deployment package is a [.zip file archive](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html#gettingstarted-package-zip) . For these functions, specify the Amazon S3 location of your .zip file in the `Code` property. Alternatively, for Node.js and Python functions, you can define your function inline in the [`ZipFile` property of the `Code` property](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-zipfile) . In both cases, you must also specify the handler and runtime properties.

You can use [code signing](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html) if your deployment package is a .zip file archive. To enable code signing for this function, specify the ARN of a code-signing configuration. When a user attempts to deploy a code package with `UpdateFunctionCode` , Lambda checks that the code package has a valid signature from a trusted publisher. The code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.

When you update a `AWS::Lambda::Function` resource, CloudFormation calls the [UpdateFunctionConfiguration](https://docs.aws.amazon.com/lambda/latest/api/API_UpdateFunctionConfiguration.html) and [UpdateFunctionCode](https://docs.aws.amazon.com/lambda/latest/api/API_UpdateFunctionCode.html) Lambda APIs under the hood. Because these calls happen sequentially, and invocations can happen between these calls, your function may encounter errors in the time between the calls. For example, if you remove an environment variable, and the code that references that environment variable in the same CloudFormation update, you may see invocation errors related to a missing environment variable. To work around this, you can invoke your function against a version or alias by default, rather than the `$LATEST` version.

Note that you configure [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/provisioned-concurrency.html) on a `AWS::Lambda::Version` or a `AWS::Lambda::Alias` .

For a complete introduction to Lambda functions, see [What is Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/lambda-welcome.html) in the *Lambda developer guide.*

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnFunction := awscdk.Aws_lambda.NewCfnFunction(this, jsii.String("MyCfnFunction"), &CfnFunctionProps{
	Code: &CodeProperty{
		ImageUri: jsii.String("imageUri"),
		S3Bucket: jsii.String("s3Bucket"),
		S3Key: jsii.String("s3Key"),
		S3ObjectVersion: jsii.String("s3ObjectVersion"),
		SourceKmsKeyArn: jsii.String("sourceKmsKeyArn"),
		ZipFile: jsii.String("zipFile"),
	},
	Role: jsii.String("role"),

	// the properties below are optional
	Architectures: []*string{
		jsii.String("architectures"),
	},
	CodeSigningConfigArn: jsii.String("codeSigningConfigArn"),
	DeadLetterConfig: &DeadLetterConfigProperty{
		TargetArn: jsii.String("targetArn"),
	},
	Description: jsii.String("description"),
	Environment: &EnvironmentProperty{
		Variables: map[string]*string{
			"variablesKey": jsii.String("variables"),
		},
	},
	EphemeralStorage: &EphemeralStorageProperty{
		Size: jsii.Number(123),
	},
	FileSystemConfigs: []interface{}{
		&FileSystemConfigProperty{
			Arn: jsii.String("arn"),
			LocalMountPath: jsii.String("localMountPath"),
		},
	},
	FunctionName: jsii.String("functionName"),
	Handler: jsii.String("handler"),
	ImageConfig: &ImageConfigProperty{
		Command: []*string{
			jsii.String("command"),
		},
		EntryPoint: []*string{
			jsii.String("entryPoint"),
		},
		WorkingDirectory: jsii.String("workingDirectory"),
	},
	KmsKeyArn: jsii.String("kmsKeyArn"),
	Layers: []*string{
		jsii.String("layers"),
	},
	LoggingConfig: &LoggingConfigProperty{
		ApplicationLogLevel: jsii.String("applicationLogLevel"),
		LogFormat: jsii.String("logFormat"),
		LogGroup: jsii.String("logGroup"),
		SystemLogLevel: jsii.String("systemLogLevel"),
	},
	MemorySize: jsii.Number(123),
	PackageType: jsii.String("packageType"),
	RecursiveLoop: jsii.String("recursiveLoop"),
	ReservedConcurrentExecutions: jsii.Number(123),
	Runtime: jsii.String("runtime"),
	RuntimeManagementConfig: &RuntimeManagementConfigProperty{
		UpdateRuntimeOn: jsii.String("updateRuntimeOn"),

		// the properties below are optional
		RuntimeVersionArn: jsii.String("runtimeVersionArn"),
	},
	SnapStart: &SnapStartProperty{
		ApplyOn: jsii.String("applyOn"),
	},
	Tags: []cfnTag{
		&cfnTag{
			Key: jsii.String("key"),
			Value: jsii.String("value"),
		},
	},
	Timeout: jsii.Number(123),
	TracingConfig: &TracingConfigProperty{
		Mode: jsii.String("mode"),
	},
	VpcConfig: &VpcConfigProperty{
		Ipv6AllowedForDualStack: jsii.Boolean(false),
		SecurityGroupIds: []*string{
			jsii.String("securityGroupIds"),
		},
		SubnetIds: []*string{
			jsii.String("subnetIds"),
		},
	},
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html

func NewCfnFunction

func NewCfnFunction(scope constructs.Construct, id *string, props *CfnFunctionProps) CfnFunction

type CfnFunctionProps

type CfnFunctionProps struct {
	// The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template.  Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-code
	//
	Code interface{} `field:"required" json:"code" yaml:"code"`
	// The Amazon Resource Name (ARN) of the function's execution role.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-role
	//
	Role *string `field:"required" json:"role" yaml:"role"`
	// The instruction set architecture that the function supports.
	//
	// Enter a string array with one of the valid values (arm64 or x86_64). The default value is “x86_64“.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-architectures
	//
	Architectures *[]*string `field:"optional" json:"architectures" yaml:"architectures"`
	// To enable code signing for this function, specify the ARN of a code-signing configuration.
	//
	// A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-codesigningconfigarn
	//
	CodeSigningConfigArn *string `field:"optional" json:"codeSigningConfigArn" yaml:"codeSigningConfigArn"`
	// The [dead-letter queue](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) for failed asynchronous invocations.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-deadletterconfig
	//
	DeadLetterConfig interface{} `field:"optional" json:"deadLetterConfig" yaml:"deadLetterConfig"`
	// A description of the function.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-description
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// A function's environment variable settings.
	//
	// You can use environment variables to adjust your function's behavior without updating code. An environment variable is a pair of strings that are stored in a function's version-specific configuration.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-environment
	//
	Environment interface{} `field:"optional" json:"environment" yaml:"environment"`
	// The size of the function's “/tmp“ directory in MB.
	//
	// The default value is 512, but it can be any whole number between 512 and 10,240 MB.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-ephemeralstorage
	//
	EphemeralStorage interface{} `field:"optional" json:"ephemeralStorage" yaml:"ephemeralStorage"`
	// Connection settings for an Amazon EFS file system.
	//
	// To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a “DependsOn“ attribute to ensure that the mount target is created or updated before the function.
	//  For more information about using the “DependsOn“ attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-filesystemconfigs
	//
	FileSystemConfigs interface{} `field:"optional" json:"fileSystemConfigs" yaml:"fileSystemConfigs"`
	// The name of the Lambda function, up to 64 characters in length.
	//
	// If you don't specify a name, CFN generates one.
	//  If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-functionname
	//
	FunctionName *string `field:"optional" json:"functionName" yaml:"functionName"`
	// The name of the method within your code that Lambda calls to run your function.
	//
	// Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-handler
	//
	Handler *string `field:"optional" json:"handler" yaml:"handler"`
	// Configuration values that override the container image Dockerfile settings.
	//
	// For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-imageconfig
	//
	ImageConfig interface{} `field:"optional" json:"imageConfig" yaml:"imageConfig"`
	// The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption). When [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) is activated, Lambda also uses this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). If you don't provide a customer managed key, Lambda uses a default service key.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-kmskeyarn
	//
	KmsKeyArn *string `field:"optional" json:"kmsKeyArn" yaml:"kmsKeyArn"`
	// A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-layers
	//
	Layers *[]*string `field:"optional" json:"layers" yaml:"layers"`
	// The function's Amazon CloudWatch Logs configuration settings.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-loggingconfig
	//
	LoggingConfig interface{} `field:"optional" json:"loggingConfig" yaml:"loggingConfig"`
	// The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-memorysize
	//
	MemorySize *float64 `field:"optional" json:"memorySize" yaml:"memorySize"`
	// The type of deployment package.
	//
	// Set to “Image“ for container image and set “Zip“ for .zip file archive.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-packagetype
	//
	PackageType *string `field:"optional" json:"packageType" yaml:"packageType"`
	// This property is set to terminate unintended recursions.
	//
	// If set to “Terminate“, Lambda detects and terminates unitended recursive loops. If set to “Allow“ Lambda lets recursions be and does not terminate it.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-recursiveloop
	//
	RecursiveLoop *string `field:"optional" json:"recursiveLoop" yaml:"recursiveLoop"`
	// The number of simultaneous executions to reserve for the function.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-reservedconcurrentexecutions
	//
	ReservedConcurrentExecutions *float64 `field:"optional" json:"reservedConcurrentExecutions" yaml:"reservedConcurrentExecutions"`
	// The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.  The following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels).  For a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-runtime
	//
	Runtime *string `field:"optional" json:"runtime" yaml:"runtime"`
	// Sets the runtime management configuration for a function's version.
	//
	// For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-runtimemanagementconfig
	//
	RuntimeManagementConfig interface{} `field:"optional" json:"runtimeManagementConfig" yaml:"runtimeManagementConfig"`
	// The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-snapstart
	//
	SnapStart interface{} `field:"optional" json:"snapStart" yaml:"snapStart"`
	// A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-tags
	//
	Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"`
	// The amount of time (in seconds) that Lambda allows a function to run before stopping it.
	//
	// The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-timeout
	//
	Timeout *float64 `field:"optional" json:"timeout" yaml:"timeout"`
	// The function's [](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) tracing configuration. To sample and record incoming requests, set “Mode“ to “Active“.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-tracingconfig
	//
	TracingConfig interface{} `field:"optional" json:"tracingConfig" yaml:"tracingConfig"`
	// The VPC security groups and subnets that are attached to a Lambda function.
	//
	// When you connect a function to a VPC, Lambda creates an elastic network interface for each combination of security group and subnet in the function's VPC configuration. The function can only access resources and the internet through that VPC. For more information, see [VPC Settings](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html).
	//   When you delete a function, CFN monitors the state of its network interfaces and waits for Lambda to delete them before proceeding. If the VPC is defined in the same stack, the network interfaces need to be deleted by Lambda before CFN can delete the VPC's resources.
	//  To monitor network interfaces, CFN needs the “ec2:DescribeNetworkInterfaces“ permission. It obtains this from the user or role that modifies the stack. If you don't provide this permission, CFN does not wait for network interfaces to be deleted.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-vpcconfig
	//
	VpcConfig interface{} `field:"optional" json:"vpcConfig" yaml:"vpcConfig"`
}

Properties for defining a `CfnFunction`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnFunctionProps := &CfnFunctionProps{
	Code: &CodeProperty{
		ImageUri: jsii.String("imageUri"),
		S3Bucket: jsii.String("s3Bucket"),
		S3Key: jsii.String("s3Key"),
		S3ObjectVersion: jsii.String("s3ObjectVersion"),
		SourceKmsKeyArn: jsii.String("sourceKmsKeyArn"),
		ZipFile: jsii.String("zipFile"),
	},
	Role: jsii.String("role"),

	// the properties below are optional
	Architectures: []*string{
		jsii.String("architectures"),
	},
	CodeSigningConfigArn: jsii.String("codeSigningConfigArn"),
	DeadLetterConfig: &DeadLetterConfigProperty{
		TargetArn: jsii.String("targetArn"),
	},
	Description: jsii.String("description"),
	Environment: &EnvironmentProperty{
		Variables: map[string]*string{
			"variablesKey": jsii.String("variables"),
		},
	},
	EphemeralStorage: &EphemeralStorageProperty{
		Size: jsii.Number(123),
	},
	FileSystemConfigs: []interface{}{
		&FileSystemConfigProperty{
			Arn: jsii.String("arn"),
			LocalMountPath: jsii.String("localMountPath"),
		},
	},
	FunctionName: jsii.String("functionName"),
	Handler: jsii.String("handler"),
	ImageConfig: &ImageConfigProperty{
		Command: []*string{
			jsii.String("command"),
		},
		EntryPoint: []*string{
			jsii.String("entryPoint"),
		},
		WorkingDirectory: jsii.String("workingDirectory"),
	},
	KmsKeyArn: jsii.String("kmsKeyArn"),
	Layers: []*string{
		jsii.String("layers"),
	},
	LoggingConfig: &LoggingConfigProperty{
		ApplicationLogLevel: jsii.String("applicationLogLevel"),
		LogFormat: jsii.String("logFormat"),
		LogGroup: jsii.String("logGroup"),
		SystemLogLevel: jsii.String("systemLogLevel"),
	},
	MemorySize: jsii.Number(123),
	PackageType: jsii.String("packageType"),
	RecursiveLoop: jsii.String("recursiveLoop"),
	ReservedConcurrentExecutions: jsii.Number(123),
	Runtime: jsii.String("runtime"),
	RuntimeManagementConfig: &RuntimeManagementConfigProperty{
		UpdateRuntimeOn: jsii.String("updateRuntimeOn"),

		// the properties below are optional
		RuntimeVersionArn: jsii.String("runtimeVersionArn"),
	},
	SnapStart: &SnapStartProperty{
		ApplyOn: jsii.String("applyOn"),
	},
	Tags: []cfnTag{
		&cfnTag{
			Key: jsii.String("key"),
			Value: jsii.String("value"),
		},
	},
	Timeout: jsii.Number(123),
	TracingConfig: &TracingConfigProperty{
		Mode: jsii.String("mode"),
	},
	VpcConfig: &VpcConfigProperty{
		Ipv6AllowedForDualStack: jsii.Boolean(false),
		SecurityGroupIds: []*string{
			jsii.String("securityGroupIds"),
		},
		SubnetIds: []*string{
			jsii.String("subnetIds"),
		},
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html

type CfnFunction_CodeProperty

type CfnFunction_CodeProperty struct {
	// URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-imageuri
	//
	ImageUri *string `field:"optional" json:"imageUri" yaml:"imageUri"`
	// An Amazon S3 bucket in the same AWS-Region as your function.
	//
	// The bucket can be in a different AWS-account.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-s3bucket
	//
	S3Bucket *string `field:"optional" json:"s3Bucket" yaml:"s3Bucket"`
	// The Amazon S3 key of the deployment package.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-s3key
	//
	S3Key *string `field:"optional" json:"s3Key" yaml:"s3Key"`
	// For versioned objects, the version of the deployment package object to use.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-s3objectversion
	//
	S3ObjectVersion *string `field:"optional" json:"s3ObjectVersion" yaml:"s3ObjectVersion"`
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-sourcekmskeyarn
	//
	SourceKmsKeyArn *string `field:"optional" json:"sourceKmsKeyArn" yaml:"sourceKmsKeyArn"`
	// (Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, CFN places it in a file named “index“ and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html). This zip file cannot exceed 4MB. For the “Handler“ property, the first part of the handler identifier must be “index“. For example, “index.handler“.   For JSON, you must escape quotes and special characters such as newline (“\n“) with a backslash.  If you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ([cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html)) that simplifies sending responses. See [Using Lambda with CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html#cfn-lambda-function-code-zipfile
	//
	ZipFile *string `field:"optional" json:"zipFile" yaml:"zipFile"`
}

The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template. Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

codeProperty := &CodeProperty{
	ImageUri: jsii.String("imageUri"),
	S3Bucket: jsii.String("s3Bucket"),
	S3Key: jsii.String("s3Key"),
	S3ObjectVersion: jsii.String("s3ObjectVersion"),
	SourceKmsKeyArn: jsii.String("sourceKmsKeyArn"),
	ZipFile: jsii.String("zipFile"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-code.html

type CfnFunction_DeadLetterConfigProperty

type CfnFunction_DeadLetterConfigProperty struct {
	// The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-deadletterconfig.html#cfn-lambda-function-deadletterconfig-targetarn
	//
	TargetArn *string `field:"optional" json:"targetArn" yaml:"targetArn"`
}

The [dead-letter queue](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) for failed asynchronous invocations.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

deadLetterConfigProperty := &DeadLetterConfigProperty{
	TargetArn: jsii.String("targetArn"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-deadletterconfig.html

type CfnFunction_EnvironmentProperty

type CfnFunction_EnvironmentProperty struct {
	// Environment variable key-value pairs.
	//
	// For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-environment.html#cfn-lambda-function-environment-variables
	//
	Variables interface{} `field:"optional" json:"variables" yaml:"variables"`
}

A function's environment variable settings.

You can use environment variables to adjust your function's behavior without updating code. An environment variable is a pair of strings that are stored in a function's version-specific configuration.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

environmentProperty := &EnvironmentProperty{
	Variables: map[string]*string{
		"variablesKey": jsii.String("variables"),
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-environment.html

type CfnFunction_EphemeralStorageProperty added in v2.18.0

type CfnFunction_EphemeralStorageProperty struct {
	// The size of the function's “/tmp“ directory.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-ephemeralstorage.html#cfn-lambda-function-ephemeralstorage-size
	//
	Size *float64 `field:"required" json:"size" yaml:"size"`
}

The size of the function's “/tmp“ directory in MB.

The default value is 512, but it can be any whole number between 512 and 10,240 MB.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

ephemeralStorageProperty := &EphemeralStorageProperty{
	Size: jsii.Number(123),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-ephemeralstorage.html

type CfnFunction_FileSystemConfigProperty

type CfnFunction_FileSystemConfigProperty struct {
	// The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-filesystemconfig.html#cfn-lambda-function-filesystemconfig-arn
	//
	Arn *string `field:"required" json:"arn" yaml:"arn"`
	// The path where the function can access the file system, starting with “/mnt/“.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-filesystemconfig.html#cfn-lambda-function-filesystemconfig-localmountpath
	//
	LocalMountPath *string `field:"required" json:"localMountPath" yaml:"localMountPath"`
}

Details about the connection between a Lambda function and an [Amazon EFS file system](https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html).

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

fileSystemConfigProperty := &FileSystemConfigProperty{
	Arn: jsii.String("arn"),
	LocalMountPath: jsii.String("localMountPath"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-filesystemconfig.html

type CfnFunction_ImageConfigProperty

type CfnFunction_ImageConfigProperty struct {
	// Specifies parameters that you want to pass in with ENTRYPOINT.
	//
	// You can specify a maximum of 1,500 parameters in the list.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-imageconfig.html#cfn-lambda-function-imageconfig-command
	//
	Command *[]*string `field:"optional" json:"command" yaml:"command"`
	// Specifies the entry point to their application, which is typically the location of the runtime executable.
	//
	// You can specify a maximum of 1,500 string entries in the list.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-imageconfig.html#cfn-lambda-function-imageconfig-entrypoint
	//
	EntryPoint *[]*string `field:"optional" json:"entryPoint" yaml:"entryPoint"`
	// Specifies the working directory.
	//
	// The length of the directory string cannot exceed 1,000 characters.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-imageconfig.html#cfn-lambda-function-imageconfig-workingdirectory
	//
	WorkingDirectory *string `field:"optional" json:"workingDirectory" yaml:"workingDirectory"`
}

Configuration values that override the container image Dockerfile settings.

For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms).

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

imageConfigProperty := &ImageConfigProperty{
	Command: []*string{
		jsii.String("command"),
	},
	EntryPoint: []*string{
		jsii.String("entryPoint"),
	},
	WorkingDirectory: jsii.String("workingDirectory"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-imageconfig.html

type CfnFunction_LoggingConfigProperty added in v2.109.0

type CfnFunction_LoggingConfigProperty struct {
	// Set this property to filter the application logs for your function that Lambda sends to CloudWatch.
	//
	// Lambda only sends application logs at the selected level of detail and lower, where “TRACE“ is the highest level and “FATAL“ is the lowest.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-loggingconfig.html#cfn-lambda-function-loggingconfig-applicationloglevel
	//
	ApplicationLogLevel *string `field:"optional" json:"applicationLogLevel" yaml:"applicationLogLevel"`
	// The format in which Lambda sends your function's application and system logs to CloudWatch.
	//
	// Select between plain text and structured JSON.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-loggingconfig.html#cfn-lambda-function-loggingconfig-logformat
	//
	LogFormat *string `field:"optional" json:"logFormat" yaml:"logFormat"`
	// The name of the Amazon CloudWatch log group the function sends logs to.
	//
	// By default, Lambda functions send logs to a default log group named “/aws/lambda/<function name>“. To use a different log group, enter an existing log group or enter a new log group name.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-loggingconfig.html#cfn-lambda-function-loggingconfig-loggroup
	//
	LogGroup *string `field:"optional" json:"logGroup" yaml:"logGroup"`
	// Set this property to filter the system logs for your function that Lambda sends to CloudWatch.
	//
	// Lambda only sends system logs at the selected level of detail and lower, where “DEBUG“ is the highest level and “WARN“ is the lowest.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-loggingconfig.html#cfn-lambda-function-loggingconfig-systemloglevel
	//
	SystemLogLevel *string `field:"optional" json:"systemLogLevel" yaml:"systemLogLevel"`
}

The function's Amazon CloudWatch Logs configuration settings.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

loggingConfigProperty := &LoggingConfigProperty{
	ApplicationLogLevel: jsii.String("applicationLogLevel"),
	LogFormat: jsii.String("logFormat"),
	LogGroup: jsii.String("logGroup"),
	SystemLogLevel: jsii.String("systemLogLevel"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-loggingconfig.html

type CfnFunction_RuntimeManagementConfigProperty added in v2.63.0

type CfnFunction_RuntimeManagementConfigProperty struct {
	// Specify the runtime update mode.
	//
	// +   *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase). This is the best choice for most customers to ensure they always benefit from runtime updates.
	//   +   *FunctionUpdate* - LAM updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.
	//   +   *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback).
	//
	// *Valid Values*: “Auto“ | “FunctionUpdate“ | “Manual“.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-runtimemanagementconfig.html#cfn-lambda-function-runtimemanagementconfig-updateruntimeon
	//
	UpdateRuntimeOn *string `field:"required" json:"updateRuntimeOn" yaml:"updateRuntimeOn"`
	// The ARN of the runtime version you want the function to use.
	//
	// This is only required if you're using the *Manual* runtime update mode.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-runtimemanagementconfig.html#cfn-lambda-function-runtimemanagementconfig-runtimeversionarn
	//
	RuntimeVersionArn *string `field:"optional" json:"runtimeVersionArn" yaml:"runtimeVersionArn"`
}

Sets the runtime management configuration for a function's version.

For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html).

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

runtimeManagementConfigProperty := &RuntimeManagementConfigProperty{
	UpdateRuntimeOn: jsii.String("updateRuntimeOn"),

	// the properties below are optional
	RuntimeVersionArn: jsii.String("runtimeVersionArn"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-runtimemanagementconfig.html

type CfnFunction_SnapStartProperty added in v2.53.0

type CfnFunction_SnapStartProperty struct {
	// Set “ApplyOn“ to “PublishedVersions“ to create a snapshot of the initialized execution environment when you publish a function version.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-snapstart.html#cfn-lambda-function-snapstart-applyon
	//
	ApplyOn *string `field:"required" json:"applyOn" yaml:"applyOn"`
}

The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

snapStartProperty := &SnapStartProperty{
	ApplyOn: jsii.String("applyOn"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-snapstart.html

type CfnFunction_SnapStartResponseProperty added in v2.55.0

type CfnFunction_SnapStartResponseProperty struct {
	// When set to “PublishedVersions“, Lambda creates a snapshot of the execution environment when you publish a function version.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-snapstartresponse.html#cfn-lambda-function-snapstartresponse-applyon
	//
	ApplyOn *string `field:"optional" json:"applyOn" yaml:"applyOn"`
	// When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using), this response element indicates whether SnapStart is activated for the specified function version.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-snapstartresponse.html#cfn-lambda-function-snapstartresponse-optimizationstatus
	//
	OptimizationStatus *string `field:"optional" json:"optimizationStatus" yaml:"optimizationStatus"`
}

The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

snapStartResponseProperty := &SnapStartResponseProperty{
	ApplyOn: jsii.String("applyOn"),
	OptimizationStatus: jsii.String("optimizationStatus"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-snapstartresponse.html

type CfnFunction_TracingConfigProperty

type CfnFunction_TracingConfigProperty struct {
	// The tracing mode.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-tracingconfig.html#cfn-lambda-function-tracingconfig-mode
	//
	Mode *string `field:"optional" json:"mode" yaml:"mode"`
}

The function's [](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) tracing configuration. To sample and record incoming requests, set “Mode“ to “Active“.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

tracingConfigProperty := &TracingConfigProperty{
	Mode: jsii.String("mode"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-tracingconfig.html

type CfnFunction_VpcConfigProperty

type CfnFunction_VpcConfigProperty struct {
	// Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html#cfn-lambda-function-vpcconfig-ipv6allowedfordualstack
	//
	Ipv6AllowedForDualStack interface{} `field:"optional" json:"ipv6AllowedForDualStack" yaml:"ipv6AllowedForDualStack"`
	// A list of VPC security group IDs.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html#cfn-lambda-function-vpcconfig-securitygroupids
	//
	SecurityGroupIds *[]*string `field:"optional" json:"securityGroupIds" yaml:"securityGroupIds"`
	// A list of VPC subnet IDs.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html#cfn-lambda-function-vpcconfig-subnetids
	//
	SubnetIds *[]*string `field:"optional" json:"subnetIds" yaml:"subnetIds"`
}

The VPC security groups and subnets that are attached to a Lambda function.

When you connect a function to a VPC, Lambda creates an elastic network interface for each combination of security group and subnet in the function's VPC configuration. The function can only access resources and the internet through that VPC. For more information, see [VPC Settings](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html).

 When you delete a function, CFN monitors the state of its network interfaces and waits for Lambda to delete them before proceeding. If the VPC is defined in the same stack, the network interfaces need to be deleted by Lambda before CFN can delete the VPC's resources.
To monitor network interfaces, CFN needs the ``ec2:DescribeNetworkInterfaces`` permission. It obtains this from the user or role that modifies the stack. If you don't provide this permission, CFN does not wait for network interfaces to be deleted.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

vpcConfigProperty := &VpcConfigProperty{
	Ipv6AllowedForDualStack: jsii.Boolean(false),
	SecurityGroupIds: []*string{
		jsii.String("securityGroupIds"),
	},
	SubnetIds: []*string{
		jsii.String("subnetIds"),
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-function-vpcconfig.html

type CfnLayerVersion

type CfnLayerVersion interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The ARN of the layer version.
	AttrLayerVersionArn() *string
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .
	CompatibleArchitectures() *[]*string
	SetCompatibleArchitectures(val *[]*string)
	// A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .
	CompatibleRuntimes() *[]*string
	SetCompatibleRuntimes(val *[]*string)
	// The function layer archive.
	Content() interface{}
	SetContent(val interface{})
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// The description of the version.
	Description() *string
	SetDescription(val *string)
	// The name or Amazon Resource Name (ARN) of the layer.
	LayerName() *string
	SetLayerName(val *string)
	// The layer's software license.
	//
	// It can be any of the following:.
	LicenseInfo() *string
	SetLicenseInfo(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The tree node.
	Node() constructs.Node
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

The `AWS::Lambda::LayerVersion` resource creates a [Lambda layer](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) from a ZIP archive.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnLayerVersion := awscdk.Aws_lambda.NewCfnLayerVersion(this, jsii.String("MyCfnLayerVersion"), &CfnLayerVersionProps{
	Content: &ContentProperty{
		S3Bucket: jsii.String("s3Bucket"),
		S3Key: jsii.String("s3Key"),

		// the properties below are optional
		S3ObjectVersion: jsii.String("s3ObjectVersion"),
	},

	// the properties below are optional
	CompatibleArchitectures: []*string{
		jsii.String("compatibleArchitectures"),
	},
	CompatibleRuntimes: []*string{
		jsii.String("compatibleRuntimes"),
	},
	Description: jsii.String("description"),
	LayerName: jsii.String("layerName"),
	LicenseInfo: jsii.String("licenseInfo"),
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html

func NewCfnLayerVersion

func NewCfnLayerVersion(scope constructs.Construct, id *string, props *CfnLayerVersionProps) CfnLayerVersion

type CfnLayerVersionPermission

type CfnLayerVersionPermission interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The API action that grants access to the layer.
	Action() *string
	SetAction(val *string)
	// ID generated by service.
	AttrId() *string
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// The name or Amazon Resource Name (ARN) of the layer.
	LayerVersionArn() *string
	SetLayerVersionArn(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The tree node.
	Node() constructs.Node
	// With the principal set to `*` , grant permission to all accounts in the specified organization.
	OrganizationId() *string
	SetOrganizationId(val *string)
	// An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified).
	Principal() *string
	SetPrincipal(val *string)
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

The `AWS::Lambda::LayerVersionPermission` resource adds permissions to the resource-based policy of a version of an [Lambda layer](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) . Use this action to grant layer usage permission to other accounts. You can grant permission to a single account, all AWS accounts, or all accounts in an organization.

> Since the release of the [UpdateReplacePolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html) both `UpdateReplacePolicy` and `DeletionPolicy` are required to protect your Resources/LayerPermissions from deletion.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnLayerVersionPermission := awscdk.Aws_lambda.NewCfnLayerVersionPermission(this, jsii.String("MyCfnLayerVersionPermission"), &CfnLayerVersionPermissionProps{
	Action: jsii.String("action"),
	LayerVersionArn: jsii.String("layerVersionArn"),
	Principal: jsii.String("principal"),

	// the properties below are optional
	OrganizationId: jsii.String("organizationId"),
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversionpermission.html

func NewCfnLayerVersionPermission

func NewCfnLayerVersionPermission(scope constructs.Construct, id *string, props *CfnLayerVersionPermissionProps) CfnLayerVersionPermission

type CfnLayerVersionPermissionProps

type CfnLayerVersionPermissionProps struct {
	// The API action that grants access to the layer.
	//
	// For example, `lambda:GetLayerVersion` .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversionpermission.html#cfn-lambda-layerversionpermission-action
	//
	Action *string `field:"required" json:"action" yaml:"action"`
	// The name or Amazon Resource Name (ARN) of the layer.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversionpermission.html#cfn-lambda-layerversionpermission-layerversionarn
	//
	LayerVersionArn *string `field:"required" json:"layerVersionArn" yaml:"layerVersionArn"`
	// An account ID, or `*` to grant layer usage permission to all accounts in an organization, or all AWS accounts (if `organizationId` is not specified).
	//
	// For the last case, make sure that you really do want all AWS accounts to have usage permission to this layer.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversionpermission.html#cfn-lambda-layerversionpermission-principal
	//
	Principal *string `field:"required" json:"principal" yaml:"principal"`
	// With the principal set to `*` , grant permission to all accounts in the specified organization.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversionpermission.html#cfn-lambda-layerversionpermission-organizationid
	//
	OrganizationId *string `field:"optional" json:"organizationId" yaml:"organizationId"`
}

Properties for defining a `CfnLayerVersionPermission`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnLayerVersionPermissionProps := &CfnLayerVersionPermissionProps{
	Action: jsii.String("action"),
	LayerVersionArn: jsii.String("layerVersionArn"),
	Principal: jsii.String("principal"),

	// the properties below are optional
	OrganizationId: jsii.String("organizationId"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversionpermission.html

type CfnLayerVersionProps

type CfnLayerVersionProps struct {
	// The function layer archive.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-content
	//
	Content interface{} `field:"required" json:"content" yaml:"content"`
	// A list of compatible [instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html) .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-compatiblearchitectures
	//
	CompatibleArchitectures *[]*string `field:"optional" json:"compatibleArchitectures" yaml:"compatibleArchitectures"`
	// A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) . Used for filtering with [ListLayers](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayers.html) and [ListLayerVersions](https://docs.aws.amazon.com/lambda/latest/dg/API_ListLayerVersions.html) .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-compatibleruntimes
	//
	CompatibleRuntimes *[]*string `field:"optional" json:"compatibleRuntimes" yaml:"compatibleRuntimes"`
	// The description of the version.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-description
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// The name or Amazon Resource Name (ARN) of the layer.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-layername
	//
	LayerName *string `field:"optional" json:"layerName" yaml:"layerName"`
	// The layer's software license. It can be any of the following:.
	//
	// - An [SPDX license identifier](https://docs.aws.amazon.com/https://spdx.org/licenses/) . For example, `MIT` .
	// - The URL of a license hosted on the internet. For example, `https://opensource.org/licenses/MIT` .
	// - The full text of the license.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html#cfn-lambda-layerversion-licenseinfo
	//
	LicenseInfo *string `field:"optional" json:"licenseInfo" yaml:"licenseInfo"`
}

Properties for defining a `CfnLayerVersion`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnLayerVersionProps := &CfnLayerVersionProps{
	Content: &ContentProperty{
		S3Bucket: jsii.String("s3Bucket"),
		S3Key: jsii.String("s3Key"),

		// the properties below are optional
		S3ObjectVersion: jsii.String("s3ObjectVersion"),
	},

	// the properties below are optional
	CompatibleArchitectures: []*string{
		jsii.String("compatibleArchitectures"),
	},
	CompatibleRuntimes: []*string{
		jsii.String("compatibleRuntimes"),
	},
	Description: jsii.String("description"),
	LayerName: jsii.String("layerName"),
	LicenseInfo: jsii.String("licenseInfo"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-layerversion.html

type CfnLayerVersion_ContentProperty

type CfnLayerVersion_ContentProperty struct {
	// The Amazon S3 bucket of the layer archive.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-layerversion-content.html#cfn-lambda-layerversion-content-s3bucket
	//
	S3Bucket *string `field:"required" json:"s3Bucket" yaml:"s3Bucket"`
	// The Amazon S3 key of the layer archive.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-layerversion-content.html#cfn-lambda-layerversion-content-s3key
	//
	S3Key *string `field:"required" json:"s3Key" yaml:"s3Key"`
	// For versioned objects, the version of the layer archive object to use.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-layerversion-content.html#cfn-lambda-layerversion-content-s3objectversion
	//
	S3ObjectVersion *string `field:"optional" json:"s3ObjectVersion" yaml:"s3ObjectVersion"`
}

A ZIP archive that contains the contents of an [Lambda layer](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

contentProperty := &ContentProperty{
	S3Bucket: jsii.String("s3Bucket"),
	S3Key: jsii.String("s3Key"),

	// the properties below are optional
	S3ObjectVersion: jsii.String("s3ObjectVersion"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-layerversion-content.html

type CfnParametersCode

type CfnParametersCode interface {
	Code
	BucketNameParam() *string
	// Determines whether this Code is inline code or not.
	IsInline() *bool
	ObjectKeyParam() *string
	// Create a parameters map from this instance's CloudFormation parameters.
	//
	// It returns a map with 2 keys that correspond to the names of the parameters defined in this Lambda code,
	// and as values it contains the appropriate expressions pointing at the provided S3 location
	// (most likely, obtained from a CodePipeline Artifact by calling the `artifact.s3Location` method).
	// The result should be provided to the CloudFormation Action
	// that is deploying the Stack that the Lambda with this code is part of,
	// in the `parameterOverrides` property.
	Assign(location *awss3.Location) *map[string]interface{}
	// Called when the lambda or layer is initialized to allow this object to bind to the stack, add resources and have fun.
	Bind(scope constructs.Construct) *CodeConfig
	// Called after the CFN function resource has been created to allow the code class to bind to it.
	//
	// Specifically it's required to allow assets to add
	// metadata for tooling like SAM CLI to be able to find their origins.
	BindToResource(_resource awscdk.CfnResource, _options *ResourceBindOptions)
}

Lambda code defined using 2 CloudFormation parameters.

Useful when you don't have access to the code of your Lambda from your CDK code, so you can't use Assets, and you want to deploy the Lambda in a CodePipeline, using CloudFormation Actions - you can fill the parameters using the `#assign` method.

Example:

lambdaStack := cdk.NewStack(app, jsii.String("LambdaStack"))
lambdaCode := lambda.Code_FromCfnParameters()
lambda.NewFunction(lambdaStack, jsii.String("Lambda"), &FunctionProps{
	Code: lambdaCode,
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_LATEST(),
})
// other resources that your Lambda needs, added to the lambdaStack...

pipelineStack := cdk.NewStack(app, jsii.String("PipelineStack"))
pipeline := codepipeline.NewPipeline(pipelineStack, jsii.String("Pipeline"), &PipelineProps{
	CrossAccountKeys: jsii.Boolean(true),
})

// add the source code repository containing this code to your Pipeline,
// and the source code of the Lambda Function, if they're separate
cdkSourceOutput := codepipeline.NewArtifact()
cdkSourceAction := codepipeline_actions.NewCodeCommitSourceAction(&CodeCommitSourceActionProps{
	Repository: codecommit.NewRepository(pipelineStack, jsii.String("CdkCodeRepo"), &RepositoryProps{
		RepositoryName: jsii.String("CdkCodeRepo"),
	}),
	ActionName: jsii.String("CdkCode_Source"),
	Output: cdkSourceOutput,
})
lambdaSourceOutput := codepipeline.NewArtifact()
lambdaSourceAction := codepipeline_actions.NewCodeCommitSourceAction(&CodeCommitSourceActionProps{
	Repository: codecommit.NewRepository(pipelineStack, jsii.String("LambdaCodeRepo"), &RepositoryProps{
		RepositoryName: jsii.String("LambdaCodeRepo"),
	}),
	ActionName: jsii.String("LambdaCode_Source"),
	Output: lambdaSourceOutput,
})
pipeline.AddStage(&StageOptions{
	StageName: jsii.String("Source"),
	Actions: []iAction{
		cdkSourceAction,
		lambdaSourceAction,
	},
})

// synthesize the Lambda CDK template, using CodeBuild
// the below values are just examples, assuming your CDK code is in TypeScript/JavaScript -
// adjust the build environment and/or commands accordingly
cdkBuildProject := codebuild.NewProject(pipelineStack, jsii.String("CdkBuildProject"), &ProjectProps{
	Environment: &BuildEnvironment{
		BuildImage: codebuild.LinuxBuildImage_STANDARD_7_0(),
	},
	BuildSpec: codebuild.BuildSpec_FromObject(map[string]interface{}{
		"version": jsii.String("0.2"),
		"phases": map[string]map[string]*string{
			"install": map[string]*string{
				"commands": jsii.String("npm install"),
			},
			"build": map[string][]*string{
				"commands": []*string{
					jsii.String("npm run build"),
					jsii.String("npm run cdk synth LambdaStack -- -o ."),
				},
			},
		},
		"artifacts": map[string]*string{
			"files": jsii.String("LambdaStack.template.yaml"),
		},
	}),
})
cdkBuildOutput := codepipeline.NewArtifact()
cdkBuildAction := codepipeline_actions.NewCodeBuildAction(&CodeBuildActionProps{
	ActionName: jsii.String("CDK_Build"),
	Project: cdkBuildProject,
	Input: cdkSourceOutput,
	Outputs: []artifact{
		cdkBuildOutput,
	},
})

// build your Lambda code, using CodeBuild
// again, this example assumes your Lambda is written in TypeScript/JavaScript -
// make sure to adjust the build environment and/or commands if they don't match your specific situation
lambdaBuildProject := codebuild.NewProject(pipelineStack, jsii.String("LambdaBuildProject"), &ProjectProps{
	Environment: &BuildEnvironment{
		BuildImage: codebuild.LinuxBuildImage_STANDARD_7_0(),
	},
	BuildSpec: codebuild.BuildSpec_*FromObject(map[string]interface{}{
		"version": jsii.String("0.2"),
		"phases": map[string]map[string]*string{
			"install": map[string]*string{
				"commands": jsii.String("npm install"),
			},
			"build": map[string]*string{
				"commands": jsii.String("npm run build"),
			},
		},
		"artifacts": map[string][]*string{
			"files": []*string{
				jsii.String("index.js"),
				jsii.String("node_modules/**/*"),
			},
		},
	}),
})
lambdaBuildOutput := codepipeline.NewArtifact()
lambdaBuildAction := codepipeline_actions.NewCodeBuildAction(&CodeBuildActionProps{
	ActionName: jsii.String("Lambda_Build"),
	Project: lambdaBuildProject,
	Input: lambdaSourceOutput,
	Outputs: []*artifact{
		lambdaBuildOutput,
	},
})

pipeline.AddStage(&StageOptions{
	StageName: jsii.String("Build"),
	Actions: []*iAction{
		cdkBuildAction,
		lambdaBuildAction,
	},
})

// finally, deploy your Lambda Stack
pipeline.AddStage(&StageOptions{
	StageName: jsii.String("Deploy"),
	Actions: []*iAction{
		codepipeline_actions.NewCloudFormationCreateUpdateStackAction(&CloudFormationCreateUpdateStackActionProps{
			ActionName: jsii.String("Lambda_CFN_Deploy"),
			TemplatePath: cdkBuildOutput.AtPath(jsii.String("LambdaStack.template.yaml")),
			StackName: jsii.String("LambdaStackDeployedName"),
			AdminPermissions: jsii.Boolean(true),
			ParameterOverrides: lambdaCode.Assign(lambdaBuildOutput.s3Location),
			ExtraInputs: []*artifact{
				lambdaBuildOutput,
			},
		}),
	},
})

func AssetCode_FromCfnParameters

func AssetCode_FromCfnParameters(props *CfnParametersCodeProps) CfnParametersCode

Creates a new Lambda source defined using CloudFormation parameters.

Returns: a new instance of `CfnParametersCode`.

func AssetImageCode_FromCfnParameters

func AssetImageCode_FromCfnParameters(props *CfnParametersCodeProps) CfnParametersCode

Creates a new Lambda source defined using CloudFormation parameters.

Returns: a new instance of `CfnParametersCode`.

func CfnParametersCode_FromCfnParameters

func CfnParametersCode_FromCfnParameters(props *CfnParametersCodeProps) CfnParametersCode

Creates a new Lambda source defined using CloudFormation parameters.

Returns: a new instance of `CfnParametersCode`.

func Code_FromCfnParameters

func Code_FromCfnParameters(props *CfnParametersCodeProps) CfnParametersCode

Creates a new Lambda source defined using CloudFormation parameters.

Returns: a new instance of `CfnParametersCode`.

func EcrImageCode_FromCfnParameters

func EcrImageCode_FromCfnParameters(props *CfnParametersCodeProps) CfnParametersCode

Creates a new Lambda source defined using CloudFormation parameters.

Returns: a new instance of `CfnParametersCode`.

func InlineCode_FromCfnParameters

func InlineCode_FromCfnParameters(props *CfnParametersCodeProps) CfnParametersCode

Creates a new Lambda source defined using CloudFormation parameters.

Returns: a new instance of `CfnParametersCode`.

func NewCfnParametersCode

func NewCfnParametersCode(props *CfnParametersCodeProps) CfnParametersCode

func S3Code_FromCfnParameters

func S3Code_FromCfnParameters(props *CfnParametersCodeProps) CfnParametersCode

Creates a new Lambda source defined using CloudFormation parameters.

Returns: a new instance of `CfnParametersCode`.

type CfnParametersCodeProps

type CfnParametersCodeProps struct {
	// The CloudFormation parameter that represents the name of the S3 Bucket where the Lambda code will be located in.
	//
	// Must be of type 'String'.
	// Default: a new parameter will be created.
	//
	BucketNameParam awscdk.CfnParameter `field:"optional" json:"bucketNameParam" yaml:"bucketNameParam"`
	// The CloudFormation parameter that represents the path inside the S3 Bucket where the Lambda code will be located at.
	//
	// Must be of type 'String'.
	// Default: a new parameter will be created.
	//
	ObjectKeyParam awscdk.CfnParameter `field:"optional" json:"objectKeyParam" yaml:"objectKeyParam"`
}

Construction properties for `CfnParametersCode`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var cfnParameter cfnParameter

cfnParametersCodeProps := &CfnParametersCodeProps{
	BucketNameParam: cfnParameter,
	ObjectKeyParam: cfnParameter,
}

type CfnPermission

type CfnPermission interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The action that the principal can use on the function.
	Action() *string
	SetAction(val *string)
	AttrId() *string
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// For Alexa Smart Home functions, a token that the invoker must supply.
	EventSourceToken() *string
	SetEventSourceToken(val *string)
	// The name or ARN of the Lambda function, version, or alias.
	FunctionName() *string
	SetFunctionName(val *string)
	// The type of authentication that your function URL uses.
	FunctionUrlAuthType() *string
	SetFunctionUrlAuthType(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The tree node.
	Node() constructs.Node
	// The AWS service or AWS account that invokes the function.
	Principal() *string
	SetPrincipal(val *string)
	// The identifier for your organization in AWS Organizations .
	PrincipalOrgId() *string
	SetPrincipalOrgId(val *string)
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// For AWS service , the ID of the AWS account that owns the resource.
	SourceAccount() *string
	SetSourceAccount(val *string)
	// For AWS services , the ARN of the AWS resource that invokes the function.
	SourceArn() *string
	SetSourceArn(val *string)
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

The `AWS::Lambda::Permission` resource grants an AWS service or another account permission to use a function.

You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias. If you use a qualifier, the invoker must use the full Amazon Resource Name (ARN) of that version or alias to invoke the function.

To grant permission to another account, specify the account ID as the `Principal` . To grant permission to an organization defined in AWS Organizations , specify the organization ID as the `PrincipalOrgID` . For AWS services, the principal is a domain-style identifier defined by the service, like `s3.amazonaws.com` or `sns.amazonaws.com` . For AWS services, you can also specify the ARN of the associated resource as the `SourceArn` . If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function.

If your function has a function URL, you can specify the `FunctionUrlAuthType` parameter. This adds a condition to your permission that only applies when your function URL's `AuthType` matches the specified `FunctionUrlAuthType` . For more information about the `AuthType` parameter, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .

This resource adds a statement to a resource-based permission policy for the function. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html) .

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnPermission := awscdk.Aws_lambda.NewCfnPermission(this, jsii.String("MyCfnPermission"), &CfnPermissionProps{
	Action: jsii.String("action"),
	FunctionName: jsii.String("functionName"),
	Principal: jsii.String("principal"),

	// the properties below are optional
	EventSourceToken: jsii.String("eventSourceToken"),
	FunctionUrlAuthType: jsii.String("functionUrlAuthType"),
	PrincipalOrgId: jsii.String("principalOrgId"),
	SourceAccount: jsii.String("sourceAccount"),
	SourceArn: jsii.String("sourceArn"),
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html

func NewCfnPermission

func NewCfnPermission(scope constructs.Construct, id *string, props *CfnPermissionProps) CfnPermission

type CfnPermissionProps

type CfnPermissionProps struct {
	// The action that the principal can use on the function.
	//
	// For example, `lambda:InvokeFunction` or `lambda:GetFunction` .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html#cfn-lambda-permission-action
	//
	Action *string `field:"required" json:"action" yaml:"action"`
	// The name or ARN of the Lambda function, version, or alias.
	//
	// **Name formats** - *Function name* – `my-function` (name-only), `my-function:v1` (with alias).
	// - *Function ARN* – `arn:aws:lambda:us-west-2:123456789012:function:my-function` .
	// - *Partial ARN* – `123456789012:function:my-function` .
	//
	// You can append a version number or alias to any of the formats. The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html#cfn-lambda-permission-functionname
	//
	FunctionName *string `field:"required" json:"functionName" yaml:"functionName"`
	// The AWS service or AWS account that invokes the function.
	//
	// If you specify a service, use `SourceArn` or `SourceAccount` to limit who can invoke the function through that service.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html#cfn-lambda-permission-principal
	//
	Principal *string `field:"required" json:"principal" yaml:"principal"`
	// For Alexa Smart Home functions, a token that the invoker must supply.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html#cfn-lambda-permission-eventsourcetoken
	//
	EventSourceToken *string `field:"optional" json:"eventSourceToken" yaml:"eventSourceToken"`
	// The type of authentication that your function URL uses.
	//
	// Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html#cfn-lambda-permission-functionurlauthtype
	//
	FunctionUrlAuthType *string `field:"optional" json:"functionUrlAuthType" yaml:"functionUrlAuthType"`
	// The identifier for your organization in AWS Organizations .
	//
	// Use this to grant permissions to all the AWS accounts under this organization.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html#cfn-lambda-permission-principalorgid
	//
	PrincipalOrgId *string `field:"optional" json:"principalOrgId" yaml:"principalOrgId"`
	// For AWS service , the ID of the AWS account that owns the resource.
	//
	// Use this together with `SourceArn` to ensure that the specified account owns the resource. It is possible for an Amazon S3 bucket to be deleted by its owner and recreated by another account.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html#cfn-lambda-permission-sourceaccount
	//
	SourceAccount *string `field:"optional" json:"sourceAccount" yaml:"sourceAccount"`
	// For AWS services , the ARN of the AWS resource that invokes the function.
	//
	// For example, an Amazon S3 bucket or Amazon SNS topic.
	//
	// Note that Lambda configures the comparison using the `StringLike` operator.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html#cfn-lambda-permission-sourcearn
	//
	SourceArn *string `field:"optional" json:"sourceArn" yaml:"sourceArn"`
}

Properties for defining a `CfnPermission`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnPermissionProps := &CfnPermissionProps{
	Action: jsii.String("action"),
	FunctionName: jsii.String("functionName"),
	Principal: jsii.String("principal"),

	// the properties below are optional
	EventSourceToken: jsii.String("eventSourceToken"),
	FunctionUrlAuthType: jsii.String("functionUrlAuthType"),
	PrincipalOrgId: jsii.String("principalOrgId"),
	SourceAccount: jsii.String("sourceAccount"),
	SourceArn: jsii.String("sourceArn"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html

type CfnUrl added in v2.21.0

type CfnUrl interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The Amazon Resource Name (ARN) of the function.
	AttrFunctionArn() *string
	// The HTTP URL endpoint for your function.
	AttrFunctionUrl() *string
	// The type of authentication that your function URL uses.
	AuthType() *string
	SetAuthType(val *string)
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.
	Cors() interface{}
	SetCors(val interface{})
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// Use one of the following options:.
	InvokeMode() *string
	SetInvokeMode(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The tree node.
	Node() constructs.Node
	// The alias name.
	Qualifier() *string
	SetQualifier(val *string)
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// The name of the Lambda function.
	TargetFunctionArn() *string
	SetTargetFunctionArn(val *string)
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

The `AWS::Lambda::Url` resource creates a function URL with the specified configuration parameters.

A [function URL](https://docs.aws.amazon.com/lambda/latest/dg/lambda-urls.html) is a dedicated HTTP(S) endpoint that you can use to invoke your function.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnUrl := awscdk.Aws_lambda.NewCfnUrl(this, jsii.String("MyCfnUrl"), &CfnUrlProps{
	AuthType: jsii.String("authType"),
	TargetFunctionArn: jsii.String("targetFunctionArn"),

	// the properties below are optional
	Cors: &CorsProperty{
		AllowCredentials: jsii.Boolean(false),
		AllowHeaders: []*string{
			jsii.String("allowHeaders"),
		},
		AllowMethods: []*string{
			jsii.String("allowMethods"),
		},
		AllowOrigins: []*string{
			jsii.String("allowOrigins"),
		},
		ExposeHeaders: []*string{
			jsii.String("exposeHeaders"),
		},
		MaxAge: jsii.Number(123),
	},
	InvokeMode: jsii.String("invokeMode"),
	Qualifier: jsii.String("qualifier"),
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-url.html

func NewCfnUrl added in v2.21.0

func NewCfnUrl(scope constructs.Construct, id *string, props *CfnUrlProps) CfnUrl

type CfnUrlProps added in v2.21.0

type CfnUrlProps struct {
	// The type of authentication that your function URL uses.
	//
	// Set to `AWS_IAM` if you want to restrict access to authenticated users only. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint. For more information, see [Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html) .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-url.html#cfn-lambda-url-authtype
	//
	AuthType *string `field:"required" json:"authType" yaml:"authType"`
	// The name of the Lambda function.
	//
	// **Name formats** - *Function name* - `my-function` .
	// - *Function ARN* - `lambda:  :  :function:my-function` .
	// - *Partial ARN* - `:function:my-function` .
	//
	// The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-url.html#cfn-lambda-url-targetfunctionarn
	//
	TargetFunctionArn *string `field:"required" json:"targetFunctionArn" yaml:"targetFunctionArn"`
	// The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-url.html#cfn-lambda-url-cors
	//
	Cors interface{} `field:"optional" json:"cors" yaml:"cors"`
	// Use one of the following options:.
	//
	// - `BUFFERED` – This is the default option. Lambda invokes your function using the `Invoke` API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.
	// - `RESPONSE_STREAM` – Your function streams payload results as they become available. Lambda invokes your function using the `InvokeWithResponseStream` API operation. The maximum response payload size is 20 MB, however, you can [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-url.html#cfn-lambda-url-invokemode
	//
	InvokeMode *string `field:"optional" json:"invokeMode" yaml:"invokeMode"`
	// The alias name.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-url.html#cfn-lambda-url-qualifier
	//
	Qualifier *string `field:"optional" json:"qualifier" yaml:"qualifier"`
}

Properties for defining a `CfnUrl`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

cfnUrlProps := &CfnUrlProps{
	AuthType: jsii.String("authType"),
	TargetFunctionArn: jsii.String("targetFunctionArn"),

	// the properties below are optional
	Cors: &CorsProperty{
		AllowCredentials: jsii.Boolean(false),
		AllowHeaders: []*string{
			jsii.String("allowHeaders"),
		},
		AllowMethods: []*string{
			jsii.String("allowMethods"),
		},
		AllowOrigins: []*string{
			jsii.String("allowOrigins"),
		},
		ExposeHeaders: []*string{
			jsii.String("exposeHeaders"),
		},
		MaxAge: jsii.Number(123),
	},
	InvokeMode: jsii.String("invokeMode"),
	Qualifier: jsii.String("qualifier"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-url.html

type CfnUrl_CorsProperty added in v2.21.0

type CfnUrl_CorsProperty struct {
	// Whether you want to allow cookies or other credentials in requests to your function URL.
	//
	// The default is `false` .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-url-cors.html#cfn-lambda-url-cors-allowcredentials
	//
	AllowCredentials interface{} `field:"optional" json:"allowCredentials" yaml:"allowCredentials"`
	// The HTTP headers that origins can include in requests to your function URL.
	//
	// For example: `Date` , `Keep-Alive` , `X-Custom-Header` .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-url-cors.html#cfn-lambda-url-cors-allowheaders
	//
	AllowHeaders *[]*string `field:"optional" json:"allowHeaders" yaml:"allowHeaders"`
	// The HTTP methods that are allowed when calling your function URL.
	//
	// For example: `GET` , `POST` , `DELETE` , or the wildcard character ( `*` ).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-url-cors.html#cfn-lambda-url-cors-allowmethods
	//
	AllowMethods *[]*string `field:"optional" json:"allowMethods" yaml:"allowMethods"`
	// The origins that can access your function URL.
	//
	// You can list any number of specific origins, separated by a comma. For example: `https://www.example.com` , `http://localhost:60905` .
	//
	// Alternatively, you can grant access to all origins with the wildcard character ( `*` ).
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-url-cors.html#cfn-lambda-url-cors-alloworigins
	//
	AllowOrigins *[]*string `field:"optional" json:"allowOrigins" yaml:"allowOrigins"`
	// The HTTP headers in your function response that you want to expose to origins that call your function URL.
	//
	// For example: `Date` , `Keep-Alive` , `X-Custom-Header` .
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-url-cors.html#cfn-lambda-url-cors-exposeheaders
	//
	ExposeHeaders *[]*string `field:"optional" json:"exposeHeaders" yaml:"exposeHeaders"`
	// The maximum amount of time, in seconds, that browsers can cache results of a preflight request.
	//
	// By default, this is set to `0` , which means the browser will not cache results.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-url-cors.html#cfn-lambda-url-cors-maxage
	//
	MaxAge *float64 `field:"optional" json:"maxAge" yaml:"maxAge"`
}

The [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL. Use CORS to grant access to your function URL from any origin. You can also use CORS to control access for specific HTTP headers and methods in requests to your function URL.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

corsProperty := &CorsProperty{
	AllowCredentials: jsii.Boolean(false),
	AllowHeaders: []*string{
		jsii.String("allowHeaders"),
	},
	AllowMethods: []*string{
		jsii.String("allowMethods"),
	},
	AllowOrigins: []*string{
		jsii.String("allowOrigins"),
	},
	ExposeHeaders: []*string{
		jsii.String("exposeHeaders"),
	},
	MaxAge: jsii.Number(123),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-url-cors.html

type CfnVersion

type CfnVersion interface {
	awscdk.CfnResource
	awscdk.IInspectable
	// The ARN of the function.
	AttrFunctionArn() *string
	// The version number.
	AttrVersion() *string
	// Options for this resource, such as condition, update policy etc.
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	// AWS resource type.
	CfnResourceType() *string
	// Only publish a version if the hash value matches the value that's specified.
	CodeSha256() *string
	SetCodeSha256(val *string)
	// Returns: the stack trace of the point where this Resource was created from, sourced
	// from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most
	// node +internal+ entries filtered.
	CreationStack() *[]*string
	// A description for the version to override the description in the function configuration.
	Description() *string
	SetDescription(val *string)
	// The name or ARN of the Lambda function.
	FunctionName() *string
	SetFunctionName(val *string)
	// The logical ID for this CloudFormation stack element.
	//
	// The logical ID of the element
	// is calculated from the path of the resource node in the construct tree.
	//
	// To override this value, use `overrideLogicalId(newLogicalId)`.
	//
	// Returns: the logical ID as a stringified token. This value will only get
	// resolved during synthesis.
	LogicalId() *string
	// The tree node.
	Node() constructs.Node
	// The resource policy of your function.
	Policy() interface{}
	SetPolicy(val interface{})
	// Specifies a provisioned concurrency configuration for a function's version.
	ProvisionedConcurrencyConfig() interface{}
	SetProvisionedConcurrencyConfig(val interface{})
	// Return a string that will be resolved to a CloudFormation `{ Ref }` for this element.
	//
	// If, by any chance, the intrinsic reference of a resource is not a string, you could
	// coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`.
	Ref() *string
	// Runtime Management Config of a function.
	RuntimePolicy() interface{}
	SetRuntimePolicy(val interface{})
	// The stack in which this element is defined.
	//
	// CfnElements must be defined within a stack scope (directly or indirectly).
	Stack() awscdk.Stack
	// Deprecated.
	// Deprecated: use `updatedProperties`
	//
	// Return properties modified after initiation
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperites() *map[string]interface{}
	// Return properties modified after initiation.
	//
	// Resources that expose mutable properties should override this function to
	// collect and return the properties object for this resource.
	UpdatedProperties() *map[string]interface{}
	// Syntactic sugar for `addOverride(path, undefined)`.
	AddDeletionOverride(path *string)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	//
	// This can be used for resources across stacks (or nested stack) boundaries
	// and the dependency will automatically be transferred to the relevant scope.
	AddDependency(target awscdk.CfnResource)
	// Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned.
	// Deprecated: use addDependency.
	AddDependsOn(target awscdk.CfnResource)
	// Add a value to the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	AddMetadata(key *string, value interface{})
	// Adds an override to the synthesized CloudFormation resource.
	//
	// To add a
	// property override, either use `addPropertyOverride` or prefix `path` with
	// "Properties." (i.e. `Properties.TopicName`).
	//
	// If the override is nested, separate each nested level using a dot (.) in the path parameter.
	// If there is an array as part of the nesting, specify the index in the path.
	//
	// To include a literal `.` in the property name, prefix with a `\`. In most
	// programming languages you will need to write this as `"\\."` because the
	// `\` itself will need to be escaped.
	//
	// For example,
	// “`typescript
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']);
	// cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE');
	// “`
	// would add the overrides
	// “`json
	// "Properties": {
	//   "GlobalSecondaryIndexes": [
	//     {
	//       "Projection": {
	//         "NonKeyAttributes": [ "myattribute" ]
	//         ...
	//       }
	//       ...
	//     },
	//     {
	//       "ProjectionType": "INCLUDE"
	//       ...
	//     },
	//   ]
	//   ...
	// }
	// “`
	//
	// The `value` argument to `addOverride` will not be processed or translated
	// in any way. Pass raw JSON values in here with the correct capitalization
	// for CloudFormation. If you pass CDK classes or structs, they will be
	// rendered with lowercased key names, and CloudFormation will reject the
	// template.
	AddOverride(path *string, value interface{})
	// Adds an override that deletes the value of a property from the resource definition.
	AddPropertyDeletionOverride(propertyPath *string)
	// Adds an override to a resource property.
	//
	// Syntactic sugar for `addOverride("Properties.<...>", value)`.
	AddPropertyOverride(propertyPath *string, value interface{})
	// Sets the deletion policy of the resource based on the removal policy specified.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). In some
	// cases, a snapshot can be taken of the resource prior to deletion
	// (`RemovalPolicy.SNAPSHOT`). A list of resources that support this policy
	// can be found in the following link:.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-deletionpolicy.html#aws-attribute-deletionpolicy-options
	//
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	// Returns a token for an runtime attribute of this resource.
	//
	// Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility
	// in case there is no generated attribute.
	GetAtt(attributeName *string, typeHint awscdk.ResolutionTypeHint) awscdk.Reference
	// Retrieve a value value from the CloudFormation Resource Metadata.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html
	//
	// Note that this is a different set of metadata from CDK node metadata; this
	// metadata ends up in the stack template under the resource, whereas CDK
	// node metadata ends up in the Cloud Assembly.
	//
	GetMetadata(key *string) interface{}
	// Examines the CloudFormation resource and discloses attributes.
	Inspect(inspector awscdk.TreeInspector)
	// Retrieves an array of resources this resource depends on.
	//
	// This assembles dependencies on resources across stacks (including nested stacks)
	// automatically.
	ObtainDependencies() *[]interface{}
	// Get a shallow copy of dependencies between this resource and other resources in the same stack.
	ObtainResourceDependencies() *[]awscdk.CfnResource
	// Overrides the auto-generated logical ID with a specific ID.
	OverrideLogicalId(newLogicalId *string)
	// Indicates that this resource no longer depends on another resource.
	//
	// This can be used for resources across stacks (including nested stacks)
	// and the dependency will automatically be removed from the relevant scope.
	RemoveDependency(target awscdk.CfnResource)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	// Replaces one dependency with another.
	ReplaceDependency(target awscdk.CfnResource, newTarget awscdk.CfnResource)
	// Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template.
	//
	// Returns: `true` if the resource should be included or `false` is the resource
	// should be omitted.
	ShouldSynthesize() *bool
	// Returns a string representation of this construct.
	//
	// Returns: a string representation of this resource.
	ToString() *string
	ValidateProperties(_properties interface{})
}

The `AWS::Lambda::Version` resource creates a [version](https://docs.aws.amazon.com/lambda/latest/dg/versioning-aliases.html) from the current code and configuration of a function. Use versions to create a snapshot of your function code and configuration that doesn't change.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var policy interface{}

cfnVersion := awscdk.Aws_lambda.NewCfnVersion(this, jsii.String("MyCfnVersion"), &CfnVersionProps{
	FunctionName: jsii.String("functionName"),

	// the properties below are optional
	CodeSha256: jsii.String("codeSha256"),
	Description: jsii.String("description"),
	Policy: policy,
	ProvisionedConcurrencyConfig: &ProvisionedConcurrencyConfigurationProperty{
		ProvisionedConcurrentExecutions: jsii.Number(123),
	},
	RuntimePolicy: &RuntimePolicyProperty{
		UpdateRuntimeOn: jsii.String("updateRuntimeOn"),

		// the properties below are optional
		RuntimeVersionArn: jsii.String("runtimeVersionArn"),
	},
})

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html

func NewCfnVersion

func NewCfnVersion(scope constructs.Construct, id *string, props *CfnVersionProps) CfnVersion

type CfnVersionProps

type CfnVersionProps struct {
	// The name or ARN of the Lambda function.
	//
	// **Name formats** - *Function name* - `MyFunction` .
	// - *Function ARN* - `arn:aws:lambda:us-west-2:123456789012:function:MyFunction` .
	// - *Partial ARN* - `123456789012:function:MyFunction` .
	//
	// The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html#cfn-lambda-version-functionname
	//
	FunctionName *string `field:"required" json:"functionName" yaml:"functionName"`
	// Only publish a version if the hash value matches the value that's specified.
	//
	// Use this option to avoid publishing a version if the function code has changed since you last updated it. Updates are not supported for this property.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html#cfn-lambda-version-codesha256
	//
	CodeSha256 *string `field:"optional" json:"codeSha256" yaml:"codeSha256"`
	// A description for the version to override the description in the function configuration.
	//
	// Updates are not supported for this property.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html#cfn-lambda-version-description
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// The resource policy of your function.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html#cfn-lambda-version-policy
	//
	Policy interface{} `field:"optional" json:"policy" yaml:"policy"`
	// Specifies a provisioned concurrency configuration for a function's version.
	//
	// Updates are not supported for this property.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html#cfn-lambda-version-provisionedconcurrencyconfig
	//
	ProvisionedConcurrencyConfig interface{} `field:"optional" json:"provisionedConcurrencyConfig" yaml:"provisionedConcurrencyConfig"`
	// Runtime Management Config of a function.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html#cfn-lambda-version-runtimepolicy
	//
	RuntimePolicy interface{} `field:"optional" json:"runtimePolicy" yaml:"runtimePolicy"`
}

Properties for defining a `CfnVersion`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var policy interface{}

cfnVersionProps := &CfnVersionProps{
	FunctionName: jsii.String("functionName"),

	// the properties below are optional
	CodeSha256: jsii.String("codeSha256"),
	Description: jsii.String("description"),
	Policy: policy,
	ProvisionedConcurrencyConfig: &ProvisionedConcurrencyConfigurationProperty{
		ProvisionedConcurrentExecutions: jsii.Number(123),
	},
	RuntimePolicy: &RuntimePolicyProperty{
		UpdateRuntimeOn: jsii.String("updateRuntimeOn"),

		// the properties below are optional
		RuntimeVersionArn: jsii.String("runtimeVersionArn"),
	},
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-version.html

type CfnVersion_ProvisionedConcurrencyConfigurationProperty

type CfnVersion_ProvisionedConcurrencyConfigurationProperty struct {
	// The amount of provisioned concurrency to allocate for the version.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-version-provisionedconcurrencyconfiguration.html#cfn-lambda-version-provisionedconcurrencyconfiguration-provisionedconcurrentexecutions
	//
	ProvisionedConcurrentExecutions *float64 `field:"required" json:"provisionedConcurrentExecutions" yaml:"provisionedConcurrentExecutions"`
}

A [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/configuration-concurrency.html) configuration for a function's version.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

provisionedConcurrencyConfigurationProperty := &ProvisionedConcurrencyConfigurationProperty{
	ProvisionedConcurrentExecutions: jsii.Number(123),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-version-provisionedconcurrencyconfiguration.html

type CfnVersion_RuntimePolicyProperty added in v2.103.0

type CfnVersion_RuntimePolicyProperty struct {
	// The runtime update mode.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-version-runtimepolicy.html#cfn-lambda-version-runtimepolicy-updateruntimeon
	//
	UpdateRuntimeOn *string `field:"required" json:"updateRuntimeOn" yaml:"updateRuntimeOn"`
	// The ARN of the runtime the function is configured to use.
	//
	// If the runtime update mode is manual, the ARN is returned, otherwise null is returned.
	// See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-version-runtimepolicy.html#cfn-lambda-version-runtimepolicy-runtimeversionarn
	//
	RuntimeVersionArn *string `field:"optional" json:"runtimeVersionArn" yaml:"runtimeVersionArn"`
}

Runtime Management Config of a function.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

runtimePolicyProperty := &RuntimePolicyProperty{
	UpdateRuntimeOn: jsii.String("updateRuntimeOn"),

	// the properties below are optional
	RuntimeVersionArn: jsii.String("runtimeVersionArn"),
}

See: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-version-runtimepolicy.html

type Code

type Code interface {
	// Called when the lambda or layer is initialized to allow this object to bind to the stack, add resources and have fun.
	Bind(scope constructs.Construct) *CodeConfig
	// Called after the CFN function resource has been created to allow the code class to bind to it.
	//
	// Specifically it's required to allow assets to add
	// metadata for tooling like SAM CLI to be able to find their origins.
	BindToResource(_resource awscdk.CfnResource, _options *ResourceBindOptions)
}

Represents the Lambda Handler Code.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

signingProfile := signer.NewSigningProfile(this, jsii.String("SigningProfile"), &SigningProfileProps{
	Platform: signer.Platform_AWS_LAMBDA_SHA384_ECDSA(),
})

codeSigningConfig := lambda.NewCodeSigningConfig(this, jsii.String("CodeSigningConfig"), &CodeSigningConfigProps{
	SigningProfiles: []iSigningProfile{
		signingProfile,
	},
})

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	CodeSigningConfig: CodeSigningConfig,
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

type CodeConfig

type CodeConfig struct {
	// Docker image configuration (mutually exclusive with `s3Location` and `inlineCode`).
	// Default: - code is not an ECR container image.
	//
	Image *CodeImageConfig `field:"optional" json:"image" yaml:"image"`
	// Inline code (mutually exclusive with `s3Location` and `image`).
	// Default: - code is not inline code.
	//
	InlineCode *string `field:"optional" json:"inlineCode" yaml:"inlineCode"`
	// The location of the code in S3 (mutually exclusive with `inlineCode` and `image`).
	// Default: - code is not an s3 location.
	//
	S3Location *awss3.Location `field:"optional" json:"s3Location" yaml:"s3Location"`
}

Result of binding `Code` into a `Function`.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

codeConfig := &CodeConfig{
	Image: &CodeImageConfig{
		ImageUri: jsii.String("imageUri"),

		// the properties below are optional
		Cmd: []*string{
			jsii.String("cmd"),
		},
		Entrypoint: []*string{
			jsii.String("entrypoint"),
		},
		WorkingDirectory: jsii.String("workingDirectory"),
	},
	InlineCode: jsii.String("inlineCode"),
	S3Location: &Location{
		BucketName: jsii.String("bucketName"),
		ObjectKey: jsii.String("objectKey"),

		// the properties below are optional
		ObjectVersion: jsii.String("objectVersion"),
	},
}

type CodeImageConfig

type CodeImageConfig struct {
	// URI to the Docker image.
	ImageUri *string `field:"required" json:"imageUri" yaml:"imageUri"`
	// Specify or override the CMD on the specified Docker image or Dockerfile.
	//
	// This needs to be in the 'exec form', viz., `[ 'executable', 'param1', 'param2' ]`.
	// See: https://docs.docker.com/engine/reference/builder/#cmd
	//
	// Default: - use the CMD specified in the docker image or Dockerfile.
	//
	Cmd *[]*string `field:"optional" json:"cmd" yaml:"cmd"`
	// Specify or override the ENTRYPOINT on the specified Docker image or Dockerfile.
	//
	// An ENTRYPOINT allows you to configure a container that will run as an executable.
	// This needs to be in the 'exec form', viz., `[ 'executable', 'param1', 'param2' ]`.
	// See: https://docs.docker.com/engine/reference/builder/#entrypoint
	//
	// Default: - use the ENTRYPOINT in the docker image or Dockerfile.
	//
	Entrypoint *[]*string `field:"optional" json:"entrypoint" yaml:"entrypoint"`
	// Specify or override the WORKDIR on the specified Docker image or Dockerfile.
	//
	// A WORKDIR allows you to configure the working directory the container will use.
	// See: https://docs.docker.com/engine/reference/builder/#workdir
	//
	// Default: - use the WORKDIR in the docker image or Dockerfile.
	//
	WorkingDirectory *string `field:"optional" json:"workingDirectory" yaml:"workingDirectory"`
}

Result of the bind when an ECR image is used.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

codeImageConfig := &CodeImageConfig{
	ImageUri: jsii.String("imageUri"),

	// the properties below are optional
	Cmd: []*string{
		jsii.String("cmd"),
	},
	Entrypoint: []*string{
		jsii.String("entrypoint"),
	},
	WorkingDirectory: jsii.String("workingDirectory"),
}

type CodeSigningConfig

type CodeSigningConfig interface {
	awscdk.Resource
	ICodeSigningConfig
	// The ARN of Code Signing Config.
	CodeSigningConfigArn() *string
	// The id of Code Signing Config.
	CodeSigningConfigId() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Defines a Code Signing Config.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

signingProfile := signer.NewSigningProfile(this, jsii.String("SigningProfile"), &SigningProfileProps{
	Platform: signer.Platform_AWS_LAMBDA_SHA384_ECDSA(),
})

codeSigningConfig := lambda.NewCodeSigningConfig(this, jsii.String("CodeSigningConfig"), &CodeSigningConfigProps{
	SigningProfiles: []iSigningProfile{
		signingProfile,
	},
})

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	CodeSigningConfig: CodeSigningConfig,
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

func NewCodeSigningConfig

func NewCodeSigningConfig(scope constructs.Construct, id *string, props *CodeSigningConfigProps) CodeSigningConfig

type CodeSigningConfigProps

type CodeSigningConfigProps struct {
	// List of signing profiles that defines a trusted user who can sign a code package.
	SigningProfiles *[]awssigner.ISigningProfile `field:"required" json:"signingProfiles" yaml:"signingProfiles"`
	// Code signing configuration description.
	// Default: - No description.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Code signing configuration policy for deployment validation failure.
	//
	// If you set the policy to Enforce, Lambda blocks the deployment request
	// if signature validation checks fail.
	// If you set the policy to Warn, Lambda allows the deployment and
	// creates a CloudWatch log.
	// Default: UntrustedArtifactOnDeployment.WARN
	//
	UntrustedArtifactOnDeployment UntrustedArtifactOnDeployment `field:"optional" json:"untrustedArtifactOnDeployment" yaml:"untrustedArtifactOnDeployment"`
}

Construction properties for a Code Signing Config object.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

signingProfile := signer.NewSigningProfile(this, jsii.String("SigningProfile"), &SigningProfileProps{
	Platform: signer.Platform_AWS_LAMBDA_SHA384_ECDSA(),
})

codeSigningConfig := lambda.NewCodeSigningConfig(this, jsii.String("CodeSigningConfig"), &CodeSigningConfigProps{
	SigningProfiles: []iSigningProfile{
		signingProfile,
	},
})

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	CodeSigningConfig: CodeSigningConfig,
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

type CustomCommandOptions added in v2.144.0

type CustomCommandOptions struct {
	// Specify a custom hash for this asset.
	//
	// If `assetHashType` is set it must
	// be set to `AssetHashType.CUSTOM`. For consistency, this custom hash will
	// be SHA256 hashed and encoded as hex. The resulting hash will be the asset
	// hash.
	//
	// NOTE: the hash is used in order to identify a specific revision of the asset, and
	// used for optimizing and caching deployment activities related to this asset such as
	// packaging, uploading to Amazon S3, etc. If you chose to customize the hash, you will
	// need to make sure it is updated every time the asset changes, or otherwise it is
	// possible that some deployments will not be invalidated.
	// Default: - based on `assetHashType`.
	//
	AssetHash *string `field:"optional" json:"assetHash" yaml:"assetHash"`
	// Specifies the type of hash to calculate for this asset.
	//
	// If `assetHash` is configured, this option must be `undefined` or
	// `AssetHashType.CUSTOM`.
	// Default: - the default is `AssetHashType.SOURCE`, but if `assetHash` is
	// explicitly specified this value defaults to `AssetHashType.CUSTOM`.
	//
	AssetHashType awscdk.AssetHashType `field:"optional" json:"assetHashType" yaml:"assetHashType"`
	// Bundle the asset by executing a command in a Docker container or a custom bundling provider.
	//
	// The asset path will be mounted at `/asset-input`. The Docker
	// container is responsible for putting content at `/asset-output`.
	// The content at `/asset-output` will be zipped and used as the
	// final asset.
	// Default: - uploaded as-is to S3 if the asset is a regular file or a .zip file,
	// archived into a .zip file and uploaded to S3 otherwise
	//
	Bundling *awscdk.BundlingOptions `field:"optional" json:"bundling" yaml:"bundling"`
	// File paths matching the patterns will be excluded.
	//
	// See `ignoreMode` to set the matching behavior.
	// Has no effect on Assets bundled using the `bundling` property.
	// Default: - nothing is excluded.
	//
	Exclude *[]*string `field:"optional" json:"exclude" yaml:"exclude"`
	// A strategy for how to handle symlinks.
	// Default: SymlinkFollowMode.NEVER
	//
	FollowSymlinks awscdk.SymlinkFollowMode `field:"optional" json:"followSymlinks" yaml:"followSymlinks"`
	// The ignore behavior to use for `exclude` patterns.
	// Default: IgnoreMode.GLOB
	//
	IgnoreMode awscdk.IgnoreMode `field:"optional" json:"ignoreMode" yaml:"ignoreMode"`
	// Whether or not the asset needs to exist beyond deployment time;
	//
	// i.e.
	// are copied over to a different location and not needed afterwards.
	// Setting this property to true has an impact on the lifecycle of the asset,
	// because we will assume that it is safe to delete after the CloudFormation
	// deployment succeeds.
	//
	// For example, Lambda Function assets are copied over to Lambda during
	// deployment. Therefore, it is not necessary to store the asset in S3, so
	// we consider those deployTime assets.
	// Default: false.
	//
	DeployTime *bool `field:"optional" json:"deployTime" yaml:"deployTime"`
	// A list of principals that should be able to read this asset from S3.
	//
	// You can use `asset.grantRead(principal)` to grant read permissions later.
	// Default: - No principals that can read file asset.
	//
	Readers *[]awsiam.IGrantable `field:"optional" json:"readers" yaml:"readers"`
	// options that are passed to the spawned process, which determine the characteristics of the spawned process.
	// Default: : see `child_process.SpawnSyncOptions` (https://nodejs.org/api/child_process.html#child_processspawnsynccommand-args-options).
	//
	CommandOptions *map[string]interface{} `field:"optional" json:"commandOptions" yaml:"commandOptions"`
}

Options for creating `AssetCode` with a custom command, such as running a buildfile.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var commandOptions interface{}
var dockerImage dockerImage
var grantable iGrantable
var localBundling iLocalBundling

customCommandOptions := &CustomCommandOptions{
	AssetHash: jsii.String("assetHash"),
	AssetHashType: cdk.AssetHashType_SOURCE,
	Bundling: &BundlingOptions{
		Image: dockerImage,

		// the properties below are optional
		BundlingFileAccess: cdk.BundlingFileAccess_VOLUME_COPY,
		Command: []*string{
			jsii.String("command"),
		},
		Entrypoint: []*string{
			jsii.String("entrypoint"),
		},
		Environment: map[string]*string{
			"environmentKey": jsii.String("environment"),
		},
		Local: localBundling,
		Network: jsii.String("network"),
		OutputType: cdk.BundlingOutput_ARCHIVED,
		Platform: jsii.String("platform"),
		SecurityOpt: jsii.String("securityOpt"),
		User: jsii.String("user"),
		Volumes: []dockerVolume{
			&dockerVolume{
				ContainerPath: jsii.String("containerPath"),
				HostPath: jsii.String("hostPath"),

				// the properties below are optional
				Consistency: cdk.DockerVolumeConsistency_CONSISTENT,
			},
		},
		VolumesFrom: []*string{
			jsii.String("volumesFrom"),
		},
		WorkingDirectory: jsii.String("workingDirectory"),
	},
	CommandOptions: map[string]interface{}{
		"commandOptionsKey": commandOptions,
	},
	DeployTime: jsii.Boolean(false),
	Exclude: []*string{
		jsii.String("exclude"),
	},
	FollowSymlinks: cdk.SymlinkFollowMode_NEVER,
	IgnoreMode: cdk.IgnoreMode_GLOB,
	Readers: []*iGrantable{
		grantable,
	},
}

type DestinationConfig

type DestinationConfig struct {
	// The Amazon Resource Name (ARN) of the destination resource.
	Destination *string `field:"required" json:"destination" yaml:"destination"`
}

A destination configuration.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

destinationConfig := &DestinationConfig{
	Destination: jsii.String("destination"),
}

type DestinationOptions

type DestinationOptions struct {
	// The destination type.
	Type DestinationType `field:"required" json:"type" yaml:"type"`
}

Options when binding a destination to a function.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

destinationOptions := &DestinationOptions{
	Type: awscdk.Aws_lambda.DestinationType_FAILURE,
}

type DestinationType

type DestinationType string

The type of destination.

const (
	// Failure.
	DestinationType_FAILURE DestinationType = "FAILURE"
	// Success.
	DestinationType_SUCCESS DestinationType = "SUCCESS"
)

type DlqDestinationConfig

type DlqDestinationConfig struct {
	// The Amazon Resource Name (ARN) of the destination resource.
	Destination *string `field:"required" json:"destination" yaml:"destination"`
}

A destination configuration.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

dlqDestinationConfig := &DlqDestinationConfig{
	Destination: jsii.String("destination"),
}

type DockerBuildAssetOptions

type DockerBuildAssetOptions struct {
	// Build args.
	// Default: - no build args.
	//
	BuildArgs *map[string]*string `field:"optional" json:"buildArgs" yaml:"buildArgs"`
	// Disable the cache and pass `--no-cache` to the `docker build` command.
	// Default: - cache is used.
	//
	CacheDisabled *bool `field:"optional" json:"cacheDisabled" yaml:"cacheDisabled"`
	// Cache from options to pass to the `docker build` command.
	// Default: - no cache from args are passed.
	//
	CacheFrom *[]*awscdk.DockerCacheOption `field:"optional" json:"cacheFrom" yaml:"cacheFrom"`
	// Cache to options to pass to the `docker build` command.
	// Default: - no cache to args are passed.
	//
	CacheTo *awscdk.DockerCacheOption `field:"optional" json:"cacheTo" yaml:"cacheTo"`
	// Name of the Dockerfile, must relative to the docker build path.
	// Default: `Dockerfile`.
	//
	File *string `field:"optional" json:"file" yaml:"file"`
	// Set platform if server is multi-platform capable. _Requires Docker Engine API v1.38+_.
	//
	// Example value: `linux/amd64`.
	// Default: - no platform specified.
	//
	Platform *string `field:"optional" json:"platform" yaml:"platform"`
	// Set build target for multi-stage container builds. Any stage defined afterwards will be ignored.
	//
	// Example value: `build-env`.
	// Default: - Build all stages defined in the Dockerfile.
	//
	TargetStage *string `field:"optional" json:"targetStage" yaml:"targetStage"`
	// The path in the Docker image where the asset is located after the build operation.
	// Default: /asset.
	//
	ImagePath *string `field:"optional" json:"imagePath" yaml:"imagePath"`
	// The path on the local filesystem where the asset will be copied using `docker cp`.
	// Default: - a unique temporary directory in the system temp directory.
	//
	OutputPath *string `field:"optional" json:"outputPath" yaml:"outputPath"`
}

Options when creating an asset from a Docker build.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

dockerBuildAssetOptions := &DockerBuildAssetOptions{
	BuildArgs: map[string]*string{
		"buildArgsKey": jsii.String("buildArgs"),
	},
	CacheDisabled: jsii.Boolean(false),
	CacheFrom: []dockerCacheOption{
		&dockerCacheOption{
			Type: jsii.String("type"),

			// the properties below are optional
			Params: map[string]*string{
				"paramsKey": jsii.String("params"),
			},
		},
	},
	CacheTo: &dockerCacheOption{
		Type: jsii.String("type"),

		// the properties below are optional
		Params: map[string]*string{
			"paramsKey": jsii.String("params"),
		},
	},
	File: jsii.String("file"),
	ImagePath: jsii.String("imagePath"),
	OutputPath: jsii.String("outputPath"),
	Platform: jsii.String("platform"),
	TargetStage: jsii.String("targetStage"),
}

type DockerImageCode

type DockerImageCode interface {
}

Code property for the DockerImageFunction construct.

Example:

lambda.NewDockerImageFunction(this, jsii.String("AssetFunction"), &DockerImageFunctionProps{
	Code: lambda.DockerImageCode_FromImageAsset(path.join(__dirname, jsii.String("docker-handler"))),
})

func DockerImageCode_FromEcr

func DockerImageCode_FromEcr(repository awsecr.IRepository, props *EcrImageCodeProps) DockerImageCode

Use an existing ECR image as the Lambda code.

func DockerImageCode_FromImageAsset

func DockerImageCode_FromImageAsset(directory *string, props *AssetImageCodeProps) DockerImageCode

Create an ECR image from the specified asset and bind it as the Lambda code.

type DockerImageFunction

type DockerImageFunction interface {
	Function
	// The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
	Architecture() Architecture
	// Whether the addPermission() call adds any permissions.
	//
	// True for new Lambdas, false for version $LATEST and imported Lambdas
	// from different accounts.
	CanCreatePermissions() *bool
	// Access the Connections object.
	//
	// Will fail if not a VPC-enabled Lambda Function.
	Connections() awsec2.Connections
	// Returns a `lambda.Version` which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
	//
	// You can specify options for this version using the `currentVersionOptions`
	// prop when initializing the `lambda.Function`.
	CurrentVersion() Version
	// The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
	DeadLetterQueue() awssqs.IQueue
	// The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
	DeadLetterTopic() awssns.ITopic
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// ARN of this function.
	FunctionArn() *string
	// Name of this function.
	FunctionName() *string
	// The principal this Lambda Function is running as.
	GrantPrincipal() awsiam.IPrincipal
	// Whether or not this Lambda function was bound to a VPC.
	//
	// If this is is `false`, trying to access the `connections` object will fail.
	IsBoundToVpc() *bool
	// The `$LATEST` version of this function.
	//
	// Note that this is reference to a non-specific AWS Lambda version, which
	// means the function this version refers to can return different results in
	// different invocations.
	//
	// To obtain a reference to an explicit version which references the current
	// function configuration, use `lambdaFunction.currentVersion` instead.
	LatestVersion() IVersion
	// The LogGroup where the Lambda function's logs are made available.
	//
	// If either `logRetention` is set or this property is called, a CloudFormation custom resource is added to the stack that
	// pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
	// period (never expire, by default).
	//
	// Further, if the log group already exists and the `logRetention` is not set, the custom resource will reset the log retention
	// to never expire even if it was configured with a different value.
	LogGroup() awslogs.ILogGroup
	// The tree node.
	Node() constructs.Node
	// The construct node where permissions are attached.
	PermissionsNode() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
	ResourceArnsForGrantInvoke() *[]*string
	// Execution role associated with this function.
	Role() awsiam.IRole
	// The runtime configured for this lambda.
	Runtime() Runtime
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The timeout configured for this lambda.
	Timeout() awscdk.Duration
	// Defines an alias for this function.
	//
	// The alias will automatically be updated to point to the latest version of
	// the function as it is being updated during a deployment.
	//
	// “`ts
	// declare const fn: lambda.Function;
	//
	// fn.addAlias('Live');
	//
	// // Is equivalent to
	//
	// new lambda.Alias(this, 'AliasLive', {
	//   aliasName: 'Live',
	//   version: fn.currentVersion,
	// });
	// “`.
	AddAlias(aliasName *string, options *AliasOptions) Alias
	// Adds an environment variable to this Lambda function.
	//
	// If this is a ref to a Lambda function, this operation results in a no-op.
	AddEnvironment(key *string, value *string, options *EnvironmentOptions) Function
	// Adds an event source to this function.
	//
	// Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
	//
	// The following example adds an SQS Queue as an event source:
	// “`
	// import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
	// myFunction.addEventSource(new SqsEventSource(myQueue));
	// “`.
	AddEventSource(source IEventSource)
	// Adds an event source that maps to this AWS Lambda function.
	AddEventSourceMapping(id *string, options *EventSourceMappingOptions) EventSourceMapping
	// Adds a url to this lambda function.
	AddFunctionUrl(options *FunctionUrlOptions) FunctionUrl
	// Adds one or more Lambda Layers to this Lambda function.
	AddLayers(layers ...ILayerVersion)
	// Adds a permission to the Lambda resource policy.
	// See: Permission for details.
	//
	AddPermission(id *string, permission *Permission)
	// Adds a statement to the IAM role assumed by the instance.
	AddToRolePolicy(statement awsiam.PolicyStatement)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Configures options for asynchronous invocation.
	ConfigureAsyncInvoke(options *EventInvokeConfigOptions)
	// A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function.
	//
	// - function.currentVersion is invoked before or after the permission is created.
	//
	// This applies only to permissions on Lambda functions, not versions or aliases.
	// This function is overridden as a noOp for QualifiedFunctionBase.
	ConsiderWarningOnInvokeFunctionPermissions(scope constructs.Construct, action *string)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity permissions to invoke this Lambda.
	GrantInvoke(grantee awsiam.IGrantable) awsiam.Grant
	// Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
	GrantInvokeCompositePrincipal(compositePrincipal awsiam.CompositePrincipal) *[]awsiam.Grant
	// Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
	GrantInvokeLatestVersion(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke the given version of this Lambda.
	GrantInvokeVersion(grantee awsiam.IGrantable, version IVersion) awsiam.Grant
	// Mix additional information into the hash of the Version object.
	//
	// The Lambda Function construct does its best to automatically create a new
	// Version when anything about the Function changes (its code, its layers,
	// any of the other properties).
	//
	// However, you can sometimes source information from places that the CDK cannot
	// look into, like the deploy-time values of SSM parameters. In those cases,
	// the CDK would not force the creation of a new Version object when it actually
	// should.
	//
	// This method can be used to invalidate the current Version object. Pass in
	// any string into this method, and make sure the string changes when you know
	// a new Version needs to be created.
	//
	// This method may be called more than once.
	InvalidateVersionBasedOn(x *string)
	// Return the given named metric for this Function.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How long execution of this Lambda takes.
	//
	// Average over 5 minutes.
	MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How many invocations of this Lambda fail.
	//
	// Sum over 5 minutes.
	MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is invoked.
	//
	// Sum over 5 minutes.
	MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is throttled.
	//
	// Sum over 5 minutes.
	MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Returns a string representation of this construct.
	ToString() *string
	WarnInvokeFunctionPermissions(scope constructs.Construct)
}

Create a lambda function where the handler is a docker image.

Example:

lambda.NewDockerImageFunction(this, jsii.String("AssetFunction"), &DockerImageFunctionProps{
	Code: lambda.DockerImageCode_FromImageAsset(path.join(__dirname, jsii.String("docker-handler"))),
})

func NewDockerImageFunction

func NewDockerImageFunction(scope constructs.Construct, id *string, props *DockerImageFunctionProps) DockerImageFunction

type DockerImageFunctionProps

type DockerImageFunctionProps struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
	// See: https://aws-otel.github.io/docs/getting-started/lambda
	//
	// Default: - No ADOT instrumentation.
	//
	AdotInstrumentation *AdotInstrumentationConfig `field:"optional" json:"adotInstrumentation" yaml:"adotInstrumentation"`
	// Whether to allow the Lambda to send all ipv6 network traffic.
	//
	// If set to true, there will only be a single egress rule which allows all
	// outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the
	// Lambda to connect to network targets using ipv6.
	//
	// Do not specify this property if the `securityGroups` or `securityGroup` property is set.
	// Instead, configure `allowAllIpv6Outbound` directly on the security group.
	// Default: false.
	//
	AllowAllIpv6Outbound *bool `field:"optional" json:"allowAllIpv6Outbound" yaml:"allowAllIpv6Outbound"`
	// Whether to allow the Lambda to send all network traffic (except ipv6).
	//
	// If set to false, you must individually add traffic rules to allow the
	// Lambda to connect to network targets.
	//
	// Do not specify this property if the `securityGroups` or `securityGroup` property is set.
	// Instead, configure `allowAllOutbound` directly on the security group.
	// Default: true.
	//
	AllowAllOutbound *bool `field:"optional" json:"allowAllOutbound" yaml:"allowAllOutbound"`
	// Lambda Functions in a public subnet can NOT access the internet.
	//
	// Use this property to acknowledge this limitation and still place the function in a public subnet.
	// See: https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841
	//
	// Default: false.
	//
	AllowPublicSubnet *bool `field:"optional" json:"allowPublicSubnet" yaml:"allowPublicSubnet"`
	// Sets the application log level for the function.
	// Default: "INFO".
	//
	// Deprecated: Use `applicationLogLevelV2` as a property instead.
	ApplicationLogLevel *string `field:"optional" json:"applicationLogLevel" yaml:"applicationLogLevel"`
	// Sets the application log level for the function.
	// Default: ApplicationLogLevel.INFO
	//
	ApplicationLogLevelV2 ApplicationLogLevel `field:"optional" json:"applicationLogLevelV2" yaml:"applicationLogLevelV2"`
	// The system architectures compatible with this lambda function.
	// Default: Architecture.X86_64
	//
	Architecture Architecture `field:"optional" json:"architecture" yaml:"architecture"`
	// Code signing config associated with this function.
	// Default: - Not Sign the Code.
	//
	CodeSigningConfig ICodeSigningConfig `field:"optional" json:"codeSigningConfig" yaml:"codeSigningConfig"`
	// Options for the `lambda.Version` resource automatically created by the `fn.currentVersion` method.
	// Default: - default options as described in `VersionOptions`.
	//
	CurrentVersionOptions *VersionOptions `field:"optional" json:"currentVersionOptions" yaml:"currentVersionOptions"`
	// The SQS queue to use if DLQ is enabled.
	//
	// If SNS topic is desired, specify `deadLetterTopic` property instead.
	// Default: - SQS queue with 14 day retention period if `deadLetterQueueEnabled` is `true`.
	//
	DeadLetterQueue awssqs.IQueue `field:"optional" json:"deadLetterQueue" yaml:"deadLetterQueue"`
	// Enabled DLQ.
	//
	// If `deadLetterQueue` is undefined,
	// an SQS queue with default options will be defined for your Function.
	// Default: - false unless `deadLetterQueue` is set, which implies DLQ is enabled.
	//
	DeadLetterQueueEnabled *bool `field:"optional" json:"deadLetterQueueEnabled" yaml:"deadLetterQueueEnabled"`
	// The SNS topic to use as a DLQ.
	//
	// Note that if `deadLetterQueueEnabled` is set to `true`, an SQS queue will be created
	// rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
	// Default: - no SNS topic.
	//
	DeadLetterTopic awssns.ITopic `field:"optional" json:"deadLetterTopic" yaml:"deadLetterTopic"`
	// A description of the function.
	// Default: - No description.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Key-value pairs that Lambda caches and makes available for your Lambda functions.
	//
	// Use environment variables to apply configuration changes, such
	// as test and production environment configurations, without changing your
	// Lambda function source code.
	// Default: - No environment variables.
	//
	Environment *map[string]*string `field:"optional" json:"environment" yaml:"environment"`
	// The AWS KMS key that's used to encrypt your function's environment variables.
	// Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).
	//
	EnvironmentEncryption awskms.IKey `field:"optional" json:"environmentEncryption" yaml:"environmentEncryption"`
	// The size of the function’s /tmp directory in MiB.
	// Default: 512 MiB.
	//
	EphemeralStorageSize awscdk.Size `field:"optional" json:"ephemeralStorageSize" yaml:"ephemeralStorageSize"`
	// Event sources for this function.
	//
	// You can also add event sources using `addEventSource`.
	// Default: - No event sources.
	//
	Events *[]IEventSource `field:"optional" json:"events" yaml:"events"`
	// The filesystem configuration for the lambda function.
	// Default: - will not mount any filesystem.
	//
	Filesystem FileSystem `field:"optional" json:"filesystem" yaml:"filesystem"`
	// A name for the function.
	// Default: - AWS CloudFormation generates a unique physical ID and uses that
	// ID for the function's name. For more information, see Name Type.
	//
	FunctionName *string `field:"optional" json:"functionName" yaml:"functionName"`
	// Initial policy statements to add to the created Lambda Role.
	//
	// You can call `addToRolePolicy` to the created lambda to add statements post creation.
	// Default: - No policy statements are added to the created Lambda role.
	//
	InitialPolicy *[]awsiam.PolicyStatement `field:"optional" json:"initialPolicy" yaml:"initialPolicy"`
	// Specify the version of CloudWatch Lambda insights to use for monitoring.
	// See: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-Getting-Started-docker.html
	//
	// Default: - No Lambda Insights.
	//
	InsightsVersion LambdaInsightsVersion `field:"optional" json:"insightsVersion" yaml:"insightsVersion"`
	// Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
	//
	// Only used if 'vpc' is supplied.
	// Default: false.
	//
	Ipv6AllowedForDualStack *bool `field:"optional" json:"ipv6AllowedForDualStack" yaml:"ipv6AllowedForDualStack"`
	// A list of layers to add to the function's execution environment.
	//
	// You can configure your Lambda function to pull in
	// additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies
	// that can be used by multiple functions.
	// Default: - No layers.
	//
	Layers *[]ILayerVersion `field:"optional" json:"layers" yaml:"layers"`
	// Sets the logFormat for the function.
	// Default: "Text".
	//
	// Deprecated: Use `loggingFormat` as a property instead.
	LogFormat *string `field:"optional" json:"logFormat" yaml:"logFormat"`
	// Sets the loggingFormat for the function.
	// Default: LoggingFormat.TEXT
	//
	LoggingFormat LoggingFormat `field:"optional" json:"loggingFormat" yaml:"loggingFormat"`
	// The log group the function sends logs to.
	//
	// By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name\>.
	// However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
	//
	// Use the `logGroup` property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
	//
	// Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16.
	// If you are deploying to another type of region, please check regional availability first.
	// Default: `/aws/lambda/${this.functionName}` - default log group created by Lambda
	//
	LogGroup awslogs.ILogGroup `field:"optional" json:"logGroup" yaml:"logGroup"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `INFINITE`.
	//
	// This is a legacy API and we strongly recommend you move away from it if you can.
	// Instead create a fully customizable log group with `logs.LogGroup` and use the `logGroup` property
	// to instruct the Lambda function to send logs to it.
	// Migrating from `logRetention` to `logGroup` will cause the name of the log group to change.
	// Users and code and referencing the name verbatim will have to adjust.
	//
	// In AWS CDK code, you can access the log group name directly from the LogGroup construct:
	// “`ts
	// import * as logs from 'aws-cdk-lib/aws-logs';
	//
	// declare const myLogGroup: logs.LogGroup;
	// myLogGroup.logGroupName;
	// “`.
	// Default: logs.RetentionDays.INFINITE
	//
	LogRetention awslogs.RetentionDays `field:"optional" json:"logRetention" yaml:"logRetention"`
	// When log retention is specified, a custom resource attempts to create the CloudWatch log group.
	//
	// These options control the retry policy when interacting with CloudWatch APIs.
	//
	// This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
	// `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
	// Default: - Default AWS SDK retry options.
	//
	LogRetentionRetryOptions *LogRetentionRetryOptions `field:"optional" json:"logRetentionRetryOptions" yaml:"logRetentionRetryOptions"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	//
	// This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
	// `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
	// Default: - A new role is created.
	//
	LogRetentionRole awsiam.IRole `field:"optional" json:"logRetentionRole" yaml:"logRetentionRole"`
	// The amount of memory, in MB, that is allocated to your Lambda function.
	//
	// Lambda uses this value to proportionally allocate the amount of CPU
	// power. For more information, see Resource Model in the AWS Lambda
	// Developer Guide.
	// Default: 128.
	//
	MemorySize *float64 `field:"optional" json:"memorySize" yaml:"memorySize"`
	// Specify the configuration of Parameters and Secrets Extension.
	// See: https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html
	//
	// Default: - No Parameters and Secrets Extension.
	//
	ParamsAndSecrets ParamsAndSecretsLayerVersion `field:"optional" json:"paramsAndSecrets" yaml:"paramsAndSecrets"`
	// Enable profiling.
	// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
	//
	// Default: - No profiling.
	//
	Profiling *bool `field:"optional" json:"profiling" yaml:"profiling"`
	// Profiling Group.
	// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
	//
	// Default: - A new profiling group will be created if `profiling` is set.
	//
	ProfilingGroup awscodeguruprofiler.IProfilingGroup `field:"optional" json:"profilingGroup" yaml:"profilingGroup"`
	// Sets the Recursive Loop Protection for Lambda Function.
	//
	// It lets Lambda detect and terminate unintended recusrive loops.
	// Default: RecursiveLoop.Terminate
	//
	RecursiveLoop RecursiveLoop `field:"optional" json:"recursiveLoop" yaml:"recursiveLoop"`
	// The maximum of concurrent executions you want to reserve for the function.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html
	//
	// Default: - No specific limit - account limit.
	//
	ReservedConcurrentExecutions *float64 `field:"optional" json:"reservedConcurrentExecutions" yaml:"reservedConcurrentExecutions"`
	// Lambda execution role.
	//
	// This is the role that will be assumed by the function upon execution.
	// It controls the permissions that the function will have. The Role must
	// be assumable by the 'lambda.amazonaws.com' service principal.
	//
	// The default Role automatically has permissions granted for Lambda execution. If you
	// provide a Role, you must add the relevant AWS managed policies yourself.
	//
	// The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and
	// "service-role/AWSLambdaVPCAccessExecutionRole".
	// Default: - A unique role will be generated for this lambda function.
	// Both supplied and generated roles can always be changed by calling `addToRolePolicy`.
	//
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// Sets the runtime management configuration for a function's version.
	// Default: Auto.
	//
	RuntimeManagementMode RuntimeManagementMode `field:"optional" json:"runtimeManagementMode" yaml:"runtimeManagementMode"`
	// The list of security groups to associate with the Lambda's network interfaces.
	//
	// Only used if 'vpc' is supplied.
	// Default: - If the function is placed within a VPC and a security group is
	// not specified, either by this or securityGroup prop, a dedicated security
	// group will be created for this function.
	//
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// Enable SnapStart for Lambda Function.
	//
	// SnapStart is currently supported only for Java 11, 17 runtime.
	// Default: - No snapstart.
	//
	SnapStart SnapStartConf `field:"optional" json:"snapStart" yaml:"snapStart"`
	// Sets the system log level for the function.
	// Default: "INFO".
	//
	// Deprecated: Use `systemLogLevelV2` as a property instead.
	SystemLogLevel *string `field:"optional" json:"systemLogLevel" yaml:"systemLogLevel"`
	// Sets the system log level for the function.
	// Default: SystemLogLevel.INFO
	//
	SystemLogLevelV2 SystemLogLevel `field:"optional" json:"systemLogLevelV2" yaml:"systemLogLevelV2"`
	// The function execution time (in seconds) after which Lambda terminates the function.
	//
	// Because the execution time affects cost, set this value
	// based on the function's expected execution time.
	// Default: Duration.seconds(3)
	//
	Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
	// Enable AWS X-Ray Tracing for Lambda Function.
	// Default: Tracing.Disabled
	//
	Tracing Tracing `field:"optional" json:"tracing" yaml:"tracing"`
	// VPC network to place Lambda network interfaces.
	//
	// Specify this if the Lambda function needs to access resources in a VPC.
	// This is required when `vpcSubnets` is specified.
	// Default: - Function is not placed within a VPC.
	//
	Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
	// Where to place the network interfaces within the VPC.
	//
	// This requires `vpc` to be specified in order for interfaces to actually be
	// placed in the subnets. If `vpc` is not specify, this will raise an error.
	//
	// Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
	// public subnets is not allowed (unless `allowPublicSubnet` is set to `true`).
	// Default: - the Vpc default strategy if not specified.
	//
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
	// The source code of your Lambda function.
	//
	// You can point to a file in an
	// Amazon Simple Storage Service (Amazon S3) bucket or specify your source
	// code as inline text.
	Code DockerImageCode `field:"required" json:"code" yaml:"code"`
}

Properties to configure a new DockerImageFunction construct.

Example:

lambda.NewDockerImageFunction(this, jsii.String("AssetFunction"), &DockerImageFunctionProps{
	Code: lambda.DockerImageCode_FromImageAsset(path.join(__dirname, jsii.String("docker-handler"))),
})

type EcrImageCode

type EcrImageCode interface {
	Code
	// Determines whether this Code is inline code or not.
	IsInline() *bool
	// Called when the lambda or layer is initialized to allow this object to bind to the stack, add resources and have fun.
	Bind(_scope constructs.Construct) *CodeConfig
	// Called after the CFN function resource has been created to allow the code class to bind to it.
	//
	// Specifically it's required to allow assets to add
	// metadata for tooling like SAM CLI to be able to find their origins.
	BindToResource(_resource awscdk.CfnResource, _options *ResourceBindOptions)
}

Represents a Docker image in ECR that can be bound as Lambda Code.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var repository repository

ecrImageCode := awscdk.Aws_lambda.NewEcrImageCode(repository, &EcrImageCodeProps{
	Cmd: []*string{
		jsii.String("cmd"),
	},
	Entrypoint: []*string{
		jsii.String("entrypoint"),
	},
	Tag: jsii.String("tag"),
	TagOrDigest: jsii.String("tagOrDigest"),
	WorkingDirectory: jsii.String("workingDirectory"),
})

func AssetCode_FromEcrImage

func AssetCode_FromEcrImage(repository awsecr.IRepository, props *EcrImageCodeProps) EcrImageCode

Use an existing ECR image as the Lambda code.

func AssetImageCode_FromEcrImage

func AssetImageCode_FromEcrImage(repository awsecr.IRepository, props *EcrImageCodeProps) EcrImageCode

Use an existing ECR image as the Lambda code.

func CfnParametersCode_FromEcrImage

func CfnParametersCode_FromEcrImage(repository awsecr.IRepository, props *EcrImageCodeProps) EcrImageCode

Use an existing ECR image as the Lambda code.

func Code_FromEcrImage

func Code_FromEcrImage(repository awsecr.IRepository, props *EcrImageCodeProps) EcrImageCode

Use an existing ECR image as the Lambda code.

func EcrImageCode_FromEcrImage

func EcrImageCode_FromEcrImage(repository awsecr.IRepository, props *EcrImageCodeProps) EcrImageCode

Use an existing ECR image as the Lambda code.

func InlineCode_FromEcrImage

func InlineCode_FromEcrImage(repository awsecr.IRepository, props *EcrImageCodeProps) EcrImageCode

Use an existing ECR image as the Lambda code.

func NewEcrImageCode

func NewEcrImageCode(repository awsecr.IRepository, props *EcrImageCodeProps) EcrImageCode

func S3Code_FromEcrImage

func S3Code_FromEcrImage(repository awsecr.IRepository, props *EcrImageCodeProps) EcrImageCode

Use an existing ECR image as the Lambda code.

type EcrImageCodeProps

type EcrImageCodeProps struct {
	// Specify or override the CMD on the specified Docker image or Dockerfile.
	//
	// This needs to be in the 'exec form', viz., `[ 'executable', 'param1', 'param2' ]`.
	// See: https://docs.docker.com/engine/reference/builder/#cmd
	//
	// Default: - use the CMD specified in the docker image or Dockerfile.
	//
	Cmd *[]*string `field:"optional" json:"cmd" yaml:"cmd"`
	// Specify or override the ENTRYPOINT on the specified Docker image or Dockerfile.
	//
	// An ENTRYPOINT allows you to configure a container that will run as an executable.
	// This needs to be in the 'exec form', viz., `[ 'executable', 'param1', 'param2' ]`.
	// See: https://docs.docker.com/engine/reference/builder/#entrypoint
	//
	// Default: - use the ENTRYPOINT in the docker image or Dockerfile.
	//
	Entrypoint *[]*string `field:"optional" json:"entrypoint" yaml:"entrypoint"`
	// The image tag to use when pulling the image from ECR.
	// Default: 'latest'.
	//
	// Deprecated: use `tagOrDigest`.
	Tag *string `field:"optional" json:"tag" yaml:"tag"`
	// The image tag or digest to use when pulling the image from ECR (digests must start with `sha256:`).
	// Default: 'latest'.
	//
	TagOrDigest *string `field:"optional" json:"tagOrDigest" yaml:"tagOrDigest"`
	// Specify or override the WORKDIR on the specified Docker image or Dockerfile.
	//
	// A WORKDIR allows you to configure the working directory the container will use.
	// See: https://docs.docker.com/engine/reference/builder/#workdir
	//
	// Default: - use the WORKDIR in the docker image or Dockerfile.
	//
	WorkingDirectory *string `field:"optional" json:"workingDirectory" yaml:"workingDirectory"`
}

Properties to initialize a new EcrImageCode.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

ecrImageCodeProps := &EcrImageCodeProps{
	Cmd: []*string{
		jsii.String("cmd"),
	},
	Entrypoint: []*string{
		jsii.String("entrypoint"),
	},
	Tag: jsii.String("tag"),
	TagOrDigest: jsii.String("tagOrDigest"),
	WorkingDirectory: jsii.String("workingDirectory"),
}

type EnvironmentOptions

type EnvironmentOptions struct {
	// When used in Lambda@Edge via edgeArn() API, these environment variables will be removed.
	//
	// If not set, an error will be thrown.
	// See: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-requirements-limits.html#lambda-requirements-lambda-function-configuration
	//
	// Default: false - using the function in Lambda@Edge will throw.
	//
	RemoveInEdge *bool `field:"optional" json:"removeInEdge" yaml:"removeInEdge"`
}

Environment variables options.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

environmentOptions := &EnvironmentOptions{
	RemoveInEdge: jsii.Boolean(false),
}

type EventInvokeConfig

type EventInvokeConfig interface {
	awscdk.Resource
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Configure options for asynchronous invocation on a version or an alias.

By default, Lambda retries an asynchronous invocation twice if the function returns an error. It retains events in a queue for up to six hours. When an event fails all processing attempts or stays in the asynchronous invocation queue for too long, Lambda discards it.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var destination iDestination
var function_ function

eventInvokeConfig := awscdk.Aws_lambda.NewEventInvokeConfig(this, jsii.String("MyEventInvokeConfig"), &EventInvokeConfigProps{
	Function: function_,

	// the properties below are optional
	MaxEventAge: cdk.Duration_Minutes(jsii.Number(30)),
	OnFailure: destination,
	OnSuccess: destination,
	Qualifier: jsii.String("qualifier"),
	RetryAttempts: jsii.Number(123),
})

func NewEventInvokeConfig

func NewEventInvokeConfig(scope constructs.Construct, id *string, props *EventInvokeConfigProps) EventInvokeConfig

type EventInvokeConfigOptions

type EventInvokeConfigOptions struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
}

Options to add an EventInvokeConfig to a function.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var destination iDestination

eventInvokeConfigOptions := &EventInvokeConfigOptions{
	MaxEventAge: cdk.Duration_Minutes(jsii.Number(30)),
	OnFailure: destination,
	OnSuccess: destination,
	RetryAttempts: jsii.Number(123),
}

type EventInvokeConfigProps

type EventInvokeConfigProps struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// The Lambda function.
	Function IFunction `field:"required" json:"function" yaml:"function"`
	// The qualifier.
	// Default: - latest version.
	//
	Qualifier *string `field:"optional" json:"qualifier" yaml:"qualifier"`
}

Properties for an EventInvokeConfig.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var destination iDestination
var function_ function

eventInvokeConfigProps := &EventInvokeConfigProps{
	Function: function_,

	// the properties below are optional
	MaxEventAge: cdk.Duration_Minutes(jsii.Number(30)),
	OnFailure: destination,
	OnSuccess: destination,
	Qualifier: jsii.String("qualifier"),
	RetryAttempts: jsii.Number(123),
}

type EventSourceMapping

type EventSourceMapping interface {
	awscdk.Resource
	IEventSourceMapping
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The ARN of the event source mapping (i.e. arn:aws:lambda:region:account-id:event-source-mapping/event-source-mapping-id).
	EventSourceMappingArn() *string
	// The identifier for this EventSourceMapping.
	EventSourceMappingId() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Defines a Lambda EventSourceMapping resource.

Usually, you won't need to define the mapping yourself. This will usually be done by event sources. For example, to add an SQS event source to a function:

```ts import * as sqs from 'aws-cdk-lib/aws-sqs'; import * as eventsources from 'aws-cdk-lib/aws-lambda-event-sources';

declare const handler: lambda.Function; declare const queue: sqs.Queue;

handler.addEventSource(new eventsources.SqsEventSource(queue)); ```

The `SqsEventSource` class will automatically create the mapping, and will also modify the Lambda's execution role so it can consume messages from the queue.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var eventSourceDlq iEventSourceDlq
var filters interface{}
var function_ function
var key key
var sourceAccessConfigurationType sourceAccessConfigurationType

eventSourceMapping := awscdk.Aws_lambda.NewEventSourceMapping(this, jsii.String("MyEventSourceMapping"), &EventSourceMappingProps{
	Target: function_,

	// the properties below are optional
	BatchSize: jsii.Number(123),
	BisectBatchOnError: jsii.Boolean(false),
	Enabled: jsii.Boolean(false),
	EventSourceArn: jsii.String("eventSourceArn"),
	FilterEncryption: key,
	Filters: []map[string]interface{}{
		map[string]interface{}{
			"filtersKey": filters,
		},
	},
	KafkaBootstrapServers: []*string{
		jsii.String("kafkaBootstrapServers"),
	},
	KafkaConsumerGroupId: jsii.String("kafkaConsumerGroupId"),
	KafkaTopic: jsii.String("kafkaTopic"),
	MaxBatchingWindow: cdk.Duration_Minutes(jsii.Number(30)),
	MaxConcurrency: jsii.Number(123),
	MaxRecordAge: cdk.Duration_*Minutes(jsii.Number(30)),
	OnFailure: eventSourceDlq,
	ParallelizationFactor: jsii.Number(123),
	ReportBatchItemFailures: jsii.Boolean(false),
	RetryAttempts: jsii.Number(123),
	SourceAccessConfigurations: []sourceAccessConfiguration{
		&sourceAccessConfiguration{
			Type: sourceAccessConfigurationType,
			Uri: jsii.String("uri"),
		},
	},
	StartingPosition: awscdk.*Aws_lambda.StartingPosition_TRIM_HORIZON,
	StartingPositionTimestamp: jsii.Number(123),
	SupportS3OnFailureDestination: jsii.Boolean(false),
	TumblingWindow: cdk.Duration_*Minutes(jsii.Number(30)),
})

func NewEventSourceMapping

func NewEventSourceMapping(scope constructs.Construct, id *string, props *EventSourceMappingProps) EventSourceMapping

type EventSourceMappingOptions

type EventSourceMappingOptions struct {
	// The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function.
	//
	// Your function receives an
	// event with all the retrieved records.
	//
	// Valid Range: Minimum value of 1. Maximum value of 10000.
	// Default: - Amazon Kinesis, Amazon DynamoDB, and Amazon MSK is 100 records.
	// The default for Amazon SQS is 10 messages. For standard SQS queues, the maximum is 10,000. For FIFO SQS queues, the maximum is 10.
	//
	BatchSize *float64 `field:"optional" json:"batchSize" yaml:"batchSize"`
	// If the function returns an error, split the batch in two and retry.
	// Default: false.
	//
	BisectBatchOnError *bool `field:"optional" json:"bisectBatchOnError" yaml:"bisectBatchOnError"`
	// Set to false to disable the event source upon creation.
	// Default: true.
	//
	Enabled *bool `field:"optional" json:"enabled" yaml:"enabled"`
	// The Amazon Resource Name (ARN) of the event source.
	//
	// Any record added to
	// this stream can invoke the Lambda function.
	// Default: - not set if using a self managed Kafka cluster, throws an error otherwise.
	//
	EventSourceArn *string `field:"optional" json:"eventSourceArn" yaml:"eventSourceArn"`
	// Add Customer managed KMS key to encrypt Filter Criteria.
	// See: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
	//
	// Default: - none.
	//
	FilterEncryption awskms.IKey `field:"optional" json:"filterEncryption" yaml:"filterEncryption"`
	// Add filter criteria to Event Source.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html
	//
	// Default: - none.
	//
	Filters *[]*map[string]interface{} `field:"optional" json:"filters" yaml:"filters"`
	// A list of host and port pairs that are the addresses of the Kafka brokers in a self managed "bootstrap" Kafka cluster that a Kafka client connects to initially to bootstrap itself.
	//
	// They are in the format `abc.example.com:9096`.
	// Default: - none.
	//
	KafkaBootstrapServers *[]*string `field:"optional" json:"kafkaBootstrapServers" yaml:"kafkaBootstrapServers"`
	// The identifier for the Kafka consumer group to join.
	//
	// The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. The value must have a lenght between 1 and 200 and full the pattern '[a-zA-Z0-9-\/*:_+=.@-]*'. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id).
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-selfmanagedkafkaeventsourceconfig.html
	//
	// Default: - none.
	//
	KafkaConsumerGroupId *string `field:"optional" json:"kafkaConsumerGroupId" yaml:"kafkaConsumerGroupId"`
	// The name of the Kafka topic.
	// Default: - no topic.
	//
	KafkaTopic *string `field:"optional" json:"kafkaTopic" yaml:"kafkaTopic"`
	// The maximum amount of time to gather records before invoking the function.
	//
	// Maximum of Duration.minutes(5)
	// Default: Duration.seconds(0)
	//
	MaxBatchingWindow awscdk.Duration `field:"optional" json:"maxBatchingWindow" yaml:"maxBatchingWindow"`
	// The maximum concurrency setting limits the number of concurrent instances of the function that an Amazon SQS event source can invoke.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency
	//
	// Valid Range: Minimum value of 2. Maximum value of 1000.
	//
	// Default: - No specific limit.
	//
	MaxConcurrency *float64 `field:"optional" json:"maxConcurrency" yaml:"maxConcurrency"`
	// The maximum age of a record that Lambda sends to a function for processing.
	//
	// Valid Range:
	// * Minimum value of 60 seconds
	// * Maximum value of 7 days.
	// Default: - infinite or until the record expires.
	//
	MaxRecordAge awscdk.Duration `field:"optional" json:"maxRecordAge" yaml:"maxRecordAge"`
	// An Amazon SQS queue or Amazon SNS topic destination for discarded records.
	// Default: discarded records are ignored.
	//
	OnFailure IEventSourceDlq `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The number of batches to process from each shard concurrently.
	//
	// Valid Range:
	// * Minimum value of 1
	// * Maximum value of 10.
	// Default: 1.
	//
	ParallelizationFactor *float64 `field:"optional" json:"parallelizationFactor" yaml:"parallelizationFactor"`
	// Allow functions to return partially successful responses for a batch of records.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-ddb-batchfailurereporting
	//
	// Default: false.
	//
	ReportBatchItemFailures *bool `field:"optional" json:"reportBatchItemFailures" yaml:"reportBatchItemFailures"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Set to `undefined` if you want lambda to keep retrying infinitely or until
	// the record expires.
	//
	// Valid Range:
	// * Minimum value of 0
	// * Maximum value of 10000.
	// Default: - infinite or until the record expires.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// Specific settings like the authentication protocol or the VPC components to secure access to your event source.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html
	//
	// Default: - none.
	//
	SourceAccessConfigurations *[]*SourceAccessConfiguration `field:"optional" json:"sourceAccessConfigurations" yaml:"sourceAccessConfigurations"`
	// The position in the DynamoDB, Kinesis or MSK stream where AWS Lambda should start reading.
	// See: https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html#Kinesis-GetShardIterator-request-ShardIteratorType
	//
	// Default: - no starting position.
	//
	StartingPosition StartingPosition `field:"optional" json:"startingPosition" yaml:"startingPosition"`
	// The time from which to start reading, in Unix time seconds.
	// Default: - no timestamp.
	//
	StartingPositionTimestamp *float64 `field:"optional" json:"startingPositionTimestamp" yaml:"startingPositionTimestamp"`
	// Check if support S3 onfailure destination(ODF).
	//
	// Currently only MSK and self managed kafka event support S3 ODF.
	// Default: false.
	//
	SupportS3OnFailureDestination *bool `field:"optional" json:"supportS3OnFailureDestination" yaml:"supportS3OnFailureDestination"`
	// The size of the tumbling windows to group records sent to DynamoDB or Kinesis.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-ddb-windows
	//
	// Valid Range: 0 - 15 minutes.
	//
	// Default: - None.
	//
	TumblingWindow awscdk.Duration `field:"optional" json:"tumblingWindow" yaml:"tumblingWindow"`
}

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var eventSourceDlq iEventSourceDlq
var filters interface{}
var key key
var sourceAccessConfigurationType sourceAccessConfigurationType

eventSourceMappingOptions := &EventSourceMappingOptions{
	BatchSize: jsii.Number(123),
	BisectBatchOnError: jsii.Boolean(false),
	Enabled: jsii.Boolean(false),
	EventSourceArn: jsii.String("eventSourceArn"),
	FilterEncryption: key,
	Filters: []map[string]interface{}{
		map[string]interface{}{
			"filtersKey": filters,
		},
	},
	KafkaBootstrapServers: []*string{
		jsii.String("kafkaBootstrapServers"),
	},
	KafkaConsumerGroupId: jsii.String("kafkaConsumerGroupId"),
	KafkaTopic: jsii.String("kafkaTopic"),
	MaxBatchingWindow: cdk.Duration_Minutes(jsii.Number(30)),
	MaxConcurrency: jsii.Number(123),
	MaxRecordAge: cdk.Duration_*Minutes(jsii.Number(30)),
	OnFailure: eventSourceDlq,
	ParallelizationFactor: jsii.Number(123),
	ReportBatchItemFailures: jsii.Boolean(false),
	RetryAttempts: jsii.Number(123),
	SourceAccessConfigurations: []sourceAccessConfiguration{
		&sourceAccessConfiguration{
			Type: sourceAccessConfigurationType,
			Uri: jsii.String("uri"),
		},
	},
	StartingPosition: awscdk.Aws_lambda.StartingPosition_TRIM_HORIZON,
	StartingPositionTimestamp: jsii.Number(123),
	SupportS3OnFailureDestination: jsii.Boolean(false),
	TumblingWindow: cdk.Duration_*Minutes(jsii.Number(30)),
}

type EventSourceMappingProps

type EventSourceMappingProps struct {
	// The largest number of records that AWS Lambda will retrieve from your event source at the time of invoking your function.
	//
	// Your function receives an
	// event with all the retrieved records.
	//
	// Valid Range: Minimum value of 1. Maximum value of 10000.
	// Default: - Amazon Kinesis, Amazon DynamoDB, and Amazon MSK is 100 records.
	// The default for Amazon SQS is 10 messages. For standard SQS queues, the maximum is 10,000. For FIFO SQS queues, the maximum is 10.
	//
	BatchSize *float64 `field:"optional" json:"batchSize" yaml:"batchSize"`
	// If the function returns an error, split the batch in two and retry.
	// Default: false.
	//
	BisectBatchOnError *bool `field:"optional" json:"bisectBatchOnError" yaml:"bisectBatchOnError"`
	// Set to false to disable the event source upon creation.
	// Default: true.
	//
	Enabled *bool `field:"optional" json:"enabled" yaml:"enabled"`
	// The Amazon Resource Name (ARN) of the event source.
	//
	// Any record added to
	// this stream can invoke the Lambda function.
	// Default: - not set if using a self managed Kafka cluster, throws an error otherwise.
	//
	EventSourceArn *string `field:"optional" json:"eventSourceArn" yaml:"eventSourceArn"`
	// Add Customer managed KMS key to encrypt Filter Criteria.
	// See: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
	//
	// Default: - none.
	//
	FilterEncryption awskms.IKey `field:"optional" json:"filterEncryption" yaml:"filterEncryption"`
	// Add filter criteria to Event Source.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html
	//
	// Default: - none.
	//
	Filters *[]*map[string]interface{} `field:"optional" json:"filters" yaml:"filters"`
	// A list of host and port pairs that are the addresses of the Kafka brokers in a self managed "bootstrap" Kafka cluster that a Kafka client connects to initially to bootstrap itself.
	//
	// They are in the format `abc.example.com:9096`.
	// Default: - none.
	//
	KafkaBootstrapServers *[]*string `field:"optional" json:"kafkaBootstrapServers" yaml:"kafkaBootstrapServers"`
	// The identifier for the Kafka consumer group to join.
	//
	// The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. The value must have a lenght between 1 and 200 and full the pattern '[a-zA-Z0-9-\/*:_+=.@-]*'. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id).
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-selfmanagedkafkaeventsourceconfig.html
	//
	// Default: - none.
	//
	KafkaConsumerGroupId *string `field:"optional" json:"kafkaConsumerGroupId" yaml:"kafkaConsumerGroupId"`
	// The name of the Kafka topic.
	// Default: - no topic.
	//
	KafkaTopic *string `field:"optional" json:"kafkaTopic" yaml:"kafkaTopic"`
	// The maximum amount of time to gather records before invoking the function.
	//
	// Maximum of Duration.minutes(5)
	// Default: Duration.seconds(0)
	//
	MaxBatchingWindow awscdk.Duration `field:"optional" json:"maxBatchingWindow" yaml:"maxBatchingWindow"`
	// The maximum concurrency setting limits the number of concurrent instances of the function that an Amazon SQS event source can invoke.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html#events-sqs-max-concurrency
	//
	// Valid Range: Minimum value of 2. Maximum value of 1000.
	//
	// Default: - No specific limit.
	//
	MaxConcurrency *float64 `field:"optional" json:"maxConcurrency" yaml:"maxConcurrency"`
	// The maximum age of a record that Lambda sends to a function for processing.
	//
	// Valid Range:
	// * Minimum value of 60 seconds
	// * Maximum value of 7 days.
	// Default: - infinite or until the record expires.
	//
	MaxRecordAge awscdk.Duration `field:"optional" json:"maxRecordAge" yaml:"maxRecordAge"`
	// An Amazon SQS queue or Amazon SNS topic destination for discarded records.
	// Default: discarded records are ignored.
	//
	OnFailure IEventSourceDlq `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The number of batches to process from each shard concurrently.
	//
	// Valid Range:
	// * Minimum value of 1
	// * Maximum value of 10.
	// Default: 1.
	//
	ParallelizationFactor *float64 `field:"optional" json:"parallelizationFactor" yaml:"parallelizationFactor"`
	// Allow functions to return partially successful responses for a batch of records.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-ddb-batchfailurereporting
	//
	// Default: false.
	//
	ReportBatchItemFailures *bool `field:"optional" json:"reportBatchItemFailures" yaml:"reportBatchItemFailures"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Set to `undefined` if you want lambda to keep retrying infinitely or until
	// the record expires.
	//
	// Valid Range:
	// * Minimum value of 0
	// * Maximum value of 10000.
	// Default: - infinite or until the record expires.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// Specific settings like the authentication protocol or the VPC components to secure access to your event source.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html
	//
	// Default: - none.
	//
	SourceAccessConfigurations *[]*SourceAccessConfiguration `field:"optional" json:"sourceAccessConfigurations" yaml:"sourceAccessConfigurations"`
	// The position in the DynamoDB, Kinesis or MSK stream where AWS Lambda should start reading.
	// See: https://docs.aws.amazon.com/kinesis/latest/APIReference/API_GetShardIterator.html#Kinesis-GetShardIterator-request-ShardIteratorType
	//
	// Default: - no starting position.
	//
	StartingPosition StartingPosition `field:"optional" json:"startingPosition" yaml:"startingPosition"`
	// The time from which to start reading, in Unix time seconds.
	// Default: - no timestamp.
	//
	StartingPositionTimestamp *float64 `field:"optional" json:"startingPositionTimestamp" yaml:"startingPositionTimestamp"`
	// Check if support S3 onfailure destination(ODF).
	//
	// Currently only MSK and self managed kafka event support S3 ODF.
	// Default: false.
	//
	SupportS3OnFailureDestination *bool `field:"optional" json:"supportS3OnFailureDestination" yaml:"supportS3OnFailureDestination"`
	// The size of the tumbling windows to group records sent to DynamoDB or Kinesis.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html#services-ddb-windows
	//
	// Valid Range: 0 - 15 minutes.
	//
	// Default: - None.
	//
	TumblingWindow awscdk.Duration `field:"optional" json:"tumblingWindow" yaml:"tumblingWindow"`
	// The target AWS Lambda function.
	Target IFunction `field:"required" json:"target" yaml:"target"`
}

Properties for declaring a new event source mapping.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var eventSourceDlq iEventSourceDlq
var filters interface{}
var function_ function
var key key
var sourceAccessConfigurationType sourceAccessConfigurationType

eventSourceMappingProps := &EventSourceMappingProps{
	Target: function_,

	// the properties below are optional
	BatchSize: jsii.Number(123),
	BisectBatchOnError: jsii.Boolean(false),
	Enabled: jsii.Boolean(false),
	EventSourceArn: jsii.String("eventSourceArn"),
	FilterEncryption: key,
	Filters: []map[string]interface{}{
		map[string]interface{}{
			"filtersKey": filters,
		},
	},
	KafkaBootstrapServers: []*string{
		jsii.String("kafkaBootstrapServers"),
	},
	KafkaConsumerGroupId: jsii.String("kafkaConsumerGroupId"),
	KafkaTopic: jsii.String("kafkaTopic"),
	MaxBatchingWindow: cdk.Duration_Minutes(jsii.Number(30)),
	MaxConcurrency: jsii.Number(123),
	MaxRecordAge: cdk.Duration_*Minutes(jsii.Number(30)),
	OnFailure: eventSourceDlq,
	ParallelizationFactor: jsii.Number(123),
	ReportBatchItemFailures: jsii.Boolean(false),
	RetryAttempts: jsii.Number(123),
	SourceAccessConfigurations: []sourceAccessConfiguration{
		&sourceAccessConfiguration{
			Type: sourceAccessConfigurationType,
			Uri: jsii.String("uri"),
		},
	},
	StartingPosition: awscdk.Aws_lambda.StartingPosition_TRIM_HORIZON,
	StartingPositionTimestamp: jsii.Number(123),
	SupportS3OnFailureDestination: jsii.Boolean(false),
	TumblingWindow: cdk.Duration_*Minutes(jsii.Number(30)),
}

type FileSystem

type FileSystem interface {
	// the FileSystem configurations for the Lambda function.
	Config() *FileSystemConfig
}

Represents the filesystem for the Lambda function.

Example:

import ec2 "github.com/aws/aws-cdk-go/awscdk"
import efs "github.com/aws/aws-cdk-go/awscdk"

// create a new VPC
vpc := ec2.NewVpc(this, jsii.String("VPC"))

// create a new Amazon EFS filesystem
fileSystem := efs.NewFileSystem(this, jsii.String("Efs"), &FileSystemProps{
	Vpc: Vpc,
})

// create a new access point from the filesystem
accessPoint := fileSystem.AddAccessPoint(jsii.String("AccessPoint"), &AccessPointOptions{
	// set /export/lambda as the root of the access point
	Path: jsii.String("/export/lambda"),
	// as /export/lambda does not exist in a new efs filesystem, the efs will create the directory with the following createAcl
	CreateAcl: &Acl{
		OwnerUid: jsii.String("1001"),
		OwnerGid: jsii.String("1001"),
		Permissions: jsii.String("750"),
	},
	// enforce the POSIX identity so lambda function will access with this identity
	PosixUser: &PosixUser{
		Uid: jsii.String("1001"),
		Gid: jsii.String("1001"),
	},
})

fn := lambda.NewFunction(this, jsii.String("MyLambda"), &FunctionProps{
	// mount the access point to /mnt/msg in the lambda runtime environment
	Filesystem: lambda.FileSystem_FromEfsAccessPoint(accessPoint, jsii.String("/mnt/msg")),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	Vpc: Vpc,
})

func FileSystem_FromEfsAccessPoint

func FileSystem_FromEfsAccessPoint(ap awsefs.IAccessPoint, mountPath *string) FileSystem

mount the filesystem from Amazon EFS.

func NewFileSystem

func NewFileSystem(config *FileSystemConfig) FileSystem

type FileSystemConfig

type FileSystemConfig struct {
	// ARN of the access point.
	Arn *string `field:"required" json:"arn" yaml:"arn"`
	// mount path in the lambda runtime environment.
	LocalMountPath *string `field:"required" json:"localMountPath" yaml:"localMountPath"`
	// connections object used to allow ingress traffic from lambda function.
	// Default: - no connections required to add extra ingress rules for Lambda function.
	//
	Connections awsec2.Connections `field:"optional" json:"connections" yaml:"connections"`
	// array of IDependable that lambda function depends on.
	// Default: - no dependency.
	//
	Dependency *[]constructs.IDependable `field:"optional" json:"dependency" yaml:"dependency"`
	// additional IAM policies required for the lambda function.
	// Default: - no additional policies required.
	//
	Policies *[]awsiam.PolicyStatement `field:"optional" json:"policies" yaml:"policies"`
}

FileSystem configurations for the Lambda function.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import constructs "github.com/aws/constructs-go/constructs"

var connections connections
var dependable iDependable
var policyStatement policyStatement

fileSystemConfig := &FileSystemConfig{
	Arn: jsii.String("arn"),
	LocalMountPath: jsii.String("localMountPath"),

	// the properties below are optional
	Connections: connections,
	Dependency: []*iDependable{
		dependable,
	},
	Policies: []*policyStatement{
		policyStatement,
	},
}

type FilterCriteria added in v2.42.0

type FilterCriteria interface {
}

Filter criteria for Lambda event filtering.

Example:

import dynamodb "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var table table

var fn function

fn.AddEventSource(awscdk.NewDynamoEventSource(table, &DynamoEventSourceProps{
	StartingPosition: lambda.StartingPosition_LATEST,
	Filters: []map[string]interface{}{
		lambda.FilterCriteria_Filter(map[string]interface{}{
			"eventName": lambda.FilterRule_isEqual(jsii.String("INSERT")),
			"dynamodb": map[string]map[string]map[string]interface{}{
				"NewImage": map[string]map[string]interface{}{
					"id": map[string]interface{}{
						"BOOL": lambda.FilterRule_isEqual(jsii.Boolean(true)),
					},
				},
			},
		}),
	},
}))

func NewFilterCriteria added in v2.42.0

func NewFilterCriteria() FilterCriteria

type FilterRule added in v2.42.0

type FilterRule interface {
}

Filter rules for Lambda event filtering.

Example:

import dynamodb "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var table table

var fn function

fn.AddEventSource(awscdk.NewDynamoEventSource(table, &DynamoEventSourceProps{
	StartingPosition: lambda.StartingPosition_LATEST,
	Filters: []map[string]interface{}{
		lambda.FilterCriteria_Filter(map[string]interface{}{
			"eventName": lambda.FilterRule_isEqual(jsii.String("INSERT")),
			"dynamodb": map[string]map[string]map[string]interface{}{
				"NewImage": map[string]map[string]interface{}{
					"id": map[string]interface{}{
						"BOOL": lambda.FilterRule_isEqual(jsii.Boolean(true)),
					},
				},
			},
		}),
	},
}))

func NewFilterRule added in v2.42.0

func NewFilterRule() FilterRule

type Function

type Function interface {
	FunctionBase
	// The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
	Architecture() Architecture
	// Whether the addPermission() call adds any permissions.
	//
	// True for new Lambdas, false for version $LATEST and imported Lambdas
	// from different accounts.
	CanCreatePermissions() *bool
	// Access the Connections object.
	//
	// Will fail if not a VPC-enabled Lambda Function.
	Connections() awsec2.Connections
	// Returns a `lambda.Version` which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
	//
	// You can specify options for this version using the `currentVersionOptions`
	// prop when initializing the `lambda.Function`.
	CurrentVersion() Version
	// The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
	DeadLetterQueue() awssqs.IQueue
	// The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
	DeadLetterTopic() awssns.ITopic
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// ARN of this function.
	FunctionArn() *string
	// Name of this function.
	FunctionName() *string
	// The principal this Lambda Function is running as.
	GrantPrincipal() awsiam.IPrincipal
	// Whether or not this Lambda function was bound to a VPC.
	//
	// If this is is `false`, trying to access the `connections` object will fail.
	IsBoundToVpc() *bool
	// The `$LATEST` version of this function.
	//
	// Note that this is reference to a non-specific AWS Lambda version, which
	// means the function this version refers to can return different results in
	// different invocations.
	//
	// To obtain a reference to an explicit version which references the current
	// function configuration, use `lambdaFunction.currentVersion` instead.
	LatestVersion() IVersion
	// The LogGroup where the Lambda function's logs are made available.
	//
	// If either `logRetention` is set or this property is called, a CloudFormation custom resource is added to the stack that
	// pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
	// period (never expire, by default).
	//
	// Further, if the log group already exists and the `logRetention` is not set, the custom resource will reset the log retention
	// to never expire even if it was configured with a different value.
	LogGroup() awslogs.ILogGroup
	// The tree node.
	Node() constructs.Node
	// The construct node where permissions are attached.
	PermissionsNode() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
	ResourceArnsForGrantInvoke() *[]*string
	// Execution role associated with this function.
	Role() awsiam.IRole
	// The runtime configured for this lambda.
	Runtime() Runtime
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The timeout configured for this lambda.
	Timeout() awscdk.Duration
	// Defines an alias for this function.
	//
	// The alias will automatically be updated to point to the latest version of
	// the function as it is being updated during a deployment.
	//
	// “`ts
	// declare const fn: lambda.Function;
	//
	// fn.addAlias('Live');
	//
	// // Is equivalent to
	//
	// new lambda.Alias(this, 'AliasLive', {
	//   aliasName: 'Live',
	//   version: fn.currentVersion,
	// });
	// “`.
	AddAlias(aliasName *string, options *AliasOptions) Alias
	// Adds an environment variable to this Lambda function.
	//
	// If this is a ref to a Lambda function, this operation results in a no-op.
	AddEnvironment(key *string, value *string, options *EnvironmentOptions) Function
	// Adds an event source to this function.
	//
	// Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
	//
	// The following example adds an SQS Queue as an event source:
	// “`
	// import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
	// myFunction.addEventSource(new SqsEventSource(myQueue));
	// “`.
	AddEventSource(source IEventSource)
	// Adds an event source that maps to this AWS Lambda function.
	AddEventSourceMapping(id *string, options *EventSourceMappingOptions) EventSourceMapping
	// Adds a url to this lambda function.
	AddFunctionUrl(options *FunctionUrlOptions) FunctionUrl
	// Adds one or more Lambda Layers to this Lambda function.
	AddLayers(layers ...ILayerVersion)
	// Adds a permission to the Lambda resource policy.
	// See: Permission for details.
	//
	AddPermission(id *string, permission *Permission)
	// Adds a statement to the IAM role assumed by the instance.
	AddToRolePolicy(statement awsiam.PolicyStatement)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Configures options for asynchronous invocation.
	ConfigureAsyncInvoke(options *EventInvokeConfigOptions)
	// A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function.
	//
	// - function.currentVersion is invoked before or after the permission is created.
	//
	// This applies only to permissions on Lambda functions, not versions or aliases.
	// This function is overridden as a noOp for QualifiedFunctionBase.
	ConsiderWarningOnInvokeFunctionPermissions(scope constructs.Construct, action *string)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity permissions to invoke this Lambda.
	GrantInvoke(grantee awsiam.IGrantable) awsiam.Grant
	// Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
	GrantInvokeCompositePrincipal(compositePrincipal awsiam.CompositePrincipal) *[]awsiam.Grant
	// Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
	GrantInvokeLatestVersion(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke the given version of this Lambda.
	GrantInvokeVersion(grantee awsiam.IGrantable, version IVersion) awsiam.Grant
	// Mix additional information into the hash of the Version object.
	//
	// The Lambda Function construct does its best to automatically create a new
	// Version when anything about the Function changes (its code, its layers,
	// any of the other properties).
	//
	// However, you can sometimes source information from places that the CDK cannot
	// look into, like the deploy-time values of SSM parameters. In those cases,
	// the CDK would not force the creation of a new Version object when it actually
	// should.
	//
	// This method can be used to invalidate the current Version object. Pass in
	// any string into this method, and make sure the string changes when you know
	// a new Version needs to be created.
	//
	// This method may be called more than once.
	InvalidateVersionBasedOn(x *string)
	// Return the given named metric for this Function.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How long execution of this Lambda takes.
	//
	// Average over 5 minutes.
	MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How many invocations of this Lambda fail.
	//
	// Sum over 5 minutes.
	MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is invoked.
	//
	// Sum over 5 minutes.
	MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is throttled.
	//
	// Sum over 5 minutes.
	MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Returns a string representation of this construct.
	ToString() *string
	WarnInvokeFunctionPermissions(scope constructs.Construct)
}

Deploys a file from inside the construct library as a function.

The supplied file is subject to the 4096 bytes limit of being embedded in a CloudFormation template.

The construct includes an associated role with the lambda.

This construct does not yet reproduce all features from the underlying resource library.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

signingProfile := signer.NewSigningProfile(this, jsii.String("SigningProfile"), &SigningProfileProps{
	Platform: signer.Platform_AWS_LAMBDA_SHA384_ECDSA(),
})

codeSigningConfig := lambda.NewCodeSigningConfig(this, jsii.String("CodeSigningConfig"), &CodeSigningConfigProps{
	SigningProfiles: []iSigningProfile{
		signingProfile,
	},
})

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	CodeSigningConfig: CodeSigningConfig,
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

func NewFunction

func NewFunction(scope constructs.Construct, id *string, props *FunctionProps) Function

type FunctionAttributes

type FunctionAttributes struct {
	// The ARN of the Lambda function.
	//
	// Format: arn:<partition>:lambda:<region>:<account-id>:function:<function-name>.
	FunctionArn *string `field:"required" json:"functionArn" yaml:"functionArn"`
	// The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
	// Default: - Architecture.X86_64
	//
	Architecture Architecture `field:"optional" json:"architecture" yaml:"architecture"`
	// The IAM execution role associated with this function.
	//
	// If the role is not specified, any role-related operations will no-op.
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// Setting this property informs the CDK that the imported function is in the same environment as the stack.
	//
	// This affects certain behaviours such as, whether this function's permission can be modified.
	// When not configured, the CDK attempts to auto-determine this. For environment agnostic stacks, i.e., stacks
	// where the account is not specified with the `env` property, this is determined to be false.
	//
	// Set this to property *ONLY IF* the imported function is in the same account as the stack
	// it's imported in.
	// Default: - depends: true, if the Stack is configured with an explicit `env` (account and region) and the account is the same as this function.
	// For environment-agnostic stacks this will default to `false`.
	//
	SameEnvironment *bool `field:"optional" json:"sameEnvironment" yaml:"sameEnvironment"`
	// The security group of this Lambda, if in a VPC.
	//
	// This needs to be given in order to support allowing connections
	// to this Lambda.
	SecurityGroup awsec2.ISecurityGroup `field:"optional" json:"securityGroup" yaml:"securityGroup"`
	// Setting this property informs the CDK that the imported function ALREADY HAS the necessary permissions for what you are trying to do.
	//
	// When not configured, the CDK attempts to auto-determine whether or not
	// additional permissions are necessary on the function when grant APIs are used. If the CDK tried to add
	// permissions on an imported lambda, it will fail.
	//
	// Set this property *ONLY IF* you are committing to manage the imported function's permissions outside of
	// CDK. You are acknowledging that your CDK code alone will have insufficient permissions to access the
	// imported function.
	// Default: false.
	//
	SkipPermissions *bool `field:"optional" json:"skipPermissions" yaml:"skipPermissions"`
}

Represents a Lambda function defined outside of this stack.

Example:

fn := lambda.Function_FromFunctionAttributes(this, jsii.String("Function"), &FunctionAttributes{
	FunctionArn: jsii.String("arn:aws:lambda:us-east-1:123456789012:function:MyFn"),
	// The following are optional properties for specific use cases and should be used with caution:

	// Use Case: imported function is in the same account as the stack. This tells the CDK that it
	// can modify the function's permissions.
	SameEnvironment: jsii.Boolean(true),

	// Use Case: imported function is in a different account and user commits to ensuring that the
	// imported function has the correct permissions outside the CDK.
	SkipPermissions: jsii.Boolean(true),
})

type FunctionBase

type FunctionBase interface {
	awscdk.Resource
	awsec2.IClientVpnConnectionHandler
	IFunction
	// The architecture of this Lambda Function.
	Architecture() Architecture
	// Whether the addPermission() call adds any permissions.
	//
	// True for new Lambdas, false for version $LATEST and imported Lambdas
	// from different accounts.
	CanCreatePermissions() *bool
	// Access the Connections object.
	//
	// Will fail if not a VPC-enabled Lambda Function.
	Connections() awsec2.Connections
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The ARN fo the function.
	FunctionArn() *string
	// The name of the function.
	FunctionName() *string
	// The principal this Lambda Function is running as.
	GrantPrincipal() awsiam.IPrincipal
	// Whether or not this Lambda function was bound to a VPC.
	//
	// If this is is `false`, trying to access the `connections` object will fail.
	IsBoundToVpc() *bool
	// The `$LATEST` version of this function.
	//
	// Note that this is reference to a non-specific AWS Lambda version, which
	// means the function this version refers to can return different results in
	// different invocations.
	//
	// To obtain a reference to an explicit version which references the current
	// function configuration, use `lambdaFunction.currentVersion` instead.
	LatestVersion() IVersion
	// The tree node.
	Node() constructs.Node
	// The construct node where permissions are attached.
	PermissionsNode() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
	ResourceArnsForGrantInvoke() *[]*string
	// The IAM role associated with this function.
	//
	// Undefined if the function was imported without a role.
	Role() awsiam.IRole
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Adds an event source to this function.
	//
	// Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
	//
	// The following example adds an SQS Queue as an event source:
	// “`
	// import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
	// myFunction.addEventSource(new SqsEventSource(myQueue));
	// “`.
	AddEventSource(source IEventSource)
	// Adds an event source that maps to this AWS Lambda function.
	AddEventSourceMapping(id *string, options *EventSourceMappingOptions) EventSourceMapping
	// Adds a url to this lambda function.
	AddFunctionUrl(options *FunctionUrlOptions) FunctionUrl
	// Adds a permission to the Lambda resource policy.
	// See: Permission for details.
	//
	AddPermission(id *string, permission *Permission)
	// Adds a statement to the IAM role assumed by the instance.
	AddToRolePolicy(statement awsiam.PolicyStatement)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Configures options for asynchronous invocation.
	ConfigureAsyncInvoke(options *EventInvokeConfigOptions)
	// A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function.
	//
	// - function.currentVersion is invoked before or after the permission is created.
	//
	// This applies only to permissions on Lambda functions, not versions or aliases.
	// This function is overridden as a noOp for QualifiedFunctionBase.
	ConsiderWarningOnInvokeFunctionPermissions(scope constructs.Construct, action *string)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity permissions to invoke this Lambda.
	GrantInvoke(grantee awsiam.IGrantable) awsiam.Grant
	// Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
	GrantInvokeCompositePrincipal(compositePrincipal awsiam.CompositePrincipal) *[]awsiam.Grant
	// Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
	GrantInvokeLatestVersion(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke the given version of this Lambda.
	GrantInvokeVersion(grantee awsiam.IGrantable, version IVersion) awsiam.Grant
	// Return the given named metric for this Function.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How long execution of this Lambda takes.
	//
	// Average over 5 minutes.
	MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How many invocations of this Lambda fail.
	//
	// Sum over 5 minutes.
	MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is invoked.
	//
	// Sum over 5 minutes.
	MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is throttled.
	//
	// Sum over 5 minutes.
	MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Returns a string representation of this construct.
	ToString() *string
	WarnInvokeFunctionPermissions(scope constructs.Construct)
}

type FunctionOptions

type FunctionOptions struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
	// See: https://aws-otel.github.io/docs/getting-started/lambda
	//
	// Default: - No ADOT instrumentation.
	//
	AdotInstrumentation *AdotInstrumentationConfig `field:"optional" json:"adotInstrumentation" yaml:"adotInstrumentation"`
	// Whether to allow the Lambda to send all ipv6 network traffic.
	//
	// If set to true, there will only be a single egress rule which allows all
	// outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the
	// Lambda to connect to network targets using ipv6.
	//
	// Do not specify this property if the `securityGroups` or `securityGroup` property is set.
	// Instead, configure `allowAllIpv6Outbound` directly on the security group.
	// Default: false.
	//
	AllowAllIpv6Outbound *bool `field:"optional" json:"allowAllIpv6Outbound" yaml:"allowAllIpv6Outbound"`
	// Whether to allow the Lambda to send all network traffic (except ipv6).
	//
	// If set to false, you must individually add traffic rules to allow the
	// Lambda to connect to network targets.
	//
	// Do not specify this property if the `securityGroups` or `securityGroup` property is set.
	// Instead, configure `allowAllOutbound` directly on the security group.
	// Default: true.
	//
	AllowAllOutbound *bool `field:"optional" json:"allowAllOutbound" yaml:"allowAllOutbound"`
	// Lambda Functions in a public subnet can NOT access the internet.
	//
	// Use this property to acknowledge this limitation and still place the function in a public subnet.
	// See: https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841
	//
	// Default: false.
	//
	AllowPublicSubnet *bool `field:"optional" json:"allowPublicSubnet" yaml:"allowPublicSubnet"`
	// Sets the application log level for the function.
	// Default: "INFO".
	//
	// Deprecated: Use `applicationLogLevelV2` as a property instead.
	ApplicationLogLevel *string `field:"optional" json:"applicationLogLevel" yaml:"applicationLogLevel"`
	// Sets the application log level for the function.
	// Default: ApplicationLogLevel.INFO
	//
	ApplicationLogLevelV2 ApplicationLogLevel `field:"optional" json:"applicationLogLevelV2" yaml:"applicationLogLevelV2"`
	// The system architectures compatible with this lambda function.
	// Default: Architecture.X86_64
	//
	Architecture Architecture `field:"optional" json:"architecture" yaml:"architecture"`
	// Code signing config associated with this function.
	// Default: - Not Sign the Code.
	//
	CodeSigningConfig ICodeSigningConfig `field:"optional" json:"codeSigningConfig" yaml:"codeSigningConfig"`
	// Options for the `lambda.Version` resource automatically created by the `fn.currentVersion` method.
	// Default: - default options as described in `VersionOptions`.
	//
	CurrentVersionOptions *VersionOptions `field:"optional" json:"currentVersionOptions" yaml:"currentVersionOptions"`
	// The SQS queue to use if DLQ is enabled.
	//
	// If SNS topic is desired, specify `deadLetterTopic` property instead.
	// Default: - SQS queue with 14 day retention period if `deadLetterQueueEnabled` is `true`.
	//
	DeadLetterQueue awssqs.IQueue `field:"optional" json:"deadLetterQueue" yaml:"deadLetterQueue"`
	// Enabled DLQ.
	//
	// If `deadLetterQueue` is undefined,
	// an SQS queue with default options will be defined for your Function.
	// Default: - false unless `deadLetterQueue` is set, which implies DLQ is enabled.
	//
	DeadLetterQueueEnabled *bool `field:"optional" json:"deadLetterQueueEnabled" yaml:"deadLetterQueueEnabled"`
	// The SNS topic to use as a DLQ.
	//
	// Note that if `deadLetterQueueEnabled` is set to `true`, an SQS queue will be created
	// rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
	// Default: - no SNS topic.
	//
	DeadLetterTopic awssns.ITopic `field:"optional" json:"deadLetterTopic" yaml:"deadLetterTopic"`
	// A description of the function.
	// Default: - No description.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Key-value pairs that Lambda caches and makes available for your Lambda functions.
	//
	// Use environment variables to apply configuration changes, such
	// as test and production environment configurations, without changing your
	// Lambda function source code.
	// Default: - No environment variables.
	//
	Environment *map[string]*string `field:"optional" json:"environment" yaml:"environment"`
	// The AWS KMS key that's used to encrypt your function's environment variables.
	// Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).
	//
	EnvironmentEncryption awskms.IKey `field:"optional" json:"environmentEncryption" yaml:"environmentEncryption"`
	// The size of the function’s /tmp directory in MiB.
	// Default: 512 MiB.
	//
	EphemeralStorageSize awscdk.Size `field:"optional" json:"ephemeralStorageSize" yaml:"ephemeralStorageSize"`
	// Event sources for this function.
	//
	// You can also add event sources using `addEventSource`.
	// Default: - No event sources.
	//
	Events *[]IEventSource `field:"optional" json:"events" yaml:"events"`
	// The filesystem configuration for the lambda function.
	// Default: - will not mount any filesystem.
	//
	Filesystem FileSystem `field:"optional" json:"filesystem" yaml:"filesystem"`
	// A name for the function.
	// Default: - AWS CloudFormation generates a unique physical ID and uses that
	// ID for the function's name. For more information, see Name Type.
	//
	FunctionName *string `field:"optional" json:"functionName" yaml:"functionName"`
	// Initial policy statements to add to the created Lambda Role.
	//
	// You can call `addToRolePolicy` to the created lambda to add statements post creation.
	// Default: - No policy statements are added to the created Lambda role.
	//
	InitialPolicy *[]awsiam.PolicyStatement `field:"optional" json:"initialPolicy" yaml:"initialPolicy"`
	// Specify the version of CloudWatch Lambda insights to use for monitoring.
	// See: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-Getting-Started-docker.html
	//
	// Default: - No Lambda Insights.
	//
	InsightsVersion LambdaInsightsVersion `field:"optional" json:"insightsVersion" yaml:"insightsVersion"`
	// Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
	//
	// Only used if 'vpc' is supplied.
	// Default: false.
	//
	Ipv6AllowedForDualStack *bool `field:"optional" json:"ipv6AllowedForDualStack" yaml:"ipv6AllowedForDualStack"`
	// A list of layers to add to the function's execution environment.
	//
	// You can configure your Lambda function to pull in
	// additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies
	// that can be used by multiple functions.
	// Default: - No layers.
	//
	Layers *[]ILayerVersion `field:"optional" json:"layers" yaml:"layers"`
	// Sets the logFormat for the function.
	// Default: "Text".
	//
	// Deprecated: Use `loggingFormat` as a property instead.
	LogFormat *string `field:"optional" json:"logFormat" yaml:"logFormat"`
	// Sets the loggingFormat for the function.
	// Default: LoggingFormat.TEXT
	//
	LoggingFormat LoggingFormat `field:"optional" json:"loggingFormat" yaml:"loggingFormat"`
	// The log group the function sends logs to.
	//
	// By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name\>.
	// However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
	//
	// Use the `logGroup` property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
	//
	// Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16.
	// If you are deploying to another type of region, please check regional availability first.
	// Default: `/aws/lambda/${this.functionName}` - default log group created by Lambda
	//
	LogGroup awslogs.ILogGroup `field:"optional" json:"logGroup" yaml:"logGroup"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `INFINITE`.
	//
	// This is a legacy API and we strongly recommend you move away from it if you can.
	// Instead create a fully customizable log group with `logs.LogGroup` and use the `logGroup` property
	// to instruct the Lambda function to send logs to it.
	// Migrating from `logRetention` to `logGroup` will cause the name of the log group to change.
	// Users and code and referencing the name verbatim will have to adjust.
	//
	// In AWS CDK code, you can access the log group name directly from the LogGroup construct:
	// “`ts
	// import * as logs from 'aws-cdk-lib/aws-logs';
	//
	// declare const myLogGroup: logs.LogGroup;
	// myLogGroup.logGroupName;
	// “`.
	// Default: logs.RetentionDays.INFINITE
	//
	LogRetention awslogs.RetentionDays `field:"optional" json:"logRetention" yaml:"logRetention"`
	// When log retention is specified, a custom resource attempts to create the CloudWatch log group.
	//
	// These options control the retry policy when interacting with CloudWatch APIs.
	//
	// This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
	// `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
	// Default: - Default AWS SDK retry options.
	//
	LogRetentionRetryOptions *LogRetentionRetryOptions `field:"optional" json:"logRetentionRetryOptions" yaml:"logRetentionRetryOptions"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	//
	// This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
	// `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
	// Default: - A new role is created.
	//
	LogRetentionRole awsiam.IRole `field:"optional" json:"logRetentionRole" yaml:"logRetentionRole"`
	// The amount of memory, in MB, that is allocated to your Lambda function.
	//
	// Lambda uses this value to proportionally allocate the amount of CPU
	// power. For more information, see Resource Model in the AWS Lambda
	// Developer Guide.
	// Default: 128.
	//
	MemorySize *float64 `field:"optional" json:"memorySize" yaml:"memorySize"`
	// Specify the configuration of Parameters and Secrets Extension.
	// See: https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html
	//
	// Default: - No Parameters and Secrets Extension.
	//
	ParamsAndSecrets ParamsAndSecretsLayerVersion `field:"optional" json:"paramsAndSecrets" yaml:"paramsAndSecrets"`
	// Enable profiling.
	// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
	//
	// Default: - No profiling.
	//
	Profiling *bool `field:"optional" json:"profiling" yaml:"profiling"`
	// Profiling Group.
	// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
	//
	// Default: - A new profiling group will be created if `profiling` is set.
	//
	ProfilingGroup awscodeguruprofiler.IProfilingGroup `field:"optional" json:"profilingGroup" yaml:"profilingGroup"`
	// Sets the Recursive Loop Protection for Lambda Function.
	//
	// It lets Lambda detect and terminate unintended recusrive loops.
	// Default: RecursiveLoop.Terminate
	//
	RecursiveLoop RecursiveLoop `field:"optional" json:"recursiveLoop" yaml:"recursiveLoop"`
	// The maximum of concurrent executions you want to reserve for the function.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html
	//
	// Default: - No specific limit - account limit.
	//
	ReservedConcurrentExecutions *float64 `field:"optional" json:"reservedConcurrentExecutions" yaml:"reservedConcurrentExecutions"`
	// Lambda execution role.
	//
	// This is the role that will be assumed by the function upon execution.
	// It controls the permissions that the function will have. The Role must
	// be assumable by the 'lambda.amazonaws.com' service principal.
	//
	// The default Role automatically has permissions granted for Lambda execution. If you
	// provide a Role, you must add the relevant AWS managed policies yourself.
	//
	// The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and
	// "service-role/AWSLambdaVPCAccessExecutionRole".
	// Default: - A unique role will be generated for this lambda function.
	// Both supplied and generated roles can always be changed by calling `addToRolePolicy`.
	//
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// Sets the runtime management configuration for a function's version.
	// Default: Auto.
	//
	RuntimeManagementMode RuntimeManagementMode `field:"optional" json:"runtimeManagementMode" yaml:"runtimeManagementMode"`
	// The list of security groups to associate with the Lambda's network interfaces.
	//
	// Only used if 'vpc' is supplied.
	// Default: - If the function is placed within a VPC and a security group is
	// not specified, either by this or securityGroup prop, a dedicated security
	// group will be created for this function.
	//
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// Enable SnapStart for Lambda Function.
	//
	// SnapStart is currently supported only for Java 11, 17 runtime.
	// Default: - No snapstart.
	//
	SnapStart SnapStartConf `field:"optional" json:"snapStart" yaml:"snapStart"`
	// Sets the system log level for the function.
	// Default: "INFO".
	//
	// Deprecated: Use `systemLogLevelV2` as a property instead.
	SystemLogLevel *string `field:"optional" json:"systemLogLevel" yaml:"systemLogLevel"`
	// Sets the system log level for the function.
	// Default: SystemLogLevel.INFO
	//
	SystemLogLevelV2 SystemLogLevel `field:"optional" json:"systemLogLevelV2" yaml:"systemLogLevelV2"`
	// The function execution time (in seconds) after which Lambda terminates the function.
	//
	// Because the execution time affects cost, set this value
	// based on the function's expected execution time.
	// Default: Duration.seconds(3)
	//
	Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
	// Enable AWS X-Ray Tracing for Lambda Function.
	// Default: Tracing.Disabled
	//
	Tracing Tracing `field:"optional" json:"tracing" yaml:"tracing"`
	// VPC network to place Lambda network interfaces.
	//
	// Specify this if the Lambda function needs to access resources in a VPC.
	// This is required when `vpcSubnets` is specified.
	// Default: - Function is not placed within a VPC.
	//
	Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
	// Where to place the network interfaces within the VPC.
	//
	// This requires `vpc` to be specified in order for interfaces to actually be
	// placed in the subnets. If `vpc` is not specify, this will raise an error.
	//
	// Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
	// public subnets is not allowed (unless `allowPublicSubnet` is set to `true`).
	// Default: - the Vpc default strategy if not specified.
	//
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
}

Non runtime options.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var adotLayerVersion adotLayerVersion
var architecture architecture
var codeSigningConfig codeSigningConfig
var destination iDestination
var eventSource iEventSource
var fileSystem fileSystem
var key key
var lambdaInsightsVersion lambdaInsightsVersion
var layerVersion layerVersion
var logGroup logGroup
var paramsAndSecretsLayerVersion paramsAndSecretsLayerVersion
var policyStatement policyStatement
var profilingGroup profilingGroup
var queue queue
var role role
var runtimeManagementMode runtimeManagementMode
var securityGroup securityGroup
var size size
var snapStartConf snapStartConf
var subnet subnet
var subnetFilter subnetFilter
var topic topic
var vpc vpc

functionOptions := &FunctionOptions{
	AdotInstrumentation: &AdotInstrumentationConfig{
		ExecWrapper: awscdk.Aws_lambda.AdotLambdaExecWrapper_REGULAR_HANDLER,
		LayerVersion: adotLayerVersion,
	},
	AllowAllIpv6Outbound: jsii.Boolean(false),
	AllowAllOutbound: jsii.Boolean(false),
	AllowPublicSubnet: jsii.Boolean(false),
	ApplicationLogLevel: jsii.String("applicationLogLevel"),
	ApplicationLogLevelV2: awscdk.*Aws_lambda.ApplicationLogLevel_INFO,
	Architecture: architecture,
	CodeSigningConfig: codeSigningConfig,
	CurrentVersionOptions: &VersionOptions{
		CodeSha256: jsii.String("codeSha256"),
		Description: jsii.String("description"),
		MaxEventAge: cdk.Duration_Minutes(jsii.Number(30)),
		OnFailure: destination,
		OnSuccess: destination,
		ProvisionedConcurrentExecutions: jsii.Number(123),
		RemovalPolicy: cdk.RemovalPolicy_DESTROY,
		RetryAttempts: jsii.Number(123),
	},
	DeadLetterQueue: queue,
	DeadLetterQueueEnabled: jsii.Boolean(false),
	DeadLetterTopic: topic,
	Description: jsii.String("description"),
	Environment: map[string]*string{
		"environmentKey": jsii.String("environment"),
	},
	EnvironmentEncryption: key,
	EphemeralStorageSize: size,
	Events: []*iEventSource{
		eventSource,
	},
	Filesystem: fileSystem,
	FunctionName: jsii.String("functionName"),
	InitialPolicy: []*policyStatement{
		policyStatement,
	},
	InsightsVersion: lambdaInsightsVersion,
	Ipv6AllowedForDualStack: jsii.Boolean(false),
	Layers: []iLayerVersion{
		layerVersion,
	},
	LogFormat: jsii.String("logFormat"),
	LoggingFormat: awscdk.*Aws_lambda.LoggingFormat_TEXT,
	LogGroup: logGroup,
	LogRetention: awscdk.Aws_logs.RetentionDays_ONE_DAY,
	LogRetentionRetryOptions: &LogRetentionRetryOptions{
		Base: cdk.Duration_*Minutes(jsii.Number(30)),
		MaxRetries: jsii.Number(123),
	},
	LogRetentionRole: role,
	MaxEventAge: cdk.Duration_*Minutes(jsii.Number(30)),
	MemorySize: jsii.Number(123),
	OnFailure: destination,
	OnSuccess: destination,
	ParamsAndSecrets: paramsAndSecretsLayerVersion,
	Profiling: jsii.Boolean(false),
	ProfilingGroup: profilingGroup,
	RecursiveLoop: awscdk.*Aws_lambda.RecursiveLoop_ALLOW,
	ReservedConcurrentExecutions: jsii.Number(123),
	RetryAttempts: jsii.Number(123),
	Role: role,
	RuntimeManagementMode: runtimeManagementMode,
	SecurityGroups: []iSecurityGroup{
		securityGroup,
	},
	SnapStart: snapStartConf,
	SystemLogLevel: jsii.String("systemLogLevel"),
	SystemLogLevelV2: awscdk.*Aws_lambda.SystemLogLevel_INFO,
	Timeout: cdk.Duration_*Minutes(jsii.Number(30)),
	Tracing: awscdk.*Aws_lambda.Tracing_ACTIVE,
	Vpc: vpc,
	VpcSubnets: &SubnetSelection{
		AvailabilityZones: []*string{
			jsii.String("availabilityZones"),
		},
		OnePerAz: jsii.Boolean(false),
		SubnetFilters: []*subnetFilter{
			subnetFilter,
		},
		SubnetGroupName: jsii.String("subnetGroupName"),
		Subnets: []iSubnet{
			subnet,
		},
		SubnetType: awscdk.Aws_ec2.SubnetType_PRIVATE_ISOLATED,
	},
}

type FunctionProps

type FunctionProps struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
	// See: https://aws-otel.github.io/docs/getting-started/lambda
	//
	// Default: - No ADOT instrumentation.
	//
	AdotInstrumentation *AdotInstrumentationConfig `field:"optional" json:"adotInstrumentation" yaml:"adotInstrumentation"`
	// Whether to allow the Lambda to send all ipv6 network traffic.
	//
	// If set to true, there will only be a single egress rule which allows all
	// outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the
	// Lambda to connect to network targets using ipv6.
	//
	// Do not specify this property if the `securityGroups` or `securityGroup` property is set.
	// Instead, configure `allowAllIpv6Outbound` directly on the security group.
	// Default: false.
	//
	AllowAllIpv6Outbound *bool `field:"optional" json:"allowAllIpv6Outbound" yaml:"allowAllIpv6Outbound"`
	// Whether to allow the Lambda to send all network traffic (except ipv6).
	//
	// If set to false, you must individually add traffic rules to allow the
	// Lambda to connect to network targets.
	//
	// Do not specify this property if the `securityGroups` or `securityGroup` property is set.
	// Instead, configure `allowAllOutbound` directly on the security group.
	// Default: true.
	//
	AllowAllOutbound *bool `field:"optional" json:"allowAllOutbound" yaml:"allowAllOutbound"`
	// Lambda Functions in a public subnet can NOT access the internet.
	//
	// Use this property to acknowledge this limitation and still place the function in a public subnet.
	// See: https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841
	//
	// Default: false.
	//
	AllowPublicSubnet *bool `field:"optional" json:"allowPublicSubnet" yaml:"allowPublicSubnet"`
	// Sets the application log level for the function.
	// Default: "INFO".
	//
	// Deprecated: Use `applicationLogLevelV2` as a property instead.
	ApplicationLogLevel *string `field:"optional" json:"applicationLogLevel" yaml:"applicationLogLevel"`
	// Sets the application log level for the function.
	// Default: ApplicationLogLevel.INFO
	//
	ApplicationLogLevelV2 ApplicationLogLevel `field:"optional" json:"applicationLogLevelV2" yaml:"applicationLogLevelV2"`
	// The system architectures compatible with this lambda function.
	// Default: Architecture.X86_64
	//
	Architecture Architecture `field:"optional" json:"architecture" yaml:"architecture"`
	// Code signing config associated with this function.
	// Default: - Not Sign the Code.
	//
	CodeSigningConfig ICodeSigningConfig `field:"optional" json:"codeSigningConfig" yaml:"codeSigningConfig"`
	// Options for the `lambda.Version` resource automatically created by the `fn.currentVersion` method.
	// Default: - default options as described in `VersionOptions`.
	//
	CurrentVersionOptions *VersionOptions `field:"optional" json:"currentVersionOptions" yaml:"currentVersionOptions"`
	// The SQS queue to use if DLQ is enabled.
	//
	// If SNS topic is desired, specify `deadLetterTopic` property instead.
	// Default: - SQS queue with 14 day retention period if `deadLetterQueueEnabled` is `true`.
	//
	DeadLetterQueue awssqs.IQueue `field:"optional" json:"deadLetterQueue" yaml:"deadLetterQueue"`
	// Enabled DLQ.
	//
	// If `deadLetterQueue` is undefined,
	// an SQS queue with default options will be defined for your Function.
	// Default: - false unless `deadLetterQueue` is set, which implies DLQ is enabled.
	//
	DeadLetterQueueEnabled *bool `field:"optional" json:"deadLetterQueueEnabled" yaml:"deadLetterQueueEnabled"`
	// The SNS topic to use as a DLQ.
	//
	// Note that if `deadLetterQueueEnabled` is set to `true`, an SQS queue will be created
	// rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
	// Default: - no SNS topic.
	//
	DeadLetterTopic awssns.ITopic `field:"optional" json:"deadLetterTopic" yaml:"deadLetterTopic"`
	// A description of the function.
	// Default: - No description.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Key-value pairs that Lambda caches and makes available for your Lambda functions.
	//
	// Use environment variables to apply configuration changes, such
	// as test and production environment configurations, without changing your
	// Lambda function source code.
	// Default: - No environment variables.
	//
	Environment *map[string]*string `field:"optional" json:"environment" yaml:"environment"`
	// The AWS KMS key that's used to encrypt your function's environment variables.
	// Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).
	//
	EnvironmentEncryption awskms.IKey `field:"optional" json:"environmentEncryption" yaml:"environmentEncryption"`
	// The size of the function’s /tmp directory in MiB.
	// Default: 512 MiB.
	//
	EphemeralStorageSize awscdk.Size `field:"optional" json:"ephemeralStorageSize" yaml:"ephemeralStorageSize"`
	// Event sources for this function.
	//
	// You can also add event sources using `addEventSource`.
	// Default: - No event sources.
	//
	Events *[]IEventSource `field:"optional" json:"events" yaml:"events"`
	// The filesystem configuration for the lambda function.
	// Default: - will not mount any filesystem.
	//
	Filesystem FileSystem `field:"optional" json:"filesystem" yaml:"filesystem"`
	// A name for the function.
	// Default: - AWS CloudFormation generates a unique physical ID and uses that
	// ID for the function's name. For more information, see Name Type.
	//
	FunctionName *string `field:"optional" json:"functionName" yaml:"functionName"`
	// Initial policy statements to add to the created Lambda Role.
	//
	// You can call `addToRolePolicy` to the created lambda to add statements post creation.
	// Default: - No policy statements are added to the created Lambda role.
	//
	InitialPolicy *[]awsiam.PolicyStatement `field:"optional" json:"initialPolicy" yaml:"initialPolicy"`
	// Specify the version of CloudWatch Lambda insights to use for monitoring.
	// See: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-Getting-Started-docker.html
	//
	// Default: - No Lambda Insights.
	//
	InsightsVersion LambdaInsightsVersion `field:"optional" json:"insightsVersion" yaml:"insightsVersion"`
	// Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
	//
	// Only used if 'vpc' is supplied.
	// Default: false.
	//
	Ipv6AllowedForDualStack *bool `field:"optional" json:"ipv6AllowedForDualStack" yaml:"ipv6AllowedForDualStack"`
	// A list of layers to add to the function's execution environment.
	//
	// You can configure your Lambda function to pull in
	// additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies
	// that can be used by multiple functions.
	// Default: - No layers.
	//
	Layers *[]ILayerVersion `field:"optional" json:"layers" yaml:"layers"`
	// Sets the logFormat for the function.
	// Default: "Text".
	//
	// Deprecated: Use `loggingFormat` as a property instead.
	LogFormat *string `field:"optional" json:"logFormat" yaml:"logFormat"`
	// Sets the loggingFormat for the function.
	// Default: LoggingFormat.TEXT
	//
	LoggingFormat LoggingFormat `field:"optional" json:"loggingFormat" yaml:"loggingFormat"`
	// The log group the function sends logs to.
	//
	// By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name\>.
	// However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
	//
	// Use the `logGroup` property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
	//
	// Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16.
	// If you are deploying to another type of region, please check regional availability first.
	// Default: `/aws/lambda/${this.functionName}` - default log group created by Lambda
	//
	LogGroup awslogs.ILogGroup `field:"optional" json:"logGroup" yaml:"logGroup"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `INFINITE`.
	//
	// This is a legacy API and we strongly recommend you move away from it if you can.
	// Instead create a fully customizable log group with `logs.LogGroup` and use the `logGroup` property
	// to instruct the Lambda function to send logs to it.
	// Migrating from `logRetention` to `logGroup` will cause the name of the log group to change.
	// Users and code and referencing the name verbatim will have to adjust.
	//
	// In AWS CDK code, you can access the log group name directly from the LogGroup construct:
	// “`ts
	// import * as logs from 'aws-cdk-lib/aws-logs';
	//
	// declare const myLogGroup: logs.LogGroup;
	// myLogGroup.logGroupName;
	// “`.
	// Default: logs.RetentionDays.INFINITE
	//
	LogRetention awslogs.RetentionDays `field:"optional" json:"logRetention" yaml:"logRetention"`
	// When log retention is specified, a custom resource attempts to create the CloudWatch log group.
	//
	// These options control the retry policy when interacting with CloudWatch APIs.
	//
	// This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
	// `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
	// Default: - Default AWS SDK retry options.
	//
	LogRetentionRetryOptions *LogRetentionRetryOptions `field:"optional" json:"logRetentionRetryOptions" yaml:"logRetentionRetryOptions"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	//
	// This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
	// `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
	// Default: - A new role is created.
	//
	LogRetentionRole awsiam.IRole `field:"optional" json:"logRetentionRole" yaml:"logRetentionRole"`
	// The amount of memory, in MB, that is allocated to your Lambda function.
	//
	// Lambda uses this value to proportionally allocate the amount of CPU
	// power. For more information, see Resource Model in the AWS Lambda
	// Developer Guide.
	// Default: 128.
	//
	MemorySize *float64 `field:"optional" json:"memorySize" yaml:"memorySize"`
	// Specify the configuration of Parameters and Secrets Extension.
	// See: https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html
	//
	// Default: - No Parameters and Secrets Extension.
	//
	ParamsAndSecrets ParamsAndSecretsLayerVersion `field:"optional" json:"paramsAndSecrets" yaml:"paramsAndSecrets"`
	// Enable profiling.
	// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
	//
	// Default: - No profiling.
	//
	Profiling *bool `field:"optional" json:"profiling" yaml:"profiling"`
	// Profiling Group.
	// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
	//
	// Default: - A new profiling group will be created if `profiling` is set.
	//
	ProfilingGroup awscodeguruprofiler.IProfilingGroup `field:"optional" json:"profilingGroup" yaml:"profilingGroup"`
	// Sets the Recursive Loop Protection for Lambda Function.
	//
	// It lets Lambda detect and terminate unintended recusrive loops.
	// Default: RecursiveLoop.Terminate
	//
	RecursiveLoop RecursiveLoop `field:"optional" json:"recursiveLoop" yaml:"recursiveLoop"`
	// The maximum of concurrent executions you want to reserve for the function.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html
	//
	// Default: - No specific limit - account limit.
	//
	ReservedConcurrentExecutions *float64 `field:"optional" json:"reservedConcurrentExecutions" yaml:"reservedConcurrentExecutions"`
	// Lambda execution role.
	//
	// This is the role that will be assumed by the function upon execution.
	// It controls the permissions that the function will have. The Role must
	// be assumable by the 'lambda.amazonaws.com' service principal.
	//
	// The default Role automatically has permissions granted for Lambda execution. If you
	// provide a Role, you must add the relevant AWS managed policies yourself.
	//
	// The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and
	// "service-role/AWSLambdaVPCAccessExecutionRole".
	// Default: - A unique role will be generated for this lambda function.
	// Both supplied and generated roles can always be changed by calling `addToRolePolicy`.
	//
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// Sets the runtime management configuration for a function's version.
	// Default: Auto.
	//
	RuntimeManagementMode RuntimeManagementMode `field:"optional" json:"runtimeManagementMode" yaml:"runtimeManagementMode"`
	// The list of security groups to associate with the Lambda's network interfaces.
	//
	// Only used if 'vpc' is supplied.
	// Default: - If the function is placed within a VPC and a security group is
	// not specified, either by this or securityGroup prop, a dedicated security
	// group will be created for this function.
	//
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// Enable SnapStart for Lambda Function.
	//
	// SnapStart is currently supported only for Java 11, 17 runtime.
	// Default: - No snapstart.
	//
	SnapStart SnapStartConf `field:"optional" json:"snapStart" yaml:"snapStart"`
	// Sets the system log level for the function.
	// Default: "INFO".
	//
	// Deprecated: Use `systemLogLevelV2` as a property instead.
	SystemLogLevel *string `field:"optional" json:"systemLogLevel" yaml:"systemLogLevel"`
	// Sets the system log level for the function.
	// Default: SystemLogLevel.INFO
	//
	SystemLogLevelV2 SystemLogLevel `field:"optional" json:"systemLogLevelV2" yaml:"systemLogLevelV2"`
	// The function execution time (in seconds) after which Lambda terminates the function.
	//
	// Because the execution time affects cost, set this value
	// based on the function's expected execution time.
	// Default: Duration.seconds(3)
	//
	Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
	// Enable AWS X-Ray Tracing for Lambda Function.
	// Default: Tracing.Disabled
	//
	Tracing Tracing `field:"optional" json:"tracing" yaml:"tracing"`
	// VPC network to place Lambda network interfaces.
	//
	// Specify this if the Lambda function needs to access resources in a VPC.
	// This is required when `vpcSubnets` is specified.
	// Default: - Function is not placed within a VPC.
	//
	Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
	// Where to place the network interfaces within the VPC.
	//
	// This requires `vpc` to be specified in order for interfaces to actually be
	// placed in the subnets. If `vpc` is not specify, this will raise an error.
	//
	// Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
	// public subnets is not allowed (unless `allowPublicSubnet` is set to `true`).
	// Default: - the Vpc default strategy if not specified.
	//
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
	// The source code of your Lambda function.
	//
	// You can point to a file in an
	// Amazon Simple Storage Service (Amazon S3) bucket or specify your source
	// code as inline text.
	Code Code `field:"required" json:"code" yaml:"code"`
	// The name of the method within your code that Lambda calls to execute your function.
	//
	// The format includes the file name. It can also include
	// namespaces and other qualifiers, depending on the runtime.
	// For more information, see https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html.
	//
	// Use `Handler.FROM_IMAGE` when defining a function from a Docker image.
	//
	// NOTE: If you specify your source code as inline text by specifying the
	// ZipFile property within the Code property, specify index.function_name as
	// the handler.
	Handler *string `field:"required" json:"handler" yaml:"handler"`
	// The runtime environment for the Lambda function that you are uploading.
	//
	// For valid values, see the Runtime property in the AWS Lambda Developer
	// Guide.
	//
	// Use `Runtime.FROM_IMAGE` when defining a function from a Docker image.
	Runtime Runtime `field:"required" json:"runtime" yaml:"runtime"`
}

Example:

import "github.com/aws/aws-cdk-go/awscdk"

fn := lambda.NewFunction(this, jsii.String("MyFunc"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_LATEST(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = handler.toString()")),
})

rule := events.NewRule(this, jsii.String("rule"), &RuleProps{
	EventPattern: &EventPattern{
		Source: []*string{
			jsii.String("aws.ec2"),
		},
	},
})

queue := sqs.NewQueue(this, jsii.String("Queue"))

rule.AddTarget(targets.NewLambdaFunction(fn, &LambdaFunctionProps{
	DeadLetterQueue: queue,
	 // Optional: add a dead letter queue
	MaxEventAge: awscdk.Duration_Hours(jsii.Number(2)),
	 // Optional: set the maxEventAge retry policy
	RetryAttempts: jsii.Number(2),
}))

type FunctionUrl added in v2.21.0

type FunctionUrl interface {
	awscdk.Resource
	IFunctionUrl
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The ARN of the function this URL refers to.
	FunctionArn() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The url of the Lambda function.
	Url() *string
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(grantee awsiam.IGrantable) awsiam.Grant
	// Returns a string representation of this construct.
	ToString() *string
}

Defines a Lambda function url.

Example:

// Can be a Function or an Alias
var fn function

fnUrl := fn.AddFunctionUrl(&FunctionUrlOptions{
	AuthType: lambda.FunctionUrlAuthType_NONE,
})

awscdk.NewCfnOutput(this, jsii.String("TheUrl"), &CfnOutputProps{
	Value: fnUrl.Url,
})

func NewFunctionUrl added in v2.21.0

func NewFunctionUrl(scope constructs.Construct, id *string, props *FunctionUrlProps) FunctionUrl

type FunctionUrlAuthType added in v2.21.0

type FunctionUrlAuthType string

The auth types for a function url.

Example:

// Can be a Function or an Alias
var fn function

fnUrl := fn.AddFunctionUrl(&FunctionUrlOptions{
	AuthType: lambda.FunctionUrlAuthType_NONE,
})

awscdk.NewCfnOutput(this, jsii.String("TheUrl"), &CfnOutputProps{
	Value: fnUrl.Url,
})
const (
	// Restrict access to authenticated IAM users only.
	FunctionUrlAuthType_AWS_IAM FunctionUrlAuthType = "AWS_IAM"
	// Bypass IAM authentication to create a public endpoint.
	FunctionUrlAuthType_NONE FunctionUrlAuthType = "NONE"
)

type FunctionUrlCorsOptions added in v2.21.0

type FunctionUrlCorsOptions struct {
	// Whether to allow cookies or other credentials in requests to your function URL.
	// Default: false.
	//
	AllowCredentials *bool `field:"optional" json:"allowCredentials" yaml:"allowCredentials"`
	// Headers that are specified in the Access-Control-Request-Headers header.
	// Default: - No headers allowed.
	//
	AllowedHeaders *[]*string `field:"optional" json:"allowedHeaders" yaml:"allowedHeaders"`
	// An HTTP method that you allow the origin to execute.
	// Default: - [HttpMethod.ALL]
	//
	AllowedMethods *[]HttpMethod `field:"optional" json:"allowedMethods" yaml:"allowedMethods"`
	// One or more origins you want customers to be able to access the bucket from.
	// Default: - No origins allowed.
	//
	AllowedOrigins *[]*string `field:"optional" json:"allowedOrigins" yaml:"allowedOrigins"`
	// One or more headers in the response that you want customers to be able to access from their applications.
	// Default: - No headers exposed.
	//
	ExposedHeaders *[]*string `field:"optional" json:"exposedHeaders" yaml:"exposedHeaders"`
	// The time in seconds that your browser is to cache the preflight response for the specified resource.
	// Default: - Browser default of 5 seconds.
	//
	MaxAge awscdk.Duration `field:"optional" json:"maxAge" yaml:"maxAge"`
}

Specifies a cross-origin access property for a function URL.

Example:

var fn function

fn.AddFunctionUrl(&FunctionUrlOptions{
	AuthType: lambda.FunctionUrlAuthType_NONE,
	Cors: &FunctionUrlCorsOptions{
		// Allow this to be called from websites on https://example.com.
		// Can also be ['*'] to allow all domain.
		AllowedOrigins: []*string{
			jsii.String("https://example.com"),
		},
	},
})

type FunctionUrlOptions added in v2.21.0

type FunctionUrlOptions struct {
	// The type of authentication that your function URL uses.
	// Default: FunctionUrlAuthType.AWS_IAM
	//
	AuthType FunctionUrlAuthType `field:"optional" json:"authType" yaml:"authType"`
	// The cross-origin resource sharing (CORS) settings for your function URL.
	// Default: - No CORS configuration.
	//
	Cors *FunctionUrlCorsOptions `field:"optional" json:"cors" yaml:"cors"`
	// The type of invocation mode that your Lambda function uses.
	// Default: InvokeMode.BUFFERED
	//
	InvokeMode InvokeMode `field:"optional" json:"invokeMode" yaml:"invokeMode"`
}

Options to add a url to a Lambda function.

Example:

// Can be a Function or an Alias
var fn function

fnUrl := fn.AddFunctionUrl(&FunctionUrlOptions{
	AuthType: lambda.FunctionUrlAuthType_NONE,
})

awscdk.NewCfnOutput(this, jsii.String("TheUrl"), &CfnOutputProps{
	Value: fnUrl.Url,
})

type FunctionUrlProps added in v2.21.0

type FunctionUrlProps struct {
	// The type of authentication that your function URL uses.
	// Default: FunctionUrlAuthType.AWS_IAM
	//
	AuthType FunctionUrlAuthType `field:"optional" json:"authType" yaml:"authType"`
	// The cross-origin resource sharing (CORS) settings for your function URL.
	// Default: - No CORS configuration.
	//
	Cors *FunctionUrlCorsOptions `field:"optional" json:"cors" yaml:"cors"`
	// The type of invocation mode that your Lambda function uses.
	// Default: InvokeMode.BUFFERED
	//
	InvokeMode InvokeMode `field:"optional" json:"invokeMode" yaml:"invokeMode"`
	// The function to which this url refers.
	//
	// It can also be an `Alias` but not a `Version`.
	Function IFunction `field:"required" json:"function" yaml:"function"`
}

Properties for a FunctionUrl.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var function_ function

functionUrlProps := &FunctionUrlProps{
	Function: function_,

	// the properties below are optional
	AuthType: awscdk.Aws_lambda.FunctionUrlAuthType_AWS_IAM,
	Cors: &FunctionUrlCorsOptions{
		AllowCredentials: jsii.Boolean(false),
		AllowedHeaders: []*string{
			jsii.String("allowedHeaders"),
		},
		AllowedMethods: []httpMethod{
			awscdk.*Aws_lambda.*httpMethod_GET,
		},
		AllowedOrigins: []*string{
			jsii.String("allowedOrigins"),
		},
		ExposedHeaders: []*string{
			jsii.String("exposedHeaders"),
		},
		MaxAge: cdk.Duration_Minutes(jsii.Number(30)),
	},
	InvokeMode: awscdk.*Aws_lambda.InvokeMode_BUFFERED,
}

type FunctionVersionUpgrade added in v2.27.0

type FunctionVersionUpgrade interface {
	awscdk.IAspect
	// All aspects can visit an IConstruct.
	Visit(node constructs.IConstruct)
}

Aspect for upgrading function versions when the provided feature flag is enabled.

This can be necessary when the feature flag changes the function hash, as such changes must be associated with a new version. This aspect will change the function description in these cases, which "validates" the new function hash.

Example:

stack := awscdk.Newstack()
awscdk.Aspects_Of(stack).Add(lambda.NewFunctionVersionUpgrade(awscdklibcxapi.LAMBDA_RECOGNIZE_VERSION_PROPS))

func NewFunctionVersionUpgrade added in v2.27.0

func NewFunctionVersionUpgrade(featureFlag *string, enabled *bool) FunctionVersionUpgrade

type Handler

type Handler interface {
}

Lambda function handler.

type HttpMethod added in v2.21.0

type HttpMethod string

All http request methods.

const (
	// The GET method requests a representation of the specified resource.
	HttpMethod_GET HttpMethod = "GET"
	// The PUT method replaces all current representations of the target resource with the request payload.
	HttpMethod_PUT HttpMethod = "PUT"
	// The HEAD method asks for a response identical to that of a GET request, but without the response body.
	HttpMethod_HEAD HttpMethod = "HEAD"
	// The POST method is used to submit an entity to the specified resource, often causing a change in state or side effects on the server.
	HttpMethod_POST HttpMethod = "POST"
	// The DELETE method deletes the specified resource.
	HttpMethod_DELETE HttpMethod = "DELETE"
	// The PATCH method applies partial modifications to a resource.
	HttpMethod_PATCH HttpMethod = "PATCH"
	// The OPTIONS method describes the communication options for the target resource.
	HttpMethod_OPTIONS HttpMethod = "OPTIONS"
	// The wildcard entry to allow all methods.
	HttpMethod_ALL HttpMethod = "ALL"
)

type IAlias

type IAlias interface {
	IFunction
	// Name of this alias.
	AliasName() *string
	// The underlying Lambda function version.
	Version() IVersion
}

func Alias_FromAliasAttributes

func Alias_FromAliasAttributes(scope constructs.Construct, id *string, attrs *AliasAttributes) IAlias

type ICodeSigningConfig

type ICodeSigningConfig interface {
	awscdk.IResource
	// The ARN of Code Signing Config.
	CodeSigningConfigArn() *string
	// The id of Code Signing Config.
	CodeSigningConfigId() *string
}

A Code Signing Config.

func CodeSigningConfig_FromCodeSigningConfigArn

func CodeSigningConfig_FromCodeSigningConfigArn(scope constructs.Construct, id *string, codeSigningConfigArn *string) ICodeSigningConfig

Creates a Signing Profile construct that represents an external Signing Profile.

type IDestination

type IDestination interface {
	// Binds this destination to the Lambda function.
	Bind(scope constructs.Construct, fn IFunction, options *DestinationOptions) *DestinationConfig
}

A Lambda destination.

type IEventSource

type IEventSource interface {
	// Called by `lambda.addEventSource` to allow the event source to bind to this function.
	Bind(target IFunction)
}

An abstract class which represents an AWS Lambda event source.

type IEventSourceDlq

type IEventSourceDlq interface {
	// Returns the DLQ destination config of the DLQ.
	Bind(target IEventSourceMapping, targetHandler IFunction) *DlqDestinationConfig
}

A DLQ for an event source.

type IEventSourceMapping

type IEventSourceMapping interface {
	awscdk.IResource
	// The ARN of the event source mapping (i.e. arn:aws:lambda:region:account-id:event-source-mapping/event-source-mapping-id).
	EventSourceMappingArn() *string
	// The identifier for this EventSourceMapping.
	EventSourceMappingId() *string
}

Represents an event source mapping for a lambda function. See: https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html

func EventSourceMapping_FromEventSourceMappingId

func EventSourceMapping_FromEventSourceMappingId(scope constructs.Construct, id *string, eventSourceMappingId *string) IEventSourceMapping

Import an event source into this stack from its event source id.

type IFunction

type IFunction interface {
	awsec2.IConnectable
	awsiam.IGrantable
	awscdk.IResource
	// Adds an event source to this function.
	//
	// Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
	//
	// The following example adds an SQS Queue as an event source:
	// “`
	// import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
	// myFunction.addEventSource(new SqsEventSource(myQueue));
	// “`.
	AddEventSource(source IEventSource)
	// Adds an event source that maps to this AWS Lambda function.
	AddEventSourceMapping(id *string, options *EventSourceMappingOptions) EventSourceMapping
	// Adds a url to this lambda function.
	AddFunctionUrl(options *FunctionUrlOptions) FunctionUrl
	// Adds a permission to the Lambda resource policy.
	// See: Permission for details.
	//
	AddPermission(id *string, permission *Permission)
	// Adds a statement to the IAM role assumed by the instance.
	AddToRolePolicy(statement awsiam.PolicyStatement)
	// Configures options for asynchronous invocation.
	ConfigureAsyncInvoke(options *EventInvokeConfigOptions)
	// Grant the given identity permissions to invoke this Lambda.
	GrantInvoke(identity awsiam.IGrantable) awsiam.Grant
	// Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
	GrantInvokeCompositePrincipal(compositePrincipal awsiam.CompositePrincipal) *[]awsiam.Grant
	// Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
	GrantInvokeLatestVersion(identity awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(identity awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke the given version of this Lambda.
	GrantInvokeVersion(identity awsiam.IGrantable, version IVersion) awsiam.Grant
	// Return the given named metric for this Lambda Return the given named metric for this Function.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Metric for the Duration of this Lambda How long execution of this Lambda takes.
	//
	// Average over 5 minutes.
	// Default: average over 5 minutes.
	//
	MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How many invocations of this Lambda fail.
	//
	// Sum over 5 minutes.
	MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Metric for the number of invocations of this Lambda How often this Lambda is invoked.
	//
	// Sum over 5 minutes.
	// Default: sum over 5 minutes.
	//
	MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Metric for the number of throttled invocations of this Lambda How often this Lambda is throttled.
	//
	// Sum over 5 minutes.
	// Default: sum over 5 minutes.
	//
	MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// The system architectures compatible with this lambda function.
	Architecture() Architecture
	// The ARN of the function.
	FunctionArn() *string
	// The name of the function.
	FunctionName() *string
	// Whether or not this Lambda function was bound to a VPC.
	//
	// If this is is `false`, trying to access the `connections` object will fail.
	IsBoundToVpc() *bool
	// The `$LATEST` version of this function.
	//
	// Note that this is reference to a non-specific AWS Lambda version, which
	// means the function this version refers to can return different results in
	// different invocations.
	//
	// To obtain a reference to an explicit version which references the current
	// function configuration, use `lambdaFunction.currentVersion` instead.
	LatestVersion() IVersion
	// The construct node where permissions are attached.
	PermissionsNode() constructs.Node
	// The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
	//
	// This property is for cdk modules to consume only. You should not need to use this property.
	// Instead, use grantInvoke() directly.
	ResourceArnsForGrantInvoke() *[]*string
	// The IAM role associated with this function.
	Role() awsiam.IRole
}

func DockerImageFunction_FromFunctionArn

func DockerImageFunction_FromFunctionArn(scope constructs.Construct, id *string, functionArn *string) IFunction

Import a lambda function into the CDK using its ARN.

For `Function.addPermissions()` to work on this imported lambda, make sure that is in the same account and region as the stack you are importing it into.

func DockerImageFunction_FromFunctionAttributes

func DockerImageFunction_FromFunctionAttributes(scope constructs.Construct, id *string, attrs *FunctionAttributes) IFunction

Creates a Lambda function object which represents a function not defined within this stack.

For `Function.addPermissions()` to work on this imported lambda, set the sameEnvironment property to true if this imported lambda is in the same account and region as the stack you are importing it into.

func DockerImageFunction_FromFunctionName added in v2.14.0

func DockerImageFunction_FromFunctionName(scope constructs.Construct, id *string, functionName *string) IFunction

Import a lambda function into the CDK using its name.

func Function_FromFunctionArn

func Function_FromFunctionArn(scope constructs.Construct, id *string, functionArn *string) IFunction

Import a lambda function into the CDK using its ARN.

For `Function.addPermissions()` to work on this imported lambda, make sure that is in the same account and region as the stack you are importing it into.

func Function_FromFunctionAttributes

func Function_FromFunctionAttributes(scope constructs.Construct, id *string, attrs *FunctionAttributes) IFunction

Creates a Lambda function object which represents a function not defined within this stack.

For `Function.addPermissions()` to work on this imported lambda, set the sameEnvironment property to true if this imported lambda is in the same account and region as the stack you are importing it into.

func Function_FromFunctionName added in v2.14.0

func Function_FromFunctionName(scope constructs.Construct, id *string, functionName *string) IFunction

Import a lambda function into the CDK using its name.

type IFunctionUrl added in v2.21.0

type IFunctionUrl interface {
	awscdk.IResource
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(identity awsiam.IGrantable) awsiam.Grant
	// The ARN of the function this URL refers to.
	FunctionArn() *string
	// The url of the Lambda function.
	Url() *string
}

A Lambda function Url.

type ILayerVersion

type ILayerVersion interface {
	awscdk.IResource
	// Add permission for this layer version to specific entities.
	//
	// Usage within
	// the same account where the layer is defined is always allowed and does not
	// require calling this method. Note that the principal that creates the
	// Lambda function using the layer (for example, a CloudFormation changeset
	// execution role) also needs to have the “lambda:GetLayerVersion“
	// permission on the layer version.
	AddPermission(id *string, permission *LayerVersionPermission)
	// The runtimes compatible with this Layer.
	// Default: Runtime.All
	//
	CompatibleRuntimes() *[]Runtime
	// The ARN of the Lambda Layer version that this Layer defines.
	LayerVersionArn() *string
}

func LayerVersion_FromLayerVersionArn

func LayerVersion_FromLayerVersionArn(scope constructs.Construct, id *string, layerVersionArn *string) ILayerVersion

Imports a layer version by ARN.

Assumes it is compatible with all Lambda runtimes.

func LayerVersion_FromLayerVersionAttributes

func LayerVersion_FromLayerVersionAttributes(scope constructs.Construct, id *string, attrs *LayerVersionAttributes) ILayerVersion

Imports a Layer that has been defined externally.

type IScalableFunctionAttribute

type IScalableFunctionAttribute interface {
	constructs.IConstruct
	// Scale out or in based on schedule.
	ScaleOnSchedule(id *string, actions *awsapplicationautoscaling.ScalingSchedule)
	// Scale out or in to keep utilization at a given level.
	//
	// The utilization is tracked by the
	// LambdaProvisionedConcurrencyUtilization metric, emitted by lambda. See:
	// https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics.html#monitoring-metrics-concurrency
	ScaleOnUtilization(options *UtilizationScalingOptions)
}

Interface for scalable attributes.

type IVersion

type IVersion interface {
	IFunction
	// Defines an alias for this version.
	// Deprecated: Calling `addAlias` on a `Version` object will cause the Alias to be replaced on every function update. Call `function.addAlias()` or `new Alias()` instead.
	AddAlias(aliasName *string, options *AliasOptions) Alias
	// The ARN of the version for Lambda@Edge.
	EdgeArn() *string
	// The underlying AWS Lambda function.
	Lambda() IFunction
	// The most recently deployed version of this function.
	Version() *string
}

func Version_FromVersionArn

func Version_FromVersionArn(scope constructs.Construct, id *string, versionArn *string) IVersion

Construct a Version object from a Version ARN.

func Version_FromVersionAttributes

func Version_FromVersionAttributes(scope constructs.Construct, id *string, attrs *VersionAttributes) IVersion

type InlineCode

type InlineCode interface {
	Code
	// Determines whether this Code is inline code or not.
	IsInline() *bool
	// Called when the lambda or layer is initialized to allow this object to bind to the stack, add resources and have fun.
	Bind(_scope constructs.Construct) *CodeConfig
	// Called after the CFN function resource has been created to allow the code class to bind to it.
	//
	// Specifically it's required to allow assets to add
	// metadata for tooling like SAM CLI to be able to find their origins.
	BindToResource(_resource awscdk.CfnResource, _options *ResourceBindOptions)
}

Lambda code from an inline string.

Example:

layer := lambda.NewLayerVersion(stack, jsii.String("MyLayer"), &LayerVersionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("layer-code"))),
	CompatibleRuntimes: []runtime{
		lambda.*runtime_NODEJS_LATEST(),
	},
	License: jsii.String("Apache-2.0"),
	Description: jsii.String("A layer to test the L2 construct"),
})

// To grant usage by other AWS accounts
layer.addPermission(jsii.String("remote-account-grant"), &LayerVersionPermission{
	AccountId: awsAccountId,
})

// To grant usage to all accounts in some AWS Ogranization
// layer.grantUsage({ accountId: '*', organizationId });

// To grant usage to all accounts in some AWS Ogranization
// layer.grantUsage({ accountId: '*', organizationId });
lambda.NewFunction(stack, jsii.String("MyLayeredLambda"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("foo")),
	Handler: jsii.String("index.handler"),
	Runtime: lambda.*runtime_NODEJS_LATEST(),
	Layers: []iLayerVersion{
		layer,
	},
})

func AssetCode_FromInline

func AssetCode_FromInline(code *string) InlineCode

Inline code for Lambda handler.

Returns: `LambdaInlineCode` with inline code.

func AssetImageCode_FromInline

func AssetImageCode_FromInline(code *string) InlineCode

Inline code for Lambda handler.

Returns: `LambdaInlineCode` with inline code.

func CfnParametersCode_FromInline

func CfnParametersCode_FromInline(code *string) InlineCode

Inline code for Lambda handler.

Returns: `LambdaInlineCode` with inline code.

func Code_FromInline

func Code_FromInline(code *string) InlineCode

Inline code for Lambda handler.

Returns: `LambdaInlineCode` with inline code.

func EcrImageCode_FromInline

func EcrImageCode_FromInline(code *string) InlineCode

Inline code for Lambda handler.

Returns: `LambdaInlineCode` with inline code.

func InlineCode_FromInline

func InlineCode_FromInline(code *string) InlineCode

Inline code for Lambda handler.

Returns: `LambdaInlineCode` with inline code.

func NewInlineCode

func NewInlineCode(code *string) InlineCode

func S3Code_FromInline

func S3Code_FromInline(code *string) InlineCode

Inline code for Lambda handler.

Returns: `LambdaInlineCode` with inline code.

type InvokeMode added in v2.82.0

type InvokeMode string

The invoke modes for a Lambda function.

Example:

var fn function

fn.AddFunctionUrl(&FunctionUrlOptions{
	AuthType: lambda.FunctionUrlAuthType_NONE,
	InvokeMode: lambda.InvokeMode_RESPONSE_STREAM,
})
const (
	// Default option.
	//
	// Lambda invokes your function using the Invoke API operation.
	// Invocation results are available when the payload is complete.
	// The maximum payload size is 6 MB.
	InvokeMode_BUFFERED InvokeMode = "BUFFERED"
	// Your function streams payload results as they become available.
	//
	// Lambda invokes your function using the InvokeWithResponseStream API operation.
	// The maximum response payload size is 20 MB, however, you can request a quota increase.
	InvokeMode_RESPONSE_STREAM InvokeMode = "RESPONSE_STREAM"
)

type LambdaInsightsVersion

type LambdaInsightsVersion interface {
	// The arn of the Lambda Insights extension.
	LayerVersionArn() *string
}

Version of CloudWatch Lambda Insights.

Example:

layerArn := "arn:aws:lambda:us-east-1:580247275435:layer:LambdaInsightsExtension:14"
lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	InsightsVersion: lambda.LambdaInsightsVersion_FromInsightVersionArn(layerArn),
})

func LambdaInsightsVersion_FromInsightVersionArn

func LambdaInsightsVersion_FromInsightVersionArn(arn *string) LambdaInsightsVersion

Use the insights extension associated with the provided ARN.

Make sure the ARN is associated with same region as your function. See: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-extension-versions.html

func LambdaInsightsVersion_VERSION_1_0_119_0 added in v2.2.0

func LambdaInsightsVersion_VERSION_1_0_119_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_135_0 added in v2.27.0

func LambdaInsightsVersion_VERSION_1_0_135_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_143_0 added in v2.50.0

func LambdaInsightsVersion_VERSION_1_0_143_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_178_0 added in v2.65.0

func LambdaInsightsVersion_VERSION_1_0_178_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_229_0 added in v2.87.0

func LambdaInsightsVersion_VERSION_1_0_229_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_273_0 added in v2.148.0

func LambdaInsightsVersion_VERSION_1_0_273_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_275_0 added in v2.148.0

func LambdaInsightsVersion_VERSION_1_0_275_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_295_0 added in v2.148.0

func LambdaInsightsVersion_VERSION_1_0_295_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_317_0 added in v2.148.0

func LambdaInsightsVersion_VERSION_1_0_317_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_54_0

func LambdaInsightsVersion_VERSION_1_0_54_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_86_0

func LambdaInsightsVersion_VERSION_1_0_86_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_89_0

func LambdaInsightsVersion_VERSION_1_0_89_0() LambdaInsightsVersion

func LambdaInsightsVersion_VERSION_1_0_98_0

func LambdaInsightsVersion_VERSION_1_0_98_0() LambdaInsightsVersion

type LambdaRuntimeProps

type LambdaRuntimeProps struct {
	// The Docker image name to be used for bundling in this runtime.
	// Default: - the latest docker image "amazon/public.ecr.aws/sam/build-<runtime>" from https://gallery.ecr.aws
	//
	BundlingDockerImage *string `field:"optional" json:"bundlingDockerImage" yaml:"bundlingDockerImage"`
	// Whether the runtime enum is meant to change over time, IE NODEJS_LATEST.
	// Default: false.
	//
	IsVariable *bool `field:"optional" json:"isVariable" yaml:"isVariable"`
	// Whether this runtime is integrated with and supported for profiling using Amazon CodeGuru Profiler.
	// Default: false.
	//
	SupportsCodeGuruProfiling *bool `field:"optional" json:"supportsCodeGuruProfiling" yaml:"supportsCodeGuruProfiling"`
	// Whether the “ZipFile“ (aka inline code) property can be used with this runtime.
	// Default: false.
	//
	SupportsInlineCode *bool `field:"optional" json:"supportsInlineCode" yaml:"supportsInlineCode"`
	// Whether this runtime supports SnapStart.
	// Default: false.
	//
	SupportsSnapStart *bool `field:"optional" json:"supportsSnapStart" yaml:"supportsSnapStart"`
}

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

lambdaRuntimeProps := &LambdaRuntimeProps{
	BundlingDockerImage: jsii.String("bundlingDockerImage"),
	IsVariable: jsii.Boolean(false),
	SupportsCodeGuruProfiling: jsii.Boolean(false),
	SupportsInlineCode: jsii.Boolean(false),
	SupportsSnapStart: jsii.Boolean(false),
}

type LayerVersion

type LayerVersion interface {
	awscdk.Resource
	ILayerVersion
	// The runtimes compatible with this Layer.
	CompatibleRuntimes() *[]Runtime
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The ARN of the Lambda Layer version that this Layer defines.
	LayerVersionArn() *string
	// The tree node.
	Node() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Add permission for this layer version to specific entities.
	//
	// Usage within
	// the same account where the layer is defined is always allowed and does not
	// require calling this method. Note that the principal that creates the
	// Lambda function using the layer (for example, a CloudFormation changeset
	// execution role) also needs to have the “lambda:GetLayerVersion“
	// permission on the layer version.
	AddPermission(id *string, permission *LayerVersionPermission)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Returns a string representation of this construct.
	ToString() *string
}

Defines a new Lambda Layer version.

Example:

lambda.NewLayerVersion(this, jsii.String("MyLayer"), &LayerVersionProps{
	RemovalPolicy: awscdk.RemovalPolicy_RETAIN,
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	CompatibleArchitectures: []architecture{
		lambda.*architecture_X86_64(),
		lambda.*architecture_ARM_64(),
	},
})

func NewLayerVersion

func NewLayerVersion(scope constructs.Construct, id *string, props *LayerVersionProps) LayerVersion

type LayerVersionAttributes

type LayerVersionAttributes struct {
	// The ARN of the LayerVersion.
	LayerVersionArn *string `field:"required" json:"layerVersionArn" yaml:"layerVersionArn"`
	// The list of compatible runtimes with this Layer.
	CompatibleRuntimes *[]Runtime `field:"optional" json:"compatibleRuntimes" yaml:"compatibleRuntimes"`
}

Properties necessary to import a LayerVersion.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var runtime runtime

layerVersionAttributes := &LayerVersionAttributes{
	LayerVersionArn: jsii.String("layerVersionArn"),

	// the properties below are optional
	CompatibleRuntimes: []*runtime{
		runtime,
	},
}

type LayerVersionOptions

type LayerVersionOptions struct {
	// The description the this Lambda Layer.
	// Default: - No description.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// The name of the layer.
	// Default: - A name will be generated.
	//
	LayerVersionName *string `field:"optional" json:"layerVersionName" yaml:"layerVersionName"`
	// The SPDX licence identifier or URL to the license file for this layer.
	// Default: - No license information will be recorded.
	//
	License *string `field:"optional" json:"license" yaml:"license"`
	// Whether to retain this version of the layer when a new version is added or when the stack is deleted.
	// Default: RemovalPolicy.DESTROY
	//
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
}

Non runtime options.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

layerVersionOptions := &LayerVersionOptions{
	Description: jsii.String("description"),
	LayerVersionName: jsii.String("layerVersionName"),
	License: jsii.String("license"),
	RemovalPolicy: cdk.RemovalPolicy_DESTROY,
}

type LayerVersionPermission

type LayerVersionPermission struct {
	// The AWS Account id of the account that is authorized to use a Lambda Layer Version.
	//
	// The wild-card “'*'“ can be
	// used to grant access to "any" account (or any account in an organization when “organizationId“ is specified).
	AccountId *string `field:"required" json:"accountId" yaml:"accountId"`
	// The ID of the AWS Organization to which the grant is restricted.
	//
	// Can only be specified if “accountId“ is “'*'“.
	OrganizationId *string `field:"optional" json:"organizationId" yaml:"organizationId"`
}

Identification of an account (or organization) that is allowed to access a Lambda Layer Version.

Example:

layer := lambda.NewLayerVersion(stack, jsii.String("MyLayer"), &LayerVersionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("layer-code"))),
	CompatibleRuntimes: []runtime{
		lambda.*runtime_NODEJS_LATEST(),
	},
	License: jsii.String("Apache-2.0"),
	Description: jsii.String("A layer to test the L2 construct"),
})

// To grant usage by other AWS accounts
layer.addPermission(jsii.String("remote-account-grant"), &LayerVersionPermission{
	AccountId: awsAccountId,
})

// To grant usage to all accounts in some AWS Ogranization
// layer.grantUsage({ accountId: '*', organizationId });

// To grant usage to all accounts in some AWS Ogranization
// layer.grantUsage({ accountId: '*', organizationId });
lambda.NewFunction(stack, jsii.String("MyLayeredLambda"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("foo")),
	Handler: jsii.String("index.handler"),
	Runtime: lambda.*runtime_NODEJS_LATEST(),
	Layers: []iLayerVersion{
		layer,
	},
})

type LayerVersionProps

type LayerVersionProps struct {
	// The description the this Lambda Layer.
	// Default: - No description.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// The name of the layer.
	// Default: - A name will be generated.
	//
	LayerVersionName *string `field:"optional" json:"layerVersionName" yaml:"layerVersionName"`
	// The SPDX licence identifier or URL to the license file for this layer.
	// Default: - No license information will be recorded.
	//
	License *string `field:"optional" json:"license" yaml:"license"`
	// Whether to retain this version of the layer when a new version is added or when the stack is deleted.
	// Default: RemovalPolicy.DESTROY
	//
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// The content of this Layer.
	//
	// Using `Code.fromInline` is not supported.
	Code Code `field:"required" json:"code" yaml:"code"`
	// The system architectures compatible with this layer.
	// Default: [Architecture.X86_64]
	//
	CompatibleArchitectures *[]Architecture `field:"optional" json:"compatibleArchitectures" yaml:"compatibleArchitectures"`
	// The runtimes compatible with this Layer.
	// Default: - All runtimes are supported.
	//
	CompatibleRuntimes *[]Runtime `field:"optional" json:"compatibleRuntimes" yaml:"compatibleRuntimes"`
}

Example:

lambda.NewLayerVersion(this, jsii.String("MyLayer"), &LayerVersionProps{
	RemovalPolicy: awscdk.RemovalPolicy_RETAIN,
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	CompatibleArchitectures: []architecture{
		lambda.*architecture_X86_64(),
		lambda.*architecture_ARM_64(),
	},
})

type LogFormat added in v2.110.0

type LogFormat string

This field takes in 2 values either Text or JSON.

By setting this value to Text, will result in the current structure of logs format, whereas, by setting this value to JSON, Lambda will print the logs as Structured JSON Logs, with the corresponding timestamp and log level of each event. Selecting ‘JSON’ format will only allow customer’s to have different log level Application log level and the System log level.

const (
	// Lambda Logs text format.
	LogFormat_TEXT LogFormat = "TEXT"
	// Lambda structured logging in Json format.
	LogFormat_JSON LogFormat = "JSON"
)

type LogRetentionRetryOptions

type LogRetentionRetryOptions struct {
	// The base duration to use in the exponential backoff for operation retries.
	// Default: - none, not used anymore.
	//
	// Deprecated: Unused since the upgrade to AWS SDK v3, which uses a different retry strategy.
	Base awscdk.Duration `field:"optional" json:"base" yaml:"base"`
	// The maximum amount of retries.
	// Default: 5.
	//
	MaxRetries *float64 `field:"optional" json:"maxRetries" yaml:"maxRetries"`
}

Retry options for all AWS API calls.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import cdk "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

logRetentionRetryOptions := &LogRetentionRetryOptions{
	Base: cdk.Duration_Minutes(jsii.Number(30)),
	MaxRetries: jsii.Number(123),
}

type LoggingFormat added in v2.127.0

type LoggingFormat string

This field takes in 2 values either Text or JSON.

By setting this value to Text, will result in the current structure of logs format, whereas, by setting this value to JSON, Lambda will print the logs as Structured JSON Logs, with the corresponding timestamp and log level of each event. Selecting ‘JSON’ format will only allow customer’s to have different log level Application log level and the System log level.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

var logGroup iLogGroup

lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("foo")),
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	LoggingFormat: lambda.LoggingFormat_JSON,
	SystemLogLevelV2: lambda.SystemLogLevel_INFO,
	ApplicationLogLevelV2: lambda.ApplicationLogLevel_INFO,
	LogGroup: logGroup,
})
const (
	// Lambda Logs text format.
	LoggingFormat_TEXT LoggingFormat = "TEXT"
	// Lambda structured logging in Json format.
	LoggingFormat_JSON LoggingFormat = "JSON"
)

type ParamsAndSecretsLayerVersion added in v2.84.0

type ParamsAndSecretsLayerVersion interface {
}

Parameters and Secrets Extension layer version.

Example:

import sm "github.com/aws/aws-cdk-go/awscdk"
import ssm "github.com/aws/aws-cdk-go/awscdk"

secret := sm.NewSecret(this, jsii.String("Secret"))
parameter := ssm.NewStringParameter(this, jsii.String("Parameter"), &StringParameterProps{
	ParameterName: jsii.String("mySsmParameterName"),
	StringValue: jsii.String("mySsmParameterValue"),
})

paramsAndSecrets := lambda.ParamsAndSecretsLayerVersion_FromVersion(lambda.ParamsAndSecretsVersions_V1_0_103, &ParamsAndSecretsOptions{
	CacheSize: jsii.Number(500),
	LogLevel: lambda.ParamsAndSecretsLogLevel_DEBUG,
})

lambdaFunction := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Architecture: lambda.Architecture_ARM_64(),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	ParamsAndSecrets: ParamsAndSecrets,
})

secret.grantRead(lambdaFunction)
parameter.grantRead(lambdaFunction)

func ParamsAndSecretsLayerVersion_FromVersion added in v2.84.0

func ParamsAndSecretsLayerVersion_FromVersion(version ParamsAndSecretsVersions, options *ParamsAndSecretsOptions) ParamsAndSecretsLayerVersion

Use a specific version of the Parameters and Secrets Extension to generate a layer version.

func ParamsAndSecretsLayerVersion_FromVersionArn added in v2.84.0

func ParamsAndSecretsLayerVersion_FromVersionArn(arn *string, options *ParamsAndSecretsOptions) ParamsAndSecretsLayerVersion

Use the Parameters and Secrets Extension associated with the provided ARN.

Make sure the ARN is associated with the same region and architecture as your function. See: https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets_lambda.html#retrieving-secrets_lambda_ARNs

type ParamsAndSecretsLogLevel added in v2.84.0

type ParamsAndSecretsLogLevel string

Logging levels for the Parametes and Secrets Extension.

Example:

import sm "github.com/aws/aws-cdk-go/awscdk"
import ssm "github.com/aws/aws-cdk-go/awscdk"

secret := sm.NewSecret(this, jsii.String("Secret"))
parameter := ssm.NewStringParameter(this, jsii.String("Parameter"), &StringParameterProps{
	ParameterName: jsii.String("mySsmParameterName"),
	StringValue: jsii.String("mySsmParameterValue"),
})

paramsAndSecrets := lambda.ParamsAndSecretsLayerVersion_FromVersion(lambda.ParamsAndSecretsVersions_V1_0_103, &ParamsAndSecretsOptions{
	CacheSize: jsii.Number(500),
	LogLevel: lambda.ParamsAndSecretsLogLevel_DEBUG,
})

lambdaFunction := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Architecture: lambda.Architecture_ARM_64(),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	ParamsAndSecrets: ParamsAndSecrets,
})

secret.grantRead(lambdaFunction)
parameter.grantRead(lambdaFunction)
const (
	// Debug.
	ParamsAndSecretsLogLevel_DEBUG ParamsAndSecretsLogLevel = "DEBUG"
	// Info.
	ParamsAndSecretsLogLevel_INFO ParamsAndSecretsLogLevel = "INFO"
	// Warn.
	ParamsAndSecretsLogLevel_WARN ParamsAndSecretsLogLevel = "WARN"
	// Error.
	ParamsAndSecretsLogLevel_ERROR ParamsAndSecretsLogLevel = "ERROR"
	// No logging.
	ParamsAndSecretsLogLevel_NONE ParamsAndSecretsLogLevel = "NONE"
)

type ParamsAndSecretsOptions added in v2.84.0

type ParamsAndSecretsOptions struct {
	// Whether the Parameters and Secrets Extension will cache parameters and secrets.
	// Default: true.
	//
	CacheEnabled *bool `field:"optional" json:"cacheEnabled" yaml:"cacheEnabled"`
	// The maximum number of secrets and parameters to cache.
	//
	// Must be a value
	// from 0 to 1000. A value of 0 means there is no caching.
	//
	// Note: This variable is ignored if parameterStoreTtl and secretsManagerTtl
	// are 0.
	// Default: 1000.
	//
	CacheSize *float64 `field:"optional" json:"cacheSize" yaml:"cacheSize"`
	// The port for the local HTTP server.
	//
	// Valid port numbers are 1 - 65535.
	// Default: 2773.
	//
	HttpPort *float64 `field:"optional" json:"httpPort" yaml:"httpPort"`
	// The level of logging provided by the Parameters and Secrets Extension.
	//
	// Note: Set to debug to see the cache configuration.
	// Default: - Logging level will be `info`.
	//
	LogLevel ParamsAndSecretsLogLevel `field:"optional" json:"logLevel" yaml:"logLevel"`
	// The maximum number of connection for HTTP clients that the Parameters and Secrets Extension uses to make requests to Parameter Store or Secrets Manager.
	//
	// There is no maximum limit. Minimum is 1.
	//
	// Note: Every running copy of this Lambda function may open the number of
	// connections specified by this property. Thus, the total number of connections
	// may exceed this number.
	// Default: 3.
	//
	MaxConnections *float64 `field:"optional" json:"maxConnections" yaml:"maxConnections"`
	// The timeout for requests to Parameter Store.
	//
	// A value of 0 means that there is no
	// timeout.
	// Default: 0.
	//
	ParameterStoreTimeout awscdk.Duration `field:"optional" json:"parameterStoreTimeout" yaml:"parameterStoreTimeout"`
	// The time-to-live of a parameter in the cache.
	//
	// A value of 0 means there is no caching.
	// The maximum time-to-live is 300 seconds.
	//
	// Note: This variable is ignored if cacheSize is 0.
	// Default: 300 seconds.
	//
	ParameterStoreTtl awscdk.Duration `field:"optional" json:"parameterStoreTtl" yaml:"parameterStoreTtl"`
	// The timeout for requests to Secrets Manager.
	//
	// A value of 0 means that there is
	// no timeout.
	// Default: 0.
	//
	SecretsManagerTimeout awscdk.Duration `field:"optional" json:"secretsManagerTimeout" yaml:"secretsManagerTimeout"`
	// The time-to-live of a secret in the cache.
	//
	// A value of 0 means there is no caching.
	// The maximum time-to-live is 300 seconds.
	//
	// Note: This variable is ignored if cacheSize is 0.
	// Default: 300 seconds.
	//
	SecretsManagerTtl awscdk.Duration `field:"optional" json:"secretsManagerTtl" yaml:"secretsManagerTtl"`
}

Parameters and Secrets Extension configuration options.

Example:

import sm "github.com/aws/aws-cdk-go/awscdk"
import ssm "github.com/aws/aws-cdk-go/awscdk"

secret := sm.NewSecret(this, jsii.String("Secret"))
parameter := ssm.NewStringParameter(this, jsii.String("Parameter"), &StringParameterProps{
	ParameterName: jsii.String("mySsmParameterName"),
	StringValue: jsii.String("mySsmParameterValue"),
})

paramsAndSecrets := lambda.ParamsAndSecretsLayerVersion_FromVersion(lambda.ParamsAndSecretsVersions_V1_0_103, &ParamsAndSecretsOptions{
	CacheSize: jsii.Number(500),
	LogLevel: lambda.ParamsAndSecretsLogLevel_DEBUG,
})

lambdaFunction := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Architecture: lambda.Architecture_ARM_64(),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	ParamsAndSecrets: ParamsAndSecrets,
})

secret.grantRead(lambdaFunction)
parameter.grantRead(lambdaFunction)

type ParamsAndSecretsVersions added in v2.84.0

type ParamsAndSecretsVersions string

Parameters and Secrets Extension versions.

Example:

import sm "github.com/aws/aws-cdk-go/awscdk"
import ssm "github.com/aws/aws-cdk-go/awscdk"

secret := sm.NewSecret(this, jsii.String("Secret"))
parameter := ssm.NewStringParameter(this, jsii.String("Parameter"), &StringParameterProps{
	ParameterName: jsii.String("mySsmParameterName"),
	StringValue: jsii.String("mySsmParameterValue"),
})

paramsAndSecrets := lambda.ParamsAndSecretsLayerVersion_FromVersion(lambda.ParamsAndSecretsVersions_V1_0_103, &ParamsAndSecretsOptions{
	CacheSize: jsii.Number(500),
	LogLevel: lambda.ParamsAndSecretsLogLevel_DEBUG,
})

lambdaFunction := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Architecture: lambda.Architecture_ARM_64(),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
	ParamsAndSecrets: ParamsAndSecrets,
})

secret.grantRead(lambdaFunction)
parameter.grantRead(lambdaFunction)
const (
	// Version 1.0.103.
	//
	// Note: This is the latest version.
	ParamsAndSecretsVersions_V1_0_103 ParamsAndSecretsVersions = "V1_0_103"
)

type Permission

type Permission struct {
	// The entity for which you are granting permission to invoke the Lambda function.
	//
	// This entity can be any of the following:
	//
	// - a valid AWS service principal, such as `s3.amazonaws.com` or `sns.amazonaws.com`
	// - an AWS account ID for cross-account permissions. For example, you might want
	//   to allow a custom application in another AWS account to push events to
	//   Lambda by invoking your function.
	// - an AWS organization principal to grant permissions to an entire organization.
	//
	// The principal can be an AccountPrincipal, an ArnPrincipal, a ServicePrincipal,
	// or an OrganizationPrincipal.
	Principal awsiam.IPrincipal `field:"required" json:"principal" yaml:"principal"`
	// The Lambda actions that you want to allow in this statement.
	//
	// For example,
	// you can specify lambda:CreateFunction to specify a certain action, or use
	// a wildcard (“lambda:*“) to grant permission to all Lambda actions. For a
	// list of actions, see Actions and Condition Context Keys for AWS Lambda in
	// the IAM User Guide.
	// Default: 'lambda:InvokeFunction'.
	//
	Action *string `field:"optional" json:"action" yaml:"action"`
	// A unique token that must be supplied by the principal invoking the function.
	// Default: - The caller would not need to present a token.
	//
	EventSourceToken *string `field:"optional" json:"eventSourceToken" yaml:"eventSourceToken"`
	// The authType for the function URL that you are granting permissions for.
	// Default: - No functionUrlAuthType.
	//
	FunctionUrlAuthType FunctionUrlAuthType `field:"optional" json:"functionUrlAuthType" yaml:"functionUrlAuthType"`
	// The organization you want to grant permissions to.
	//
	// Use this ONLY if you
	// need to grant permissions to a subset of the organization. If you want to
	// grant permissions to the entire organization, sending the organization principal
	// through the `principal` property will suffice.
	//
	// You can use this property to ensure that all source principals are owned by
	// a specific organization.
	// Default: - No organizationId.
	//
	OrganizationId *string `field:"optional" json:"organizationId" yaml:"organizationId"`
	// The scope to which the permission constructs be attached.
	//
	// The default is
	// the Lambda function construct itself, but this would need to be different
	// in cases such as cross-stack references where the Permissions would need
	// to sit closer to the consumer of this permission (i.e., the caller).
	// Default: - The instance of lambda.IFunction
	//
	Scope constructs.Construct `field:"optional" json:"scope" yaml:"scope"`
	// The AWS account ID (without hyphens) of the source owner.
	//
	// For example, if
	// you specify an S3 bucket in the SourceArn property, this value is the
	// bucket owner's account ID. You can use this property to ensure that all
	// source principals are owned by a specific account.
	SourceAccount *string `field:"optional" json:"sourceAccount" yaml:"sourceAccount"`
	// The ARN of a resource that is invoking your function.
	//
	// When granting
	// Amazon Simple Storage Service (Amazon S3) permission to invoke your
	// function, specify this property with the bucket ARN as its value. This
	// ensures that events generated only from the specified bucket, not just
	// any bucket from any AWS account that creates a mapping to your function,
	// can invoke the function.
	SourceArn *string `field:"optional" json:"sourceArn" yaml:"sourceArn"`
}

Represents a permission statement that can be added to a Lambda function's resource policy via the `addPermission()` method.

Example:

// Grant permissions to a service
var fn function

principal := iam.NewServicePrincipal(jsii.String("my-service"))

fn.GrantInvoke(principal)

// Equivalent to:
fn.AddPermission(jsii.String("my-service Invocation"), &Permission{
	Principal: principal,
})

type QualifiedFunctionBase

type QualifiedFunctionBase interface {
	FunctionBase
	// The architecture of this Lambda Function.
	Architecture() Architecture
	// Whether the addPermission() call adds any permissions.
	//
	// True for new Lambdas, false for version $LATEST and imported Lambdas
	// from different accounts.
	CanCreatePermissions() *bool
	// Access the Connections object.
	//
	// Will fail if not a VPC-enabled Lambda Function.
	Connections() awsec2.Connections
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The ARN fo the function.
	FunctionArn() *string
	// The name of the function.
	FunctionName() *string
	// The principal this Lambda Function is running as.
	GrantPrincipal() awsiam.IPrincipal
	// Whether or not this Lambda function was bound to a VPC.
	//
	// If this is is `false`, trying to access the `connections` object will fail.
	IsBoundToVpc() *bool
	// The underlying `IFunction`.
	Lambda() IFunction
	// The `$LATEST` version of this function.
	//
	// Note that this is reference to a non-specific AWS Lambda version, which
	// means the function this version refers to can return different results in
	// different invocations.
	//
	// To obtain a reference to an explicit version which references the current
	// function configuration, use `lambdaFunction.currentVersion` instead.
	LatestVersion() IVersion
	// The tree node.
	Node() constructs.Node
	// The construct node where permissions are attached.
	PermissionsNode() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The qualifier of the version or alias of this function.
	//
	// A qualifier is the identifier that's appended to a version or alias ARN.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionConfiguration.html#API_GetFunctionConfiguration_RequestParameters
	//
	Qualifier() *string
	// The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
	ResourceArnsForGrantInvoke() *[]*string
	// The IAM role associated with this function.
	//
	// Undefined if the function was imported without a role.
	Role() awsiam.IRole
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Adds an event source to this function.
	//
	// Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
	//
	// The following example adds an SQS Queue as an event source:
	// “`
	// import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
	// myFunction.addEventSource(new SqsEventSource(myQueue));
	// “`.
	AddEventSource(source IEventSource)
	// Adds an event source that maps to this AWS Lambda function.
	AddEventSourceMapping(id *string, options *EventSourceMappingOptions) EventSourceMapping
	// Adds a url to this lambda function.
	AddFunctionUrl(options *FunctionUrlOptions) FunctionUrl
	// Adds a permission to the Lambda resource policy.
	// See: Permission for details.
	//
	AddPermission(id *string, permission *Permission)
	// Adds a statement to the IAM role assumed by the instance.
	AddToRolePolicy(statement awsiam.PolicyStatement)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Configures options for asynchronous invocation.
	ConfigureAsyncInvoke(options *EventInvokeConfigOptions)
	// A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function.
	//
	// - function.currentVersion is invoked before or after the permission is created.
	//
	// This applies only to permissions on Lambda functions, not versions or aliases.
	// This function is overridden as a noOp for QualifiedFunctionBase.
	ConsiderWarningOnInvokeFunctionPermissions(_scope constructs.Construct, _action *string)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity permissions to invoke this Lambda.
	GrantInvoke(grantee awsiam.IGrantable) awsiam.Grant
	// Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
	GrantInvokeCompositePrincipal(compositePrincipal awsiam.CompositePrincipal) *[]awsiam.Grant
	// Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
	GrantInvokeLatestVersion(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke the given version of this Lambda.
	GrantInvokeVersion(grantee awsiam.IGrantable, version IVersion) awsiam.Grant
	// Return the given named metric for this Function.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How long execution of this Lambda takes.
	//
	// Average over 5 minutes.
	MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How many invocations of this Lambda fail.
	//
	// Sum over 5 minutes.
	MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is invoked.
	//
	// Sum over 5 minutes.
	MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is throttled.
	//
	// Sum over 5 minutes.
	MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Returns a string representation of this construct.
	ToString() *string
	WarnInvokeFunctionPermissions(scope constructs.Construct)
}

type RecursiveLoop added in v2.153.0

type RecursiveLoop string

Example:

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("handler.zip"))),
	Runtime: lambda.Runtime_JAVA_11(),
	Handler: jsii.String("example.Handler::handleRequest"),
	RecursiveLoop: lambda.RecursiveLoop_TERMINATE,
})
const (
	// Allows the recursive loop to happen and does not terminate it.
	RecursiveLoop_ALLOW RecursiveLoop = "ALLOW"
	// Terminates the recursive loop.
	RecursiveLoop_TERMINATE RecursiveLoop = "TERMINATE"
)

type ResourceBindOptions

type ResourceBindOptions struct {
	// The name of the CloudFormation property to annotate with asset metadata.
	// See: https://github.com/aws/aws-cdk/issues/1432
	//
	// Default: Code.
	//
	ResourceProperty *string `field:"optional" json:"resourceProperty" yaml:"resourceProperty"`
}

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

resourceBindOptions := &ResourceBindOptions{
	ResourceProperty: jsii.String("resourceProperty"),
}

type Runtime

type Runtime interface {
	// The bundling Docker image for this runtime.
	BundlingImage() awscdk.DockerImage
	// The runtime family.
	Family() RuntimeFamily
	// Enabled for runtime enums that always target the latest available.
	IsVariable() *bool
	// The name of this runtime, as expected by the Lambda resource.
	Name() *string
	// Whether this runtime is integrated with and supported for profiling using Amazon CodeGuru Profiler.
	SupportsCodeGuruProfiling() *bool
	// Whether the “ZipFile“ (aka inline code) property can be used with this runtime.
	SupportsInlineCode() *bool
	// Whether this runtime supports snapstart.
	SupportsSnapStart() *bool
	RuntimeEquals(other Runtime) *bool
	ToString() *string
}

Lambda function runtime environment.

If you need to use a runtime name that doesn't exist as a static member, you can instantiate a `Runtime` object, e.g: `new Runtime('nodejs99.99')`.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

signingProfile := signer.NewSigningProfile(this, jsii.String("SigningProfile"), &SigningProfileProps{
	Platform: signer.Platform_AWS_LAMBDA_SHA384_ECDSA(),
})

codeSigningConfig := lambda.NewCodeSigningConfig(this, jsii.String("CodeSigningConfig"), &CodeSigningConfigProps{
	SigningProfiles: []iSigningProfile{
		signingProfile,
	},
})

lambda.NewFunction(this, jsii.String("Function"), &FunctionProps{
	CodeSigningConfig: CodeSigningConfig,
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

func NewRuntime

func NewRuntime(name *string, family RuntimeFamily, props *LambdaRuntimeProps) Runtime

func Runtime_DOTNET_6 added in v2.17.0

func Runtime_DOTNET_6() Runtime

func Runtime_DOTNET_8 added in v2.129.0

func Runtime_DOTNET_8() Runtime

func Runtime_DOTNET_CORE_1

func Runtime_DOTNET_CORE_1() Runtime

func Runtime_DOTNET_CORE_2

func Runtime_DOTNET_CORE_2() Runtime

func Runtime_DOTNET_CORE_2_1

func Runtime_DOTNET_CORE_2_1() Runtime

func Runtime_DOTNET_CORE_3_1

func Runtime_DOTNET_CORE_3_1() Runtime

func Runtime_FROM_IMAGE

func Runtime_FROM_IMAGE() Runtime

func Runtime_GO_1_X

func Runtime_GO_1_X() Runtime

func Runtime_JAVA_11

func Runtime_JAVA_11() Runtime

func Runtime_JAVA_17 added in v2.77.0

func Runtime_JAVA_17() Runtime

func Runtime_JAVA_21 added in v2.109.0

func Runtime_JAVA_21() Runtime

func Runtime_JAVA_8

func Runtime_JAVA_8() Runtime

func Runtime_JAVA_8_CORRETTO

func Runtime_JAVA_8_CORRETTO() Runtime

func Runtime_NODEJS

func Runtime_NODEJS() Runtime

func Runtime_NODEJS_10_X

func Runtime_NODEJS_10_X() Runtime

func Runtime_NODEJS_12_X

func Runtime_NODEJS_12_X() Runtime

func Runtime_NODEJS_14_X

func Runtime_NODEJS_14_X() Runtime

func Runtime_NODEJS_16_X added in v2.24.0

func Runtime_NODEJS_16_X() Runtime

func Runtime_NODEJS_18_X added in v2.51.0

func Runtime_NODEJS_18_X() Runtime

func Runtime_NODEJS_20_X added in v2.107.0

func Runtime_NODEJS_20_X() Runtime

func Runtime_NODEJS_4_3

func Runtime_NODEJS_4_3() Runtime

func Runtime_NODEJS_6_10

func Runtime_NODEJS_6_10() Runtime

func Runtime_NODEJS_8_10

func Runtime_NODEJS_8_10() Runtime

func Runtime_NODEJS_LATEST added in v2.93.0

func Runtime_NODEJS_LATEST() Runtime

func Runtime_PROVIDED

func Runtime_PROVIDED() Runtime

func Runtime_PROVIDED_AL2

func Runtime_PROVIDED_AL2() Runtime

func Runtime_PROVIDED_AL2023 added in v2.105.0

func Runtime_PROVIDED_AL2023() Runtime

func Runtime_PYTHON_2_7

func Runtime_PYTHON_2_7() Runtime

func Runtime_PYTHON_3_10 added in v2.75.0

func Runtime_PYTHON_3_10() Runtime

func Runtime_PYTHON_3_11 added in v2.88.0

func Runtime_PYTHON_3_11() Runtime

func Runtime_PYTHON_3_12 added in v2.108.0

func Runtime_PYTHON_3_12() Runtime

func Runtime_PYTHON_3_6

func Runtime_PYTHON_3_6() Runtime

func Runtime_PYTHON_3_7

func Runtime_PYTHON_3_7() Runtime

func Runtime_PYTHON_3_8

func Runtime_PYTHON_3_8() Runtime

func Runtime_PYTHON_3_9

func Runtime_PYTHON_3_9() Runtime

func Runtime_RUBY_2_5

func Runtime_RUBY_2_5() Runtime

func Runtime_RUBY_2_7

func Runtime_RUBY_2_7() Runtime

func Runtime_RUBY_3_2 added in v2.82.0

func Runtime_RUBY_3_2() Runtime

func Runtime_RUBY_3_3 added in v2.135.0

func Runtime_RUBY_3_3() Runtime

type RuntimeFamily

type RuntimeFamily string
const (
	RuntimeFamily_NODEJS      RuntimeFamily = "NODEJS"
	RuntimeFamily_JAVA        RuntimeFamily = "JAVA"
	RuntimeFamily_PYTHON      RuntimeFamily = "PYTHON"
	RuntimeFamily_DOTNET_CORE RuntimeFamily = "DOTNET_CORE"
	RuntimeFamily_GO          RuntimeFamily = "GO"
	RuntimeFamily_RUBY        RuntimeFamily = "RUBY"
	RuntimeFamily_OTHER       RuntimeFamily = "OTHER"
)

type RuntimeManagementMode added in v2.64.0

Specify the runtime update mode.

Example:

lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	RuntimeManagementMode: lambda.RuntimeManagementMode_AUTO(),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

func NewRuntimeManagementMode added in v2.64.0

func NewRuntimeManagementMode(mode *string, arn *string) RuntimeManagementMode

func RuntimeManagementMode_AUTO added in v2.64.0

func RuntimeManagementMode_AUTO() RuntimeManagementMode

func RuntimeManagementMode_FUNCTION_UPDATE added in v2.64.0

func RuntimeManagementMode_FUNCTION_UPDATE() RuntimeManagementMode

func RuntimeManagementMode_Manual added in v2.64.0

func RuntimeManagementMode_Manual(arn *string) RuntimeManagementMode

You specify a runtime version in your function configuration.

The function uses this runtime version indefinitely. In the rare case in which a new runtime version is incompatible with an existing function, you can use this mode to roll back your function to an earlier runtime version.

type S3Code

type S3Code interface {
	Code
	// Determines whether this Code is inline code or not.
	IsInline() *bool
	// Called when the lambda or layer is initialized to allow this object to bind to the stack, add resources and have fun.
	Bind(_scope constructs.Construct) *CodeConfig
	// Called after the CFN function resource has been created to allow the code class to bind to it.
	//
	// Specifically it's required to allow assets to add
	// metadata for tooling like SAM CLI to be able to find their origins.
	BindToResource(_resource awscdk.CfnResource, _options *ResourceBindOptions)
}

Lambda code from an S3 archive.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var bucket bucket

s3Code := awscdk.Aws_lambda.NewS3Code(bucket, jsii.String("key"), jsii.String("objectVersion"))

func AssetCode_FromBucket

func AssetCode_FromBucket(bucket awss3.IBucket, key *string, objectVersion *string) S3Code

Lambda handler code as an S3 object.

func AssetImageCode_FromBucket

func AssetImageCode_FromBucket(bucket awss3.IBucket, key *string, objectVersion *string) S3Code

Lambda handler code as an S3 object.

func CfnParametersCode_FromBucket

func CfnParametersCode_FromBucket(bucket awss3.IBucket, key *string, objectVersion *string) S3Code

Lambda handler code as an S3 object.

func Code_FromBucket

func Code_FromBucket(bucket awss3.IBucket, key *string, objectVersion *string) S3Code

Lambda handler code as an S3 object.

func EcrImageCode_FromBucket

func EcrImageCode_FromBucket(bucket awss3.IBucket, key *string, objectVersion *string) S3Code

Lambda handler code as an S3 object.

func InlineCode_FromBucket

func InlineCode_FromBucket(bucket awss3.IBucket, key *string, objectVersion *string) S3Code

Lambda handler code as an S3 object.

func NewS3Code

func NewS3Code(bucket awss3.IBucket, key *string, objectVersion *string) S3Code

func S3Code_FromBucket

func S3Code_FromBucket(bucket awss3.IBucket, key *string, objectVersion *string) S3Code

Lambda handler code as an S3 object.

type SingletonFunction

type SingletonFunction interface {
	FunctionBase
	// The architecture of this Lambda Function.
	Architecture() Architecture
	// Whether the addPermission() call adds any permissions.
	//
	// True for new Lambdas, false for version $LATEST and imported Lambdas
	// from different accounts.
	CanCreatePermissions() *bool
	// Access the Connections object.
	//
	// Will fail if not a VPC-enabled Lambda Function.
	Connections() awsec2.Connections
	// Returns a `lambda.Version` which represents the current version of this singleton Lambda function. A new version will be created every time the function's configuration changes.
	//
	// You can specify options for this version using the `currentVersionOptions`
	// prop when initializing the `lambda.SingletonFunction`.
	CurrentVersion() Version
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The ARN fo the function.
	FunctionArn() *string
	// The name of the function.
	FunctionName() *string
	// The principal this Lambda Function is running as.
	GrantPrincipal() awsiam.IPrincipal
	// Whether or not this Lambda function was bound to a VPC.
	//
	// If this is is `false`, trying to access the `connections` object will fail.
	IsBoundToVpc() *bool
	// The `$LATEST` version of this function.
	//
	// Note that this is reference to a non-specific AWS Lambda version, which
	// means the function this version refers to can return different results in
	// different invocations.
	//
	// To obtain a reference to an explicit version which references the current
	// function configuration, use `lambdaFunction.currentVersion` instead.
	LatestVersion() IVersion
	// The LogGroup where the Lambda function's logs are made available.
	//
	// If either `logRetention` is set or this property is called, a CloudFormation custom resource is added to the stack that
	// pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
	// period (never expire, by default).
	//
	// Further, if the log group already exists and the `logRetention` is not set, the custom resource will reset the log retention
	// to never expire even if it was configured with a different value.
	LogGroup() awslogs.ILogGroup
	// The tree node.
	Node() constructs.Node
	// The construct node where permissions are attached.
	PermissionsNode() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
	ResourceArnsForGrantInvoke() *[]*string
	// The IAM role associated with this function.
	//
	// Undefined if the function was imported without a role.
	Role() awsiam.IRole
	// The runtime environment for the Lambda function.
	Runtime() Runtime
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// Using node.addDependency() does not work on this method as the underlying lambda function is modeled as a singleton across the stack. Use this method instead to declare dependencies.
	AddDependency(up ...constructs.IDependable)
	// Adds an environment variable to this Lambda function.
	//
	// If this is a ref to a Lambda function, this operation results in a no-op.
	AddEnvironment(key *string, value *string, options *EnvironmentOptions) Function
	// Adds an event source to this function.
	//
	// Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
	//
	// The following example adds an SQS Queue as an event source:
	// “`
	// import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
	// myFunction.addEventSource(new SqsEventSource(myQueue));
	// “`.
	AddEventSource(source IEventSource)
	// Adds an event source that maps to this AWS Lambda function.
	AddEventSourceMapping(id *string, options *EventSourceMappingOptions) EventSourceMapping
	// Adds a url to this lambda function.
	AddFunctionUrl(options *FunctionUrlOptions) FunctionUrl
	// Adds one or more Lambda Layers to this Lambda function.
	AddLayers(layers ...ILayerVersion)
	// Use this method to write to the construct tree.
	//
	// The metadata entries are written to the Cloud Assembly Manifest if the `treeMetadata` property is specified in the props of the App that contains this Construct.
	AddMetadata(type_ *string, data interface{}, options *constructs.MetadataOptions)
	// Adds a permission to the Lambda resource policy.
	AddPermission(name *string, permission *Permission)
	// Adds a statement to the IAM role assumed by the instance.
	AddToRolePolicy(statement awsiam.PolicyStatement)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Configures options for asynchronous invocation.
	ConfigureAsyncInvoke(options *EventInvokeConfigOptions)
	// A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function.
	//
	// - function.currentVersion is invoked before or after the permission is created.
	//
	// This applies only to permissions on Lambda functions, not versions or aliases.
	// This function is overridden as a noOp for QualifiedFunctionBase.
	ConsiderWarningOnInvokeFunctionPermissions(scope constructs.Construct, action *string)
	// The SingletonFunction construct cannot be added as a dependency of another construct using node.addDependency(). Use this method instead to declare this as a dependency of another construct.
	DependOn(down constructs.IConstruct)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity permissions to invoke this Lambda.
	GrantInvoke(grantee awsiam.IGrantable) awsiam.Grant
	// Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
	GrantInvokeCompositePrincipal(compositePrincipal awsiam.CompositePrincipal) *[]awsiam.Grant
	// Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
	GrantInvokeLatestVersion(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke the given version of this Lambda.
	GrantInvokeVersion(grantee awsiam.IGrantable, version IVersion) awsiam.Grant
	// Return the given named metric for this Function.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How long execution of this Lambda takes.
	//
	// Average over 5 minutes.
	MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How many invocations of this Lambda fail.
	//
	// Sum over 5 minutes.
	MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is invoked.
	//
	// Sum over 5 minutes.
	MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is throttled.
	//
	// Sum over 5 minutes.
	MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Returns a string representation of this construct.
	ToString() *string
	WarnInvokeFunctionPermissions(scope constructs.Construct)
}

A Lambda that will only ever be added to a stack once.

This construct is a way to guarantee that the lambda function will be guaranteed to be part of the stack, once and only once, irrespective of how many times the construct is declared to be part of the stack. This is guaranteed as long as the `uuid` property and the optional `lambdaPurpose` property stay the same whenever they're declared into the stack.

Example:

fn := lambda.NewSingletonFunction(this, jsii.String("MyProvider"), functionProps)

awscdk.NewCustomResource(this, jsii.String("MyResource"), &CustomResourceProps{
	ServiceToken: fn.FunctionArn,
})

func NewSingletonFunction

func NewSingletonFunction(scope constructs.Construct, id *string, props *SingletonFunctionProps) SingletonFunction

type SingletonFunctionProps

type SingletonFunctionProps struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
	// See: https://aws-otel.github.io/docs/getting-started/lambda
	//
	// Default: - No ADOT instrumentation.
	//
	AdotInstrumentation *AdotInstrumentationConfig `field:"optional" json:"adotInstrumentation" yaml:"adotInstrumentation"`
	// Whether to allow the Lambda to send all ipv6 network traffic.
	//
	// If set to true, there will only be a single egress rule which allows all
	// outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the
	// Lambda to connect to network targets using ipv6.
	//
	// Do not specify this property if the `securityGroups` or `securityGroup` property is set.
	// Instead, configure `allowAllIpv6Outbound` directly on the security group.
	// Default: false.
	//
	AllowAllIpv6Outbound *bool `field:"optional" json:"allowAllIpv6Outbound" yaml:"allowAllIpv6Outbound"`
	// Whether to allow the Lambda to send all network traffic (except ipv6).
	//
	// If set to false, you must individually add traffic rules to allow the
	// Lambda to connect to network targets.
	//
	// Do not specify this property if the `securityGroups` or `securityGroup` property is set.
	// Instead, configure `allowAllOutbound` directly on the security group.
	// Default: true.
	//
	AllowAllOutbound *bool `field:"optional" json:"allowAllOutbound" yaml:"allowAllOutbound"`
	// Lambda Functions in a public subnet can NOT access the internet.
	//
	// Use this property to acknowledge this limitation and still place the function in a public subnet.
	// See: https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841
	//
	// Default: false.
	//
	AllowPublicSubnet *bool `field:"optional" json:"allowPublicSubnet" yaml:"allowPublicSubnet"`
	// Sets the application log level for the function.
	// Default: "INFO".
	//
	// Deprecated: Use `applicationLogLevelV2` as a property instead.
	ApplicationLogLevel *string `field:"optional" json:"applicationLogLevel" yaml:"applicationLogLevel"`
	// Sets the application log level for the function.
	// Default: ApplicationLogLevel.INFO
	//
	ApplicationLogLevelV2 ApplicationLogLevel `field:"optional" json:"applicationLogLevelV2" yaml:"applicationLogLevelV2"`
	// The system architectures compatible with this lambda function.
	// Default: Architecture.X86_64
	//
	Architecture Architecture `field:"optional" json:"architecture" yaml:"architecture"`
	// Code signing config associated with this function.
	// Default: - Not Sign the Code.
	//
	CodeSigningConfig ICodeSigningConfig `field:"optional" json:"codeSigningConfig" yaml:"codeSigningConfig"`
	// Options for the `lambda.Version` resource automatically created by the `fn.currentVersion` method.
	// Default: - default options as described in `VersionOptions`.
	//
	CurrentVersionOptions *VersionOptions `field:"optional" json:"currentVersionOptions" yaml:"currentVersionOptions"`
	// The SQS queue to use if DLQ is enabled.
	//
	// If SNS topic is desired, specify `deadLetterTopic` property instead.
	// Default: - SQS queue with 14 day retention period if `deadLetterQueueEnabled` is `true`.
	//
	DeadLetterQueue awssqs.IQueue `field:"optional" json:"deadLetterQueue" yaml:"deadLetterQueue"`
	// Enabled DLQ.
	//
	// If `deadLetterQueue` is undefined,
	// an SQS queue with default options will be defined for your Function.
	// Default: - false unless `deadLetterQueue` is set, which implies DLQ is enabled.
	//
	DeadLetterQueueEnabled *bool `field:"optional" json:"deadLetterQueueEnabled" yaml:"deadLetterQueueEnabled"`
	// The SNS topic to use as a DLQ.
	//
	// Note that if `deadLetterQueueEnabled` is set to `true`, an SQS queue will be created
	// rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
	// Default: - no SNS topic.
	//
	DeadLetterTopic awssns.ITopic `field:"optional" json:"deadLetterTopic" yaml:"deadLetterTopic"`
	// A description of the function.
	// Default: - No description.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Key-value pairs that Lambda caches and makes available for your Lambda functions.
	//
	// Use environment variables to apply configuration changes, such
	// as test and production environment configurations, without changing your
	// Lambda function source code.
	// Default: - No environment variables.
	//
	Environment *map[string]*string `field:"optional" json:"environment" yaml:"environment"`
	// The AWS KMS key that's used to encrypt your function's environment variables.
	// Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).
	//
	EnvironmentEncryption awskms.IKey `field:"optional" json:"environmentEncryption" yaml:"environmentEncryption"`
	// The size of the function’s /tmp directory in MiB.
	// Default: 512 MiB.
	//
	EphemeralStorageSize awscdk.Size `field:"optional" json:"ephemeralStorageSize" yaml:"ephemeralStorageSize"`
	// Event sources for this function.
	//
	// You can also add event sources using `addEventSource`.
	// Default: - No event sources.
	//
	Events *[]IEventSource `field:"optional" json:"events" yaml:"events"`
	// The filesystem configuration for the lambda function.
	// Default: - will not mount any filesystem.
	//
	Filesystem FileSystem `field:"optional" json:"filesystem" yaml:"filesystem"`
	// A name for the function.
	// Default: - AWS CloudFormation generates a unique physical ID and uses that
	// ID for the function's name. For more information, see Name Type.
	//
	FunctionName *string `field:"optional" json:"functionName" yaml:"functionName"`
	// Initial policy statements to add to the created Lambda Role.
	//
	// You can call `addToRolePolicy` to the created lambda to add statements post creation.
	// Default: - No policy statements are added to the created Lambda role.
	//
	InitialPolicy *[]awsiam.PolicyStatement `field:"optional" json:"initialPolicy" yaml:"initialPolicy"`
	// Specify the version of CloudWatch Lambda insights to use for monitoring.
	// See: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-Getting-Started-docker.html
	//
	// Default: - No Lambda Insights.
	//
	InsightsVersion LambdaInsightsVersion `field:"optional" json:"insightsVersion" yaml:"insightsVersion"`
	// Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
	//
	// Only used if 'vpc' is supplied.
	// Default: false.
	//
	Ipv6AllowedForDualStack *bool `field:"optional" json:"ipv6AllowedForDualStack" yaml:"ipv6AllowedForDualStack"`
	// A list of layers to add to the function's execution environment.
	//
	// You can configure your Lambda function to pull in
	// additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies
	// that can be used by multiple functions.
	// Default: - No layers.
	//
	Layers *[]ILayerVersion `field:"optional" json:"layers" yaml:"layers"`
	// Sets the logFormat for the function.
	// Default: "Text".
	//
	// Deprecated: Use `loggingFormat` as a property instead.
	LogFormat *string `field:"optional" json:"logFormat" yaml:"logFormat"`
	// Sets the loggingFormat for the function.
	// Default: LoggingFormat.TEXT
	//
	LoggingFormat LoggingFormat `field:"optional" json:"loggingFormat" yaml:"loggingFormat"`
	// The log group the function sends logs to.
	//
	// By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name\>.
	// However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
	//
	// Use the `logGroup` property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
	//
	// Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16.
	// If you are deploying to another type of region, please check regional availability first.
	// Default: `/aws/lambda/${this.functionName}` - default log group created by Lambda
	//
	LogGroup awslogs.ILogGroup `field:"optional" json:"logGroup" yaml:"logGroup"`
	// The number of days log events are kept in CloudWatch Logs.
	//
	// When updating
	// this property, unsetting it doesn't remove the log retention policy. To
	// remove the retention policy, set the value to `INFINITE`.
	//
	// This is a legacy API and we strongly recommend you move away from it if you can.
	// Instead create a fully customizable log group with `logs.LogGroup` and use the `logGroup` property
	// to instruct the Lambda function to send logs to it.
	// Migrating from `logRetention` to `logGroup` will cause the name of the log group to change.
	// Users and code and referencing the name verbatim will have to adjust.
	//
	// In AWS CDK code, you can access the log group name directly from the LogGroup construct:
	// “`ts
	// import * as logs from 'aws-cdk-lib/aws-logs';
	//
	// declare const myLogGroup: logs.LogGroup;
	// myLogGroup.logGroupName;
	// “`.
	// Default: logs.RetentionDays.INFINITE
	//
	LogRetention awslogs.RetentionDays `field:"optional" json:"logRetention" yaml:"logRetention"`
	// When log retention is specified, a custom resource attempts to create the CloudWatch log group.
	//
	// These options control the retry policy when interacting with CloudWatch APIs.
	//
	// This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
	// `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
	// Default: - Default AWS SDK retry options.
	//
	LogRetentionRetryOptions *LogRetentionRetryOptions `field:"optional" json:"logRetentionRetryOptions" yaml:"logRetentionRetryOptions"`
	// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
	//
	// This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
	// `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
	// Default: - A new role is created.
	//
	LogRetentionRole awsiam.IRole `field:"optional" json:"logRetentionRole" yaml:"logRetentionRole"`
	// The amount of memory, in MB, that is allocated to your Lambda function.
	//
	// Lambda uses this value to proportionally allocate the amount of CPU
	// power. For more information, see Resource Model in the AWS Lambda
	// Developer Guide.
	// Default: 128.
	//
	MemorySize *float64 `field:"optional" json:"memorySize" yaml:"memorySize"`
	// Specify the configuration of Parameters and Secrets Extension.
	// See: https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html
	//
	// Default: - No Parameters and Secrets Extension.
	//
	ParamsAndSecrets ParamsAndSecretsLayerVersion `field:"optional" json:"paramsAndSecrets" yaml:"paramsAndSecrets"`
	// Enable profiling.
	// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
	//
	// Default: - No profiling.
	//
	Profiling *bool `field:"optional" json:"profiling" yaml:"profiling"`
	// Profiling Group.
	// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
	//
	// Default: - A new profiling group will be created if `profiling` is set.
	//
	ProfilingGroup awscodeguruprofiler.IProfilingGroup `field:"optional" json:"profilingGroup" yaml:"profilingGroup"`
	// Sets the Recursive Loop Protection for Lambda Function.
	//
	// It lets Lambda detect and terminate unintended recusrive loops.
	// Default: RecursiveLoop.Terminate
	//
	RecursiveLoop RecursiveLoop `field:"optional" json:"recursiveLoop" yaml:"recursiveLoop"`
	// The maximum of concurrent executions you want to reserve for the function.
	// See: https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html
	//
	// Default: - No specific limit - account limit.
	//
	ReservedConcurrentExecutions *float64 `field:"optional" json:"reservedConcurrentExecutions" yaml:"reservedConcurrentExecutions"`
	// Lambda execution role.
	//
	// This is the role that will be assumed by the function upon execution.
	// It controls the permissions that the function will have. The Role must
	// be assumable by the 'lambda.amazonaws.com' service principal.
	//
	// The default Role automatically has permissions granted for Lambda execution. If you
	// provide a Role, you must add the relevant AWS managed policies yourself.
	//
	// The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and
	// "service-role/AWSLambdaVPCAccessExecutionRole".
	// Default: - A unique role will be generated for this lambda function.
	// Both supplied and generated roles can always be changed by calling `addToRolePolicy`.
	//
	Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
	// Sets the runtime management configuration for a function's version.
	// Default: Auto.
	//
	RuntimeManagementMode RuntimeManagementMode `field:"optional" json:"runtimeManagementMode" yaml:"runtimeManagementMode"`
	// The list of security groups to associate with the Lambda's network interfaces.
	//
	// Only used if 'vpc' is supplied.
	// Default: - If the function is placed within a VPC and a security group is
	// not specified, either by this or securityGroup prop, a dedicated security
	// group will be created for this function.
	//
	SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
	// Enable SnapStart for Lambda Function.
	//
	// SnapStart is currently supported only for Java 11, 17 runtime.
	// Default: - No snapstart.
	//
	SnapStart SnapStartConf `field:"optional" json:"snapStart" yaml:"snapStart"`
	// Sets the system log level for the function.
	// Default: "INFO".
	//
	// Deprecated: Use `systemLogLevelV2` as a property instead.
	SystemLogLevel *string `field:"optional" json:"systemLogLevel" yaml:"systemLogLevel"`
	// Sets the system log level for the function.
	// Default: SystemLogLevel.INFO
	//
	SystemLogLevelV2 SystemLogLevel `field:"optional" json:"systemLogLevelV2" yaml:"systemLogLevelV2"`
	// The function execution time (in seconds) after which Lambda terminates the function.
	//
	// Because the execution time affects cost, set this value
	// based on the function's expected execution time.
	// Default: Duration.seconds(3)
	//
	Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
	// Enable AWS X-Ray Tracing for Lambda Function.
	// Default: Tracing.Disabled
	//
	Tracing Tracing `field:"optional" json:"tracing" yaml:"tracing"`
	// VPC network to place Lambda network interfaces.
	//
	// Specify this if the Lambda function needs to access resources in a VPC.
	// This is required when `vpcSubnets` is specified.
	// Default: - Function is not placed within a VPC.
	//
	Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
	// Where to place the network interfaces within the VPC.
	//
	// This requires `vpc` to be specified in order for interfaces to actually be
	// placed in the subnets. If `vpc` is not specify, this will raise an error.
	//
	// Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
	// public subnets is not allowed (unless `allowPublicSubnet` is set to `true`).
	// Default: - the Vpc default strategy if not specified.
	//
	VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
	// The source code of your Lambda function.
	//
	// You can point to a file in an
	// Amazon Simple Storage Service (Amazon S3) bucket or specify your source
	// code as inline text.
	Code Code `field:"required" json:"code" yaml:"code"`
	// The name of the method within your code that Lambda calls to execute your function.
	//
	// The format includes the file name. It can also include
	// namespaces and other qualifiers, depending on the runtime.
	// For more information, see https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html.
	//
	// Use `Handler.FROM_IMAGE` when defining a function from a Docker image.
	//
	// NOTE: If you specify your source code as inline text by specifying the
	// ZipFile property within the Code property, specify index.function_name as
	// the handler.
	Handler *string `field:"required" json:"handler" yaml:"handler"`
	// The runtime environment for the Lambda function that you are uploading.
	//
	// For valid values, see the Runtime property in the AWS Lambda Developer
	// Guide.
	//
	// Use `Runtime.FROM_IMAGE` when defining a function from a Docker image.
	Runtime Runtime `field:"required" json:"runtime" yaml:"runtime"`
	// A unique identifier to identify this lambda.
	//
	// The identifier should be unique across all custom resource providers.
	// We recommend generating a UUID per provider.
	Uuid *string `field:"required" json:"uuid" yaml:"uuid"`
	// A descriptive name for the purpose of this Lambda.
	//
	// If the Lambda does not have a physical name, this string will be
	// reflected its generated name. The combination of lambdaPurpose
	// and uuid must be unique.
	// Default: SingletonLambda.
	//
	LambdaPurpose *string `field:"optional" json:"lambdaPurpose" yaml:"lambdaPurpose"`
}

Properties for a newly created singleton Lambda.

Example:

fn := lambda.NewSingletonFunction(this, jsii.String("MyProvider"), functionProps)

awscdk.NewCustomResource(this, jsii.String("MyResource"), &CustomResourceProps{
	ServiceToken: fn.FunctionArn,
})

type SnapStartConf added in v2.94.0

type SnapStartConf interface {
}

Example:

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("handler.zip"))),
	Runtime: lambda.Runtime_JAVA_11(),
	Handler: jsii.String("example.Handler::handleRequest"),
	SnapStart: lambda.SnapStartConf_ON_PUBLISHED_VERSIONS(),
})

version := fn.currentVersion

func SnapStartConf_ON_PUBLISHED_VERSIONS added in v2.94.0

func SnapStartConf_ON_PUBLISHED_VERSIONS() SnapStartConf

type SourceAccessConfiguration

type SourceAccessConfiguration struct {
	// The type of authentication protocol or the VPC components for your event source.
	//
	// For example: "SASL_SCRAM_512_AUTH".
	Type SourceAccessConfigurationType `field:"required" json:"type" yaml:"type"`
	// The value for your chosen configuration in type.
	//
	// For example: "URI": "arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName".
	// The exact string depends on the type.
	// See: SourceAccessConfigurationType.
	//
	Uri *string `field:"required" json:"uri" yaml:"uri"`
}

Specific settings like the authentication protocol or the VPC components to secure access to your event source.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var sourceAccessConfigurationType sourceAccessConfigurationType

sourceAccessConfiguration := &SourceAccessConfiguration{
	Type: sourceAccessConfigurationType,
	Uri: jsii.String("uri"),
}

type SourceAccessConfigurationType

type SourceAccessConfigurationType interface {
	// The key to use in `SourceAccessConfigurationProperty.Type` property in CloudFormation.
	// See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-lambda-eventsourcemapping-sourceaccessconfiguration.html#cfn-lambda-eventsourcemapping-sourceaccessconfiguration-type
	//
	Type() *string
}

The type of authentication protocol or the VPC components for your event source's SourceAccessConfiguration.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

sourceAccessConfigurationType := awscdk.Aws_lambda.SourceAccessConfigurationType_BASIC_AUTH()

See: https://docs.aws.amazon.com/lambda/latest/dg/API_SourceAccessConfiguration.html#SSS-Type-SourceAccessConfiguration-Type

func SourceAccessConfigurationType_BASIC_AUTH

func SourceAccessConfigurationType_BASIC_AUTH() SourceAccessConfigurationType

func SourceAccessConfigurationType_CLIENT_CERTIFICATE_TLS_AUTH added in v2.7.0

func SourceAccessConfigurationType_CLIENT_CERTIFICATE_TLS_AUTH() SourceAccessConfigurationType

func SourceAccessConfigurationType_Of

func SourceAccessConfigurationType_Of(name *string) SourceAccessConfigurationType

A custom source access configuration property.

func SourceAccessConfigurationType_SASL_SCRAM_256_AUTH

func SourceAccessConfigurationType_SASL_SCRAM_256_AUTH() SourceAccessConfigurationType

func SourceAccessConfigurationType_SASL_SCRAM_512_AUTH

func SourceAccessConfigurationType_SASL_SCRAM_512_AUTH() SourceAccessConfigurationType

func SourceAccessConfigurationType_SERVER_ROOT_CA_CERTIFICATE added in v2.37.0

func SourceAccessConfigurationType_SERVER_ROOT_CA_CERTIFICATE() SourceAccessConfigurationType

func SourceAccessConfigurationType_VPC_SECURITY_GROUP

func SourceAccessConfigurationType_VPC_SECURITY_GROUP() SourceAccessConfigurationType

func SourceAccessConfigurationType_VPC_SUBNET

func SourceAccessConfigurationType_VPC_SUBNET() SourceAccessConfigurationType

type StartingPosition

type StartingPosition string

The position in the DynamoDB, Kinesis or MSK stream where AWS Lambda should start reading.

Example:

import "github.com/aws/aws-cdk-go/awscdk"
import "github.com/aws/aws-cdk-go/awscdk"

var myFunction function

// Your MSK cluster arn
clusterArn := "arn:aws:kafka:us-east-1:0123456789019:cluster/SalesCluster/abcd1234-abcd-cafe-abab-9876543210ab-4"

// The Kafka topic you want to subscribe to
topic := "some-cool-topic"

// Your self managed KMS key
myKey := awscdk.Key_FromKeyArn(this, jsii.String("SourceBucketEncryptionKey"), jsii.String("arn:aws:kms:us-east-1:123456789012:key/<key-id>"))
myFunction.AddEventSource(awscdk.NewManagedKafkaEventSource(&ManagedKafkaEventSourceProps{
	ClusterArn: jsii.String(ClusterArn),
	Topic: jsii.String(Topic),
	StartingPosition: lambda.StartingPosition_TRIM_HORIZON,
	Filters: []map[string]interface{}{
		lambda.FilterCriteria_Filter(map[string]interface{}{
			"stringEquals": lambda.FilterRule_isEqual(jsii.String("test")),
		}),
	},
	FilterEncryption: myKey,
}))
const (
	// Start reading at the last untrimmed record in the shard in the system, which is the oldest data record in the shard.
	StartingPosition_TRIM_HORIZON StartingPosition = "TRIM_HORIZON"
	// Start reading just after the most recent record in the shard, so that you always read the most recent data in the shard.
	StartingPosition_LATEST StartingPosition = "LATEST"
	// Start reading from a position defined by a time stamp.
	//
	// Only supported for Amazon Kinesis streams, otherwise an error will occur.
	// If supplied, `startingPositionTimestamp` must also be set.
	StartingPosition_AT_TIMESTAMP StartingPosition = "AT_TIMESTAMP"
)

type SystemLogLevel added in v2.110.0

type SystemLogLevel string

Lambda service will automatically captures system logs about function invocation generated by the Lambda service (known as system logs) and sends these logs to a default CloudWatch log group named after the Lambda function.

Example:

import "github.com/aws/aws-cdk-go/awscdk"

var logGroup iLogGroup

lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	Code: lambda.NewInlineCode(jsii.String("foo")),
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_18_X(),
	LoggingFormat: lambda.LoggingFormat_JSON,
	SystemLogLevelV2: lambda.SystemLogLevel_INFO,
	ApplicationLogLevelV2: lambda.ApplicationLogLevel_INFO,
	LogGroup: logGroup,
})
const (
	// Lambda will capture only logs at info level.
	SystemLogLevel_INFO SystemLogLevel = "INFO"
	// Lambda will capture only logs at debug level.
	SystemLogLevel_DEBUG SystemLogLevel = "DEBUG"
	// Lambda will capture only logs at warn level.
	SystemLogLevel_WARN SystemLogLevel = "WARN"
)

type Tracing

type Tracing string

X-Ray Tracing Modes (https://docs.aws.amazon.com/lambda/latest/dg/API_TracingConfig.html).

Example:

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromInline(jsii.String("exports.handler = function(event, ctx, cb) { return cb(null, \"hi\"); }")),
	Tracing: lambda.Tracing_ACTIVE,
})
const (
	// Lambda will respect any tracing header it receives from an upstream service.
	//
	// If no tracing header is received, Lambda will sample the request based on a fixed rate. Please see the [Using AWS Lambda with AWS X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) documentation for details on this sampling behavior.
	Tracing_ACTIVE Tracing = "ACTIVE"
	// Lambda will only trace the request from an upstream service if it contains a tracing header with "sampled=1".
	Tracing_PASS_THROUGH Tracing = "PASS_THROUGH"
	// Lambda will not trace any request.
	Tracing_DISABLED Tracing = "DISABLED"
)

type UntrustedArtifactOnDeployment

type UntrustedArtifactOnDeployment string

Code signing configuration policy for deployment validation failure.

const (
	// Lambda blocks the deployment request if signature validation checks fail.
	UntrustedArtifactOnDeployment_ENFORCE UntrustedArtifactOnDeployment = "ENFORCE"
	// Lambda allows the deployment of the code package, but issues a warning.
	//
	// Lambda issues a new Amazon CloudWatch metric, called a signature validation error and also stores the warning in CloudTrail.
	UntrustedArtifactOnDeployment_WARN UntrustedArtifactOnDeployment = "WARN"
)

type UtilizationScalingOptions

type UtilizationScalingOptions struct {
	// Indicates whether scale in by the target tracking policy is disabled.
	//
	// If the value is true, scale in is disabled and the target tracking policy
	// won't remove capacity from the scalable resource. Otherwise, scale in is
	// enabled and the target tracking policy can remove capacity from the
	// scalable resource.
	// Default: false.
	//
	DisableScaleIn *bool `field:"optional" json:"disableScaleIn" yaml:"disableScaleIn"`
	// A name for the scaling policy.
	// Default: - Automatically generated name.
	//
	PolicyName *string `field:"optional" json:"policyName" yaml:"policyName"`
	// Period after a scale in activity completes before another scale in activity can start.
	// Default: Duration.seconds(300) for the following scalable targets: ECS services,
	// Spot Fleet requests, EMR clusters, AppStream 2.0 fleets, Aurora DB clusters,
	// Amazon SageMaker endpoint variants, Custom resources. For all other scalable
	// targets, the default value is Duration.seconds(0): DynamoDB tables, DynamoDB
	// global secondary indexes, Amazon Comprehend document classification endpoints,
	// Lambda provisioned concurrency.
	//
	ScaleInCooldown awscdk.Duration `field:"optional" json:"scaleInCooldown" yaml:"scaleInCooldown"`
	// Period after a scale out activity completes before another scale out activity can start.
	// Default: Duration.seconds(300) for the following scalable targets: ECS services,
	// Spot Fleet requests, EMR clusters, AppStream 2.0 fleets, Aurora DB clusters,
	// Amazon SageMaker endpoint variants, Custom resources. For all other scalable
	// targets, the default value is Duration.seconds(0): DynamoDB tables, DynamoDB
	// global secondary indexes, Amazon Comprehend document classification endpoints,
	// Lambda provisioned concurrency.
	//
	ScaleOutCooldown awscdk.Duration `field:"optional" json:"scaleOutCooldown" yaml:"scaleOutCooldown"`
	// Utilization target for the attribute.
	//
	// For example, .5 indicates that 50 percent of allocated provisioned concurrency is in use.
	UtilizationTarget *float64 `field:"required" json:"utilizationTarget" yaml:"utilizationTarget"`
}

Options for enabling Lambda utilization tracking.

Example:

import autoscaling "github.com/aws/aws-cdk-go/awscdk"

var fn function

alias := fn.AddAlias(jsii.String("prod"))

// Create AutoScaling target
as := alias.AddAutoScaling(&AutoScalingOptions{
	MaxCapacity: jsii.Number(50),
})

// Configure Target Tracking
as.ScaleOnUtilization(&UtilizationScalingOptions{
	UtilizationTarget: jsii.Number(0.5),
})

// Configure Scheduled Scaling
as.ScaleOnSchedule(jsii.String("ScaleUpInTheMorning"), &ScalingSchedule{
	Schedule: autoscaling.Schedule_Cron(&CronOptions{
		Hour: jsii.String("8"),
		Minute: jsii.String("0"),
	}),
	MinCapacity: jsii.Number(20),
})

type Version

type Version interface {
	QualifiedFunctionBase
	IVersion
	// The architecture of this Lambda Function.
	Architecture() Architecture
	// Whether the addPermission() call adds any permissions.
	//
	// True for new Lambdas, false for version $LATEST and imported Lambdas
	// from different accounts.
	CanCreatePermissions() *bool
	// Access the Connections object.
	//
	// Will fail if not a VPC-enabled Lambda Function.
	Connections() awsec2.Connections
	// The ARN of the version for Lambda@Edge.
	EdgeArn() *string
	// The environment this resource belongs to.
	//
	// For resources that are created and managed by the CDK
	// (generally, those created by creating new class instances like Role, Bucket, etc.),
	// this is always the same as the environment of the stack they belong to;
	// however, for imported resources
	// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
	// that might be different than the stack they were imported into.
	Env() *awscdk.ResourceEnvironment
	// The ARN fo the function.
	FunctionArn() *string
	// The name of the function.
	FunctionName() *string
	// The principal this Lambda Function is running as.
	GrantPrincipal() awsiam.IPrincipal
	// Whether or not this Lambda function was bound to a VPC.
	//
	// If this is is `false`, trying to access the `connections` object will fail.
	IsBoundToVpc() *bool
	// The underlying `IFunction`.
	Lambda() IFunction
	// The `$LATEST` version of this function.
	//
	// Note that this is reference to a non-specific AWS Lambda version, which
	// means the function this version refers to can return different results in
	// different invocations.
	//
	// To obtain a reference to an explicit version which references the current
	// function configuration, use `lambdaFunction.currentVersion` instead.
	LatestVersion() IVersion
	// The tree node.
	Node() constructs.Node
	// The construct node where permissions are attached.
	PermissionsNode() constructs.Node
	// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
	//
	// This value will resolve to one of the following:
	// - a concrete value (e.g. `"my-awesome-bucket"`)
	// - `undefined`, when a name should be generated by CloudFormation
	// - a concrete name generated automatically during synthesis, in
	//   cross-environment scenarios.
	PhysicalName() *string
	// The qualifier of the version or alias of this function.
	//
	// A qualifier is the identifier that's appended to a version or alias ARN.
	Qualifier() *string
	// The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
	ResourceArnsForGrantInvoke() *[]*string
	// The IAM role associated with this function.
	//
	// Undefined if the function was imported without a role.
	Role() awsiam.IRole
	// The stack in which this resource is defined.
	Stack() awscdk.Stack
	// The most recently deployed version of this function.
	Version() *string
	// Defines an alias for this version.
	// Deprecated: Calling `addAlias` on a `Version` object will cause the Alias to be replaced on every function update. Call `function.addAlias()` or `new Alias()` instead.
	AddAlias(aliasName *string, options *AliasOptions) Alias
	// Adds an event source to this function.
	//
	// Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
	//
	// The following example adds an SQS Queue as an event source:
	// “`
	// import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
	// myFunction.addEventSource(new SqsEventSource(myQueue));
	// “`.
	AddEventSource(source IEventSource)
	// Adds an event source that maps to this AWS Lambda function.
	AddEventSourceMapping(id *string, options *EventSourceMappingOptions) EventSourceMapping
	// Adds a url to this lambda function.
	AddFunctionUrl(options *FunctionUrlOptions) FunctionUrl
	// Adds a permission to the Lambda resource policy.
	// See: Permission for details.
	//
	AddPermission(id *string, permission *Permission)
	// Adds a statement to the IAM role assumed by the instance.
	AddToRolePolicy(statement awsiam.PolicyStatement)
	// Apply the given removal policy to this resource.
	//
	// The Removal Policy controls what happens to this resource when it stops
	// being managed by CloudFormation, either because you've removed it from the
	// CDK application or because you've made a change that requires the resource
	// to be replaced.
	//
	// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
	// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	// Configures options for asynchronous invocation.
	ConfigureAsyncInvoke(options *EventInvokeConfigOptions)
	// A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function.
	//
	// - function.currentVersion is invoked before or after the permission is created.
	//
	// This applies only to permissions on Lambda functions, not versions or aliases.
	// This function is overridden as a noOp for QualifiedFunctionBase.
	ConsiderWarningOnInvokeFunctionPermissions(_scope constructs.Construct, _action *string)
	GeneratePhysicalName() *string
	// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
	//
	// Normally, this token will resolve to `arnAttr`, but if the resource is
	// referenced across environments, `arnComponents` will be used to synthesize
	// a concrete ARN with the resource's physical name. Make sure to reference
	// `this.physicalName` in `arnComponents`.
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
	//
	// Normally, this token will resolve to `nameAttr`, but if the resource is
	// referenced across environments, it will be resolved to `this.physicalName`,
	// which will be a concrete name.
	GetResourceNameAttribute(nameAttr *string) *string
	// Grant the given identity permissions to invoke this Lambda.
	GrantInvoke(grantee awsiam.IGrantable) awsiam.Grant
	// Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
	GrantInvokeCompositePrincipal(compositePrincipal awsiam.CompositePrincipal) *[]awsiam.Grant
	// Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
	GrantInvokeLatestVersion(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke this Lambda Function URL.
	GrantInvokeUrl(grantee awsiam.IGrantable) awsiam.Grant
	// Grant the given identity permissions to invoke the given version of this Lambda.
	GrantInvokeVersion(grantee awsiam.IGrantable, version IVersion) awsiam.Grant
	// Return the given named metric for this Function.
	Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How long execution of this Lambda takes.
	//
	// Average over 5 minutes.
	MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How many invocations of this Lambda fail.
	//
	// Sum over 5 minutes.
	MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is invoked.
	//
	// Sum over 5 minutes.
	MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// How often this Lambda is throttled.
	//
	// Sum over 5 minutes.
	MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
	// Returns a string representation of this construct.
	ToString() *string
	WarnInvokeFunctionPermissions(scope constructs.Construct)
}

Tag the current state of a Function with a Version number.

Avoid using this resource directly. If you need a Version object, use `function.currentVersion` instead. That will add a Version object to your template, and make sure the Version is invalidated whenever the Function object changes. If you use the `Version` resource directly, you are responsible for making sure it is invalidated (by changing its logical ID) whenever necessary.

Version resources can then be used in `Alias` resources to refer to a particular deployment of a Lambda.

If you want to ensure that you're associating the right version with the right deployment, specify the `codeSha256` property while creating the `Version.

Example:

lambdaCode := lambda.Code_FromCfnParameters()
func := lambda.NewFunction(this, jsii.String("Lambda"), &FunctionProps{
	Code: lambdaCode,
	Handler: jsii.String("index.handler"),
	Runtime: lambda.Runtime_NODEJS_LATEST(),
})
// used to make sure each CDK synthesis produces a different Version
version := func.currentVersion
alias := lambda.NewAlias(this, jsii.String("LambdaAlias"), &AliasProps{
	AliasName: jsii.String("Prod"),
	Version: Version,
})

codedeploy.NewLambdaDeploymentGroup(this, jsii.String("DeploymentGroup"), &LambdaDeploymentGroupProps{
	Alias: Alias,
	DeploymentConfig: codedeploy.LambdaDeploymentConfig_LINEAR_10PERCENT_EVERY_1MINUTE(),
})

func NewVersion

func NewVersion(scope constructs.Construct, id *string, props *VersionProps) Version

type VersionAttributes

type VersionAttributes struct {
	// The lambda function.
	Lambda IFunction `field:"required" json:"lambda" yaml:"lambda"`
	// The version.
	Version *string `field:"required" json:"version" yaml:"version"`
}

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var function_ function

versionAttributes := &VersionAttributes{
	Lambda: function_,
	Version: jsii.String("version"),
}

type VersionOptions

type VersionOptions struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// SHA256 of the version of the Lambda source code.
	//
	// Specify to validate that you're deploying the right version.
	// Default: No validation is performed.
	//
	CodeSha256 *string `field:"optional" json:"codeSha256" yaml:"codeSha256"`
	// Description of the version.
	// Default: Description of the Lambda.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Specifies a provisioned concurrency configuration for a function's version.
	// Default: No provisioned concurrency.
	//
	ProvisionedConcurrentExecutions *float64 `field:"optional" json:"provisionedConcurrentExecutions" yaml:"provisionedConcurrentExecutions"`
	// Whether to retain old versions of this function when a new version is created.
	// Default: RemovalPolicy.DESTROY
	//
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
}

Options for `lambda.Version`.

Example:

fn := lambda.NewFunction(this, jsii.String("MyFunction"), &FunctionProps{
	CurrentVersionOptions: &VersionOptions{
		RemovalPolicy: awscdk.RemovalPolicy_RETAIN,
		 // retain old versions
		RetryAttempts: jsii.Number(1),
	},
	Runtime: lambda.Runtime_NODEJS_18_X(),
	Handler: jsii.String("index.handler"),
	Code: lambda.Code_FromAsset(path.join(__dirname, jsii.String("lambda-handler"))),
})

fn.AddAlias(jsii.String("live"))

type VersionProps

type VersionProps struct {
	// The maximum age of a request that Lambda sends to a function for processing.
	//
	// Minimum: 60 seconds
	// Maximum: 6 hours.
	// Default: Duration.hours(6)
	//
	MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
	// The destination for failed invocations.
	// Default: - no destination.
	//
	OnFailure IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
	// The destination for successful invocations.
	// Default: - no destination.
	//
	OnSuccess IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
	// The maximum number of times to retry when the function returns an error.
	//
	// Minimum: 0
	// Maximum: 2.
	// Default: 2.
	//
	RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
	// SHA256 of the version of the Lambda source code.
	//
	// Specify to validate that you're deploying the right version.
	// Default: No validation is performed.
	//
	CodeSha256 *string `field:"optional" json:"codeSha256" yaml:"codeSha256"`
	// Description of the version.
	// Default: Description of the Lambda.
	//
	Description *string `field:"optional" json:"description" yaml:"description"`
	// Specifies a provisioned concurrency configuration for a function's version.
	// Default: No provisioned concurrency.
	//
	ProvisionedConcurrentExecutions *float64 `field:"optional" json:"provisionedConcurrentExecutions" yaml:"provisionedConcurrentExecutions"`
	// Whether to retain old versions of this function when a new version is created.
	// Default: RemovalPolicy.DESTROY
	//
	RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
	// Function to get the value of.
	Lambda IFunction `field:"required" json:"lambda" yaml:"lambda"`
}

Properties for a new Lambda version.

Example:

var fn function

version := lambda.NewVersion(this, jsii.String("MyVersion"), &VersionProps{
	Lambda: fn,
})

type VersionWeight

type VersionWeight struct {
	// The version to route traffic to.
	Version IVersion `field:"required" json:"version" yaml:"version"`
	// How much weight to assign to this version (0..1).
	Weight *float64 `field:"required" json:"weight" yaml:"weight"`
}

A version/weight pair for routing traffic to Lambda functions.

Example:

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import "github.com/aws/aws-cdk-go/awscdk"

var version version

versionWeight := &VersionWeight{
	Version: version,
	Weight: jsii.Number(123),
}

Source Files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL