Documentation ¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EdgeFunction_IsConstruct ¶
func EdgeFunction_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func EdgeFunction_IsResource ¶
func EdgeFunction_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func NewEdgeFunction_Override ¶
func NewEdgeFunction_Override(e EdgeFunction, scope constructs.Construct, id *string, props *EdgeFunctionProps)
Types ¶
type EdgeFunction ¶
type EdgeFunction interface { awscdk.Resource awslambda.IVersion // The system architectures compatible with this lambda function. Architecture() awslambda.Architecture // Not supported. // // Connections are only applicable to VPC-enabled functions. Connections() awsec2.Connections // Convenience method to make `EdgeFunction` conform to the same interface as `Function`. CurrentVersion() awslambda.IVersion // The ARN of the version for Lambda@Edge. EdgeArn() *string // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. Env() *awscdk.ResourceEnvironment // The ARN of the function. FunctionArn() *string // The name of the function. FunctionName() *string // The principal to grant permissions to. GrantPrincipal() awsiam.IPrincipal // Whether or not this Lambda function was bound to a VPC. // // If this is is `false`, trying to access the `connections` object will fail. IsBoundToVpc() *bool // The underlying AWS Lambda function. Lambda() awslambda.IFunction // The `$LATEST` version of this function. // // Note that this is reference to a non-specific AWS Lambda version, which // means the function this version refers to can return different results in // different invocations. // // To obtain a reference to an explicit version which references the current // function configuration, use `lambdaFunction.currentVersion` instead. LatestVersion() awslambda.IVersion // The tree node. Node() constructs.Node // The construct node where permissions are attached. PermissionsNode() constructs.Node // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. PhysicalName() *string // The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). // // This property is for cdk modules to consume only. You should not need to use this property. // Instead, use grantInvoke() directly. ResourceArnsForGrantInvoke() *[]*string // The IAM role associated with this function. Role() awsiam.IRole // The stack in which this resource is defined. Stack() awscdk.Stack // The most recently deployed version of this function. Version() *string // Defines an alias for this version. AddAlias(aliasName *string, options *awslambda.AliasOptions) awslambda.Alias // Adds an event source to this function. AddEventSource(source awslambda.IEventSource) // Adds an event source that maps to this AWS Lambda function. AddEventSourceMapping(id *string, options *awslambda.EventSourceMappingOptions) awslambda.EventSourceMapping // Adds a url to this lambda function. AddFunctionUrl(options *awslambda.FunctionUrlOptions) awslambda.FunctionUrl // Adds a permission to the Lambda resource policy. AddPermission(id *string, permission *awslambda.Permission) // Adds a statement to the IAM role assumed by the instance. AddToRolePolicy(statement awsiam.PolicyStatement) // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). ApplyRemovalPolicy(policy awscdk.RemovalPolicy) // Configures options for asynchronous invocation. ConfigureAsyncInvoke(options *awslambda.EventInvokeConfigOptions) GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. GetResourceNameAttribute(nameAttr *string) *string // Grant the given identity permissions to invoke this Lambda. GrantInvoke(identity awsiam.IGrantable) awsiam.Grant // Grant the given identity permissions to invoke this Lambda Function URL. GrantInvokeUrl(identity awsiam.IGrantable) awsiam.Grant // Return the given named metric for this Lambda Return the given named metric for this Function. Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Metric for the Duration of this Lambda How long execution of this Lambda takes. // // Average over 5 minutes. MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // How many invocations of this Lambda fail. // // Sum over 5 minutes. MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Metric for the number of invocations of this Lambda How often this Lambda is invoked. // // Sum over 5 minutes. MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Metric for the number of throttled invocations of this Lambda How often this Lambda is throttled. // // Sum over 5 minutes. MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric // Returns a string representation of this construct. ToString() *string }
A Lambda@Edge function.
Convenience resource for requesting a Lambda function in the 'us-east-1' region for use with Lambda@Edge. Implements several restrictions enforced by Lambda@Edge.
Note that this construct requires that the 'us-east-1' region has been bootstrapped. See https://docs.aws.amazon.com/cdk/latest/guide/bootstrapping.html or 'cdk bootstrap --help' for options.
Example:
var myBucket bucket // A Lambda@Edge function added to default behavior of a Distribution // and triggered on every request myFunc := #error#.NewEdgeFunction(this, jsii.String("MyFunction"), &edgeFunctionProps{ runtime: lambda.runtime_NODEJS_12_X(), handler: jsii.String("index.handler"), code: lambda.code.fromAsset(path.join(__dirname, jsii.String("lambda-handler"))), }) cloudfront.NewDistribution(this, jsii.String("myDist"), &distributionProps{ defaultBehavior: &behaviorOptions{ origin: origins.NewS3Origin(myBucket), edgeLambdas: []edgeLambda{ &edgeLambda{ functionVersion: myFunc.currentVersion, eventType: cloudfront.lambdaEdgeEventType_VIEWER_REQUEST, }, }, }, })
func NewEdgeFunction ¶
func NewEdgeFunction(scope constructs.Construct, id *string, props *EdgeFunctionProps) EdgeFunction
type EdgeFunctionProps ¶
type EdgeFunctionProps struct { // The maximum age of a request that Lambda sends to a function for processing. // // Minimum: 60 seconds // Maximum: 6 hours. MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"` // The destination for failed invocations. OnFailure awslambda.IDestination `field:"optional" json:"onFailure" yaml:"onFailure"` // The destination for successful invocations. OnSuccess awslambda.IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"` // The maximum number of times to retry when the function returns an error. // // Minimum: 0 // Maximum: 2. RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"` // Whether to allow the Lambda to send all network traffic. // // If set to false, you must individually add traffic rules to allow the // Lambda to connect to network targets. AllowAllOutbound *bool `field:"optional" json:"allowAllOutbound" yaml:"allowAllOutbound"` // Lambda Functions in a public subnet can NOT access the internet. // // Use this property to acknowledge this limitation and still place the function in a public subnet. // See: https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841 // AllowPublicSubnet *bool `field:"optional" json:"allowPublicSubnet" yaml:"allowPublicSubnet"` // The system architectures compatible with this lambda function. Architecture awslambda.Architecture `field:"optional" json:"architecture" yaml:"architecture"` // Code signing config associated with this function. CodeSigningConfig awslambda.ICodeSigningConfig `field:"optional" json:"codeSigningConfig" yaml:"codeSigningConfig"` // Options for the `lambda.Version` resource automatically created by the `fn.currentVersion` method. CurrentVersionOptions *awslambda.VersionOptions `field:"optional" json:"currentVersionOptions" yaml:"currentVersionOptions"` // The SQS queue to use if DLQ is enabled. // // If SNS topic is desired, specify `deadLetterTopic` property instead. DeadLetterQueue awssqs.IQueue `field:"optional" json:"deadLetterQueue" yaml:"deadLetterQueue"` // Enabled DLQ. // // If `deadLetterQueue` is undefined, // an SQS queue with default options will be defined for your Function. DeadLetterQueueEnabled *bool `field:"optional" json:"deadLetterQueueEnabled" yaml:"deadLetterQueueEnabled"` // The SNS topic to use as a DLQ. // // Note that if `deadLetterQueueEnabled` is set to `true`, an SQS queue will be created // rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly. DeadLetterTopic awssns.ITopic `field:"optional" json:"deadLetterTopic" yaml:"deadLetterTopic"` // A description of the function. Description *string `field:"optional" json:"description" yaml:"description"` // Key-value pairs that Lambda caches and makes available for your Lambda functions. // // Use environment variables to apply configuration changes, such // as test and production environment configurations, without changing your // Lambda function source code. Environment *map[string]*string `field:"optional" json:"environment" yaml:"environment"` // The AWS KMS key that's used to encrypt your function's environment variables. EnvironmentEncryption awskms.IKey `field:"optional" json:"environmentEncryption" yaml:"environmentEncryption"` // The size of the function’s /tmp directory in MiB. EphemeralStorageSize awscdk.Size `field:"optional" json:"ephemeralStorageSize" yaml:"ephemeralStorageSize"` // Event sources for this function. // // You can also add event sources using `addEventSource`. Events *[]awslambda.IEventSource `field:"optional" json:"events" yaml:"events"` // The filesystem configuration for the lambda function. Filesystem awslambda.FileSystem `field:"optional" json:"filesystem" yaml:"filesystem"` // A name for the function. FunctionName *string `field:"optional" json:"functionName" yaml:"functionName"` // Initial policy statements to add to the created Lambda Role. // // You can call `addToRolePolicy` to the created lambda to add statements post creation. InitialPolicy *[]awsiam.PolicyStatement `field:"optional" json:"initialPolicy" yaml:"initialPolicy"` // Specify the version of CloudWatch Lambda insights to use for monitoring. // See: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-Getting-Started-docker.html // InsightsVersion awslambda.LambdaInsightsVersion `field:"optional" json:"insightsVersion" yaml:"insightsVersion"` // A list of layers to add to the function's execution environment. // // You can configure your Lambda function to pull in // additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies // that can be used by multiple functions. Layers *[]awslambda.ILayerVersion `field:"optional" json:"layers" yaml:"layers"` // The number of days log events are kept in CloudWatch Logs. // // When updating // this property, unsetting it doesn't remove the log retention policy. To // remove the retention policy, set the value to `INFINITE`. LogRetention awslogs.RetentionDays `field:"optional" json:"logRetention" yaml:"logRetention"` // When log retention is specified, a custom resource attempts to create the CloudWatch log group. // // These options control the retry policy when interacting with CloudWatch APIs. LogRetentionRetryOptions *awslambda.LogRetentionRetryOptions `field:"optional" json:"logRetentionRetryOptions" yaml:"logRetentionRetryOptions"` // The IAM role for the Lambda function associated with the custom resource that sets the retention policy. LogRetentionRole awsiam.IRole `field:"optional" json:"logRetentionRole" yaml:"logRetentionRole"` // The amount of memory, in MB, that is allocated to your Lambda function. // // Lambda uses this value to proportionally allocate the amount of CPU // power. For more information, see Resource Model in the AWS Lambda // Developer Guide. MemorySize *float64 `field:"optional" json:"memorySize" yaml:"memorySize"` // Enable profiling. // See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html // Profiling *bool `field:"optional" json:"profiling" yaml:"profiling"` // Profiling Group. // See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html // ProfilingGroup awscodeguruprofiler.IProfilingGroup `field:"optional" json:"profilingGroup" yaml:"profilingGroup"` // The maximum of concurrent executions you want to reserve for the function. // See: https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html // ReservedConcurrentExecutions *float64 `field:"optional" json:"reservedConcurrentExecutions" yaml:"reservedConcurrentExecutions"` // Lambda execution role. // // This is the role that will be assumed by the function upon execution. // It controls the permissions that the function will have. The Role must // be assumable by the 'lambda.amazonaws.com' service principal. // // The default Role automatically has permissions granted for Lambda execution. If you // provide a Role, you must add the relevant AWS managed policies yourself. // // The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and // "service-role/AWSLambdaVPCAccessExecutionRole". Role awsiam.IRole `field:"optional" json:"role" yaml:"role"` // The list of security groups to associate with the Lambda's network interfaces. // // Only used if 'vpc' is supplied. SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"` // The function execution time (in seconds) after which Lambda terminates the function. // // Because the execution time affects cost, set this value // based on the function's expected execution time. Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"` // Enable AWS X-Ray Tracing for Lambda Function. Tracing awslambda.Tracing `field:"optional" json:"tracing" yaml:"tracing"` // VPC network to place Lambda network interfaces. // // Specify this if the Lambda function needs to access resources in a VPC. Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"` // Where to place the network interfaces within the VPC. // // Only used if 'vpc' is supplied. Note: internet access for Lambdas // requires a NAT gateway, so picking Public subnets is not allowed. VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"` // The source code of your Lambda function. // // You can point to a file in an // Amazon Simple Storage Service (Amazon S3) bucket or specify your source // code as inline text. Code awslambda.Code `field:"required" json:"code" yaml:"code"` // The name of the method within your code that Lambda calls to execute your function. // // The format includes the file name. It can also include // namespaces and other qualifiers, depending on the runtime. // For more information, see https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-features.html#gettingstarted-features-programmingmodel. // // Use `Handler.FROM_IMAGE` when defining a function from a Docker image. // // NOTE: If you specify your source code as inline text by specifying the // ZipFile property within the Code property, specify index.function_name as // the handler. Handler *string `field:"required" json:"handler" yaml:"handler"` // The runtime environment for the Lambda function that you are uploading. // // For valid values, see the Runtime property in the AWS Lambda Developer // Guide. // // Use `Runtime.FROM_IMAGE` when when defining a function from a Docker image. Runtime awslambda.Runtime `field:"required" json:"runtime" yaml:"runtime"` // The stack ID of Lambda@Edge function. StackId *string `field:"optional" json:"stackId" yaml:"stackId"` }
Properties for creating a Lambda@Edge function.
Example:
var myBucket bucket // A Lambda@Edge function added to default behavior of a Distribution // and triggered on every request myFunc := #error#.NewEdgeFunction(this, jsii.String("MyFunction"), &edgeFunctionProps{ runtime: lambda.runtime_NODEJS_12_X(), handler: jsii.String("index.handler"), code: lambda.code.fromAsset(path.join(__dirname, jsii.String("lambda-handler"))), }) cloudfront.NewDistribution(this, jsii.String("myDist"), &distributionProps{ defaultBehavior: &behaviorOptions{ origin: origins.NewS3Origin(myBucket), edgeLambdas: []edgeLambda{ &edgeLambda{ functionVersion: myFunc.currentVersion, eventType: cloudfront.lambdaEdgeEventType_VIEWER_REQUEST, }, }, }, })