-
Notifications
You must be signed in to change notification settings - Fork 50
/
DockerLambdaCustomProps.ts
290 lines (289 loc) · 10.8 KB
/
DockerLambdaCustomProps.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
// ~~ Generated by projen. To modify, edit .projenrc.ts and run "npx projen".
import type { aws_codeguruprofiler, aws_iam, aws_kms, aws_lambda, aws_logs, aws_sns, aws_sqs, Duration, Size } from 'aws-cdk-lib';
/**
* DockerLambdaCustomProps
*/
export interface DockerLambdaCustomProps {
/**
* The source code of your Lambda function.
* You can point to a file in an
* Amazon Simple Storage Service (Amazon S3) bucket or specify your source
* code as inline text.
* @stability stable
*/
readonly code: aws_lambda.DockerImageCode;
/**
* The function execution time (in seconds) after which Lambda terminates the function.
* Because the execution time affects cost, set this value
* based on the function's expected execution time.
* @default Duration.seconds(3)
* @stability stable
*/
readonly timeout?: Duration;
/**
* Sets the system log level for the function.
* @default SystemLogLevel.INFO
* @stability stable
*/
readonly systemLogLevelV2?: aws_lambda.SystemLogLevel;
/**
* Enable SnapStart for Lambda Function.
* SnapStart is currently supported only for Java 11, 17 runtime
* @default - No snapstart
* @stability stable
*/
readonly snapStart?: aws_lambda.SnapStartConf;
/**
* Sets the runtime management configuration for a function's version.
* @default Auto
* @stability stable
*/
readonly runtimeManagementMode?: aws_lambda.RuntimeManagementMode;
/**
* The maximum of concurrent executions you want to reserve for the function.
* @default - No specific limit - account limit.
* @stability stable
*/
readonly reservedConcurrentExecutions?: number;
/**
* Sets the Recursive Loop Protection for Lambda Function.
* It lets Lambda detect and terminate unintended recursive loops.
* @default RecursiveLoop.Terminate
* @stability stable
*/
readonly recursiveLoop?: aws_lambda.RecursiveLoop;
/**
* Profiling Group.
* @default - A new profiling group will be created if `profiling` is set.
* @stability stable
*/
readonly profilingGroup?: aws_codeguruprofiler.IProfilingGroup;
/**
* Enable profiling.
* @default - No profiling.
* @stability stable
*/
readonly profiling?: boolean;
/**
* Specify the configuration of Parameters and Secrets Extension.
* @default - No Parameters and Secrets Extension
* @stability stable
*/
readonly paramsAndSecrets?: aws_lambda.ParamsAndSecretsLayerVersion;
/**
* The amount of memory, in MB, that is allocated to your Lambda function.
* Lambda uses this value to proportionally allocate the amount of CPU
* power. For more information, see Resource Model in the AWS Lambda
* Developer Guide.
* @default 128
* @stability stable
*/
readonly memorySize?: number;
/**
* The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
* This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
* `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
* @default - A new role is created.
* @stability stable
*/
readonly logRetentionRole?: aws_iam.IRole;
/**
* When log retention is specified, a custom resource attempts to create the CloudWatch log group.
* These options control the retry policy when interacting with CloudWatch APIs.
*
* This is a legacy API and we strongly recommend you migrate to `logGroup` if you can.
* `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
* @default - Default AWS SDK retry options.
* @stability stable
*/
readonly logRetentionRetryOptions?: aws_lambda.LogRetentionRetryOptions;
/**
* The number of days log events are kept in CloudWatch Logs.
* When updating
* this property, unsetting it doesn't remove the log retention policy. To
* remove the retention policy, set the value to `INFINITE`.
*
* This is a legacy API and we strongly recommend you move away from it if you can.
* Instead create a fully customizable log group with `logs.LogGroup` and use the `logGroup` property
* to instruct the Lambda function to send logs to it.
* Migrating from `logRetention` to `logGroup` will cause the name of the log group to change.
* Users and code and referencing the name verbatim will have to adjust.
*
* In AWS CDK code, you can access the log group name directly from the LogGroup construct:
* ```ts
* import * as logs from 'aws-cdk-lib/aws-logs';
*
* declare const myLogGroup: logs.LogGroup;
* myLogGroup.logGroupName;
* ```
* @default logs.RetentionDays.INFINITE
* @stability stable
*/
readonly logRetention?: aws_logs.RetentionDays;
/**
* The log group the function sends logs to.
* By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name\>.
* However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
*
* Use the `logGroup` property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
*
* Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16.
* If you are deploying to another type of region, please check regional availability first.
* @default `/aws/lambda/${this.functionName}` - default log group created by Lambda
* @stability stable
*/
readonly logGroup?: aws_logs.ILogGroup;
/**
* Sets the loggingFormat for the function.
* @default LoggingFormat.TEXT
* @stability stable
*/
readonly loggingFormat?: aws_lambda.LoggingFormat;
/**
* Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
* Only used if 'vpc' is supplied.
* @default false
* @stability stable
*/
readonly ipv6AllowedForDualStack?: boolean;
/**
* Specify the version of CloudWatch Lambda insights to use for monitoring.
* @default - No Lambda Insights
* @stability stable
*/
readonly insightsVersion?: aws_lambda.LambdaInsightsVersion;
/**
* Initial policy statements to add to the created Lambda Role.
* You can call `addToRolePolicy` to the created lambda to add statements post creation.
* @default - No policy statements are added to the created Lambda role.
* @stability stable
*/
readonly initialPolicy?: Array<aws_iam.PolicyStatement>;
/**
* The filesystem configuration for the lambda function.
* @default - will not mount any filesystem
* @stability stable
*/
readonly filesystem?: aws_lambda.FileSystem;
/**
* Event sources for this function.
* You can also add event sources using `addEventSource`.
* @default - No event sources.
* @stability stable
*/
readonly events?: Array<aws_lambda.IEventSource>;
/**
* The size of the function’s /tmp directory in MiB.
* @default 512 MiB
* @stability stable
*/
readonly ephemeralStorageSize?: Size;
/**
* The AWS KMS key that's used to encrypt your function's environment variables.
* @default - AWS Lambda creates and uses an AWS managed customer master key (CMK).
* @stability stable
*/
readonly environmentEncryption?: aws_kms.IKey;
/**
* Key-value pairs that Lambda caches and makes available for your Lambda functions.
* Use environment variables to apply configuration changes, such
* as test and production environment configurations, without changing your
* Lambda function source code.
* @default - No environment variables.
* @stability stable
*/
readonly environment?: Record<string, string>;
/**
* The SNS topic to use as a DLQ.
* Note that if `deadLetterQueueEnabled` is set to `true`, an SQS queue will be created
* rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
* @default - no SNS topic
* @stability stable
*/
readonly deadLetterTopic?: aws_sns.ITopic;
/**
* Enabled DLQ.
* If `deadLetterQueue` is undefined,
* an SQS queue with default options will be defined for your Function.
* @default - false unless `deadLetterQueue` is set, which implies DLQ is enabled.
* @stability stable
*/
readonly deadLetterQueueEnabled?: boolean;
/**
* The SQS queue to use if DLQ is enabled.
* If SNS topic is desired, specify `deadLetterTopic` property instead.
* @default - SQS queue with 14 day retention period if `deadLetterQueueEnabled` is `true`
* @stability stable
*/
readonly deadLetterQueue?: aws_sqs.IQueue;
/**
* Options for the `lambda.Version` resource automatically created by the `fn.currentVersion` method.
* @default - default options as described in `VersionOptions`
* @stability stable
*/
readonly currentVersionOptions?: aws_lambda.VersionOptions;
/**
* Code signing config associated with this function.
* @default - Not Sign the Code
* @stability stable
*/
readonly codeSigningConfig?: aws_lambda.ICodeSigningConfig;
/**
* The system architectures compatible with this lambda function.
* @default Architecture.X86_64
* @stability stable
*/
readonly architecture?: aws_lambda.Architecture;
/**
* Sets the application log level for the function.
* @default ApplicationLogLevel.INFO
* @stability stable
*/
readonly applicationLogLevelV2?: aws_lambda.ApplicationLogLevel;
/**
* Whether to allow the Lambda to send all ipv6 network traffic.
* If set to true, there will only be a single egress rule which allows all
* outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the
* Lambda to connect to network targets using ipv6.
*
* Do not specify this property if the `securityGroups` or `securityGroup` property is set.
* Instead, configure `allowAllIpv6Outbound` directly on the security group.
* @default false
* @stability stable
*/
readonly allowAllIpv6Outbound?: boolean;
/**
* Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
* @default - No ADOT instrumentation
* @stability stable
*/
readonly adotInstrumentation?: aws_lambda.AdotInstrumentationConfig;
/**
* The maximum number of times to retry when the function returns an error.
* Minimum: 0
* Maximum: 2
* @default 2
* @stability stable
*/
readonly retryAttempts?: number;
/**
* The destination for successful invocations.
* @default - no destination
* @stability stable
*/
readonly onSuccess?: aws_lambda.IDestination;
/**
* The destination for failed invocations.
* @default - no destination
* @stability stable
*/
readonly onFailure?: aws_lambda.IDestination;
/**
* The maximum age of a request that Lambda sends to a function for processing.
* Minimum: 60 seconds
* Maximum: 6 hours
* @default Duration.hours(6)
* @stability stable
*/
readonly maxEventAge?: Duration;
}