awscc.lambda_functionΒΆ
FiltersΒΆ
event
reduce
value
ActionsΒΆ
deleteΒΆ
Parent base class for filters and actions.
properties:
type:
enum:
- delete
required:
- type
Permissions - lambda:DeleteFunction, ec2:DescribeNetworkInterfaces
updateΒΆ
Parent base class for filters and actions.
definitions:
Code:
additionalProperties: false
properties:
ImageUri:
description: ImageUri.
type: string
S3Bucket:
description: An Amazon S3 bucket in the same AWS Region as your function.
The bucket can be in a different AWS account.
maxLength: 63
minLength: 3
pattern: ^[0-9A-Za-z\.\-_]*(?<!\.)$
type: string
S3Key:
description: The Amazon S3 key of the deployment package.
maxLength: 1024
minLength: 1
type: string
S3ObjectVersion:
description: For versioned objects, the version of the deployment package
object to use.
maxLength: 1024
minLength: 1
type: string
ZipFile:
description: The source code of your Lambda function. If you include your
function source inline with this parameter, AWS CloudFormation places it
in a file named index and zips it to create a deployment package..
type: string
type: object
DeadLetterConfig:
additionalProperties: false
description: The dead-letter queue for failed asynchronous invocations.
properties:
TargetArn:
description: The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon
SNS topic.
pattern: ^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$
type: string
type: object
Environment:
additionalProperties: false
description: A function's environment variable settings.
properties:
Variables:
additionalProperties: false
description: Environment variable key-value pairs.
patternProperties:
'[a-zA-Z][a-zA-Z0-9_]+':
type: string
type: object
type: object
FileSystemConfig:
additionalProperties: false
properties:
Arn:
description: The Amazon Resource Name (ARN) of the Amazon EFS access point
that provides access to the file system.
maxLength: 200
pattern: ^arn:aws[a-zA-Z-]*:elasticfilesystem:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:access-point/fsap-[a-f0-9]{17}$
type: string
LocalMountPath:
description: The path where the function can access the file system, starting
with /mnt/.
maxLength: 160
pattern: ^/mnt/[a-zA-Z0-9-_.]+$
type: string
required:
- Arn
- LocalMountPath
type: object
ImageConfig:
additionalProperties: false
properties:
Command:
description: Command.
items:
type: string
maxItems: 1500
type: array
uniqueItems: true
EntryPoint:
description: EntryPoint.
items:
type: string
maxItems: 1500
type: array
uniqueItems: true
WorkingDirectory:
description: WorkingDirectory.
type: string
type: object
Tag:
additionalProperties: false
properties:
Key:
description: 'The key name of the tag. You can specify a value that is 1 to
128 Unicode characters in length and cannot be prefixed with aws:. You can
use any of the following characters: the set of Unicode letters, digits,
whitespace, _, ., /, =, +, and -.'
maxLength: 128
minLength: 1
type: string
Value:
description: 'The value for the tag. You can specify a value that is 0 to
256 Unicode characters in length and cannot be prefixed with aws:. You can
use any of the following characters: the set of Unicode letters, digits,
whitespace, _, ., /, =, +, and -.'
maxLength: 256
minLength: 0
type: string
required:
- Key
type: object
TracingConfig:
additionalProperties: false
description: The function's AWS X-Ray tracing configuration. To sample and record
incoming requests, set Mode to Active.
properties:
Mode:
description: The tracing mode.
enum:
- Active
- PassThrough
type: string
type: object
VpcConfig:
additionalProperties: false
description: The VPC security groups and subnets that are attached to a Lambda
function. When you connect a function to a VPC, Lambda creates an elastic network
interface for each combination of security group and subnet in the function's
VPC configuration. The function can only access resources and the internet through
that VPC.
properties:
SecurityGroupIds:
description: A list of VPC security groups IDs.
items:
type: string
maxItems: 5
type: array
uniqueItems: false
SubnetIds:
description: A list of VPC subnet IDs.
items:
type: string
maxItems: 16
type: array
uniqueItems: false
type: object
properties:
Architectures:
items:
enum:
- x86_64
- arm64
type: string
maxItems: 1
minItems: 1
type: array
uniqueItems: true
Code:
additionalProperties: false
properties:
ImageUri:
description: ImageUri.
type: string
S3Bucket:
description: An Amazon S3 bucket in the same AWS Region as your function.
The bucket can be in a different AWS account.
maxLength: 63
minLength: 3
pattern: ^[0-9A-Za-z\.\-_]*(?<!\.)$
type: string
S3Key:
description: The Amazon S3 key of the deployment package.
maxLength: 1024
minLength: 1
type: string
S3ObjectVersion:
description: For versioned objects, the version of the deployment package
object to use.
maxLength: 1024
minLength: 1
type: string
ZipFile:
description: The source code of your Lambda function. If you include your
function source inline with this parameter, AWS CloudFormation places it
in a file named index and zips it to create a deployment package..
type: string
type: object
CodeSigningConfigArn:
description: A unique Arn for CodeSigningConfig resource
pattern: arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:code-signing-config:csc-[a-z0-9]{17}
type: string
DeadLetterConfig:
additionalProperties: false
description: The dead-letter queue for failed asynchronous invocations.
properties:
TargetArn:
description: The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon
SNS topic.
pattern: ^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$
type: string
type: object
Description:
description: A description of the function.
maxLength: 256
type: string
Environment:
additionalProperties: false
description: A function's environment variable settings.
properties:
Variables:
additionalProperties: false
description: Environment variable key-value pairs.
patternProperties:
'[a-zA-Z][a-zA-Z0-9_]+':
type: string
type: object
type: object
FileSystemConfigs:
description: Connection settings for an Amazon EFS file system. To connect a function
to a file system, a mount target must be available in every Availability Zone
that your function connects to. If your template contains an AWS::EFS::MountTarget
resource, you must also specify a DependsOn attribute to ensure that the mount
target is created or updated before the function.
items:
additionalProperties: false
properties:
Arn:
description: The Amazon Resource Name (ARN) of the Amazon EFS access point
that provides access to the file system.
maxLength: 200
pattern: ^arn:aws[a-zA-Z-]*:elasticfilesystem:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:access-point/fsap-[a-f0-9]{17}$
type: string
LocalMountPath:
description: The path where the function can access the file system, starting
with /mnt/.
maxLength: 160
pattern: ^/mnt/[a-zA-Z0-9-_.]+$
type: string
required:
- Arn
- LocalMountPath
type: object
maxItems: 1
type: array
Handler:
description: The name of the method within your code that Lambda calls to execute
your function. The format includes the file name. It can also include namespaces
and other qualifiers, depending on the runtime
maxLength: 128
pattern: ^[^\s]+$
type: string
ImageConfig:
additionalProperties: false
properties:
Command:
description: Command.
items:
type: string
maxItems: 1500
type: array
uniqueItems: true
EntryPoint:
description: EntryPoint.
items:
type: string
maxItems: 1500
type: array
uniqueItems: true
WorkingDirectory:
description: WorkingDirectory.
type: string
type: object
KmsKeyArn:
description: The ARN of the AWS Key Management Service (AWS KMS) key that's used
to encrypt your function's environment variables. If it's not provided, AWS
Lambda uses a default service key.
pattern: ^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$
type: string
Layers:
description: A list of function layers to add to the function's execution environment.
Specify each layer by its ARN, including the version.
items:
type: string
type: array
uniqueItems: false
MemorySize:
description: The amount of memory that your function has access to. Increasing
the function's memory also increases its CPU allocation. The default value is
128 MB. The value must be a multiple of 64 MB.
type: integer
PackageType:
description: PackageType.
enum:
- Image
- Zip
type: string
ReservedConcurrentExecutions:
description: The number of simultaneous executions to reserve for the function.
minimum: 0
type: integer
Role:
description: The Amazon Resource Name (ARN) of the function's execution role.
pattern: ^arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$
type: string
Runtime:
description: The identifier of the function's runtime.
type: string
Tags:
description: A list of tags to apply to the function.
insertionOrder: false
items:
additionalProperties: false
properties:
Key:
description: 'The key name of the tag. You can specify a value that is 1
to 128 Unicode characters in length and cannot be prefixed with aws:.
You can use any of the following characters: the set of Unicode letters,
digits, whitespace, _, ., /, =, +, and -.'
maxLength: 128
minLength: 1
type: string
Value:
description: 'The value for the tag. You can specify a value that is 0 to
256 Unicode characters in length and cannot be prefixed with aws:. You
can use any of the following characters: the set of Unicode letters, digits,
whitespace, _, ., /, =, +, and -.'
maxLength: 256
minLength: 0
type: string
required:
- Key
type: object
type: array
uniqueItems: true
Timeout:
description: The amount of time that Lambda allows a function to run before stopping
it. The default is 3 seconds. The maximum allowed value is 900 seconds.
minimum: 1
type: integer
TracingConfig:
additionalProperties: false
description: The function's AWS X-Ray tracing configuration. To sample and record
incoming requests, set Mode to Active.
properties:
Mode:
description: The tracing mode.
enum:
- Active
- PassThrough
type: string
type: object
VpcConfig:
additionalProperties: false
description: The VPC security groups and subnets that are attached to a Lambda
function. When you connect a function to a VPC, Lambda creates an elastic network
interface for each combination of security group and subnet in the function's
VPC configuration. The function can only access resources and the internet through
that VPC.
properties:
SecurityGroupIds:
description: A list of VPC security groups IDs.
items:
type: string
maxItems: 5
type: array
uniqueItems: false
SubnetIds:
description: A list of VPC subnet IDs.
items:
type: string
maxItems: 16
type: array
uniqueItems: false
type: object
type:
enum:
- update
Permissions - lambda:DeleteFunctionConcurrency, lambda:GetFunction, lambda:PutFunctionConcurrency, lambda:ListTags, lambda:TagResource, lambda:UntagResource, lambda:UpdateFunctionConfiguration, lambda:UpdateFunctionCode, iam:PassRole, s3:GetObject, s3:GetObjectVersion, ec2:DescribeSecurityGroups, ec2:DescribeSubnets, ec2:DescribeVpcs, kms:Decrypt, lambda:PutFunctionCodeSigningConfig, lambda:DeleteFunctionCodeSigningConfig, lambda:GetCodeSigningConfig, lambda:GetFunctionCodeSigningConfig