awscc.lambda_function

Filters

  • event

  • reduce

  • value

Actions

delete

Parent base class for filters and actions.

properties:
  type:
    enum:
    - delete
required:
- type

Permissions - lambda:DeleteFunction, ec2:DescribeNetworkInterfaces

update

Parent base class for filters and actions.

definitions:
  Code:
    additionalProperties: false
    properties:
      ImageUri:
        description: ImageUri.
        type: string
      S3Bucket:
        description: An Amazon S3 bucket in the same AWS Region as your function.
          The bucket can be in a different AWS account.
        maxLength: 63
        minLength: 3
        pattern: ^[0-9A-Za-z\.\-_]*(?<!\.)$
        type: string
      S3Key:
        description: The Amazon S3 key of the deployment package.
        maxLength: 1024
        minLength: 1
        type: string
      S3ObjectVersion:
        description: For versioned objects, the version of the deployment package
          object to use.
        maxLength: 1024
        minLength: 1
        type: string
      ZipFile:
        description: The source code of your Lambda function. If you include your
          function source inline with this parameter, AWS CloudFormation places it
          in a file named index and zips it to create a deployment package..
        type: string
    type: object
  DeadLetterConfig:
    additionalProperties: false
    description: The dead-letter queue for failed asynchronous invocations.
    properties:
      TargetArn:
        description: The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon
          SNS topic.
        pattern: ^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$
        type: string
    type: object
  Environment:
    additionalProperties: false
    description: A function's environment variable settings.
    properties:
      Variables:
        additionalProperties: false
        description: Environment variable key-value pairs.
        patternProperties:
          '[a-zA-Z][a-zA-Z0-9_]+':
            type: string
        type: object
    type: object
  FileSystemConfig:
    additionalProperties: false
    properties:
      Arn:
        description: The Amazon Resource Name (ARN) of the Amazon EFS access point
          that provides access to the file system.
        maxLength: 200
        pattern: ^arn:aws[a-zA-Z-]*:elasticfilesystem:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:access-point/fsap-[a-f0-9]{17}$
        type: string
      LocalMountPath:
        description: The path where the function can access the file system, starting
          with /mnt/.
        maxLength: 160
        pattern: ^/mnt/[a-zA-Z0-9-_.]+$
        type: string
    required:
    - Arn
    - LocalMountPath
    type: object
  ImageConfig:
    additionalProperties: false
    properties:
      Command:
        description: Command.
        items:
          type: string
        maxItems: 1500
        type: array
        uniqueItems: true
      EntryPoint:
        description: EntryPoint.
        items:
          type: string
        maxItems: 1500
        type: array
        uniqueItems: true
      WorkingDirectory:
        description: WorkingDirectory.
        type: string
    type: object
  Tag:
    additionalProperties: false
    properties:
      Key:
        description: 'The key name of the tag. You can specify a value that is 1 to
          128 Unicode characters in length and cannot be prefixed with aws:. You can
          use any of the following characters: the set of Unicode letters, digits,
          whitespace, _, ., /, =, +, and -.'
        maxLength: 128
        minLength: 1
        type: string
      Value:
        description: 'The value for the tag. You can specify a value that is 0 to
          256 Unicode characters in length and cannot be prefixed with aws:. You can
          use any of the following characters: the set of Unicode letters, digits,
          whitespace, _, ., /, =, +, and -.'
        maxLength: 256
        minLength: 0
        type: string
    required:
    - Key
    type: object
  TracingConfig:
    additionalProperties: false
    description: The function's AWS X-Ray tracing configuration. To sample and record
      incoming requests, set Mode to Active.
    properties:
      Mode:
        description: The tracing mode.
        enum:
        - Active
        - PassThrough
        type: string
    type: object
  VpcConfig:
    additionalProperties: false
    description: The VPC security groups and subnets that are attached to a Lambda
      function. When you connect a function to a VPC, Lambda creates an elastic network
      interface for each combination of security group and subnet in the function's
      VPC configuration. The function can only access resources and the internet through
      that VPC.
    properties:
      SecurityGroupIds:
        description: A list of VPC security groups IDs.
        items:
          type: string
        maxItems: 5
        type: array
        uniqueItems: false
      SubnetIds:
        description: A list of VPC subnet IDs.
        items:
          type: string
        maxItems: 16
        type: array
        uniqueItems: false
    type: object
properties:
  Architectures:
    items:
      enum:
      - x86_64
      - arm64
      type: string
    maxItems: 1
    minItems: 1
    type: array
    uniqueItems: true
  Code:
    additionalProperties: false
    properties:
      ImageUri:
        description: ImageUri.
        type: string
      S3Bucket:
        description: An Amazon S3 bucket in the same AWS Region as your function.
          The bucket can be in a different AWS account.
        maxLength: 63
        minLength: 3
        pattern: ^[0-9A-Za-z\.\-_]*(?<!\.)$
        type: string
      S3Key:
        description: The Amazon S3 key of the deployment package.
        maxLength: 1024
        minLength: 1
        type: string
      S3ObjectVersion:
        description: For versioned objects, the version of the deployment package
          object to use.
        maxLength: 1024
        minLength: 1
        type: string
      ZipFile:
        description: The source code of your Lambda function. If you include your
          function source inline with this parameter, AWS CloudFormation places it
          in a file named index and zips it to create a deployment package..
        type: string
    type: object
  CodeSigningConfigArn:
    description: A unique Arn for CodeSigningConfig resource
    pattern: arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:code-signing-config:csc-[a-z0-9]{17}
    type: string
  DeadLetterConfig:
    additionalProperties: false
    description: The dead-letter queue for failed asynchronous invocations.
    properties:
      TargetArn:
        description: The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon
          SNS topic.
        pattern: ^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$
        type: string
    type: object
  Description:
    description: A description of the function.
    maxLength: 256
    type: string
  Environment:
    additionalProperties: false
    description: A function's environment variable settings.
    properties:
      Variables:
        additionalProperties: false
        description: Environment variable key-value pairs.
        patternProperties:
          '[a-zA-Z][a-zA-Z0-9_]+':
            type: string
        type: object
    type: object
  FileSystemConfigs:
    description: Connection settings for an Amazon EFS file system. To connect a function
      to a file system, a mount target must be available in every Availability Zone
      that your function connects to. If your template contains an AWS::EFS::MountTarget
      resource, you must also specify a DependsOn attribute to ensure that the mount
      target is created or updated before the function.
    items:
      additionalProperties: false
      properties:
        Arn:
          description: The Amazon Resource Name (ARN) of the Amazon EFS access point
            that provides access to the file system.
          maxLength: 200
          pattern: ^arn:aws[a-zA-Z-]*:elasticfilesystem:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:\d{12}:access-point/fsap-[a-f0-9]{17}$
          type: string
        LocalMountPath:
          description: The path where the function can access the file system, starting
            with /mnt/.
          maxLength: 160
          pattern: ^/mnt/[a-zA-Z0-9-_.]+$
          type: string
      required:
      - Arn
      - LocalMountPath
      type: object
    maxItems: 1
    type: array
  Handler:
    description: The name of the method within your code that Lambda calls to execute
      your function. The format includes the file name. It can also include namespaces
      and other qualifiers, depending on the runtime
    maxLength: 128
    pattern: ^[^\s]+$
    type: string
  ImageConfig:
    additionalProperties: false
    properties:
      Command:
        description: Command.
        items:
          type: string
        maxItems: 1500
        type: array
        uniqueItems: true
      EntryPoint:
        description: EntryPoint.
        items:
          type: string
        maxItems: 1500
        type: array
        uniqueItems: true
      WorkingDirectory:
        description: WorkingDirectory.
        type: string
    type: object
  KmsKeyArn:
    description: The ARN of the AWS Key Management Service (AWS KMS) key that's used
      to encrypt your function's environment variables. If it's not provided, AWS
      Lambda uses a default service key.
    pattern: ^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$
    type: string
  Layers:
    description: A list of function layers to add to the function's execution environment.
      Specify each layer by its ARN, including the version.
    items:
      type: string
    type: array
    uniqueItems: false
  MemorySize:
    description: The amount of memory that your function has access to. Increasing
      the function's memory also increases its CPU allocation. The default value is
      128 MB. The value must be a multiple of 64 MB.
    type: integer
  PackageType:
    description: PackageType.
    enum:
    - Image
    - Zip
    type: string
  ReservedConcurrentExecutions:
    description: The number of simultaneous executions to reserve for the function.
    minimum: 0
    type: integer
  Role:
    description: The Amazon Resource Name (ARN) of the function's execution role.
    pattern: ^arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$
    type: string
  Runtime:
    description: The identifier of the function's runtime.
    type: string
  Tags:
    description: A list of tags to apply to the function.
    insertionOrder: false
    items:
      additionalProperties: false
      properties:
        Key:
          description: 'The key name of the tag. You can specify a value that is 1
            to 128 Unicode characters in length and cannot be prefixed with aws:.
            You can use any of the following characters: the set of Unicode letters,
            digits, whitespace, _, ., /, =, +, and -.'
          maxLength: 128
          minLength: 1
          type: string
        Value:
          description: 'The value for the tag. You can specify a value that is 0 to
            256 Unicode characters in length and cannot be prefixed with aws:. You
            can use any of the following characters: the set of Unicode letters, digits,
            whitespace, _, ., /, =, +, and -.'
          maxLength: 256
          minLength: 0
          type: string
      required:
      - Key
      type: object
    type: array
    uniqueItems: true
  Timeout:
    description: The amount of time that Lambda allows a function to run before stopping
      it. The default is 3 seconds. The maximum allowed value is 900 seconds.
    minimum: 1
    type: integer
  TracingConfig:
    additionalProperties: false
    description: The function's AWS X-Ray tracing configuration. To sample and record
      incoming requests, set Mode to Active.
    properties:
      Mode:
        description: The tracing mode.
        enum:
        - Active
        - PassThrough
        type: string
    type: object
  VpcConfig:
    additionalProperties: false
    description: The VPC security groups and subnets that are attached to a Lambda
      function. When you connect a function to a VPC, Lambda creates an elastic network
      interface for each combination of security group and subnet in the function's
      VPC configuration. The function can only access resources and the internet through
      that VPC.
    properties:
      SecurityGroupIds:
        description: A list of VPC security groups IDs.
        items:
          type: string
        maxItems: 5
        type: array
        uniqueItems: false
      SubnetIds:
        description: A list of VPC subnet IDs.
        items:
          type: string
        maxItems: 16
        type: array
        uniqueItems: false
    type: object
  type:
    enum:
    - update

Permissions - lambda:DeleteFunctionConcurrency, lambda:GetFunction, lambda:PutFunctionConcurrency, lambda:ListTags, lambda:TagResource, lambda:UntagResource, lambda:UpdateFunctionConfiguration, lambda:UpdateFunctionCode, iam:PassRole, s3:GetObject, s3:GetObjectVersion, ec2:DescribeSecurityGroups, ec2:DescribeSubnets, ec2:DescribeVpcs, kms:Decrypt, lambda:PutFunctionCodeSigningConfig, lambda:DeleteFunctionCodeSigningConfig, lambda:GetCodeSigningConfig, lambda:GetFunctionCodeSigningConfig