Class GuSnsLambdaExperimentalExperimental

Pattern which creates all of the resources needed to invoke a lambda function whenever a message is published onto an SNS topic.

This pattern will create a new SNS topic by default. If you are migrating a stack from CloudFormation, you will need to opt-out of this behaviour. For information on overriding the default behaviour, see [[GuSnsLambdaProps]].

The SNS topic is stateful, and is accessible via snsTopic.

See

https://github.com/guardian/cdk/blob/main/docs/stateful-resources.md

This pattern is in early development. The API is likely to change in future releases.

Hierarchy

Constructors

constructor

Properties

_connections? _functionUrlInvocationGrants _invocationGrants _layers _skipPermissions? _warnIfCurrentVersionCalled alias? app architecture bucketNamePath canCreatePermissions deadLetterQueue? deadLetterTopic? env fileName functionArn functionName grantPrincipal node permissionsNode physicalName role? runtime snsTopic stack timeout? withoutArtifactUpload withoutFilePrefix _VER_PROPS

Accessors

connections currentVersion isBoundToVpc latestVersion logGroup resourceArnsForGrantInvoke

Methods

_checkEdgeCompatibility _enableCrossEnvironment _functionNode _isStackAccount addAlias addEnvironment addEventSource addEventSourceMapping addFunctionUrl addLayers addPermission addToRolePolicy applyRemovalPolicy configureAsyncInvoke considerWarningOnInvokeFunctionPermissions generatePhysicalName getResourceArnAttribute getResourceNameAttribute grantInvoke grantInvokeUrl invalidateVersionBasedOn metric metricDuration metricErrors metricInvocations metricThrottles toString warnInvokeFunctionPermissions classifyVersionProperty fromFunctionArn fromFunctionAttributes fromFunctionName isConstruct isOwnedResource isResource metricAll metricAllConcurrentExecutions metricAllDuration metricAllErrors metricAllInvocations metricAllThrottles metricAllUnreservedConcurrentExecutions

Constructors

constructor

Properties

Protected Optional Internal _connections

_connections?: Connections

Actual connections object for this Lambda

May be unset, in which case this Lambda is not configured use in a VPC.

Protected Internal _functionUrlInvocationGrants

_functionUrlInvocationGrants: Record<string, Grant>

Mapping of fucntion URL invocation principals to grants. Used to de-dupe grantInvokeUrl() calls.

Protected Internal _invocationGrants

_invocationGrants: Record<string, Grant>

Mapping of invocation principals to grants. Used to de-dupe grantInvoke() calls.

Readonly Internal _layers

_layers: ILayerVersion[]

Protected Optional Readonly Internal _skipPermissions

_skipPermissions?: boolean

Whether the user decides to skip adding permissions. The only use case is for cross-account, imported lambdas where the user commits to modifying the permisssions on the imported lambda outside CDK.

Protected Internal _warnIfCurrentVersionCalled

_warnIfCurrentVersionCalled: boolean

Flag to delay adding a warning message until current version is invoked.

Optional Readonly alias

alias?: Alias

Readonly app

app: string

Readonly architecture

architecture: Architecture

The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).

Readonly bucketNamePath

bucketNamePath: undefined | string

Protected Readonly canCreatePermissions

canCreatePermissions: true = true

Optional Readonly deadLetterQueue

deadLetterQueue?: IQueue

The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).

Optional Readonly deadLetterTopic

deadLetterTopic?: ITopic

The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).

Readonly env

env: ResourceEnvironment

Readonly fileName

fileName: string

Readonly functionArn

functionArn: string

ARN of this function

Readonly functionName

functionName: string

Name of this function

Readonly grantPrincipal

grantPrincipal: IPrincipal

The principal this Lambda Function is running as

Readonly node

node: Node

The tree node.

Readonly permissionsNode

permissionsNode: Node

Protected Readonly physicalName

physicalName: string

Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.

This value will resolve to one of the following:

  • a concrete value (e.g. "my-awesome-bucket")
  • undefined, when a name should be generated by CloudFormation
  • a concrete name generated automatically during synthesis, in cross-environment scenarios.

Optional Readonly role

role?: IRole

Execution role associated with this function

Readonly runtime

runtime: Runtime

The runtime configured for this lambda.

Readonly snsTopic

snsTopic: ITopic

Readonly stack

stack: Stack

Optional Readonly timeout

timeout?: Duration

The timeout configured for this lambda.

Readonly withoutArtifactUpload

withoutArtifactUpload: boolean

Readonly withoutFilePrefix

withoutFilePrefix: boolean

Static Internal _VER_PROPS

_VER_PROPS: {
    [key: string]: boolean;
}

Type declaration

  • [key: string]: boolean

Accessors

connections

  • get connections(): Connections

  • Access the Connections object

    Will fail if not a VPC-enabled Lambda Function

    Returns Connections

currentVersion

  • get currentVersion(): Version

  • Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.

    You can specify options for this version using the currentVersionOptions prop when initializing the lambda.Function.

    Returns Version

isBoundToVpc

  • get isBoundToVpc(): boolean

  • Whether or not this Lambda function was bound to a VPC

    If this is is false, trying to access the connections object will fail.

    Returns boolean

latestVersion

  • get latestVersion(): IVersion

  • Returns IVersion

logGroup

  • get logGroup(): ILogGroup

  • The LogGroup where the Lambda function's logs are made available.

    If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention period (never expire, by default).

    Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention to never expire even if it was configured with a different value.

    Returns ILogGroup

resourceArnsForGrantInvoke

  • get resourceArnsForGrantInvoke(): string[]

  • Returns string[]

Methods

_checkEdgeCompatibility

_enableCrossEnvironment

  • _enableCrossEnvironment(): void
  • Internal

    Called when this resource is referenced across environments (account/region) to order to request that a physical name will be generated for this resource during synthesis, so the resource can be referenced through its absolute name/arn.

    Returns void

Protected _functionNode

  • _functionNode(): Node
  • Internal

    Returns the construct tree node that corresponds to the lambda function. For use internally for constructs, when the tree is set up in non-standard ways. Ex: SingletonFunction.

    Returns Node

Protected _isStackAccount

  • _isStackAccount(): boolean
  • Internal

    Given the function arn, check if the account id matches this account

    Function ARNs look like this:

    arn:aws:lambda:region:account-id:function:function-name

    ..which means that in order to extract the account-id component from the ARN, we can split the ARN using ":" and select the component in index 4.

    Returns boolean

    true if account id of function matches the account specified on the stack, false otherwise.

addAlias

  • Defines an alias for this function.

    The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.

    declare const fn: lambda.Function;

    fn.addAlias('Live');

    // Is equivalent to

    new lambda.Alias(this, 'AliasLive', {
      aliasName: 'Live',
      version: fn.currentVersion,
    });

    Parameters

    • aliasName: string

      The name of the alias

    • Optional options: AliasOptions

      Alias options

    Returns Alias

addEnvironment

  • Adds an environment variable to this Lambda function. If this is a ref to a Lambda function, this operation results in a no-op.

    Parameters

    • key: string

      The environment variable key.

    • value: string

      The environment variable's value.

    • Optional options: EnvironmentOptions

      Environment variable options.

    Returns GuSnsLambdaExperimental

addEventSource

  • Parameters

    • source: IEventSource

    Returns void

addEventSourceMapping

  • Parameters

    • id: string
    • options: EventSourceMappingOptions

    Returns EventSourceMapping

addFunctionUrl

  • Parameters

    • Optional options: FunctionUrlOptions

    Returns FunctionUrl

addLayers

  • Adds one or more Lambda Layers to this Lambda function.

    Parameters

    • Rest ...layers: ILayerVersion[]

      the layers to be added.

    Returns void

    Throws

    if there are already 5 layers on this function, or the layer is incompatible with this function's runtime.

addPermission

  • Adds a permission to the Lambda resource policy.

    Parameters

    • id: string

      The id for the permission construct

    • permission: Permission

      The permission to grant to this Lambda function.

    Returns void

    See

    Permission for details.

addToRolePolicy

  • Adds a statement to the IAM role assumed by the instance.

    Parameters

    • statement: PolicyStatement

    Returns void

applyRemovalPolicy

  • Apply the given removal policy to this resource

    The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.

    The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS account for data recovery and cleanup later (RemovalPolicy.RETAIN).

    Parameters

    • policy: RemovalPolicy

    Returns void

configureAsyncInvoke

  • Parameters

    • options: EventInvokeConfigOptions

    Returns void

considerWarningOnInvokeFunctionPermissions

  • A warning will be added to functions under the following conditions:

    • permissions that include lambda:InvokeFunction are added to the unqualified function.
    • function.currentVersion is invoked before or after the permission is created.

    This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.

    Parameters

    • scope: Construct
    • action: string

    Returns void

Protected generatePhysicalName

Protected getResourceArnAttribute

  • Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. bucket.bucketArn).

    Normally, this token will resolve to arnAttr, but if the resource is referenced across environments, arnComponents will be used to synthesize a concrete ARN with the resource's physical name. Make sure to reference this.physicalName in arnComponents.

    Parameters

    • arnAttr: string

      The CFN attribute which resolves to the ARN of the resource. Commonly it will be called "Arn" (e.g. resource.attrArn), but sometimes it's the CFN resource's ref.

    • arnComponents: ArnComponents

      The format of the ARN of this resource. You must reference this.physicalName somewhere within the ARN in order for cross-environment references to work.

    Returns string

Protected getResourceNameAttribute

  • Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. bucket.bucketName).

    Normally, this token will resolve to nameAttr, but if the resource is referenced across environments, it will be resolved to this.physicalName, which will be a concrete name.

    Parameters

    • nameAttr: string

      The CFN attribute which resolves to the resource's name. Commonly this is the resource's ref.

    Returns string

grantInvoke

  • Grant the given identity permissions to invoke this Lambda

    Parameters

    • grantee: IGrantable

    Returns Grant

grantInvokeUrl

  • Grant the given identity permissions to invoke this Lambda Function URL

    Parameters

    • grantee: IGrantable

    Returns Grant

invalidateVersionBasedOn

  • Mix additional information into the hash of the Version object

    The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).

    However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.

    This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.

    This method may be called more than once.

    Parameters

    • x: string

    Returns void

metric

  • Return the given named metric for this Function

    Parameters

    • metricName: string
    • Optional props: MetricOptions

    Returns Metric

metricDuration

  • How long execution of this Lambda takes

    Average over 5 minutes

    Parameters

    • Optional props: MetricOptions

    Returns Metric

metricErrors

  • How many invocations of this Lambda fail

    Sum over 5 minutes

    Parameters

    • Optional props: MetricOptions

    Returns Metric

metricInvocations

  • How often this Lambda is invoked

    Sum over 5 minutes

    Parameters

    • Optional props: MetricOptions

    Returns Metric

metricThrottles

  • How often this Lambda is throttled

    Sum over 5 minutes

    Parameters

    • Optional props: MetricOptions

    Returns Metric

toString

  • Returns a string representation of this construct.

    Returns string

Protected warnInvokeFunctionPermissions

Static classifyVersionProperty

  • Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. See 'currentVersion' section in the module README for more details.

    Parameters

    • propertyName: string

      The property to classify

    • locked: boolean

      whether the property should be associated to the version or not.

    Returns void

Static fromFunctionArn

  • Import a lambda function into the CDK using its ARN

    Parameters

    • scope: Construct
    • id: string
    • functionArn: string

    Returns IFunction

Static fromFunctionAttributes

  • Creates a Lambda function object which represents a function not defined within this stack.

    Parameters

    • scope: Construct

      The parent construct

    • id: string

      The name of the lambda construct

    • attrs: FunctionAttributes

      the attributes of the function to import

    Returns IFunction

Static fromFunctionName

  • Import a lambda function into the CDK using its name

    Parameters

    • scope: Construct
    • id: string
    • functionName: string

    Returns IFunction

Static isConstruct

  • Checks if x is a construct.

    Use this method instead of instanceof to properly detect Construct instances, even when the construct library is symlinked.

    Explanation: in JavaScript, multiple copies of the constructs library on disk are seen as independent, completely different libraries. As a consequence, the class Construct in each copy of the constructs library is seen as a different class, and an instance of one class will not test as instanceof the other class. npm install will not create installations like this, but users may manually symlink construct libraries together or use a monorepo tool: in those cases, multiple copies of the constructs library can be accidentally installed, and instanceof will behave unpredictably. It is safest to avoid using instanceof, and using this type-testing method instead.

    Parameters

    • x: any

      Any object

    Returns x is Construct

    true if x is an object created from a class which extends Construct.

Static isOwnedResource

  • Returns true if the construct was created by CDK, and false otherwise

    Parameters

    • construct: IConstruct

    Returns boolean

Static isResource

  • Check whether the given construct is a Resource

    Parameters

    • construct: IConstruct

    Returns construct is Resource

Static metricAll

  • Return the given named metric for this Lambda

    Parameters

    • metricName: string
    • Optional props: MetricOptions

    Returns Metric

Static metricAllConcurrentExecutions

  • Metric for the number of concurrent executions across all Lambdas

    Parameters

    • Optional props: MetricOptions

    Returns Metric

    Default

    max over 5 minutes

Static metricAllDuration

  • Metric for the Duration executing all Lambdas

    Parameters

    • Optional props: MetricOptions

    Returns Metric

    Default

    average over 5 minutes

Static metricAllErrors

  • Metric for the number of Errors executing all Lambdas

    Parameters

    • Optional props: MetricOptions

    Returns Metric

    Default

    sum over 5 minutes

Static metricAllInvocations

  • Metric for the number of invocations of all Lambdas

    Parameters

    • Optional props: MetricOptions

    Returns Metric

    Default

    sum over 5 minutes

Static metricAllThrottles

  • Metric for the number of throttled invocations of all Lambdas

    Parameters

    • Optional props: MetricOptions

    Returns Metric

    Default

    sum over 5 minutes

Static metricAllUnreservedConcurrentExecutions

  • Metric for the number of unreserved concurrent executions across all Lambdas

    Parameters

    • Optional props: MetricOptions

    Returns Metric

    Default

    max over 5 minutes

Settings

Member Visibility

Theme

On This Page

Generated using TypeDoc