Interface GuScheduledLambdaProps

Configuration options for the [[GuScheduledLambda]] pattern.

For all lambda function configuration options, see [[GuFunctionProps]].

The schedule property determines when your lambda is invoked. For example, to invoke the lambda every 5 minutes, use:

import { Schedule } from "aws-cdk-lib/aws-events";
import { Duration } from "aws-cdk-lib/core";

const props = {
  // Other props here
  rules: [{ schedule: Schedule.rate(Duration.minutes(5)) }],
}

To invoke the lambda every weekday at 8am, use:

import { Schedule } from "aws-cdk-lib/aws-events";

const props = {
  // Other props here
  rules: [{ schedule: Schedule.expression("cron(0 8 ? * MON-FRI *)") }],
}

It is advisable to configure an alarm based on the lambda's error percentage. To do this, add the monitoringConfiguration property. The required properties for this are:

monitoringConfiguration: {
  toleratedErrorPercentage: <sensible_error_percentage_threshold>,
  snsTopicName: "my-topic-for-cloudwatch-alerts",
}

Other alarm properties (e.g. alarm name and description) will be pre-populated with sensible defaults. For a full list of optional properties, see [[GuLambdaErrorPercentageMonitoringProps]].

If your team do not use CloudWatch, it's possible to opt-out with the following configuration:

 monitoringConfiguration: { noMonitoring: true }

Hierarchy

Properties

adotInstrumentation? allowAllOutbound? allowPublicSubnet? app architecture? codeSigningConfig? currentVersionOptions? deadLetterQueue? deadLetterQueueEnabled? deadLetterTopic? description? environment? environmentEncryption? ephemeralStorageSize? events? fileName filesystem? functionName? handler initialPolicy? insightsVersion? layers? logRetention? logRetentionRetryOptions? logRetentionRole? maxEventAge? memorySize? monitoringConfiguration onFailure? onSuccess? profiling? profilingGroup? reservedConcurrentExecutions? retryAttempts? role? rules runtime securityGroups? throttlingMonitoring? timeout? tracing? vpc? vpcSubnets?

Properties

Optional Readonly adotInstrumentation

adotInstrumentation?: AdotInstrumentationConfig

Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation

See

https://aws-otel.github.io/docs/getting-started/lambda

Default

  • No ADOT instrumentation

Optional Readonly allowAllOutbound

allowAllOutbound?: boolean

Whether to allow the Lambda to send all network traffic

If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets.

Default

true

Optional Readonly allowPublicSubnet

allowPublicSubnet?: boolean

Lambda Functions in a public subnet can NOT access the internet. Use this property to acknowledge this limitation and still place the function in a public subnet.

See

https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841

Default

false

app

app: string

Optional Readonly architecture

architecture?: Architecture

The system architectures compatible with this lambda function.

Default

Architecture.X86_64

Optional Readonly codeSigningConfig

codeSigningConfig?: ICodeSigningConfig

Code signing config associated with this function

Default

  • Not Sign the Code

Optional Readonly currentVersionOptions

currentVersionOptions?: VersionOptions

Options for the lambda.Version resource automatically created by the fn.currentVersion method.

Default

  • default options as described in VersionOptions

Optional Readonly deadLetterQueue

deadLetterQueue?: IQueue

The SQS queue to use if DLQ is enabled. If SNS topic is desired, specify deadLetterTopic property instead.

Default

  • SQS queue with 14 day retention period if deadLetterQueueEnabled is true

Optional Readonly deadLetterQueueEnabled

deadLetterQueueEnabled?: boolean

Enabled DLQ. If deadLetterQueue is undefined, an SQS queue with default options will be defined for your Function.

Default

  • false unless deadLetterQueue is set, which implies DLQ is enabled.

Optional Readonly deadLetterTopic

deadLetterTopic?: ITopic

The SNS topic to use as a DLQ. Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.

Default

  • no SNS topic

Optional Readonly description

description?: string

A description of the function.

Default

  • No description.

Optional Readonly environment

environment?: {
    [key: string]: string;
}

Key-value pairs that Lambda caches and makes available for your Lambda functions. Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code.

Default

  • No environment variables.

Type declaration

  • [key: string]: string

Optional Readonly environmentEncryption

environmentEncryption?: IKey

The AWS KMS key that's used to encrypt your function's environment variables.

Default

  • AWS Lambda creates and uses an AWS managed customer master key (CMK).

Optional Readonly ephemeralStorageSize

ephemeralStorageSize?: Size

The size of the function’s /tmp directory in MiB.

Default

512 MiB

Optional Readonly events

events?: IEventSource[]

Event sources for this function.

You can also add event sources using addEventSource.

Default

  • No event sources.

fileName

fileName: string

The filename for an executable package within the bucket [[GuDistributionBucketParameter]]. We'll look for fileName on the path "bucket/stack/stage/app/".

Optional Readonly filesystem

filesystem?: FileSystem

The filesystem configuration for the lambda function

Default

  • will not mount any filesystem

Optional Readonly functionName

functionName?: string

A name for the function.

Default

  • AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.

Readonly handler

handler: string

The name of the method within your code that Lambda calls to execute your function. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html.

Use Handler.FROM_IMAGE when defining a function from a Docker image.

NOTE: If you specify your source code as inline text by specifying the ZipFile property within the Code property, specify index.function_name as the handler.

Optional Readonly initialPolicy

initialPolicy?: PolicyStatement[]

Initial policy statements to add to the created Lambda Role.

You can call addToRolePolicy to the created lambda to add statements post creation.

Default

  • No policy statements are added to the created Lambda role.

Optional Readonly insightsVersion

insightsVersion?: LambdaInsightsVersion

Specify the version of CloudWatch Lambda insights to use for monitoring

See

When used with DockerImageFunction or DockerImageCode, the Docker image should have the Lambda insights agent installed.

Default

  • No Lambda Insights

Optional Readonly layers

layers?: ILayerVersion[]

A list of layers to add to the function's execution environment. You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions.

Default

  • No layers.

Optional Readonly logRetention

logRetention?: RetentionDays

The number of days log events are kept in CloudWatch Logs. When updating this property, unsetting it doesn't remove the log retention policy. To remove the retention policy, set the value to INFINITE.

Default

logs.RetentionDays.INFINITE

Optional Readonly logRetentionRetryOptions

logRetentionRetryOptions?: LogRetentionRetryOptions

When log retention is specified, a custom resource attempts to create the CloudWatch log group. These options control the retry policy when interacting with CloudWatch APIs.

Default

  • Default AWS SDK retry options.

Optional Readonly logRetentionRole

logRetentionRole?: IRole

The IAM role for the Lambda function associated with the custom resource that sets the retention policy.

Default

  • A new role is created.

Optional Readonly maxEventAge

maxEventAge?: Duration

The maximum age of a request that Lambda sends to a function for processing.

Minimum: 60 seconds Maximum: 6 hours

Default

Duration.hours(6)

Optional Readonly memorySize

memorySize?: number

The amount of memory, in MB, that is allocated to your Lambda function. Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide.

Default

128

monitoringConfiguration

monitoringConfiguration: GuLambdaErrorPercentageMonitoringProps | NoMonitoring

Optional Readonly onFailure

onFailure?: IDestination

The destination for failed invocations.

Default

  • no destination

Optional Readonly onSuccess

onSuccess?: IDestination

The destination for successful invocations.

Default

  • no destination

Optional Readonly profiling

profiling?: boolean

Enable profiling.

See

https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html

Default

  • No profiling.

Optional Readonly profilingGroup

profilingGroup?: IProfilingGroup

Profiling Group.

See

https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html

Default

  • A new profiling group will be created if profiling is set.

Optional Readonly reservedConcurrentExecutions

reservedConcurrentExecutions?: number

The maximum of concurrent executions you want to reserve for the function.

Default

  • No specific limit - account limit.

See

https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html

Optional Readonly retryAttempts

retryAttempts?: number

The maximum number of times to retry when the function returns an error.

Minimum: 0 Maximum: 2

Default

2

Optional Readonly role

role?: IRole

Lambda execution role.

This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.

The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.

The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".

Default

  • A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling addToRolePolicy.

rules

rules: {
    description?: string;
    schedule: Schedule;
}[]

Readonly runtime

runtime: Runtime

The runtime environment for the Lambda function that you are uploading. For valid values, see the Runtime property in the AWS Lambda Developer Guide.

Use Runtime.FROM_IMAGE when defining a function from a Docker image.

Optional Readonly securityGroups

securityGroups?: ISecurityGroup[]

The list of security groups to associate with the Lambda's network interfaces.

Only used if 'vpc' is supplied.

Default

  • If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.

Optional throttlingMonitoring

throttlingMonitoring?: GuLambdaThrottlingMonitoringProps

Alarm if throttling occurs. Note, it is also worth considering a concurrency limit (the reservedConcurrentExecutions prop) if you are concerned about throttling.

See

https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html

Optional Readonly timeout

timeout?: Duration

The function execution time (in seconds) after which Lambda terminates the function. Because the execution time affects cost, set this value based on the function's expected execution time.

Default

Duration.seconds(3)

Optional Readonly tracing

tracing?: Tracing

Enable AWS X-Ray Tracing for Lambda Function.

Default

Tracing.Disabled

Optional Readonly vpc

vpc?: IVpc

VPC network to place Lambda network interfaces

Specify this if the Lambda function needs to access resources in a VPC. This is required when vpcSubnets is specified.

Default

  • Function is not placed within a VPC.

Optional Readonly vpcSubnets

vpcSubnets?: SubnetSelection

Where to place the network interfaces within the VPC.

This requires vpc to be specified in order for interfaces to actually be placed in the subnets. If vpc is not specify, this will raise an error.

Note: Internet access for Lambda Functions requires a NAT Gateway, so picking public subnets is not allowed (unless allowPublicSubnet is set to true).

Default

  • the Vpc default strategy if not specified

Settings

Member Visibility

Theme

Generated using TypeDoc