aws-cdk-lib.aws_lambda.ParamsAndSecretsOptions

interface ParamsAndSecretsOptions

LanguageType name
.NETAmazon.CDK.AWS.Lambda.ParamsAndSecretsOptions
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awslambda#ParamsAndSecretsOptions
Javasoftware.amazon.awscdk.services.lambda.ParamsAndSecretsOptions
Pythonaws_cdk.aws_lambda.ParamsAndSecretsOptions
TypeScript (source)aws-cdk-lib » aws_lambda » ParamsAndSecretsOptions

Parameters and Secrets Extension configuration options.

Example

import * as sm from 'aws-cdk-lib/aws-secretsmanager';
import * as ssm from 'aws-cdk-lib/aws-ssm';

const secret = new sm.Secret(stack, 'Secret');
const parameter = new ssm.StringParameter(stack, 'Parameter', {
  parameterName: 'mySsmParameterName',
  stringValue: 'mySsmParameterValue',
});

const paramsAndSecrets = lambda.ParamsAndSecretsLayerVersion.fromVersion(lambda.ParamsAndSecretsVersions.V1_0_103, {
  cacheSize: 500,
  logLevel: lamabda.ParamsAndSecretsLogLevel.DEBUG,
});

const lambdaFunction = new lambda.Function(this, 'MyFunction', {
  runtime: lambda.Runtime.NODEJS_18_X,
  handler: 'index.handler',
  architecture: lambda.Architecture.ARM_64,
  code: lambda.Code.fromAsset(path.join(__dirname, 'lambda-handler')),
  paramsAndSecrets,
});

secret.grantRead(lambdaFunction);
parameter.grantRead(lambdaFunction);

Properties

NameTypeDescription
cacheEnabled?booleanWhether the Parameters and Secrets Extension will cache parameters and secrets.
cacheSize?numberThe maximum number of secrets and parameters to cache.
httpPort?numberThe port for the local HTTP server.
logLevel?ParamsAndSecretsLogLevelThe level of logging provided by the Parameters and Secrets Extension.
maxConnections?numberThe maximum number of connection for HTTP clients that the Parameters and Secrets Extension uses to make requests to Parameter Store or Secrets Manager.
parameterStoreTimeout?DurationThe timeout for requests to Parameter Store.
parameterStoreTtl?DurationThe time-to-live of a parameter in the cache.
secretsManagerTimeout?DurationThe timeout for requests to Secrets Manager.
secretsManagerTtl?DurationThe time-to-live of a secret in the cache.

cacheEnabled?

Type: boolean (optional, default: true)

Whether the Parameters and Secrets Extension will cache parameters and secrets.


cacheSize?

Type: number (optional, default: 1000)

The maximum number of secrets and parameters to cache.

Must be a value from 0 to 1000. A value of 0 means there is no caching.

Note: This variable is ignored if parameterStoreTtl and secretsManagerTtl are 0.


httpPort?

Type: number (optional, default: 2773)

The port for the local HTTP server.

Valid port numbers are 1 - 65535.


logLevel?

Type: ParamsAndSecretsLogLevel (optional, default: Logging level will be info)

The level of logging provided by the Parameters and Secrets Extension.

Note: Set to debug to see the cache configuration.


maxConnections?

Type: number (optional, default: 3)

The maximum number of connection for HTTP clients that the Parameters and Secrets Extension uses to make requests to Parameter Store or Secrets Manager.

There is no maximum limit. Minimum is 1.

Note: Every running copy of this Lambda function may open the number of connections specified by this property. Thus, the total number of connections may exceed this number.


parameterStoreTimeout?

Type: Duration (optional, default: 0)

The timeout for requests to Parameter Store.

A value of 0 means that there is no timeout.


parameterStoreTtl?

Type: Duration (optional, default: 300 seconds)

The time-to-live of a parameter in the cache.

A value of 0 means there is no caching. The maximum time-to-live is 300 seconds.

Note: This variable is ignored if cacheSize is 0.


secretsManagerTimeout?

Type: Duration (optional, default: 0)

The timeout for requests to Secrets Manager.

A value of 0 means that there is no timeout.


secretsManagerTtl?

Type: Duration (optional, default: 300 seconds)

The time-to-live of a secret in the cache.

A value of 0 means there is no caching. The maximum time-to-live is 300 seconds.

Note: This variable is ignored if cacheSize is 0.