aws-cdk-lib.custom_resources.ProviderProps

interface ProviderProps

LanguageType name
.NETAmazon.CDK.CustomResources.ProviderProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/customresources#ProviderProps
Javasoftware.amazon.awscdk.customresources.ProviderProps
Pythonaws_cdk.custom_resources.ProviderProps
TypeScript (source)aws-cdk-lib » custom_resources » ProviderProps

Initialization properties for the Provider construct.

Example

declare const onEvent: lambda.Function;
declare const isComplete: lambda.Function;
declare const myRole: iam.Role;
const myProvider = new cr.Provider(this, 'MyProvider', {
  onEventHandler: onEvent,
  isCompleteHandler: isComplete,
  logRetention: logs.RetentionDays.ONE_DAY,
  role: myRole,
  providerFunctionName: 'the-lambda-name',   // Optional
});

Properties

NameTypeDescription
onEventHandlerIFunctionThe AWS Lambda function to invoke for all resource lifecycle operations (CREATE/UPDATE/DELETE).
isCompleteHandler?IFunctionThe AWS Lambda function to invoke in order to determine if the operation is complete.
logRetention?RetentionDaysThe number of days framework log events are kept in CloudWatch Logs.
providerFunctionName?stringProvider Lambda name.
queryInterval?DurationTime between calls to the isComplete handler which determines if the resource has been stabilized.
role?IRoleAWS Lambda execution role.
securityGroups?ISecurityGroup[]Security groups to attach to the provider functions.
totalTimeout?DurationTotal timeout for the entire operation.
vpc?IVpcThe vpc to provision the lambda functions in.
vpcSubnets?SubnetSelectionWhich subnets from the VPC to place the lambda functions in.

onEventHandler

Type: IFunction

The AWS Lambda function to invoke for all resource lifecycle operations (CREATE/UPDATE/DELETE).

This function is responsible to begin the requested resource operation (CREATE/UPDATE/DELETE) and return any additional properties to add to the event, which will later be passed to isComplete. The PhysicalResourceId property must be included in the response.


isCompleteHandler?

Type: IFunction (optional, default: provider is synchronous. This means that the onEvent handler is expected to finish all lifecycle operations within the initial invocation.)

The AWS Lambda function to invoke in order to determine if the operation is complete.

This function will be called immediately after onEvent and then periodically based on the configured query interval as long as it returns false. If the function still returns false and the alloted timeout has passed, the operation will fail.


logRetention?

Type: RetentionDays (optional, default: logs.RetentionDays.INFINITE)

The number of days framework log events are kept in CloudWatch Logs.

When updating this property, unsetting it doesn't remove the log retention policy. To remove the retention policy, set the value to INFINITE.


providerFunctionName?

Type: string (optional, default: CloudFormation default name from unique physical ID)

Provider Lambda name.

The provider lambda function name.


queryInterval?

Type: Duration (optional, default: Duration.seconds(5))

Time between calls to the isComplete handler which determines if the resource has been stabilized.

The first isComplete will be called immediately after handler and then every queryInterval seconds, and until timeout has been reached or until isComplete returns true.


role?

Type: IRole (optional, default: A default role will be created.)

AWS Lambda execution role.

The role that will be assumed by the AWS Lambda. Must be assumable by the 'lambda.amazonaws.com' service principal.


securityGroups?

Type: ISecurityGroup[] (optional, default: If vpc is not supplied, no security groups are attached. Otherwise, a dedicated security group is created for each function.)

Security groups to attach to the provider functions.

Only used if 'vpc' is supplied


totalTimeout?

Type: Duration (optional, default: Duration.minutes(30))

Total timeout for the entire operation.

The maximum timeout is 2 hours (yes, it can exceed the AWS Lambda 15 minutes)


vpc?

Type: IVpc (optional, default: functions are not provisioned inside a vpc.)

The vpc to provision the lambda functions in.


vpcSubnets?

Type: SubnetSelection (optional, default: the Vpc default strategy if not specified)

Which subnets from the VPC to place the lambda functions in.

Only used if 'vpc' is supplied. Note: internet access for Lambdas requires a NAT gateway, so picking Public subnets is not allowed.