Data Source schema for AWS::Lambda::Function
id
(String) Uniquely identifies the resource.architectures
(List of String) The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is x86_64
.arn
(String)code
(Attributes) The code for the function. (see below for nested schema)code_signing_config_arn
(String) To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.dead_letter_config
(Attributes) A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see Dead-letter queues. (see below for nested schema)description
(String) A description of the function.environment
(Attributes) Environment variables that are accessible from function code during execution. (see below for nested schema)ephemeral_storage
(Attributes) The size of the function's /tmp
directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB. (see below for nested schema)file_system_configs
(Attributes List) Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an AWS::EFS::MountTarget resource, you must also specify a DependsOn
attribute to ensure that the mount target is created or updated before the function.
For more information about using the DependsOn
attribute, see DependsOn Attribute. (see below for nested schema)function_name
(String) The name of the Lambda function, up to 64 characters in length. If you don't specify a name, CFN generates one.
If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.handler
(String) The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see Lambda programming model.image_config
(Attributes) Configuration values that override the container image Dockerfile settings. For more information, see Container image settings. (see below for nested schema)kms_key_arn
(String) The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's environment variables. When Lambda SnapStart is activated, Lambda also uses this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). If you don't provide a customer managed key, Lambda uses a default service key.layers
(List of String) A list of function layers to add to the function's execution environment. Specify each layer by its ARN, including the version.logging_config
(Attributes) The function's Amazon CloudWatch Logs configuration settings. (see below for nested schema)memory_size
(Number) The amount of memory available to the function at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.package_type
(String) The type of deployment package. Set to Image
for container image and set Zip
for .zip file archive.reserved_concurrent_executions
(Number) The number of simultaneous executions to reserve for the function.role
(String) The Amazon Resource Name (ARN) of the function's execution role.runtime
(String) The identifier of the function's runtime. Runtime is required if the deployment package is a .zip file archive.
The following list includes deprecated runtimes. For more information, see Runtime deprecation policy.runtime_management_config
(Attributes) Sets the runtime management configuration for a function's version. For more information, see Runtime updates. (see below for nested schema)snap_start
(Attributes) The function's SnapStart setting. (see below for nested schema)snap_start_response
(Attributes) The function's SnapStart setting. (see below for nested schema)tags
(Attributes Set) A list of tags to apply to the function. (see below for nested schema)timeout
(Number) The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see Lambda execution environment.tracing_config
(Attributes) Set Mode
to Active
to sample and trace a subset of incoming requests with X-Ray. (see below for nested schema)vpc_config
(Attributes) For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see Configuring a Lambda function to access resources in a VPC. (see below for nested schema)code
Read-Only:
image_uri
(String) URI of a container image in the Amazon ECR registry.s3_bucket
(String) An Amazon S3 bucket in the same AWS-Region as your function. The bucket can be in a different AWS-account.s3_key
(String) The Amazon S3 key of the deployment package.s3_object_version
(String) For versioned objects, the version of the deployment package object to use.zip_file
(String) (Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, CFN places it in a file named index
and zips it to create a deployment package. This zip file cannot exceed 4MB. For the Handler
property, the first part of the handler identifier must be index
. For example, index.handler
.
For JSON, you must escape quotes and special characters such as newline (\n
) with a backslash.
If you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module (cfn-response) that simplifies sending responses. See Using Lambda with CloudFormation for details.dead_letter_config
Read-Only:
target_arn
(String) The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.environment
Read-Only:
variables
(Map of String) Environment variable key-value pairs. For more information, see Using Lambda environment variables.ephemeral_storage
Read-Only:
size
(Number) The size of the function's /tmp
directory.file_system_configs
Read-Only:
arn
(String) The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.local_mount_path
(String) The path where the function can access the file system, starting with /mnt/
.image_config
Read-Only:
command
(List of String) Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.entry_point
(List of String) Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.working_directory
(String) Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.logging_config
Read-Only:
application_log_level
(String) Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where TRACE
is the highest level and FATAL
is the lowest.log_format
(String) The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON.log_group
(String) The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named /aws/lambda/<function name>
. To use a different log group, enter an existing log group or enter a new log group name.system_log_level
(String) Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where DEBUG
is the highest level and WARN
is the lowest.runtime_management_config
Read-Only:
runtime_version_arn
(String) The ARN of the runtime version you want the function to use.
This is only required if you're using the Manual runtime update mode.update_runtime_on
(String) Specify the runtime update mode.
Valid Values: Auto
| FunctionUpdate
| Manual
snap_start
Read-Only:
apply_on
(String) Set ApplyOn
to PublishedVersions
to create a snapshot of the initialized execution environment when you publish a function version.snap_start_response
Read-Only:
apply_on
(String) When set to PublishedVersions
, Lambda creates a snapshot of the execution environment when you publish a function version.optimization_status
(String) When you provide a qualified Amazon Resource Name (ARN), this response element indicates whether SnapStart is activated for the specified function version.tags
Read-Only:
key
(String)value
(String)tracing_config
Read-Only:
mode
(String) The tracing mode.vpc_config
Read-Only:
ipv_6_allowed_for_dual_stack
(Boolean) Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.security_group_ids
(List of String) A list of VPC security group IDs.subnet_ids
(List of String) A list of VPC subnet IDs.