A Node.js Lambda function bundled using esbuild.
import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs';Or use the module namespace:
import * as lambda_nodejs from 'aws-cdk-lib/aws-lambda-nodejs';
// lambda_nodejs.NodejsFunctionConfiguration passed to the constructor as NodejsFunctionProps.
awsSdkConnectionReuseOptionalbooleanThe `AWS_NODEJS_CONNECTION_REUSE_ENABLED` environment variable does not exist in the AWS SDK for JavaScript v3. This prop will be deprecated when the Lambda Node16 runtime is deprecated on June 12, 2024. See https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-support-policy Info for Node 16 runtimes / SDK v2 users: Whether to automatically reuse TCP connections when working with the AWS SDK for JavaScript v2. This sets the `AWS_NODEJS_CONNECTION_REUSE_ENABLED` environment variable to `1`.
Default: - false (obsolete) for runtimes >= Node 18, true for runtimes <= Node 16.
bundlingOptionalBundlingOptionsBundling options.
Default: - use default bundling options: no minify, no sourcemap, all
modules are bundled.
codeOptionalCodeThe code that will be deployed to the Lambda Handler. If included, then properties related to bundling of the code are ignored. * If the `code` field is specified, then you must include the `handler` property.
Default: - the code is bundled by esbuild
depsLockFilePathOptionalstringThe path to the dependencies lock file (`yarn.lock`, `pnpm-lock.yaml`, `bun.lockb`, `bun.lock` or `package-lock.json`). This will be used as the source for the volume mounted in the Docker container. Modules specified in `nodeModules` will be installed using the right installer (`yarn`, `pnpm`, `bun` or `npm`) along with this lock file.
Default: - the path is found by walking up parent directories searching for
a `yarn.lock`, `pnpm-lock.yaml`, `bun.lockb`, `bun.lock` or `package-lock.json` file
entryOptionalstringPath to the entry file (JavaScript or TypeScript). If this is a relative path, it will be evaluated with respect to the JavaScript/TypeScript source file that instantiates the `NodejsFunction` construct. If the current project is not a Node project, relative paths are not reliable and absolute paths should be used. This file should be located underneath the `projectRoot` directory (by default, the directory containing the package manager's lock file). If omitted, the entry file will be derived from the TypeScript/JavaScript file that instantiates the `NodejsFunction` construct, and the construct identifier of the `NodejsFunction` construct, in the following way: ``` <filename>.<construct-id>.(ts|js) // Example, if stack.ts contains the following: new NodejsFunction(this, 'my-handler', { ... }); // Then the implicit entry point(s) will be stack.my-handler.ts stack.my-handler.js ``` Again: if the current project is not a Node project this is not reliable, and instead explicit, absolute paths should be used.
Default: - (Realible in Node projects only) derived from the defining file's name and construct ID as described in the documentation.
handlerOptionalstringThe name of the exported handler in the entry file. * If the `code` property is supplied, then you must include the `handler` property. The handler should be the name of the file that contains the exported handler and the function that should be called when the AWS Lambda is invoked. For example, if you had a file called `myLambda.js` and the function to be invoked was `myHandler`, then you should input `handler` property as `myLambda.myHandler`. * If the `code` property is not supplied and the handler input does not contain a `.`, then the handler is prefixed with `index.` (index period). Otherwise, the handler property is not modified.
Default: handler
projectRootOptionalstringThe path to the directory containing project config files (`package.json` or `tsconfig.json`).
Default: - the directory containing the `depsLockFilePath`
runtimeOptionalRuntimeThe runtime environment. Only runtimes of the Node.js family are supported.
Default: `Runtime.NODEJS_LATEST` if the `@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion` feature flag is enabled, otherwise `Runtime.NODEJS_16_X`
FunctionOptionsadotInstrumentationOptionalinherited from FunctionOptionsAdotInstrumentationConfigSpecify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
Default: - No ADOT instrumentation
allowAllIpv6OutboundOptionalinherited from FunctionOptionsbooleanWhether to allow the Lambda to send all ipv6 network traffic. If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6. Do not specify this property if the `securityGroups` or `securityGroup` property is set. Instead, configure `allowAllIpv6Outbound` directly on the security group.
Default: false
allowAllOutboundOptionalinherited from FunctionOptionsbooleanWhether to allow the Lambda to send all network traffic (except ipv6). If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets. Do not specify this property if the `securityGroups` or `securityGroup` property is set. Instead, configure `allowAllOutbound` directly on the security group.
Default: true
allowPublicSubnetOptionalinherited from FunctionOptionsbooleanLambda Functions in a public subnet can NOT access the internet. Use this property to acknowledge this limitation and still place the function in a public subnet.
Default: false
applicationLogLevelOptionalDeprecatedinherited from FunctionOptionsstringSets the application log level for the function.
Default: "INFO"
Deprecated: Use `applicationLogLevelV2` as a property instead.
applicationLogLevelV2Optionalinherited from FunctionOptionsApplicationLogLevelSets the application log level for the function.
Default: ApplicationLogLevel.INFO
architectureOptionalinherited from FunctionOptionsArchitectureThe system architectures compatible with this lambda function.
Default: Architecture.X86_64
codeSigningConfigOptionalinherited from FunctionOptionsICodeSigningConfigRefCode signing config associated with this function.
Default: - Not Sign the Code
currentVersionOptionsOptionalinherited from FunctionOptionsVersionOptionsOptions for the `lambda.Version` resource automatically created by the `fn.currentVersion` method.
Default: - default options as described in `VersionOptions`
deadLetterQueueOptionalinherited from FunctionOptionsIQueueThe SQS queue to use if DLQ is enabled. If SNS topic is desired, specify `deadLetterTopic` property instead.
Default: - SQS queue with 14 day retention period if `deadLetterQueueEnabled` is `true`
deadLetterQueueEnabledOptionalinherited from FunctionOptionsbooleanEnabled DLQ. If `deadLetterQueue` is undefined, an SQS queue with default options will be defined for your Function.
Default: - false unless `deadLetterQueue` is set, which implies DLQ is enabled.
deadLetterTopicOptionalinherited from FunctionOptionsITopicThe SNS topic to use as a DLQ. Note that if `deadLetterQueueEnabled` is set to `true`, an SQS queue will be created rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
Default: - no SNS topic
descriptionOptionalinherited from FunctionOptionsstringA description of the function.
Default: - No description.
durableConfigOptionalinherited from FunctionOptionsDurableConfigThe durable configuration for the function. If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
Default: - No durable configuration
environmentOptionalinherited from FunctionOptions{ [key: string]: string }Key-value pairs that Lambda caches and makes available for your Lambda functions. Use environment variables to apply configuration changes, such as test and production environment configurations, without changing your Lambda function source code.
Default: - No environment variables.
environmentEncryptionOptionalinherited from FunctionOptionsIKeyRefThe AWS KMS key that's used to encrypt your function's environment variables.
Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).
ephemeralStorageSizeOptionalinherited from FunctionOptionsSizeThe size of the function’s /tmp directory in MiB.
Default: 512 MiB
eventsOptionalinherited from FunctionOptionsIEventSource[]Event sources for this function. You can also add event sources using `addEventSource`.
Default: - No event sources.
filesystemOptionalinherited from FunctionOptionsFileSystemThe filesystem configuration for the lambda function.
Default: - will not mount any filesystem
functionNameOptionalinherited from FunctionOptionsstringA name for the function.
Default: - AWS CloudFormation generates a unique physical ID and uses that
ID for the function's name. For more information, see Name Type.
initialPolicyOptionalinherited from FunctionOptionsPolicyStatement[]Initial policy statements to add to the created Lambda Role. You can call `addToRolePolicy` to the created lambda to add statements post creation.
Default: - No policy statements are added to the created Lambda role.
insightsVersionOptionalinherited from FunctionOptionsLambdaInsightsVersionSpecify the version of CloudWatch Lambda insights to use for monitoring.
Default: - No Lambda Insights
ipv6AllowedForDualStackOptionalinherited from FunctionOptionsbooleanAllows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. Only used if 'vpc' is supplied.
Default: false
layersOptionalinherited from FunctionOptionsILayerVersion[]A list of layers to add to the function's execution environment. You can configure your Lambda function to pull in additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies that can be used by multiple functions.
Default: - No layers.
logFormatOptionalDeprecatedinherited from FunctionOptionsstringSets the logFormat for the function.
Default: "Text"
Deprecated: Use `loggingFormat` as a property instead.
loggingFormatOptionalinherited from FunctionOptionsLoggingFormatSets the loggingFormat for the function.
Default: LoggingFormat.TEXT
logGroupOptionalinherited from FunctionOptionsILogGroupRefThe log group the function sends logs to. By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name\>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention. Use the `logGroup` property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it. Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
Default: `/aws/lambda/${this.functionName}` - default log group created by Lambda
logRemovalPolicyOptionalDeprecatedinherited from FunctionOptionsRemovalPolicyDetermine the removal policy of the log group that is auto-created by this construct. Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
Default: RemovalPolicy.Retain
Deprecated: use `logGroup` instead
logRetentionOptionalDeprecatedinherited from FunctionOptionsRetentionDaysThe number of days log events are kept in CloudWatch Logs. When updating this property, unsetting it doesn't remove the log retention policy. To remove the retention policy, set the value to `INFINITE`. This is a legacy API and we strongly recommend you move away from it if you can. Instead create a fully customizable log group with `logs.LogGroup` and use the `logGroup` property to instruct the Lambda function to send logs to it. Migrating from `logRetention` to `logGroup` will cause the name of the log group to change. Users and code and referencing the name verbatim will have to adjust. In AWS CDK code, you can access the log group name directly from the LogGroup construct: ```ts import * as logs from 'aws-cdk-lib/aws-logs'; declare const myLogGroup: logs.LogGroup; myLogGroup.logGroupName; ```
Default: logs.RetentionDays.INFINITE
Deprecated: use `logGroup` instead
logRetentionRetryOptionsOptionalinherited from FunctionOptionsLogRetentionRetryOptionsWhen log retention is specified, a custom resource attempts to create the CloudWatch log group. These options control the retry policy when interacting with CloudWatch APIs. This is a legacy API and we strongly recommend you migrate to `logGroup` if you can. `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
Default: - Default AWS SDK retry options.
logRetentionRoleOptionalinherited from FunctionOptionsIRoleThe IAM role for the Lambda function associated with the custom resource that sets the retention policy. This is a legacy API and we strongly recommend you migrate to `logGroup` if you can. `logGroup` allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
Default: - A new role is created.
memorySizeOptionalinherited from FunctionOptionsnumberThe amount of memory, in MB, that is allocated to your Lambda function. Lambda uses this value to proportionally allocate the amount of CPU power. For more information, see Resource Model in the AWS Lambda Developer Guide.
Default: 128
paramsAndSecretsOptionalinherited from FunctionOptionsParamsAndSecretsLayerVersionSpecify the configuration of Parameters and Secrets Extension.
Default: - No Parameters and Secrets Extension
profilingOptionalinherited from FunctionOptionsbooleanEnable profiling.
Default: - No profiling.
profilingGroupOptionalinherited from FunctionOptionsIProfilingGroupProfiling Group.
Default: - A new profiling group will be created if `profiling` is set.
recursiveLoopOptionalinherited from FunctionOptionsRecursiveLoopSets the Recursive Loop Protection for Lambda Function. It lets Lambda detect and terminate unintended recursive loops.
Default: RecursiveLoop.Terminate
reservedConcurrentExecutionsOptionalinherited from FunctionOptionsnumberThe maximum of concurrent executions you want to reserve for the function.
Default: - No specific limit - account limit.
roleOptionalinherited from FunctionOptionsIRoleLambda execution role. This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal. The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself. The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
Default: - A unique role will be generated for this lambda function.
Both supplied and generated roles can always be changed by calling `addToRolePolicy`.
runtimeManagementModeOptionalinherited from FunctionOptionsRuntimeManagementModeSets the runtime management configuration for a function's version.
Default: Auto
securityGroupsOptionalinherited from FunctionOptionsISecurityGroup[]The list of security groups to associate with the Lambda's network interfaces. Only used if 'vpc' is supplied.
Default: - If the function is placed within a VPC and a security group is
not specified, either by this or securityGroup prop, a dedicated security
group will be created for this function.
snapStartOptionalinherited from FunctionOptionsSnapStartConfEnable SnapStart for Lambda Function. SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
Default: - No snapstart
systemLogLevelOptionalDeprecatedinherited from FunctionOptionsstringSets the system log level for the function.
Default: "INFO"
Deprecated: Use `systemLogLevelV2` as a property instead.
systemLogLevelV2Optionalinherited from FunctionOptionsSystemLogLevelSets the system log level for the function.
Default: SystemLogLevel.INFO
tenancyConfigOptionalinherited from FunctionOptionsTenancyConfigThe tenancy configuration for the function.
Default: - Tenant isolation is not enabled
timeoutOptionalinherited from FunctionOptionsDurationThe function execution time (in seconds) after which Lambda terminates the function. Because the execution time affects cost, set this value based on the function's expected execution time.
Default: Duration.seconds(3)
tracingOptionalinherited from FunctionOptionsTracingEnable AWS X-Ray Tracing for Lambda Function.
Default: Tracing.Disabled
vpcOptionalinherited from FunctionOptionsIVpcVPC network to place Lambda network interfaces. Specify this if the Lambda function needs to access resources in a VPC. This is required when `vpcSubnets` is specified.
Default: - Function is not placed within a VPC.
vpcSubnetsOptionalinherited from FunctionOptionsSubnetSelectionWhere to place the network interfaces within the VPC. This requires `vpc` to be specified in order for interfaces to actually be placed in the subnets. If `vpc` is not specify, this will raise an error. Note: Internet access for Lambda Functions requires a NAT Gateway, so picking public subnets is not allowed (unless `allowPublicSubnet` is set to `true`).
Default: - the Vpc default strategy if not specified
EventInvokeConfigOptionsmaxEventAgeOptionalinherited from EventInvokeConfigOptionsDurationThe maximum age of a request that Lambda sends to a function for processing. Minimum: 60 seconds Maximum: 6 hours
Default: Duration.hours(6)
onFailureOptionalinherited from EventInvokeConfigOptionsIDestinationThe destination for failed invocations.
Default: - no destination
onSuccessOptionalinherited from EventInvokeConfigOptionsIDestinationThe destination for successful invocations.
Default: - no destination
retryAttemptsOptionalinherited from EventInvokeConfigOptionsnumberThe maximum number of times to retry when the function returns an error. Minimum: 0 Maximum: 2
Default: 2
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to Newsletteraws-lambda-nodejs