From 4c88540480b84a2d2938ba64bca1827791664b66 Mon Sep 17 00:00:00 2001 From: Clay King Date: Fri, 10 Jun 2022 21:27:58 +0000 Subject: [PATCH] Periodic update - 06/10/2022 --- doc_source/.DS_Store | Bin 6148 -> 0 bytes doc_source/API_AccountLimit.md | 0 doc_source/API_AccountUsage.md | 0 doc_source/API_AddLayerVersionPermission.md | 0 doc_source/API_AddPermission.md | 19 +- doc_source/API_AliasConfiguration.md | 0 doc_source/API_AliasRoutingConfiguration.md | 0 doc_source/API_AllowedPublishers.md | 0 doc_source/API_CodeSigningConfig.md | 0 doc_source/API_CodeSigningPolicies.md | 0 doc_source/API_Concurrency.md | 0 doc_source/API_Cors.md | 57 +++ doc_source/API_CreateAlias.md | 0 doc_source/API_CreateCodeSigningConfig.md | 0 doc_source/API_CreateEventSourceMapping.md | 4 +- doc_source/API_CreateFunction.md | 19 +- doc_source/API_CreateFunctionUrlConfig.md | 144 ++++++++ doc_source/API_DeadLetterConfig.md | 0 doc_source/API_DeleteAlias.md | 0 doc_source/API_DeleteCodeSigningConfig.md | 0 doc_source/API_DeleteEventSourceMapping.md | 2 +- doc_source/API_DeleteFunction.md | 0 .../API_DeleteFunctionCodeSigningConfig.md | 0 doc_source/API_DeleteFunctionConcurrency.md | 0 .../API_DeleteFunctionEventInvokeConfig.md | 0 doc_source/API_DeleteFunctionUrlConfig.md | 75 ++++ doc_source/API_DeleteLayerVersion.md | 0 .../API_DeleteProvisionedConcurrencyConfig.md | 0 doc_source/API_DestinationConfig.md | 0 doc_source/API_Environment.md | 0 doc_source/API_EnvironmentError.md | 0 doc_source/API_EnvironmentResponse.md | 0 doc_source/API_EphemeralStorage.md | 19 + .../API_EventSourceMappingConfiguration.md | 2 +- doc_source/API_FileSystemConfig.md | 0 doc_source/API_Filter.md | 0 doc_source/API_FilterCriteria.md | 0 doc_source/API_FunctionCode.md | 0 doc_source/API_FunctionCodeLocation.md | 0 doc_source/API_FunctionConfiguration.md | 7 +- doc_source/API_FunctionEventInvokeConfig.md | 0 doc_source/API_FunctionUrlConfig.md | 46 +++ doc_source/API_GetAccountSettings.md | 0 doc_source/API_GetAlias.md | 0 doc_source/API_GetCodeSigningConfig.md | 0 doc_source/API_GetEventSourceMapping.md | 2 +- doc_source/API_GetFunction.md | 3 + .../API_GetFunctionCodeSigningConfig.md | 0 doc_source/API_GetFunctionConcurrency.md | 0 doc_source/API_GetFunctionConfiguration.md | 9 +- .../API_GetFunctionEventInvokeConfig.md | 0 doc_source/API_GetFunctionUrlConfig.md | 121 +++++++ doc_source/API_GetLayerVersion.md | 2 +- doc_source/API_GetLayerVersionByArn.md | 2 +- doc_source/API_GetLayerVersionPolicy.md | 0 doc_source/API_GetPolicy.md | 0 .../API_GetProvisionedConcurrencyConfig.md | 0 doc_source/API_ImageConfig.md | 0 doc_source/API_ImageConfigError.md | 0 doc_source/API_ImageConfigResponse.md | 0 doc_source/API_Invoke.md | 0 doc_source/API_InvokeAsync.md | 0 doc_source/API_Layer.md | 0 doc_source/API_LayerVersionContentInput.md | 0 doc_source/API_LayerVersionContentOutput.md | 0 doc_source/API_LayerVersionsListItem.md | 2 +- doc_source/API_LayersListItem.md | 0 doc_source/API_ListAliases.md | 0 doc_source/API_ListCodeSigningConfigs.md | 0 doc_source/API_ListEventSourceMappings.md | 0 .../API_ListFunctionEventInvokeConfigs.md | 0 doc_source/API_ListFunctionUrlConfigs.md | 109 ++++++ doc_source/API_ListFunctions.md | 3 + .../API_ListFunctionsByCodeSigningConfig.md | 0 doc_source/API_ListLayerVersions.md | 2 +- doc_source/API_ListLayers.md | 2 +- .../API_ListProvisionedConcurrencyConfigs.md | 0 doc_source/API_ListTags.md | 0 doc_source/API_ListVersionsByFunction.md | 3 + doc_source/API_OnFailure.md | 0 doc_source/API_OnSuccess.md | 0 doc_source/API_Operations.md | 7 +- ...PI_ProvisionedConcurrencyConfigListItem.md | 0 doc_source/API_PublishLayerVersion.md | 4 +- doc_source/API_PublishVersion.md | 9 +- .../API_PutFunctionCodeSigningConfig.md | 0 doc_source/API_PutFunctionConcurrency.md | 0 .../API_PutFunctionEventInvokeConfig.md | 0 .../API_PutProvisionedConcurrencyConfig.md | 0 doc_source/API_Reference.md | 0 .../API_RemoveLayerVersionPermission.md | 0 doc_source/API_RemovePermission.md | 0 doc_source/API_SelfManagedEventSource.md | 0 doc_source/API_SourceAccessConfiguration.md | 0 doc_source/API_TagResource.md | 0 doc_source/API_TracingConfig.md | 0 doc_source/API_TracingConfigResponse.md | 0 doc_source/API_Types.md | 3 + doc_source/API_UntagResource.md | 0 doc_source/API_UpdateAlias.md | 0 doc_source/API_UpdateCodeSigningConfig.md | 0 doc_source/API_UpdateEventSourceMapping.md | 4 +- doc_source/API_UpdateFunctionCode.md | 9 +- doc_source/API_UpdateFunctionConfiguration.md | 19 +- .../API_UpdateFunctionEventInvokeConfig.md | 0 doc_source/API_UpdateFunctionUrlConfig.md | 149 ++++++++ doc_source/API_VpcConfig.md | 0 doc_source/API_VpcConfigResponse.md | 0 doc_source/access-control-identity-based.md | 2 +- doc_source/access-control-resource-based.md | 54 ++- doc_source/applications-console.md | 0 doc_source/applications-tutorial.md | 2 +- doc_source/applications-usecases.md | 0 doc_source/best-practices.md | 2 +- doc_source/configuration-aliases.md | 0 doc_source/configuration-codesigning.md | 0 doc_source/configuration-concurrency.md | 0 doc_source/configuration-database.md | 0 doc_source/configuration-envvars.md | 4 +- doc_source/configuration-filesystem.md | 0 doc_source/configuration-function-common.md | 25 ++ doc_source/configuration-function-zip.md | 115 +++--- doc_source/configuration-images.md | 259 -------------- doc_source/configuration-layers.md | 8 +- doc_source/configuration-tags.md | 32 +- doc_source/configuration-versions.md | 0 doc_source/configuration-vpc-endpoints.md | 6 +- doc_source/configuration-vpc.md | 7 +- doc_source/csharp-context.md | 0 doc_source/csharp-exceptions.md | 0 doc_source/csharp-handler.md | 0 doc_source/csharp-image.md | 17 +- doc_source/csharp-logging.md | 6 +- doc_source/csharp-package-cli.md | 0 doc_source/csharp-package-toolkit.md | 0 doc_source/csharp-package.md | 0 doc_source/csharp-tracing.md | 8 +- doc_source/deploying-lambda-apps.md | 0 doc_source/extensions-api-partners.md | 27 ++ doc_source/foundation-arch.md | 4 +- doc_source/foundation-console.md | 2 +- doc_source/foundation-networking.md | 0 doc_source/foundation-progmodel.md | 0 doc_source/functions-states.md | 0 doc_source/getting-started-create-function.md | 98 ------ doc_source/getting-started.md | 100 +++++- doc_source/gettingstarted-awscli.md | 2 +- doc_source/gettingstarted-concepts.md | 2 +- doc_source/gettingstarted-features.md | 7 + doc_source/gettingstarted-images.md | 330 +++++++++++------- doc_source/gettingstarted-limits.md | 10 +- doc_source/gettingstarted-package.md | 2 +- doc_source/glossary.md | 0 doc_source/go-image.md | 20 +- doc_source/golang-context.md | 0 doc_source/golang-envvars.md | 0 doc_source/golang-exceptions.md | 0 doc_source/golang-handler.md | 0 doc_source/golang-logging.md | 4 +- doc_source/golang-package.md | 2 +- doc_source/golang-tracing.md | 8 +- doc_source/images-create.md | 88 ++--- doc_source/images-test.md | 0 doc_source/index.md | 58 +-- doc_source/invocation-async.md | 0 doc_source/invocation-eventfiltering.md | 0 doc_source/invocation-eventsourcemapping.md | 4 +- doc_source/invocation-images.md | 0 doc_source/invocation-layers.md | 20 +- doc_source/invocation-retries.md | 0 doc_source/invocation-scaling.md | 0 doc_source/invocation-sync.md | 6 +- doc_source/java-context.md | 0 doc_source/java-exceptions.md | 2 +- doc_source/java-handler.md | 0 doc_source/java-image.md | 16 +- doc_source/java-logging.md | 10 +- doc_source/java-package-eclipse.md | 0 doc_source/java-package.md | 6 +- doc_source/java-samples.md | 0 doc_source/java-tracing.md | 121 ++++--- doc_source/kinesis-tutorial-spec.md | 0 doc_source/lambda-api-permissions-ref.md | 27 +- doc_source/lambda-csharp.md | 3 +- ...a-images.md => lambda-deploy-functions.md} | 20 +- doc_source/lambda-edge.md | 0 doc_source/lambda-foundation.md | 0 doc_source/lambda-functions.md | 2 +- doc_source/lambda-golang.md | 0 doc_source/lambda-intro-execution-role.md | 2 +- doc_source/lambda-invocation.md | 3 +- doc_source/lambda-java.md | 2 +- doc_source/lambda-managing.md | 0 doc_source/lambda-monitoring.md | 0 doc_source/lambda-nodejs.md | 11 +- doc_source/lambda-permissions.md | 0 doc_source/lambda-powershell.md | 1 - doc_source/lambda-python.md | 14 +- doc_source/lambda-releases.md | 10 +- doc_source/lambda-rolling-deployments.md | 0 doc_source/lambda-ruby.md | 3 +- ...ntext.md => lambda-runtime-environment.md} | 17 +- doc_source/lambda-runtimes.md | 89 +++-- doc_source/lambda-samples.md | 0 doc_source/lambda-security.md | 0 doc_source/lambda-services.md | 0 doc_source/lambda-settingup.md | 2 +- doc_source/lambda-stepfunctions.md | 0 doc_source/lambda-troubleshooting.md | 0 doc_source/lambda-typescript.md | 47 +++ doc_source/lambda-urls.md | 20 ++ doc_source/logging-using-cloudtrail.md | 5 + doc_source/monitoring-cloudwatchlogs.md | 0 doc_source/monitoring-code-profiler.md | 0 .../monitoring-functions-access-metrics.md | 0 doc_source/monitoring-insights.md | 0 doc_source/monitoring-metrics.md | 4 +- doc_source/monitoring-servicemap.md | 0 doc_source/nodejs-context.md | 0 doc_source/nodejs-exceptions.md | 0 doc_source/nodejs-handler.md | 2 +- doc_source/nodejs-image.md | 16 +- doc_source/nodejs-logging.md | 4 +- doc_source/nodejs-package.md | 0 doc_source/nodejs-tracing.md | 10 +- doc_source/permissions-boundary.md | 0 doc_source/powershell-context.md | 0 doc_source/powershell-devenv.md | 0 doc_source/powershell-exceptions.md | 0 doc_source/powershell-handler.md | 0 doc_source/powershell-logging.md | 6 +- doc_source/powershell-package.md | 0 doc_source/provisioned-concurrency.md | 4 +- doc_source/python-context.md | 2 +- doc_source/python-exceptions.md | 2 +- doc_source/python-handler.md | 2 +- doc_source/python-image.md | 14 +- doc_source/python-logging.md | 6 +- doc_source/python-package.md | 4 +- doc_source/python-tracing.md | 12 +- doc_source/ruby-context.md | 0 doc_source/ruby-exceptions.md | 0 doc_source/ruby-handler.md | 2 +- doc_source/ruby-image.md | 16 +- doc_source/ruby-logging.md | 4 +- doc_source/ruby-package.md | 0 doc_source/ruby-tracing.md | 10 +- doc_source/runtime-support-policy.md | 41 --- doc_source/runtimes-api.md | 22 +- doc_source/runtimes-avx2.md | 0 doc_source/runtimes-custom.md | 2 +- doc_source/runtimes-extensions-api.md | 31 +- doc_source/runtimes-images.md | 6 +- doc_source/runtimes-logs-api.md | 4 +- doc_source/runtimes-modify.md | 2 +- doc_source/runtimes-walkthrough.md | 2 +- doc_source/samples-blank.md | 0 doc_source/samples-errorprocessor.md | 0 doc_source/samples-listmanager.md | 0 doc_source/security-compliance.md | 0 doc_source/security-configuration.md | 4 +- doc_source/security-dataprotection.md | 2 +- doc_source/security-iam.md | 0 doc_source/security-infrastructure.md | 0 doc_source/security-resilience.md | 0 .../security_iam_id-based-policy-examples.md | 0 doc_source/security_iam_service-with-iam.md | 0 doc_source/security_iam_troubleshoot.md | 0 doc_source/services-alb.md | 0 doc_source/services-alexa.md | 0 doc_source/services-apigateway-blueprint.md | 0 doc_source/services-apigateway-code.md | 0 doc_source/services-apigateway-template.md | 0 doc_source/services-apigateway-tutorial.md | 2 +- doc_source/services-apigateway.md | 12 +- doc_source/services-cloudformation.md | 0 .../services-cloudwatchevents-expressions.md | 0 .../services-cloudwatchevents-tutorial.md | 2 +- doc_source/services-cloudwatchevents.md | 0 doc_source/services-cloudwatchlogs.md | 0 doc_source/services-codecommit.md | 0 doc_source/services-codepipeline.md | 0 doc_source/services-cognito.md | 0 doc_source/services-config.md | 6 +- doc_source/services-connect.md | 0 doc_source/services-ec2-tutorial.md | 0 doc_source/services-ec2.md | 4 +- doc_source/services-efs.md | 0 doc_source/services-elasticache-tutorial.md | 2 +- doc_source/services-iot.md | 0 doc_source/services-iotevents.md | 0 doc_source/services-kinesisfirehose.md | 0 doc_source/services-lex.md | 0 doc_source/services-rds-tutorial.md | 2 +- doc_source/services-rds.md | 0 doc_source/services-s3-batch.md | 0 doc_source/services-s3-object-lambda.md | 0 doc_source/services-ses.md | 2 +- doc_source/services-stepfunctions.md | 0 doc_source/services-xray.md | 12 +- doc_source/stepfunctions-lc.md | 0 doc_source/stepfunctions-patterns.md | 0 doc_source/testing-functions.md | 98 ++++++ doc_source/troubleshooting-deployment.md | 0 doc_source/troubleshooting-execution.md | 0 doc_source/troubleshooting-images.md | 0 doc_source/troubleshooting-invocation.md | 2 +- doc_source/troubleshooting-networking.md | 0 doc_source/typescript-exceptions.md | 90 +++++ doc_source/typescript-handler.md | 99 ++++++ doc_source/typescript-image.md | 109 ++++++ doc_source/typescript-package.md | 249 +++++++++++++ doc_source/urls-auth.md | 237 +++++++++++++ doc_source/urls-configuration.md | 216 ++++++++++++ doc_source/urls-invocation.md | 203 +++++++++++ doc_source/urls-monitoring.md | 37 ++ doc_source/urls-tutorial.md | 181 ++++++++++ doc_source/using-extensions.md | 23 +- doc_source/welcome.md | 6 +- doc_source/with-android-create-package.md | 0 doc_source/with-android-example.md | 2 +- doc_source/with-cloudtrail-create-package.md | 0 doc_source/with-cloudtrail-example.md | 2 +- doc_source/with-cloudtrail.md | 0 doc_source/with-ddb-create-package.md | 0 doc_source/with-ddb-example.md | 2 +- doc_source/with-ddb.md | 22 +- doc_source/with-kafka.md | 2 +- doc_source/with-kinesis-create-package.md | 0 .../with-kinesis-example-use-app-spec.md | 0 doc_source/with-kinesis-example.md | 2 +- doc_source/with-kinesis.md | 7 +- doc_source/with-mq.md | 6 +- doc_source/with-msk.md | 6 +- doc_source/with-on-demand-custom-android.md | 0 doc_source/with-s3-example-use-app-spec.md | 0 doc_source/with-s3-example.md | 2 +- doc_source/with-s3-tutorial.md | 0 doc_source/with-s3.md | 0 doc_source/with-secrets-manager.md | 0 doc_source/with-sns-create-package.md | 0 doc_source/with-sns-example.md | 2 +- doc_source/with-sns.md | 0 doc_source/with-sqs-create-package.md | 0 doc_source/with-sqs-cross-account-example.md | 2 +- doc_source/with-sqs-example-use-app-spec.md | 0 doc_source/with-sqs-example.md | 2 +- doc_source/with-sqs.md | 0 348 files changed, 3403 insertions(+), 1118 deletions(-) delete mode 100644 doc_source/.DS_Store mode change 100755 => 100644 doc_source/API_AccountLimit.md mode change 100755 => 100644 doc_source/API_AccountUsage.md mode change 100755 => 100644 doc_source/API_AddLayerVersionPermission.md mode change 100755 => 100644 doc_source/API_AddPermission.md mode change 100755 => 100644 doc_source/API_AliasConfiguration.md mode change 100755 => 100644 doc_source/API_AliasRoutingConfiguration.md mode change 100755 => 100644 doc_source/API_AllowedPublishers.md mode change 100755 => 100644 doc_source/API_CodeSigningConfig.md mode change 100755 => 100644 doc_source/API_CodeSigningPolicies.md mode change 100755 => 100644 doc_source/API_Concurrency.md create mode 100644 doc_source/API_Cors.md mode change 100755 => 100644 doc_source/API_CreateAlias.md mode change 100755 => 100644 doc_source/API_CreateCodeSigningConfig.md mode change 100755 => 100644 doc_source/API_CreateEventSourceMapping.md mode change 100755 => 100644 doc_source/API_CreateFunction.md create mode 100644 doc_source/API_CreateFunctionUrlConfig.md mode change 100755 => 100644 doc_source/API_DeadLetterConfig.md mode change 100755 => 100644 doc_source/API_DeleteAlias.md mode change 100755 => 100644 doc_source/API_DeleteCodeSigningConfig.md mode change 100755 => 100644 doc_source/API_DeleteEventSourceMapping.md mode change 100755 => 100644 doc_source/API_DeleteFunction.md mode change 100755 => 100644 doc_source/API_DeleteFunctionCodeSigningConfig.md mode change 100755 => 100644 doc_source/API_DeleteFunctionConcurrency.md mode change 100755 => 100644 doc_source/API_DeleteFunctionEventInvokeConfig.md create mode 100644 doc_source/API_DeleteFunctionUrlConfig.md mode change 100755 => 100644 doc_source/API_DeleteLayerVersion.md mode change 100755 => 100644 doc_source/API_DeleteProvisionedConcurrencyConfig.md mode change 100755 => 100644 doc_source/API_DestinationConfig.md mode change 100755 => 100644 doc_source/API_Environment.md mode change 100755 => 100644 doc_source/API_EnvironmentError.md mode change 100755 => 100644 doc_source/API_EnvironmentResponse.md create mode 100644 doc_source/API_EphemeralStorage.md mode change 100755 => 100644 doc_source/API_EventSourceMappingConfiguration.md mode change 100755 => 100644 doc_source/API_FileSystemConfig.md mode change 100755 => 100644 doc_source/API_Filter.md mode change 100755 => 100644 doc_source/API_FilterCriteria.md mode change 100755 => 100644 doc_source/API_FunctionCode.md mode change 100755 => 100644 doc_source/API_FunctionCodeLocation.md mode change 100755 => 100644 doc_source/API_FunctionConfiguration.md mode change 100755 => 100644 doc_source/API_FunctionEventInvokeConfig.md create mode 100644 doc_source/API_FunctionUrlConfig.md mode change 100755 => 100644 doc_source/API_GetAccountSettings.md mode change 100755 => 100644 doc_source/API_GetAlias.md mode change 100755 => 100644 doc_source/API_GetCodeSigningConfig.md mode change 100755 => 100644 doc_source/API_GetEventSourceMapping.md mode change 100755 => 100644 doc_source/API_GetFunction.md mode change 100755 => 100644 doc_source/API_GetFunctionCodeSigningConfig.md mode change 100755 => 100644 doc_source/API_GetFunctionConcurrency.md mode change 100755 => 100644 doc_source/API_GetFunctionConfiguration.md mode change 100755 => 100644 doc_source/API_GetFunctionEventInvokeConfig.md create mode 100644 doc_source/API_GetFunctionUrlConfig.md mode change 100755 => 100644 doc_source/API_GetLayerVersion.md mode change 100755 => 100644 doc_source/API_GetLayerVersionByArn.md mode change 100755 => 100644 doc_source/API_GetLayerVersionPolicy.md mode change 100755 => 100644 doc_source/API_GetPolicy.md mode change 100755 => 100644 doc_source/API_GetProvisionedConcurrencyConfig.md mode change 100755 => 100644 doc_source/API_ImageConfig.md mode change 100755 => 100644 doc_source/API_ImageConfigError.md mode change 100755 => 100644 doc_source/API_ImageConfigResponse.md mode change 100755 => 100644 doc_source/API_Invoke.md mode change 100755 => 100644 doc_source/API_InvokeAsync.md mode change 100755 => 100644 doc_source/API_Layer.md mode change 100755 => 100644 doc_source/API_LayerVersionContentInput.md mode change 100755 => 100644 doc_source/API_LayerVersionContentOutput.md mode change 100755 => 100644 doc_source/API_LayerVersionsListItem.md mode change 100755 => 100644 doc_source/API_LayersListItem.md mode change 100755 => 100644 doc_source/API_ListAliases.md mode change 100755 => 100644 doc_source/API_ListCodeSigningConfigs.md mode change 100755 => 100644 doc_source/API_ListEventSourceMappings.md mode change 100755 => 100644 doc_source/API_ListFunctionEventInvokeConfigs.md create mode 100644 doc_source/API_ListFunctionUrlConfigs.md mode change 100755 => 100644 doc_source/API_ListFunctions.md mode change 100755 => 100644 doc_source/API_ListFunctionsByCodeSigningConfig.md mode change 100755 => 100644 doc_source/API_ListLayerVersions.md mode change 100755 => 100644 doc_source/API_ListLayers.md mode change 100755 => 100644 doc_source/API_ListProvisionedConcurrencyConfigs.md mode change 100755 => 100644 doc_source/API_ListTags.md mode change 100755 => 100644 doc_source/API_ListVersionsByFunction.md mode change 100755 => 100644 doc_source/API_OnFailure.md mode change 100755 => 100644 doc_source/API_OnSuccess.md mode change 100755 => 100644 doc_source/API_Operations.md mode change 100755 => 100644 doc_source/API_ProvisionedConcurrencyConfigListItem.md mode change 100755 => 100644 doc_source/API_PublishLayerVersion.md mode change 100755 => 100644 doc_source/API_PublishVersion.md mode change 100755 => 100644 doc_source/API_PutFunctionCodeSigningConfig.md mode change 100755 => 100644 doc_source/API_PutFunctionConcurrency.md mode change 100755 => 100644 doc_source/API_PutFunctionEventInvokeConfig.md mode change 100755 => 100644 doc_source/API_PutProvisionedConcurrencyConfig.md mode change 100755 => 100644 doc_source/API_Reference.md mode change 100755 => 100644 doc_source/API_RemoveLayerVersionPermission.md mode change 100755 => 100644 doc_source/API_RemovePermission.md mode change 100755 => 100644 doc_source/API_SelfManagedEventSource.md mode change 100755 => 100644 doc_source/API_SourceAccessConfiguration.md mode change 100755 => 100644 doc_source/API_TagResource.md mode change 100755 => 100644 doc_source/API_TracingConfig.md mode change 100755 => 100644 doc_source/API_TracingConfigResponse.md mode change 100755 => 100644 doc_source/API_Types.md mode change 100755 => 100644 doc_source/API_UntagResource.md mode change 100755 => 100644 doc_source/API_UpdateAlias.md mode change 100755 => 100644 doc_source/API_UpdateCodeSigningConfig.md mode change 100755 => 100644 doc_source/API_UpdateEventSourceMapping.md mode change 100755 => 100644 doc_source/API_UpdateFunctionCode.md mode change 100755 => 100644 doc_source/API_UpdateFunctionConfiguration.md mode change 100755 => 100644 doc_source/API_UpdateFunctionEventInvokeConfig.md create mode 100644 doc_source/API_UpdateFunctionUrlConfig.md mode change 100755 => 100644 doc_source/API_VpcConfig.md mode change 100755 => 100644 doc_source/API_VpcConfigResponse.md mode change 100755 => 100644 doc_source/access-control-identity-based.md mode change 100755 => 100644 doc_source/access-control-resource-based.md mode change 100755 => 100644 doc_source/applications-console.md mode change 100755 => 100644 doc_source/applications-tutorial.md mode change 100755 => 100644 doc_source/applications-usecases.md mode change 100755 => 100644 doc_source/best-practices.md mode change 100755 => 100644 doc_source/configuration-aliases.md mode change 100755 => 100644 doc_source/configuration-codesigning.md mode change 100755 => 100644 doc_source/configuration-concurrency.md mode change 100755 => 100644 doc_source/configuration-database.md mode change 100755 => 100644 doc_source/configuration-envvars.md mode change 100755 => 100644 doc_source/configuration-filesystem.md mode change 100755 => 100644 doc_source/configuration-function-common.md mode change 100755 => 100644 doc_source/configuration-function-zip.md delete mode 100755 doc_source/configuration-images.md mode change 100755 => 100644 doc_source/configuration-layers.md mode change 100755 => 100644 doc_source/configuration-tags.md mode change 100755 => 100644 doc_source/configuration-versions.md mode change 100755 => 100644 doc_source/configuration-vpc-endpoints.md mode change 100755 => 100644 doc_source/configuration-vpc.md mode change 100755 => 100644 doc_source/csharp-context.md mode change 100755 => 100644 doc_source/csharp-exceptions.md mode change 100755 => 100644 doc_source/csharp-handler.md mode change 100755 => 100644 doc_source/csharp-image.md mode change 100755 => 100644 doc_source/csharp-logging.md mode change 100755 => 100644 doc_source/csharp-package-cli.md mode change 100755 => 100644 doc_source/csharp-package-toolkit.md mode change 100755 => 100644 doc_source/csharp-package.md mode change 100755 => 100644 doc_source/csharp-tracing.md mode change 100755 => 100644 doc_source/deploying-lambda-apps.md create mode 100644 doc_source/extensions-api-partners.md mode change 100755 => 100644 doc_source/foundation-arch.md mode change 100755 => 100644 doc_source/foundation-console.md mode change 100755 => 100644 doc_source/foundation-networking.md mode change 100755 => 100644 doc_source/foundation-progmodel.md mode change 100755 => 100644 doc_source/functions-states.md delete mode 100755 doc_source/getting-started-create-function.md mode change 100755 => 100644 doc_source/getting-started.md mode change 100755 => 100644 doc_source/gettingstarted-awscli.md mode change 100755 => 100644 doc_source/gettingstarted-concepts.md mode change 100755 => 100644 doc_source/gettingstarted-features.md mode change 100755 => 100644 doc_source/gettingstarted-images.md mode change 100755 => 100644 doc_source/gettingstarted-limits.md mode change 100755 => 100644 doc_source/gettingstarted-package.md mode change 100755 => 100644 doc_source/glossary.md mode change 100755 => 100644 doc_source/go-image.md mode change 100755 => 100644 doc_source/golang-context.md mode change 100755 => 100644 doc_source/golang-envvars.md mode change 100755 => 100644 doc_source/golang-exceptions.md mode change 100755 => 100644 doc_source/golang-handler.md mode change 100755 => 100644 doc_source/golang-logging.md mode change 100755 => 100644 doc_source/golang-package.md mode change 100755 => 100644 doc_source/golang-tracing.md mode change 100755 => 100644 doc_source/images-create.md mode change 100755 => 100644 doc_source/images-test.md mode change 100755 => 100644 doc_source/index.md mode change 100755 => 100644 doc_source/invocation-async.md mode change 100755 => 100644 doc_source/invocation-eventfiltering.md mode change 100755 => 100644 doc_source/invocation-eventsourcemapping.md mode change 100755 => 100644 doc_source/invocation-images.md mode change 100755 => 100644 doc_source/invocation-layers.md mode change 100755 => 100644 doc_source/invocation-retries.md mode change 100755 => 100644 doc_source/invocation-scaling.md mode change 100755 => 100644 doc_source/invocation-sync.md mode change 100755 => 100644 doc_source/java-context.md mode change 100755 => 100644 doc_source/java-exceptions.md mode change 100755 => 100644 doc_source/java-handler.md mode change 100755 => 100644 doc_source/java-image.md mode change 100755 => 100644 doc_source/java-logging.md mode change 100755 => 100644 doc_source/java-package-eclipse.md mode change 100755 => 100644 doc_source/java-package.md mode change 100755 => 100644 doc_source/java-samples.md mode change 100755 => 100644 doc_source/java-tracing.md mode change 100755 => 100644 doc_source/kinesis-tutorial-spec.md mode change 100755 => 100644 doc_source/lambda-api-permissions-ref.md mode change 100755 => 100644 doc_source/lambda-csharp.md rename doc_source/{lambda-images.md => lambda-deploy-functions.md} (52%) mode change 100755 => 100644 mode change 100755 => 100644 doc_source/lambda-edge.md mode change 100755 => 100644 doc_source/lambda-foundation.md mode change 100755 => 100644 doc_source/lambda-functions.md mode change 100755 => 100644 doc_source/lambda-golang.md mode change 100755 => 100644 doc_source/lambda-intro-execution-role.md mode change 100755 => 100644 doc_source/lambda-invocation.md mode change 100755 => 100644 doc_source/lambda-java.md mode change 100755 => 100644 doc_source/lambda-managing.md mode change 100755 => 100644 doc_source/lambda-monitoring.md mode change 100755 => 100644 doc_source/lambda-nodejs.md mode change 100755 => 100644 doc_source/lambda-permissions.md mode change 100755 => 100644 doc_source/lambda-powershell.md mode change 100755 => 100644 doc_source/lambda-python.md mode change 100755 => 100644 doc_source/lambda-releases.md mode change 100755 => 100644 doc_source/lambda-rolling-deployments.md mode change 100755 => 100644 doc_source/lambda-ruby.md rename doc_source/{runtimes-context.md => lambda-runtime-environment.md} (82%) mode change 100755 => 100644 mode change 100755 => 100644 doc_source/lambda-runtimes.md mode change 100755 => 100644 doc_source/lambda-samples.md mode change 100755 => 100644 doc_source/lambda-security.md mode change 100755 => 100644 doc_source/lambda-services.md mode change 100755 => 100644 doc_source/lambda-settingup.md mode change 100755 => 100644 doc_source/lambda-stepfunctions.md mode change 100755 => 100644 doc_source/lambda-troubleshooting.md create mode 100644 doc_source/lambda-typescript.md create mode 100644 doc_source/lambda-urls.md mode change 100755 => 100644 doc_source/logging-using-cloudtrail.md mode change 100755 => 100644 doc_source/monitoring-cloudwatchlogs.md mode change 100755 => 100644 doc_source/monitoring-code-profiler.md mode change 100755 => 100644 doc_source/monitoring-functions-access-metrics.md mode change 100755 => 100644 doc_source/monitoring-insights.md mode change 100755 => 100644 doc_source/monitoring-metrics.md mode change 100755 => 100644 doc_source/monitoring-servicemap.md mode change 100755 => 100644 doc_source/nodejs-context.md mode change 100755 => 100644 doc_source/nodejs-exceptions.md mode change 100755 => 100644 doc_source/nodejs-handler.md mode change 100755 => 100644 doc_source/nodejs-image.md mode change 100755 => 100644 doc_source/nodejs-logging.md mode change 100755 => 100644 doc_source/nodejs-package.md mode change 100755 => 100644 doc_source/nodejs-tracing.md mode change 100755 => 100644 doc_source/permissions-boundary.md mode change 100755 => 100644 doc_source/powershell-context.md mode change 100755 => 100644 doc_source/powershell-devenv.md mode change 100755 => 100644 doc_source/powershell-exceptions.md mode change 100755 => 100644 doc_source/powershell-handler.md mode change 100755 => 100644 doc_source/powershell-logging.md mode change 100755 => 100644 doc_source/powershell-package.md mode change 100755 => 100644 doc_source/provisioned-concurrency.md mode change 100755 => 100644 doc_source/python-context.md mode change 100755 => 100644 doc_source/python-exceptions.md mode change 100755 => 100644 doc_source/python-handler.md mode change 100755 => 100644 doc_source/python-image.md mode change 100755 => 100644 doc_source/python-logging.md mode change 100755 => 100644 doc_source/python-package.md mode change 100755 => 100644 doc_source/python-tracing.md mode change 100755 => 100644 doc_source/ruby-context.md mode change 100755 => 100644 doc_source/ruby-exceptions.md mode change 100755 => 100644 doc_source/ruby-handler.md mode change 100755 => 100644 doc_source/ruby-image.md mode change 100755 => 100644 doc_source/ruby-logging.md mode change 100755 => 100644 doc_source/ruby-package.md mode change 100755 => 100644 doc_source/ruby-tracing.md delete mode 100755 doc_source/runtime-support-policy.md mode change 100755 => 100644 doc_source/runtimes-api.md mode change 100755 => 100644 doc_source/runtimes-avx2.md mode change 100755 => 100644 doc_source/runtimes-custom.md mode change 100755 => 100644 doc_source/runtimes-extensions-api.md mode change 100755 => 100644 doc_source/runtimes-images.md mode change 100755 => 100644 doc_source/runtimes-logs-api.md mode change 100755 => 100644 doc_source/runtimes-modify.md mode change 100755 => 100644 doc_source/runtimes-walkthrough.md mode change 100755 => 100644 doc_source/samples-blank.md mode change 100755 => 100644 doc_source/samples-errorprocessor.md mode change 100755 => 100644 doc_source/samples-listmanager.md mode change 100755 => 100644 doc_source/security-compliance.md mode change 100755 => 100644 doc_source/security-configuration.md mode change 100755 => 100644 doc_source/security-dataprotection.md mode change 100755 => 100644 doc_source/security-iam.md mode change 100755 => 100644 doc_source/security-infrastructure.md mode change 100755 => 100644 doc_source/security-resilience.md mode change 100755 => 100644 doc_source/security_iam_id-based-policy-examples.md mode change 100755 => 100644 doc_source/security_iam_service-with-iam.md mode change 100755 => 100644 doc_source/security_iam_troubleshoot.md mode change 100755 => 100644 doc_source/services-alb.md mode change 100755 => 100644 doc_source/services-alexa.md mode change 100755 => 100644 doc_source/services-apigateway-blueprint.md mode change 100755 => 100644 doc_source/services-apigateway-code.md mode change 100755 => 100644 doc_source/services-apigateway-template.md mode change 100755 => 100644 doc_source/services-apigateway-tutorial.md mode change 100755 => 100644 doc_source/services-apigateway.md mode change 100755 => 100644 doc_source/services-cloudformation.md mode change 100755 => 100644 doc_source/services-cloudwatchevents-expressions.md mode change 100755 => 100644 doc_source/services-cloudwatchevents-tutorial.md mode change 100755 => 100644 doc_source/services-cloudwatchevents.md mode change 100755 => 100644 doc_source/services-cloudwatchlogs.md mode change 100755 => 100644 doc_source/services-codecommit.md mode change 100755 => 100644 doc_source/services-codepipeline.md mode change 100755 => 100644 doc_source/services-cognito.md mode change 100755 => 100644 doc_source/services-config.md mode change 100755 => 100644 doc_source/services-connect.md mode change 100755 => 100644 doc_source/services-ec2-tutorial.md mode change 100755 => 100644 doc_source/services-ec2.md mode change 100755 => 100644 doc_source/services-efs.md mode change 100755 => 100644 doc_source/services-elasticache-tutorial.md mode change 100755 => 100644 doc_source/services-iot.md mode change 100755 => 100644 doc_source/services-iotevents.md mode change 100755 => 100644 doc_source/services-kinesisfirehose.md mode change 100755 => 100644 doc_source/services-lex.md mode change 100755 => 100644 doc_source/services-rds-tutorial.md mode change 100755 => 100644 doc_source/services-rds.md mode change 100755 => 100644 doc_source/services-s3-batch.md mode change 100755 => 100644 doc_source/services-s3-object-lambda.md mode change 100755 => 100644 doc_source/services-ses.md mode change 100755 => 100644 doc_source/services-stepfunctions.md mode change 100755 => 100644 doc_source/services-xray.md mode change 100755 => 100644 doc_source/stepfunctions-lc.md mode change 100755 => 100644 doc_source/stepfunctions-patterns.md create mode 100644 doc_source/testing-functions.md mode change 100755 => 100644 doc_source/troubleshooting-deployment.md mode change 100755 => 100644 doc_source/troubleshooting-execution.md mode change 100755 => 100644 doc_source/troubleshooting-images.md mode change 100755 => 100644 doc_source/troubleshooting-invocation.md mode change 100755 => 100644 doc_source/troubleshooting-networking.md create mode 100644 doc_source/typescript-exceptions.md create mode 100644 doc_source/typescript-handler.md create mode 100644 doc_source/typescript-image.md create mode 100644 doc_source/typescript-package.md create mode 100644 doc_source/urls-auth.md create mode 100644 doc_source/urls-configuration.md create mode 100644 doc_source/urls-invocation.md create mode 100644 doc_source/urls-monitoring.md create mode 100644 doc_source/urls-tutorial.md mode change 100755 => 100644 doc_source/using-extensions.md mode change 100755 => 100644 doc_source/welcome.md mode change 100755 => 100644 doc_source/with-android-create-package.md mode change 100755 => 100644 doc_source/with-android-example.md mode change 100755 => 100644 doc_source/with-cloudtrail-create-package.md mode change 100755 => 100644 doc_source/with-cloudtrail-example.md mode change 100755 => 100644 doc_source/with-cloudtrail.md mode change 100755 => 100644 doc_source/with-ddb-create-package.md mode change 100755 => 100644 doc_source/with-ddb-example.md mode change 100755 => 100644 doc_source/with-ddb.md mode change 100755 => 100644 doc_source/with-kafka.md mode change 100755 => 100644 doc_source/with-kinesis-create-package.md mode change 100755 => 100644 doc_source/with-kinesis-example-use-app-spec.md mode change 100755 => 100644 doc_source/with-kinesis-example.md mode change 100755 => 100644 doc_source/with-kinesis.md mode change 100755 => 100644 doc_source/with-mq.md mode change 100755 => 100644 doc_source/with-msk.md mode change 100755 => 100644 doc_source/with-on-demand-custom-android.md mode change 100755 => 100644 doc_source/with-s3-example-use-app-spec.md mode change 100755 => 100644 doc_source/with-s3-example.md mode change 100755 => 100644 doc_source/with-s3-tutorial.md mode change 100755 => 100644 doc_source/with-s3.md mode change 100755 => 100644 doc_source/with-secrets-manager.md mode change 100755 => 100644 doc_source/with-sns-create-package.md mode change 100755 => 100644 doc_source/with-sns-example.md mode change 100755 => 100644 doc_source/with-sns.md mode change 100755 => 100644 doc_source/with-sqs-create-package.md mode change 100755 => 100644 doc_source/with-sqs-cross-account-example.md mode change 100755 => 100644 doc_source/with-sqs-example-use-app-spec.md mode change 100755 => 100644 doc_source/with-sqs-example.md mode change 100755 => 100644 doc_source/with-sqs.md diff --git a/doc_source/.DS_Store b/doc_source/.DS_Store deleted file mode 100644 index b69849dd92ef70b78b64791809fd6819225e77c8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 6148 zcmeHK!AiqG5Pe%KM7{JPcwDdEiU+T;L_rWQMLbs06e}d8SjB7p!_VjP*;z_U z^biD5nSt52natZ|-$Et>z>S`YAus@t&;@%t96m95FW$0VjBFEKSmPWuN)(vkp_Ofc z->87x-9D~(W6$tdzdw%~+~W~*#xIC7R9F_vX_?n`DM#r*EANKmXm6yIE7F<(2u(HplnGX+cmQ{e9^z?v?zu43YY?>z)Au6 zK6tud8nICfpAHV81t9hr4#v6k62kEj(};~C-_V>=iAr^`#c)bz+{e5$Vxy>ZxY&HS zxU-8LiVM4QeIL@{Qbik00aIX8fh~O;Nc}(iy8quK*^?Pu=rTBmzjBzg$Vj8hgWQ1lv0zn2FOo1O&-~+==ODX^W diff --git a/doc_source/API_AccountLimit.md b/doc_source/API_AccountLimit.md old mode 100755 new mode 100644 diff --git a/doc_source/API_AccountUsage.md b/doc_source/API_AccountUsage.md old mode 100755 new mode 100644 diff --git a/doc_source/API_AddLayerVersionPermission.md b/doc_source/API_AddLayerVersionPermission.md old mode 100755 new mode 100644 diff --git a/doc_source/API_AddPermission.md b/doc_source/API_AddPermission.md old mode 100755 new mode 100644 index 17759770..be083542 --- a/doc_source/API_AddPermission.md +++ b/doc_source/API_AddPermission.md @@ -1,8 +1,8 @@ # AddPermission -Grants an AWS service or another account permission to use a function\. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias\. If you use a qualifier, the invoker must use the full Amazon Resource Name \(ARN\) of that version or alias to invoke the function\. Note: Lambda does not support adding policies to version $LATEST\. +Grants an AWS service, account, or organization permission to use a function\. You can apply the policy at the function level, or specify a qualifier to restrict access to a single version or alias\. If you use a qualifier, the invoker must use the full Amazon Resource Name \(ARN\) of that version or alias to invoke the function\. Note: Lambda does not support adding policies to version $LATEST\. -To grant permission to another account, specify the account ID as the `Principal`\. For AWS services, the principal is a domain\-style identifier defined by the service, like `s3.amazonaws.com` or `sns.amazonaws.com`\. For AWS services, you can also specify the ARN of the associated resource as the `SourceArn`\. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function\. +To grant permission to another account, specify the account ID as the `Principal`\. To grant permission to an organization defined in AWS Organizations, specify the organization ID as the `PrincipalOrgID`\. For AWS services, the principal is a domain\-style identifier defined by the service, like `s3.amazonaws.com` or `sns.amazonaws.com`\. For AWS services, you can also specify the ARN of the associated resource as the `SourceArn`\. If you grant permission to a service principal without specifying the source, other accounts could potentially configure resources in their account to invoke your Lambda function\. This action adds a statement to a resource\-based permissions policy for the function\. For more information about function policies, see [Lambda Function Policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html)\. @@ -15,7 +15,9 @@ Content-type: application/json { "Action": "string", "EventSourceToken": "string", + "FunctionUrlAuthType": "string", "Principal": "string", + "PrincipalOrgID": "string", "RevisionId": "string", "SourceAccount": "string", "SourceArn": "string", @@ -59,6 +61,12 @@ For Alexa Smart Home functions, a token that must be supplied by the invoker\. Type: String Length Constraints: Minimum length of 0\. Maximum length of 256\. Pattern: `[a-zA-Z0-9._\-]+` +Required: No + + ** [FunctionUrlAuthType](#API_AddPermission_RequestSyntax) ** +The type of authentication that your function URL uses\. Set to `AWS_IAM` if you want to restrict access to authenticated `IAM` users only\. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint\. For more information, see [ Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)\. +Type: String +Valid Values:` NONE | AWS_IAM` Required: No ** [Principal](#API_AddPermission_RequestSyntax) ** @@ -67,6 +75,13 @@ Type: String Pattern: `[^\s]+` Required: Yes + ** [PrincipalOrgID](#API_AddPermission_RequestSyntax) ** +The identifier for your organization in AWS Organizations\. Use this to grant permissions to all the AWS accounts under this organization\. +Type: String +Length Constraints: Minimum length of 12\. Maximum length of 34\. +Pattern: `^o-[a-z0-9]{10,32}$` +Required: No + ** [RevisionId](#API_AddPermission_RequestSyntax) ** Only update the policy if the revision ID matches the ID that's specified\. Use this option to avoid modifying a policy that has changed since you last read it\. Type: String diff --git a/doc_source/API_AliasConfiguration.md b/doc_source/API_AliasConfiguration.md old mode 100755 new mode 100644 diff --git a/doc_source/API_AliasRoutingConfiguration.md b/doc_source/API_AliasRoutingConfiguration.md old mode 100755 new mode 100644 diff --git a/doc_source/API_AllowedPublishers.md b/doc_source/API_AllowedPublishers.md old mode 100755 new mode 100644 diff --git a/doc_source/API_CodeSigningConfig.md b/doc_source/API_CodeSigningConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_CodeSigningPolicies.md b/doc_source/API_CodeSigningPolicies.md old mode 100755 new mode 100644 diff --git a/doc_source/API_Concurrency.md b/doc_source/API_Concurrency.md old mode 100755 new mode 100644 diff --git a/doc_source/API_Cors.md b/doc_source/API_Cors.md new file mode 100644 index 00000000..d291431d --- /dev/null +++ b/doc_source/API_Cors.md @@ -0,0 +1,57 @@ +# Cors + +The [cross\-origin resource sharing \(CORS\)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your Lambda function URL\. Use CORS to grant access to your function URL from any origin\. You can also use CORS to control access for specific HTTP headers and methods in requests to your function URL\. + +## Contents + + ** AllowCredentials ** +Whether to allow cookies or other credentials in requests to your function URL\. The default is `false`\. +Type: Boolean +Required: No + + ** AllowHeaders ** +The HTTP headers that origins can include in requests to your function URL\. For example: `Date`, `Keep-Alive`, `X-Custom-Header`\. +Type: Array of strings +Array Members: Maximum number of 100 items\. +Length Constraints: Maximum length of 1024\. +Pattern: `.*` +Required: No + + ** AllowMethods ** +The HTTP methods that are allowed when calling your function URL\. For example: `GET`, `POST`, `DELETE`, or the wildcard character \(`*`\)\. +Type: Array of strings +Array Members: Maximum number of 6 items\. +Length Constraints: Maximum length of 6\. +Pattern: `.*` +Required: No + + ** AllowOrigins ** +The origins that can access your function URL\. You can list any number of specific origins, separated by a comma\. For example: `https://www.example.com`, `http://localhost:60905`\. +Alternatively, you can grant access to all origins using the wildcard character \(`*`\)\. +Type: Array of strings +Array Members: Maximum number of 100 items\. +Length Constraints: Minimum length of 1\. Maximum length of 253\. +Pattern: `.*` +Required: No + + ** ExposeHeaders ** +The HTTP headers in your function response that you want to expose to origins that call your function URL\. For example: `Date`, `Keep-Alive`, `X-Custom-Header`\. +Type: Array of strings +Array Members: Maximum number of 100 items\. +Length Constraints: Maximum length of 1024\. +Pattern: `.*` +Required: No + + ** MaxAge ** +The maximum amount of time, in seconds, that web browsers can cache results of a preflight request\. By default, this is set to `0`, which means that the browser doesn't cache results\. +Type: Integer +Valid Range: Minimum value of 0\. Maximum value of 86400\. +Required: No + +## See Also + +For more information about using this API in one of the language\-specific AWS SDKs, see the following: ++ [AWS SDK for C\+\+](https://docs.aws.amazon.com/goto/SdkForCpp/lambda-2015-03-31/Cors) ++ [AWS SDK for Go](https://docs.aws.amazon.com/goto/SdkForGoV1/lambda-2015-03-31/Cors) ++ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/lambda-2015-03-31/Cors) ++ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/lambda-2015-03-31/Cors) \ No newline at end of file diff --git a/doc_source/API_CreateAlias.md b/doc_source/API_CreateAlias.md old mode 100755 new mode 100644 diff --git a/doc_source/API_CreateCodeSigningConfig.md b/doc_source/API_CreateCodeSigningConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_CreateEventSourceMapping.md b/doc_source/API_CreateEventSourceMapping.md old mode 100755 new mode 100644 index e24d8261..5068cc50 --- a/doc_source/API_CreateEventSourceMapping.md +++ b/doc_source/API_CreateEventSourceMapping.md @@ -87,7 +87,7 @@ The request accepts the following data in JSON format\. ** [BatchSize](#API_CreateEventSourceMapping_RequestSyntax) ** The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function\. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation \(6 MB\)\. + **Amazon Kinesis** \- Default 100\. Max 10,000\. -+ **Amazon DynamoDB Streams** \- Default 100\. Max 1,000\. ++ **Amazon DynamoDB Streams** \- Default 100\. Max 10,000\. + **Amazon Simple Queue Service** \- Default 10\. For standard queues the max is 10,000\. For FIFO queues the max is 10\. + **Amazon Managed Streaming for Apache Kafka** \- Default 100\. Max 10,000\. + **Self\-Managed Apache Kafka** \- Default 100\. Max 10,000\. @@ -309,7 +309,7 @@ Type: String Pattern: `arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?` ** [FunctionResponseTypes](#API_CreateEventSourceMapping_ResponseSyntax) ** -\(Streams only\) A list of current response type enums applied to the event source mapping\. +\(Streams and Amazon SQS\) A list of current response type enums applied to the event source mapping\. Type: Array of strings Array Members: Minimum number of 0 items\. Maximum number of 1 item\. Valid Values:` ReportBatchItemFailures` diff --git a/doc_source/API_CreateFunction.md b/doc_source/API_CreateFunction.md old mode 100755 new mode 100644 index ac3dcc1f..28bb37fe --- a/doc_source/API_CreateFunction.md +++ b/doc_source/API_CreateFunction.md @@ -43,6 +43,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", @@ -118,6 +121,11 @@ Required: No ** [Environment](#API_CreateFunction_RequestSyntax) ** Environment variables that are accessible from function code during execution\. Type: [Environment](API_Environment.md) object +Required: No + + ** [EphemeralStorage](#API_CreateFunction_RequestSyntax) ** +The size of the function’s /tmp directory in MB\. The default value is 512, but can be any whole number between 512 and 10240 MB\. +Type: [EphemeralStorage](API_EphemeralStorage.md) object Required: No ** [FileSystemConfigs](#API_CreateFunction_RequestSyntax) ** @@ -190,7 +198,7 @@ Required: Yes ** [Runtime](#API_CreateFunction_RequestSyntax) ** The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html)\. Runtime is required if the deployment package is a \.zip file archive\. Type: String -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` Required: No ** [Tags](#API_CreateFunction_RequestSyntax) ** @@ -237,6 +245,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", @@ -327,6 +338,10 @@ Length Constraints: Minimum length of 0\. Maximum length of 256\. The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html)\. Type: [EnvironmentResponse](API_EnvironmentResponse.md) object + ** [EphemeralStorage](#API_CreateFunction_ResponseSyntax) ** +The size of the function’s /tmp directory in MB\. The default value is 512, but can be any whole number between 512 and 10240 MB\. +Type: [EphemeralStorage](API_EphemeralStorage.md) object + ** [FileSystemConfigs](#API_CreateFunction_ResponseSyntax) ** Connection settings for an [Amazon EFS file system](https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html)\. Type: Array of [FileSystemConfig](API_FileSystemConfig.md) objects @@ -407,7 +422,7 @@ Pattern: `arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+` ** [Runtime](#API_CreateFunction_ResponseSyntax) ** The runtime environment for the Lambda function\. Type: String -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [SigningJobArn](#API_CreateFunction_ResponseSyntax) ** The ARN of the signing job\. diff --git a/doc_source/API_CreateFunctionUrlConfig.md b/doc_source/API_CreateFunctionUrlConfig.md new file mode 100644 index 00000000..53bc5ac9 --- /dev/null +++ b/doc_source/API_CreateFunctionUrlConfig.md @@ -0,0 +1,144 @@ +# CreateFunctionUrlConfig + +Creates a Lambda function URL with the specified configuration parameters\. A function URL is a dedicated HTTP\(S\) endpoint that you can use to invoke your function\. + +## Request Syntax + +``` +POST /2021-10-31/functions/FunctionName/url?Qualifier=Qualifier HTTP/1.1 +Content-type: application/json + +{ + "AuthType": "string", + "Cors": { + "AllowCredentials": boolean, + "AllowHeaders": [ "string" ], + "AllowMethods": [ "string" ], + "AllowOrigins": [ "string" ], + "ExposeHeaders": [ "string" ], + "MaxAge": number + } +} +``` + +## URI Request Parameters + +The request uses the following URI parameters\. + + ** [FunctionName](#API_CreateFunctionUrlConfig_RequestSyntax) ** +The name of the Lambda function\. + +**Name formats** ++ **Function name** \- `my-function`\. ++ **Function ARN** \- `arn:aws:lambda:us-west-2:123456789012:function:my-function`\. ++ **Partial ARN** \- `123456789012:function:my-function`\. +The length constraint applies only to the full ARN\. If you specify only the function name, it is limited to 64 characters in length\. +Length Constraints: Minimum length of 1\. Maximum length of 140\. +Pattern: `(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?` +Required: Yes + + ** [Qualifier](#API_CreateFunctionUrlConfig_RequestSyntax) ** +The alias name\. +Length Constraints: Minimum length of 1\. Maximum length of 128\. +Pattern: `(^\$LATEST$)|((?!^[0-9]+$)([a-zA-Z0-9-_]+))` + +## Request Body + +The request accepts the following data in JSON format\. + + ** [AuthType](#API_CreateFunctionUrlConfig_RequestSyntax) ** +The type of authentication that your function URL uses\. Set to `AWS_IAM` if you want to restrict access to authenticated `IAM` users only\. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint\. For more information, see [ Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)\. +Type: String +Valid Values:` NONE | AWS_IAM` +Required: Yes + + ** [Cors](#API_CreateFunctionUrlConfig_RequestSyntax) ** +The [cross\-origin resource sharing \(CORS\)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL\. +Type: [Cors](API_Cors.md) object +Required: No + +## Response Syntax + +``` +HTTP/1.1 201 +Content-type: application/json + +{ + "AuthType": "string", + "Cors": { + "AllowCredentials": boolean, + "AllowHeaders": [ "string" ], + "AllowMethods": [ "string" ], + "AllowOrigins": [ "string" ], + "ExposeHeaders": [ "string" ], + "MaxAge": number + }, + "CreationTime": "string", + "FunctionArn": "string", + "FunctionUrl": "string" +} +``` + +## Response Elements + +If the action is successful, the service sends back an HTTP 201 response\. + +The following data is returned in JSON format by the service\. + + ** [AuthType](#API_CreateFunctionUrlConfig_ResponseSyntax) ** +The type of authentication that your function URL uses\. Set to `AWS_IAM` if you want to restrict access to authenticated `IAM` users only\. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint\. For more information, see [ Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)\. +Type: String +Valid Values:` NONE | AWS_IAM` + + ** [Cors](#API_CreateFunctionUrlConfig_ResponseSyntax) ** +The [cross\-origin resource sharing \(CORS\)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL\. +Type: [Cors](API_Cors.md) object + + ** [CreationTime](#API_CreateFunctionUrlConfig_ResponseSyntax) ** +When the function URL was created, in [ISO\-8601 format](https://www.w3.org/TR/NOTE-datetime) \(YYYY\-MM\-DDThh:mm:ss\.sTZD\)\. +Type: String + + ** [FunctionArn](#API_CreateFunctionUrlConfig_ResponseSyntax) ** +The Amazon Resource Name \(ARN\) of your function\. +Type: String +Pattern: `arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?` + + ** [FunctionUrl](#API_CreateFunctionUrlConfig_ResponseSyntax) ** +The HTTP URL endpoint for your function\. +Type: String +Length Constraints: Minimum length of 40\. Maximum length of 100\. + +## Errors + + ** InvalidParameterValueException ** +One of the parameters in the request is invalid\. +HTTP Status Code: 400 + + ** ResourceConflictException ** +The resource already exists, or another operation is in progress\. +HTTP Status Code: 409 + + ** ResourceNotFoundException ** +The resource specified in the request does not exist\. +HTTP Status Code: 404 + + ** ServiceException ** +The AWS Lambda service encountered an internal error\. +HTTP Status Code: 500 + + ** TooManyRequestsException ** +The request throughput limit was exceeded\. +HTTP Status Code: 429 + +## See Also + +For more information about using this API in one of the language\-specific AWS SDKs, see the following: ++ [AWS Command Line Interface](https://docs.aws.amazon.com/goto/aws-cli/lambda-2015-03-31/CreateFunctionUrlConfig) ++ [AWS SDK for \.NET](https://docs.aws.amazon.com/goto/DotNetSDKV3/lambda-2015-03-31/CreateFunctionUrlConfig) ++ [AWS SDK for C\+\+](https://docs.aws.amazon.com/goto/SdkForCpp/lambda-2015-03-31/CreateFunctionUrlConfig) ++ [AWS SDK for Go](https://docs.aws.amazon.com/goto/SdkForGoV1/lambda-2015-03-31/CreateFunctionUrlConfig) ++ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/lambda-2015-03-31/CreateFunctionUrlConfig) ++ [AWS SDK for JavaScript](https://docs.aws.amazon.com/goto/AWSJavaScriptSDK/lambda-2015-03-31/CreateFunctionUrlConfig) ++ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/lambda-2015-03-31/CreateFunctionUrlConfig) ++ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/lambda-2015-03-31/CreateFunctionUrlConfig) ++ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/lambda-2015-03-31/CreateFunctionUrlConfig) \ No newline at end of file diff --git a/doc_source/API_DeadLetterConfig.md b/doc_source/API_DeadLetterConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_DeleteAlias.md b/doc_source/API_DeleteAlias.md old mode 100755 new mode 100644 diff --git a/doc_source/API_DeleteCodeSigningConfig.md b/doc_source/API_DeleteCodeSigningConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_DeleteEventSourceMapping.md b/doc_source/API_DeleteEventSourceMapping.md old mode 100755 new mode 100644 index ff0a29db..a1d967bf --- a/doc_source/API_DeleteEventSourceMapping.md +++ b/doc_source/API_DeleteEventSourceMapping.md @@ -113,7 +113,7 @@ Type: String Pattern: `arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?` ** [FunctionResponseTypes](#API_DeleteEventSourceMapping_ResponseSyntax) ** -\(Streams only\) A list of current response type enums applied to the event source mapping\. +\(Streams and Amazon SQS\) A list of current response type enums applied to the event source mapping\. Type: Array of strings Array Members: Minimum number of 0 items\. Maximum number of 1 item\. Valid Values:` ReportBatchItemFailures` diff --git a/doc_source/API_DeleteFunction.md b/doc_source/API_DeleteFunction.md old mode 100755 new mode 100644 diff --git a/doc_source/API_DeleteFunctionCodeSigningConfig.md b/doc_source/API_DeleteFunctionCodeSigningConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_DeleteFunctionConcurrency.md b/doc_source/API_DeleteFunctionConcurrency.md old mode 100755 new mode 100644 diff --git a/doc_source/API_DeleteFunctionEventInvokeConfig.md b/doc_source/API_DeleteFunctionEventInvokeConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_DeleteFunctionUrlConfig.md b/doc_source/API_DeleteFunctionUrlConfig.md new file mode 100644 index 00000000..d2a50b44 --- /dev/null +++ b/doc_source/API_DeleteFunctionUrlConfig.md @@ -0,0 +1,75 @@ +# DeleteFunctionUrlConfig + +Deletes a Lambda function URL\. When you delete a function URL, you can't recover it\. Creating a new function URL results in a different URL address\. + +## Request Syntax + +``` +DELETE /2021-10-31/functions/FunctionName/url?Qualifier=Qualifier HTTP/1.1 +``` + +## URI Request Parameters + +The request uses the following URI parameters\. + + ** [FunctionName](#API_DeleteFunctionUrlConfig_RequestSyntax) ** +The name of the Lambda function\. + +**Name formats** ++ **Function name** \- `my-function`\. ++ **Function ARN** \- `arn:aws:lambda:us-west-2:123456789012:function:my-function`\. ++ **Partial ARN** \- `123456789012:function:my-function`\. +The length constraint applies only to the full ARN\. If you specify only the function name, it is limited to 64 characters in length\. +Length Constraints: Minimum length of 1\. Maximum length of 140\. +Pattern: `(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?` +Required: Yes + + ** [Qualifier](#API_DeleteFunctionUrlConfig_RequestSyntax) ** +The alias name\. +Length Constraints: Minimum length of 1\. Maximum length of 128\. +Pattern: `(^\$LATEST$)|((?!^[0-9]+$)([a-zA-Z0-9-_]+))` + +## Request Body + +The request does not have a request body\. + +## Response Syntax + +``` +HTTP/1.1 204 +``` + +## Response Elements + +If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body\. + +## Errors + + ** ResourceConflictException ** +The resource already exists, or another operation is in progress\. +HTTP Status Code: 409 + + ** ResourceNotFoundException ** +The resource specified in the request does not exist\. +HTTP Status Code: 404 + + ** ServiceException ** +The AWS Lambda service encountered an internal error\. +HTTP Status Code: 500 + + ** TooManyRequestsException ** +The request throughput limit was exceeded\. +HTTP Status Code: 429 + +## See Also + +For more information about using this API in one of the language\-specific AWS SDKs, see the following: ++ [AWS Command Line Interface](https://docs.aws.amazon.com/goto/aws-cli/lambda-2015-03-31/DeleteFunctionUrlConfig) ++ [AWS SDK for \.NET](https://docs.aws.amazon.com/goto/DotNetSDKV3/lambda-2015-03-31/DeleteFunctionUrlConfig) ++ [AWS SDK for C\+\+](https://docs.aws.amazon.com/goto/SdkForCpp/lambda-2015-03-31/DeleteFunctionUrlConfig) ++ [AWS SDK for Go](https://docs.aws.amazon.com/goto/SdkForGoV1/lambda-2015-03-31/DeleteFunctionUrlConfig) ++ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/lambda-2015-03-31/DeleteFunctionUrlConfig) ++ [AWS SDK for JavaScript](https://docs.aws.amazon.com/goto/AWSJavaScriptSDK/lambda-2015-03-31/DeleteFunctionUrlConfig) ++ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/lambda-2015-03-31/DeleteFunctionUrlConfig) ++ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/lambda-2015-03-31/DeleteFunctionUrlConfig) ++ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/lambda-2015-03-31/DeleteFunctionUrlConfig) \ No newline at end of file diff --git a/doc_source/API_DeleteLayerVersion.md b/doc_source/API_DeleteLayerVersion.md old mode 100755 new mode 100644 diff --git a/doc_source/API_DeleteProvisionedConcurrencyConfig.md b/doc_source/API_DeleteProvisionedConcurrencyConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_DestinationConfig.md b/doc_source/API_DestinationConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_Environment.md b/doc_source/API_Environment.md old mode 100755 new mode 100644 diff --git a/doc_source/API_EnvironmentError.md b/doc_source/API_EnvironmentError.md old mode 100755 new mode 100644 diff --git a/doc_source/API_EnvironmentResponse.md b/doc_source/API_EnvironmentResponse.md old mode 100755 new mode 100644 diff --git a/doc_source/API_EphemeralStorage.md b/doc_source/API_EphemeralStorage.md new file mode 100644 index 00000000..6bc86bb3 --- /dev/null +++ b/doc_source/API_EphemeralStorage.md @@ -0,0 +1,19 @@ +# EphemeralStorage + +The size of the function’s /tmp directory in MB\. The default value is 512, but can be any whole number between 512 and 10240 MB\. + +## Contents + + ** Size ** +The size of the function’s /tmp directory\. +Type: Integer +Valid Range: Minimum value of 512\. Maximum value of 10240\. +Required: Yes + +## See Also + +For more information about using this API in one of the language\-specific AWS SDKs, see the following: ++ [AWS SDK for C\+\+](https://docs.aws.amazon.com/goto/SdkForCpp/lambda-2015-03-31/EphemeralStorage) ++ [AWS SDK for Go](https://docs.aws.amazon.com/goto/SdkForGoV1/lambda-2015-03-31/EphemeralStorage) ++ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/lambda-2015-03-31/EphemeralStorage) ++ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/lambda-2015-03-31/EphemeralStorage) \ No newline at end of file diff --git a/doc_source/API_EventSourceMappingConfiguration.md b/doc_source/API_EventSourceMappingConfiguration.md old mode 100755 new mode 100644 index 4cccf1a0..09daed13 --- a/doc_source/API_EventSourceMappingConfiguration.md +++ b/doc_source/API_EventSourceMappingConfiguration.md @@ -40,7 +40,7 @@ Pattern: `arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:functi Required: No ** FunctionResponseTypes ** -\(Streams only\) A list of current response type enums applied to the event source mapping\. +\(Streams and Amazon SQS\) A list of current response type enums applied to the event source mapping\. Type: Array of strings Array Members: Minimum number of 0 items\. Maximum number of 1 item\. Valid Values:` ReportBatchItemFailures` diff --git a/doc_source/API_FileSystemConfig.md b/doc_source/API_FileSystemConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_Filter.md b/doc_source/API_Filter.md old mode 100755 new mode 100644 diff --git a/doc_source/API_FilterCriteria.md b/doc_source/API_FilterCriteria.md old mode 100755 new mode 100644 diff --git a/doc_source/API_FunctionCode.md b/doc_source/API_FunctionCode.md old mode 100755 new mode 100644 diff --git a/doc_source/API_FunctionCodeLocation.md b/doc_source/API_FunctionCodeLocation.md old mode 100755 new mode 100644 diff --git a/doc_source/API_FunctionConfiguration.md b/doc_source/API_FunctionConfiguration.md old mode 100755 new mode 100644 index 4590062b..33b13c87 --- a/doc_source/API_FunctionConfiguration.md +++ b/doc_source/API_FunctionConfiguration.md @@ -35,6 +35,11 @@ Required: No ** Environment ** The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html)\. Type: [EnvironmentResponse](API_EnvironmentResponse.md) object +Required: No + + ** EphemeralStorage ** +The size of the function’s /tmp directory in MB\. The default value is 512, but can be any whole number between 512 and 10240 MB\. +Type: [EphemeralStorage](API_EphemeralStorage.md) object Required: No ** FileSystemConfigs ** @@ -133,7 +138,7 @@ Required: No ** Runtime ** The runtime environment for the Lambda function\. Type: String -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` Required: No ** SigningJobArn ** diff --git a/doc_source/API_FunctionEventInvokeConfig.md b/doc_source/API_FunctionEventInvokeConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_FunctionUrlConfig.md b/doc_source/API_FunctionUrlConfig.md new file mode 100644 index 00000000..aa6c9f3a --- /dev/null +++ b/doc_source/API_FunctionUrlConfig.md @@ -0,0 +1,46 @@ +# FunctionUrlConfig + +Details about a Lambda function URL\. + +## Contents + + ** AuthType ** +The type of authentication that your function URL uses\. Set to `AWS_IAM` if you want to restrict access to authenticated `IAM` users only\. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint\. For more information, see [ Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)\. +Type: String +Valid Values:` NONE | AWS_IAM` +Required: Yes + + ** Cors ** +The [cross\-origin resource sharing \(CORS\)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL\. +Type: [Cors](API_Cors.md) object +Required: No + + ** CreationTime ** +When the function URL was created, in [ISO\-8601 format](https://www.w3.org/TR/NOTE-datetime) \(YYYY\-MM\-DDThh:mm:ss\.sTZD\)\. +Type: String +Required: Yes + + ** FunctionArn ** +The Amazon Resource Name \(ARN\) of your function\. +Type: String +Pattern: `arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?` +Required: Yes + + ** FunctionUrl ** +The HTTP URL endpoint for your function\. +Type: String +Length Constraints: Minimum length of 40\. Maximum length of 100\. +Required: Yes + + ** LastModifiedTime ** +When the function URL configuration was last updated, in [ISO\-8601 format](https://www.w3.org/TR/NOTE-datetime) \(YYYY\-MM\-DDThh:mm:ss\.sTZD\)\. +Type: String +Required: Yes + +## See Also + +For more information about using this API in one of the language\-specific AWS SDKs, see the following: ++ [AWS SDK for C\+\+](https://docs.aws.amazon.com/goto/SdkForCpp/lambda-2015-03-31/FunctionUrlConfig) ++ [AWS SDK for Go](https://docs.aws.amazon.com/goto/SdkForGoV1/lambda-2015-03-31/FunctionUrlConfig) ++ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/lambda-2015-03-31/FunctionUrlConfig) ++ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/lambda-2015-03-31/FunctionUrlConfig) \ No newline at end of file diff --git a/doc_source/API_GetAccountSettings.md b/doc_source/API_GetAccountSettings.md old mode 100755 new mode 100644 diff --git a/doc_source/API_GetAlias.md b/doc_source/API_GetAlias.md old mode 100755 new mode 100644 diff --git a/doc_source/API_GetCodeSigningConfig.md b/doc_source/API_GetCodeSigningConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_GetEventSourceMapping.md b/doc_source/API_GetEventSourceMapping.md old mode 100755 new mode 100644 index 3a417bb2..f3497c58 --- a/doc_source/API_GetEventSourceMapping.md +++ b/doc_source/API_GetEventSourceMapping.md @@ -111,7 +111,7 @@ Type: String Pattern: `arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?` ** [FunctionResponseTypes](#API_GetEventSourceMapping_ResponseSyntax) ** -\(Streams only\) A list of current response type enums applied to the event source mapping\. +\(Streams and Amazon SQS\) A list of current response type enums applied to the event source mapping\. Type: Array of strings Array Members: Minimum number of 0 items\. Maximum number of 1 item\. Valid Values:` ReportBatchItemFailures` diff --git a/doc_source/API_GetFunction.md b/doc_source/API_GetFunction.md old mode 100755 new mode 100644 index 9c4083a3..be157bf2 --- a/doc_source/API_GetFunction.md +++ b/doc_source/API_GetFunction.md @@ -66,6 +66,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", diff --git a/doc_source/API_GetFunctionCodeSigningConfig.md b/doc_source/API_GetFunctionCodeSigningConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_GetFunctionConcurrency.md b/doc_source/API_GetFunctionConcurrency.md old mode 100755 new mode 100644 diff --git a/doc_source/API_GetFunctionConfiguration.md b/doc_source/API_GetFunctionConfiguration.md old mode 100755 new mode 100644 index 05ae9974..c3774fbe --- a/doc_source/API_GetFunctionConfiguration.md +++ b/doc_source/API_GetFunctionConfiguration.md @@ -58,6 +58,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", @@ -148,6 +151,10 @@ Length Constraints: Minimum length of 0\. Maximum length of 256\. The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html)\. Type: [EnvironmentResponse](API_EnvironmentResponse.md) object + ** [EphemeralStorage](#API_GetFunctionConfiguration_ResponseSyntax) ** +The size of the function’s /tmp directory in MB\. The default value is 512, but can be any whole number between 512 and 10240 MB\. +Type: [EphemeralStorage](API_EphemeralStorage.md) object + ** [FileSystemConfigs](#API_GetFunctionConfiguration_ResponseSyntax) ** Connection settings for an [Amazon EFS file system](https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html)\. Type: Array of [FileSystemConfig](API_FileSystemConfig.md) objects @@ -228,7 +235,7 @@ Pattern: `arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+` ** [Runtime](#API_GetFunctionConfiguration_ResponseSyntax) ** The runtime environment for the Lambda function\. Type: String -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [SigningJobArn](#API_GetFunctionConfiguration_ResponseSyntax) ** The ARN of the signing job\. diff --git a/doc_source/API_GetFunctionEventInvokeConfig.md b/doc_source/API_GetFunctionEventInvokeConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_GetFunctionUrlConfig.md b/doc_source/API_GetFunctionUrlConfig.md new file mode 100644 index 00000000..cbfcdefb --- /dev/null +++ b/doc_source/API_GetFunctionUrlConfig.md @@ -0,0 +1,121 @@ +# GetFunctionUrlConfig + +Returns details about a Lambda function URL\. + +## Request Syntax + +``` +GET /2021-10-31/functions/FunctionName/url?Qualifier=Qualifier HTTP/1.1 +``` + +## URI Request Parameters + +The request uses the following URI parameters\. + + ** [FunctionName](#API_GetFunctionUrlConfig_RequestSyntax) ** +The name of the Lambda function\. + +**Name formats** ++ **Function name** \- `my-function`\. ++ **Function ARN** \- `arn:aws:lambda:us-west-2:123456789012:function:my-function`\. ++ **Partial ARN** \- `123456789012:function:my-function`\. +The length constraint applies only to the full ARN\. If you specify only the function name, it is limited to 64 characters in length\. +Length Constraints: Minimum length of 1\. Maximum length of 140\. +Pattern: `(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?` +Required: Yes + + ** [Qualifier](#API_GetFunctionUrlConfig_RequestSyntax) ** +The alias name\. +Length Constraints: Minimum length of 1\. Maximum length of 128\. +Pattern: `(^\$LATEST$)|((?!^[0-9]+$)([a-zA-Z0-9-_]+))` + +## Request Body + +The request does not have a request body\. + +## Response Syntax + +``` +HTTP/1.1 200 +Content-type: application/json + +{ + "AuthType": "string", + "Cors": { + "AllowCredentials": boolean, + "AllowHeaders": [ "string" ], + "AllowMethods": [ "string" ], + "AllowOrigins": [ "string" ], + "ExposeHeaders": [ "string" ], + "MaxAge": number + }, + "CreationTime": "string", + "FunctionArn": "string", + "FunctionUrl": "string", + "LastModifiedTime": "string" +} +``` + +## Response Elements + +If the action is successful, the service sends back an HTTP 200 response\. + +The following data is returned in JSON format by the service\. + + ** [AuthType](#API_GetFunctionUrlConfig_ResponseSyntax) ** +The type of authentication that your function URL uses\. Set to `AWS_IAM` if you want to restrict access to authenticated `IAM` users only\. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint\. For more information, see [ Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)\. +Type: String +Valid Values:` NONE | AWS_IAM` + + ** [Cors](#API_GetFunctionUrlConfig_ResponseSyntax) ** +The [cross\-origin resource sharing \(CORS\)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL\. +Type: [Cors](API_Cors.md) object + + ** [CreationTime](#API_GetFunctionUrlConfig_ResponseSyntax) ** +When the function URL was created, in [ISO\-8601 format](https://www.w3.org/TR/NOTE-datetime) \(YYYY\-MM\-DDThh:mm:ss\.sTZD\)\. +Type: String + + ** [FunctionArn](#API_GetFunctionUrlConfig_ResponseSyntax) ** +The Amazon Resource Name \(ARN\) of your function\. +Type: String +Pattern: `arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?` + + ** [FunctionUrl](#API_GetFunctionUrlConfig_ResponseSyntax) ** +The HTTP URL endpoint for your function\. +Type: String +Length Constraints: Minimum length of 40\. Maximum length of 100\. + + ** [LastModifiedTime](#API_GetFunctionUrlConfig_ResponseSyntax) ** +When the function URL configuration was last updated, in [ISO\-8601 format](https://www.w3.org/TR/NOTE-datetime) \(YYYY\-MM\-DDThh:mm:ss\.sTZD\)\. +Type: String + +## Errors + + ** InvalidParameterValueException ** +One of the parameters in the request is invalid\. +HTTP Status Code: 400 + + ** ResourceNotFoundException ** +The resource specified in the request does not exist\. +HTTP Status Code: 404 + + ** ServiceException ** +The AWS Lambda service encountered an internal error\. +HTTP Status Code: 500 + + ** TooManyRequestsException ** +The request throughput limit was exceeded\. +HTTP Status Code: 429 + +## See Also + +For more information about using this API in one of the language\-specific AWS SDKs, see the following: ++ [AWS Command Line Interface](https://docs.aws.amazon.com/goto/aws-cli/lambda-2015-03-31/GetFunctionUrlConfig) ++ [AWS SDK for \.NET](https://docs.aws.amazon.com/goto/DotNetSDKV3/lambda-2015-03-31/GetFunctionUrlConfig) ++ [AWS SDK for C\+\+](https://docs.aws.amazon.com/goto/SdkForCpp/lambda-2015-03-31/GetFunctionUrlConfig) ++ [AWS SDK for Go](https://docs.aws.amazon.com/goto/SdkForGoV1/lambda-2015-03-31/GetFunctionUrlConfig) ++ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/lambda-2015-03-31/GetFunctionUrlConfig) ++ [AWS SDK for JavaScript](https://docs.aws.amazon.com/goto/AWSJavaScriptSDK/lambda-2015-03-31/GetFunctionUrlConfig) ++ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/lambda-2015-03-31/GetFunctionUrlConfig) ++ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/lambda-2015-03-31/GetFunctionUrlConfig) ++ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/lambda-2015-03-31/GetFunctionUrlConfig) \ No newline at end of file diff --git a/doc_source/API_GetLayerVersion.md b/doc_source/API_GetLayerVersion.md old mode 100755 new mode 100644 index 072c87e2..685e82bc --- a/doc_source/API_GetLayerVersion.md +++ b/doc_source/API_GetLayerVersion.md @@ -67,7 +67,7 @@ Valid Values:` x86_64 | arm64` The layer's compatible runtimes\. Type: Array of strings Array Members: Maximum number of 15 items\. -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [Content](#API_GetLayerVersion_ResponseSyntax) ** Details about the layer version\. diff --git a/doc_source/API_GetLayerVersionByArn.md b/doc_source/API_GetLayerVersionByArn.md old mode 100755 new mode 100644 index 459cc51f..7f2e0380 --- a/doc_source/API_GetLayerVersionByArn.md +++ b/doc_source/API_GetLayerVersionByArn.md @@ -63,7 +63,7 @@ Valid Values:` x86_64 | arm64` The layer's compatible runtimes\. Type: Array of strings Array Members: Maximum number of 15 items\. -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [Content](#API_GetLayerVersionByArn_ResponseSyntax) ** Details about the layer version\. diff --git a/doc_source/API_GetLayerVersionPolicy.md b/doc_source/API_GetLayerVersionPolicy.md old mode 100755 new mode 100644 diff --git a/doc_source/API_GetPolicy.md b/doc_source/API_GetPolicy.md old mode 100755 new mode 100644 diff --git a/doc_source/API_GetProvisionedConcurrencyConfig.md b/doc_source/API_GetProvisionedConcurrencyConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ImageConfig.md b/doc_source/API_ImageConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ImageConfigError.md b/doc_source/API_ImageConfigError.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ImageConfigResponse.md b/doc_source/API_ImageConfigResponse.md old mode 100755 new mode 100644 diff --git a/doc_source/API_Invoke.md b/doc_source/API_Invoke.md old mode 100755 new mode 100644 diff --git a/doc_source/API_InvokeAsync.md b/doc_source/API_InvokeAsync.md old mode 100755 new mode 100644 diff --git a/doc_source/API_Layer.md b/doc_source/API_Layer.md old mode 100755 new mode 100644 diff --git a/doc_source/API_LayerVersionContentInput.md b/doc_source/API_LayerVersionContentInput.md old mode 100755 new mode 100644 diff --git a/doc_source/API_LayerVersionContentOutput.md b/doc_source/API_LayerVersionContentOutput.md old mode 100755 new mode 100644 diff --git a/doc_source/API_LayerVersionsListItem.md b/doc_source/API_LayerVersionsListItem.md old mode 100755 new mode 100644 index a1128be9..053e2f44 --- a/doc_source/API_LayerVersionsListItem.md +++ b/doc_source/API_LayerVersionsListItem.md @@ -15,7 +15,7 @@ Required: No The layer's compatible runtimes\. Type: Array of strings Array Members: Maximum number of 15 items\. -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` Required: No ** CreatedDate ** diff --git a/doc_source/API_LayersListItem.md b/doc_source/API_LayersListItem.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ListAliases.md b/doc_source/API_ListAliases.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ListCodeSigningConfigs.md b/doc_source/API_ListCodeSigningConfigs.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ListEventSourceMappings.md b/doc_source/API_ListEventSourceMappings.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ListFunctionEventInvokeConfigs.md b/doc_source/API_ListFunctionEventInvokeConfigs.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ListFunctionUrlConfigs.md b/doc_source/API_ListFunctionUrlConfigs.md new file mode 100644 index 00000000..82f48986 --- /dev/null +++ b/doc_source/API_ListFunctionUrlConfigs.md @@ -0,0 +1,109 @@ +# ListFunctionUrlConfigs + +Returns a list of Lambda function URLs for the specified function\. + +## Request Syntax + +``` +GET /2021-10-31/functions/FunctionName/urls?Marker=Marker&MaxItems=MaxItems HTTP/1.1 +``` + +## URI Request Parameters + +The request uses the following URI parameters\. + + ** [FunctionName](#API_ListFunctionUrlConfigs_RequestSyntax) ** +The name of the Lambda function\. + +**Name formats** ++ **Function name** \- `my-function`\. ++ **Function ARN** \- `arn:aws:lambda:us-west-2:123456789012:function:my-function`\. ++ **Partial ARN** \- `123456789012:function:my-function`\. +The length constraint applies only to the full ARN\. If you specify only the function name, it is limited to 64 characters in length\. +Length Constraints: Minimum length of 1\. Maximum length of 140\. +Pattern: `(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?` +Required: Yes + + ** [Marker](#API_ListFunctionUrlConfigs_RequestSyntax) ** +Specify the pagination token that's returned by a previous request to retrieve the next page of results\. + + ** [MaxItems](#API_ListFunctionUrlConfigs_RequestSyntax) ** +The maximum number of function URLs to return in the response\. Note that `ListFunctionUrlConfigs` returns a maximum of 50 items in each response, even if you set the number higher\. +Valid Range: Minimum value of 1\. Maximum value of 50\. + +## Request Body + +The request does not have a request body\. + +## Response Syntax + +``` +HTTP/1.1 200 +Content-type: application/json + +{ + "FunctionUrlConfigs": [ + { + "AuthType": "string", + "Cors": { + "AllowCredentials": boolean, + "AllowHeaders": [ "string" ], + "AllowMethods": [ "string" ], + "AllowOrigins": [ "string" ], + "ExposeHeaders": [ "string" ], + "MaxAge": number + }, + "CreationTime": "string", + "FunctionArn": "string", + "FunctionUrl": "string", + "LastModifiedTime": "string" + } + ], + "NextMarker": "string" +} +``` + +## Response Elements + +If the action is successful, the service sends back an HTTP 200 response\. + +The following data is returned in JSON format by the service\. + + ** [FunctionUrlConfigs](#API_ListFunctionUrlConfigs_ResponseSyntax) ** +A list of function URL configurations\. +Type: Array of [FunctionUrlConfig](API_FunctionUrlConfig.md) objects + + ** [NextMarker](#API_ListFunctionUrlConfigs_ResponseSyntax) ** +The pagination token that's included if more results are available\. +Type: String + +## Errors + + ** InvalidParameterValueException ** +One of the parameters in the request is invalid\. +HTTP Status Code: 400 + + ** ResourceNotFoundException ** +The resource specified in the request does not exist\. +HTTP Status Code: 404 + + ** ServiceException ** +The AWS Lambda service encountered an internal error\. +HTTP Status Code: 500 + + ** TooManyRequestsException ** +The request throughput limit was exceeded\. +HTTP Status Code: 429 + +## See Also + +For more information about using this API in one of the language\-specific AWS SDKs, see the following: ++ [AWS Command Line Interface](https://docs.aws.amazon.com/goto/aws-cli/lambda-2015-03-31/ListFunctionUrlConfigs) ++ [AWS SDK for \.NET](https://docs.aws.amazon.com/goto/DotNetSDKV3/lambda-2015-03-31/ListFunctionUrlConfigs) ++ [AWS SDK for C\+\+](https://docs.aws.amazon.com/goto/SdkForCpp/lambda-2015-03-31/ListFunctionUrlConfigs) ++ [AWS SDK for Go](https://docs.aws.amazon.com/goto/SdkForGoV1/lambda-2015-03-31/ListFunctionUrlConfigs) ++ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/lambda-2015-03-31/ListFunctionUrlConfigs) ++ [AWS SDK for JavaScript](https://docs.aws.amazon.com/goto/AWSJavaScriptSDK/lambda-2015-03-31/ListFunctionUrlConfigs) ++ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/lambda-2015-03-31/ListFunctionUrlConfigs) ++ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/lambda-2015-03-31/ListFunctionUrlConfigs) ++ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/lambda-2015-03-31/ListFunctionUrlConfigs) \ No newline at end of file diff --git a/doc_source/API_ListFunctions.md b/doc_source/API_ListFunctions.md old mode 100755 new mode 100644 index 507ab5ef..e8c4e4b5 --- a/doc_source/API_ListFunctions.md +++ b/doc_source/API_ListFunctions.md @@ -61,6 +61,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", diff --git a/doc_source/API_ListFunctionsByCodeSigningConfig.md b/doc_source/API_ListFunctionsByCodeSigningConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ListLayerVersions.md b/doc_source/API_ListLayerVersions.md old mode 100755 new mode 100644 index c5d0bf21..2a6bf434 --- a/doc_source/API_ListLayerVersions.md +++ b/doc_source/API_ListLayerVersions.md @@ -18,7 +18,7 @@ Valid Values:` x86_64 | arm64` ** [CompatibleRuntime](#API_ListLayerVersions_RequestSyntax) ** A runtime identifier\. For example, `go1.x`\. -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [LayerName](#API_ListLayerVersions_RequestSyntax) ** The name or Amazon Resource Name \(ARN\) of the layer\. diff --git a/doc_source/API_ListLayers.md b/doc_source/API_ListLayers.md old mode 100755 new mode 100644 index a8379dd6..6f0e9aaa --- a/doc_source/API_ListLayers.md +++ b/doc_source/API_ListLayers.md @@ -18,7 +18,7 @@ Valid Values:` x86_64 | arm64` ** [CompatibleRuntime](#API_ListLayers_RequestSyntax) ** A runtime identifier\. For example, `go1.x`\. -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [Marker](#API_ListLayers_RequestSyntax) ** A pagination token returned by a previous call\. diff --git a/doc_source/API_ListProvisionedConcurrencyConfigs.md b/doc_source/API_ListProvisionedConcurrencyConfigs.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ListTags.md b/doc_source/API_ListTags.md old mode 100755 new mode 100644 diff --git a/doc_source/API_ListVersionsByFunction.md b/doc_source/API_ListVersionsByFunction.md old mode 100755 new mode 100644 index fe5215a2..d428616b --- a/doc_source/API_ListVersionsByFunction.md +++ b/doc_source/API_ListVersionsByFunction.md @@ -61,6 +61,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", diff --git a/doc_source/API_OnFailure.md b/doc_source/API_OnFailure.md old mode 100755 new mode 100644 diff --git a/doc_source/API_OnSuccess.md b/doc_source/API_OnSuccess.md old mode 100755 new mode 100644 diff --git a/doc_source/API_Operations.md b/doc_source/API_Operations.md old mode 100755 new mode 100644 index 70a90b0c..2fa8ad5f --- a/doc_source/API_Operations.md +++ b/doc_source/API_Operations.md @@ -7,6 +7,7 @@ The following actions are supported: + [CreateCodeSigningConfig](API_CreateCodeSigningConfig.md) + [CreateEventSourceMapping](API_CreateEventSourceMapping.md) + [CreateFunction](API_CreateFunction.md) ++ [CreateFunctionUrlConfig](API_CreateFunctionUrlConfig.md) + [DeleteAlias](API_DeleteAlias.md) + [DeleteCodeSigningConfig](API_DeleteCodeSigningConfig.md) + [DeleteEventSourceMapping](API_DeleteEventSourceMapping.md) @@ -14,6 +15,7 @@ The following actions are supported: + [DeleteFunctionCodeSigningConfig](API_DeleteFunctionCodeSigningConfig.md) + [DeleteFunctionConcurrency](API_DeleteFunctionConcurrency.md) + [DeleteFunctionEventInvokeConfig](API_DeleteFunctionEventInvokeConfig.md) ++ [DeleteFunctionUrlConfig](API_DeleteFunctionUrlConfig.md) + [DeleteLayerVersion](API_DeleteLayerVersion.md) + [DeleteProvisionedConcurrencyConfig](API_DeleteProvisionedConcurrencyConfig.md) + [GetAccountSettings](API_GetAccountSettings.md) @@ -25,6 +27,7 @@ The following actions are supported: + [GetFunctionConcurrency](API_GetFunctionConcurrency.md) + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [GetFunctionEventInvokeConfig](API_GetFunctionEventInvokeConfig.md) ++ [GetFunctionUrlConfig](API_GetFunctionUrlConfig.md) + [GetLayerVersion](API_GetLayerVersion.md) + [GetLayerVersionByArn](API_GetLayerVersionByArn.md) + [GetLayerVersionPolicy](API_GetLayerVersionPolicy.md) @@ -38,6 +41,7 @@ The following actions are supported: + [ListFunctionEventInvokeConfigs](API_ListFunctionEventInvokeConfigs.md) + [ListFunctions](API_ListFunctions.md) + [ListFunctionsByCodeSigningConfig](API_ListFunctionsByCodeSigningConfig.md) ++ [ListFunctionUrlConfigs](API_ListFunctionUrlConfigs.md) + [ListLayers](API_ListLayers.md) + [ListLayerVersions](API_ListLayerVersions.md) + [ListProvisionedConcurrencyConfigs](API_ListProvisionedConcurrencyConfigs.md) @@ -58,4 +62,5 @@ The following actions are supported: + [UpdateEventSourceMapping](API_UpdateEventSourceMapping.md) + [UpdateFunctionCode](API_UpdateFunctionCode.md) + [UpdateFunctionConfiguration](API_UpdateFunctionConfiguration.md) -+ [UpdateFunctionEventInvokeConfig](API_UpdateFunctionEventInvokeConfig.md) \ No newline at end of file ++ [UpdateFunctionEventInvokeConfig](API_UpdateFunctionEventInvokeConfig.md) ++ [UpdateFunctionUrlConfig](API_UpdateFunctionUrlConfig.md) \ No newline at end of file diff --git a/doc_source/API_ProvisionedConcurrencyConfigListItem.md b/doc_source/API_ProvisionedConcurrencyConfigListItem.md old mode 100755 new mode 100644 diff --git a/doc_source/API_PublishLayerVersion.md b/doc_source/API_PublishLayerVersion.md old mode 100755 new mode 100644 index 90016955..2f0a5b46 --- a/doc_source/API_PublishLayerVersion.md +++ b/doc_source/API_PublishLayerVersion.md @@ -49,7 +49,7 @@ Required: No A list of compatible [function runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html)\. Used for filtering with [ListLayers](API_ListLayers.md) and [ListLayerVersions](API_ListLayerVersions.md)\. Type: Array of strings Array Members: Maximum number of 15 items\. -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` Required: No ** [Content](#API_PublishLayerVersion_RequestSyntax) ** @@ -113,7 +113,7 @@ Valid Values:` x86_64 | arm64` The layer's compatible runtimes\. Type: Array of strings Array Members: Maximum number of 15 items\. -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [Content](#API_PublishLayerVersion_ResponseSyntax) ** Details about the layer version\. diff --git a/doc_source/API_PublishVersion.md b/doc_source/API_PublishVersion.md old mode 100755 new mode 100644 index b7ef43ae..667417fc --- a/doc_source/API_PublishVersion.md +++ b/doc_source/API_PublishVersion.md @@ -78,6 +78,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", @@ -168,6 +171,10 @@ Length Constraints: Minimum length of 0\. Maximum length of 256\. The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html)\. Type: [EnvironmentResponse](API_EnvironmentResponse.md) object + ** [EphemeralStorage](#API_PublishVersion_ResponseSyntax) ** +The size of the function’s /tmp directory in MB\. The default value is 512, but can be any whole number between 512 and 10240 MB\. +Type: [EphemeralStorage](API_EphemeralStorage.md) object + ** [FileSystemConfigs](#API_PublishVersion_ResponseSyntax) ** Connection settings for an [Amazon EFS file system](https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html)\. Type: Array of [FileSystemConfig](API_FileSystemConfig.md) objects @@ -248,7 +255,7 @@ Pattern: `arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+` ** [Runtime](#API_PublishVersion_ResponseSyntax) ** The runtime environment for the Lambda function\. Type: String -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [SigningJobArn](#API_PublishVersion_ResponseSyntax) ** The ARN of the signing job\. diff --git a/doc_source/API_PutFunctionCodeSigningConfig.md b/doc_source/API_PutFunctionCodeSigningConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_PutFunctionConcurrency.md b/doc_source/API_PutFunctionConcurrency.md old mode 100755 new mode 100644 diff --git a/doc_source/API_PutFunctionEventInvokeConfig.md b/doc_source/API_PutFunctionEventInvokeConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_PutProvisionedConcurrencyConfig.md b/doc_source/API_PutProvisionedConcurrencyConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_Reference.md b/doc_source/API_Reference.md old mode 100755 new mode 100644 diff --git a/doc_source/API_RemoveLayerVersionPermission.md b/doc_source/API_RemoveLayerVersionPermission.md old mode 100755 new mode 100644 diff --git a/doc_source/API_RemovePermission.md b/doc_source/API_RemovePermission.md old mode 100755 new mode 100644 diff --git a/doc_source/API_SelfManagedEventSource.md b/doc_source/API_SelfManagedEventSource.md old mode 100755 new mode 100644 diff --git a/doc_source/API_SourceAccessConfiguration.md b/doc_source/API_SourceAccessConfiguration.md old mode 100755 new mode 100644 diff --git a/doc_source/API_TagResource.md b/doc_source/API_TagResource.md old mode 100755 new mode 100644 diff --git a/doc_source/API_TracingConfig.md b/doc_source/API_TracingConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_TracingConfigResponse.md b/doc_source/API_TracingConfigResponse.md old mode 100755 new mode 100644 diff --git a/doc_source/API_Types.md b/doc_source/API_Types.md old mode 100755 new mode 100644 index 9d81625a..416dd819 --- a/doc_source/API_Types.md +++ b/doc_source/API_Types.md @@ -9,11 +9,13 @@ The following data types are supported: + [CodeSigningConfig](API_CodeSigningConfig.md) + [CodeSigningPolicies](API_CodeSigningPolicies.md) + [Concurrency](API_Concurrency.md) ++ [Cors](API_Cors.md) + [DeadLetterConfig](API_DeadLetterConfig.md) + [DestinationConfig](API_DestinationConfig.md) + [Environment](API_Environment.md) + [EnvironmentError](API_EnvironmentError.md) + [EnvironmentResponse](API_EnvironmentResponse.md) ++ [EphemeralStorage](API_EphemeralStorage.md) + [EventSourceMappingConfiguration](API_EventSourceMappingConfiguration.md) + [FileSystemConfig](API_FileSystemConfig.md) + [Filter](API_Filter.md) @@ -22,6 +24,7 @@ The following data types are supported: + [FunctionCodeLocation](API_FunctionCodeLocation.md) + [FunctionConfiguration](API_FunctionConfiguration.md) + [FunctionEventInvokeConfig](API_FunctionEventInvokeConfig.md) ++ [FunctionUrlConfig](API_FunctionUrlConfig.md) + [ImageConfig](API_ImageConfig.md) + [ImageConfigError](API_ImageConfigError.md) + [ImageConfigResponse](API_ImageConfigResponse.md) diff --git a/doc_source/API_UntagResource.md b/doc_source/API_UntagResource.md old mode 100755 new mode 100644 diff --git a/doc_source/API_UpdateAlias.md b/doc_source/API_UpdateAlias.md old mode 100755 new mode 100644 diff --git a/doc_source/API_UpdateCodeSigningConfig.md b/doc_source/API_UpdateCodeSigningConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_UpdateEventSourceMapping.md b/doc_source/API_UpdateEventSourceMapping.md old mode 100755 new mode 100644 index eb06196f..fe810a18 --- a/doc_source/API_UpdateEventSourceMapping.md +++ b/doc_source/API_UpdateEventSourceMapping.md @@ -81,7 +81,7 @@ The request accepts the following data in JSON format\. ** [BatchSize](#API_UpdateEventSourceMapping_RequestSyntax) ** The maximum number of records in each batch that Lambda pulls from your stream or queue and sends to your function\. Lambda passes all of the records in the batch to the function in a single call, up to the payload limit for synchronous invocation \(6 MB\)\. + **Amazon Kinesis** \- Default 100\. Max 10,000\. -+ **Amazon DynamoDB Streams** \- Default 100\. Max 1,000\. ++ **Amazon DynamoDB Streams** \- Default 100\. Max 10,000\. + **Amazon Simple Queue Service** \- Default 10\. For standard queues the max is 10,000\. For FIFO queues the max is 10\. + **Amazon Managed Streaming for Apache Kafka** \- Default 100\. Max 10,000\. + **Self\-Managed Apache Kafka** \- Default 100\. Max 10,000\. @@ -261,7 +261,7 @@ Type: String Pattern: `arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?` ** [FunctionResponseTypes](#API_UpdateEventSourceMapping_ResponseSyntax) ** -\(Streams only\) A list of current response type enums applied to the event source mapping\. +\(Streams and Amazon SQS\) A list of current response type enums applied to the event source mapping\. Type: Array of strings Array Members: Minimum number of 0 items\. Maximum number of 1 item\. Valid Values:` ReportBatchItemFailures` diff --git a/doc_source/API_UpdateFunctionCode.md b/doc_source/API_UpdateFunctionCode.md old mode 100755 new mode 100644 index 1af1d49a..b963ced7 --- a/doc_source/API_UpdateFunctionCode.md +++ b/doc_source/API_UpdateFunctionCode.md @@ -126,6 +126,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", @@ -216,6 +219,10 @@ Length Constraints: Minimum length of 0\. Maximum length of 256\. The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html)\. Type: [EnvironmentResponse](API_EnvironmentResponse.md) object + ** [EphemeralStorage](#API_UpdateFunctionCode_ResponseSyntax) ** +The size of the function’s /tmp directory in MB\. The default value is 512, but can be any whole number between 512 and 10240 MB\. +Type: [EphemeralStorage](API_EphemeralStorage.md) object + ** [FileSystemConfigs](#API_UpdateFunctionCode_ResponseSyntax) ** Connection settings for an [Amazon EFS file system](https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html)\. Type: Array of [FileSystemConfig](API_FileSystemConfig.md) objects @@ -296,7 +303,7 @@ Pattern: `arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+` ** [Runtime](#API_UpdateFunctionCode_ResponseSyntax) ** The runtime environment for the Lambda function\. Type: String -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [SigningJobArn](#API_UpdateFunctionCode_ResponseSyntax) ** The ARN of the signing job\. diff --git a/doc_source/API_UpdateFunctionConfiguration.md b/doc_source/API_UpdateFunctionConfiguration.md old mode 100755 new mode 100644 index 94358f2a..9fe342d2 --- a/doc_source/API_UpdateFunctionConfiguration.md +++ b/doc_source/API_UpdateFunctionConfiguration.md @@ -24,6 +24,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", @@ -87,6 +90,11 @@ Required: No ** [Environment](#API_UpdateFunctionConfiguration_RequestSyntax) ** Environment variables that are accessible from function code during execution\. Type: [Environment](API_Environment.md) object +Required: No + + ** [EphemeralStorage](#API_UpdateFunctionConfiguration_RequestSyntax) ** +The size of the function’s /tmp directory in MB\. The default value is 512, but can be any whole number between 512 and 10240 MB\. +Type: [EphemeralStorage](API_EphemeralStorage.md) object Required: No ** [FileSystemConfigs](#API_UpdateFunctionConfiguration_RequestSyntax) ** @@ -140,7 +148,7 @@ Required: No ** [Runtime](#API_UpdateFunctionConfiguration_RequestSyntax) ** The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html)\. Runtime is required if the deployment package is a \.zip file archive\. Type: String -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` Required: No ** [Timeout](#API_UpdateFunctionConfiguration_RequestSyntax) ** @@ -182,6 +190,9 @@ Content-type: application/json "string" : "string" } }, + "EphemeralStorage": { + "Size": number + }, "FileSystemConfigs": [ { "Arn": "string", @@ -272,6 +283,10 @@ Length Constraints: Minimum length of 0\. Maximum length of 256\. The function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html)\. Type: [EnvironmentResponse](API_EnvironmentResponse.md) object + ** [EphemeralStorage](#API_UpdateFunctionConfiguration_ResponseSyntax) ** +The size of the function’s /tmp directory in MB\. The default value is 512, but can be any whole number between 512 and 10240 MB\. +Type: [EphemeralStorage](API_EphemeralStorage.md) object + ** [FileSystemConfigs](#API_UpdateFunctionConfiguration_ResponseSyntax) ** Connection settings for an [Amazon EFS file system](https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html)\. Type: Array of [FileSystemConfig](API_FileSystemConfig.md) objects @@ -352,7 +367,7 @@ Pattern: `arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+` ** [Runtime](#API_UpdateFunctionConfiguration_ResponseSyntax) ** The runtime environment for the Lambda function\. Type: String -Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` +Valid Values:` nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2` ** [SigningJobArn](#API_UpdateFunctionConfiguration_ResponseSyntax) ** The ARN of the signing job\. diff --git a/doc_source/API_UpdateFunctionEventInvokeConfig.md b/doc_source/API_UpdateFunctionEventInvokeConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_UpdateFunctionUrlConfig.md b/doc_source/API_UpdateFunctionUrlConfig.md new file mode 100644 index 00000000..afdfc1c3 --- /dev/null +++ b/doc_source/API_UpdateFunctionUrlConfig.md @@ -0,0 +1,149 @@ +# UpdateFunctionUrlConfig + +Updates the configuration for a Lambda function URL\. + +## Request Syntax + +``` +PUT /2021-10-31/functions/FunctionName/url?Qualifier=Qualifier HTTP/1.1 +Content-type: application/json + +{ + "AuthType": "string", + "Cors": { + "AllowCredentials": boolean, + "AllowHeaders": [ "string" ], + "AllowMethods": [ "string" ], + "AllowOrigins": [ "string" ], + "ExposeHeaders": [ "string" ], + "MaxAge": number + } +} +``` + +## URI Request Parameters + +The request uses the following URI parameters\. + + ** [FunctionName](#API_UpdateFunctionUrlConfig_RequestSyntax) ** +The name of the Lambda function\. + +**Name formats** ++ **Function name** \- `my-function`\. ++ **Function ARN** \- `arn:aws:lambda:us-west-2:123456789012:function:my-function`\. ++ **Partial ARN** \- `123456789012:function:my-function`\. +The length constraint applies only to the full ARN\. If you specify only the function name, it is limited to 64 characters in length\. +Length Constraints: Minimum length of 1\. Maximum length of 140\. +Pattern: `(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?` +Required: Yes + + ** [Qualifier](#API_UpdateFunctionUrlConfig_RequestSyntax) ** +The alias name\. +Length Constraints: Minimum length of 1\. Maximum length of 128\. +Pattern: `(^\$LATEST$)|((?!^[0-9]+$)([a-zA-Z0-9-_]+))` + +## Request Body + +The request accepts the following data in JSON format\. + + ** [AuthType](#API_UpdateFunctionUrlConfig_RequestSyntax) ** +The type of authentication that your function URL uses\. Set to `AWS_IAM` if you want to restrict access to authenticated `IAM` users only\. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint\. For more information, see [ Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)\. +Type: String +Valid Values:` NONE | AWS_IAM` +Required: No + + ** [Cors](#API_UpdateFunctionUrlConfig_RequestSyntax) ** +The [cross\-origin resource sharing \(CORS\)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL\. +Type: [Cors](API_Cors.md) object +Required: No + +## Response Syntax + +``` +HTTP/1.1 200 +Content-type: application/json + +{ + "AuthType": "string", + "Cors": { + "AllowCredentials": boolean, + "AllowHeaders": [ "string" ], + "AllowMethods": [ "string" ], + "AllowOrigins": [ "string" ], + "ExposeHeaders": [ "string" ], + "MaxAge": number + }, + "CreationTime": "string", + "FunctionArn": "string", + "FunctionUrl": "string", + "LastModifiedTime": "string" +} +``` + +## Response Elements + +If the action is successful, the service sends back an HTTP 200 response\. + +The following data is returned in JSON format by the service\. + + ** [AuthType](#API_UpdateFunctionUrlConfig_ResponseSyntax) ** +The type of authentication that your function URL uses\. Set to `AWS_IAM` if you want to restrict access to authenticated `IAM` users only\. Set to `NONE` if you want to bypass IAM authentication to create a public endpoint\. For more information, see [ Security and auth model for Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html)\. +Type: String +Valid Values:` NONE | AWS_IAM` + + ** [Cors](#API_UpdateFunctionUrlConfig_ResponseSyntax) ** +The [cross\-origin resource sharing \(CORS\)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) settings for your function URL\. +Type: [Cors](API_Cors.md) object + + ** [CreationTime](#API_UpdateFunctionUrlConfig_ResponseSyntax) ** +When the function URL was created, in [ISO\-8601 format](https://www.w3.org/TR/NOTE-datetime) \(YYYY\-MM\-DDThh:mm:ss\.sTZD\)\. +Type: String + + ** [FunctionArn](#API_UpdateFunctionUrlConfig_ResponseSyntax) ** +The Amazon Resource Name \(ARN\) of your function\. +Type: String +Pattern: `arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?` + + ** [FunctionUrl](#API_UpdateFunctionUrlConfig_ResponseSyntax) ** +The HTTP URL endpoint for your function\. +Type: String +Length Constraints: Minimum length of 40\. Maximum length of 100\. + + ** [LastModifiedTime](#API_UpdateFunctionUrlConfig_ResponseSyntax) ** +When the function URL configuration was last updated, in [ISO\-8601 format](https://www.w3.org/TR/NOTE-datetime) \(YYYY\-MM\-DDThh:mm:ss\.sTZD\)\. +Type: String + +## Errors + + ** InvalidParameterValueException ** +One of the parameters in the request is invalid\. +HTTP Status Code: 400 + + ** ResourceConflictException ** +The resource already exists, or another operation is in progress\. +HTTP Status Code: 409 + + ** ResourceNotFoundException ** +The resource specified in the request does not exist\. +HTTP Status Code: 404 + + ** ServiceException ** +The AWS Lambda service encountered an internal error\. +HTTP Status Code: 500 + + ** TooManyRequestsException ** +The request throughput limit was exceeded\. +HTTP Status Code: 429 + +## See Also + +For more information about using this API in one of the language\-specific AWS SDKs, see the following: ++ [AWS Command Line Interface](https://docs.aws.amazon.com/goto/aws-cli/lambda-2015-03-31/UpdateFunctionUrlConfig) ++ [AWS SDK for \.NET](https://docs.aws.amazon.com/goto/DotNetSDKV3/lambda-2015-03-31/UpdateFunctionUrlConfig) ++ [AWS SDK for C\+\+](https://docs.aws.amazon.com/goto/SdkForCpp/lambda-2015-03-31/UpdateFunctionUrlConfig) ++ [AWS SDK for Go](https://docs.aws.amazon.com/goto/SdkForGoV1/lambda-2015-03-31/UpdateFunctionUrlConfig) ++ [AWS SDK for Java V2](https://docs.aws.amazon.com/goto/SdkForJavaV2/lambda-2015-03-31/UpdateFunctionUrlConfig) ++ [AWS SDK for JavaScript](https://docs.aws.amazon.com/goto/AWSJavaScriptSDK/lambda-2015-03-31/UpdateFunctionUrlConfig) ++ [AWS SDK for PHP V3](https://docs.aws.amazon.com/goto/SdkForPHPV3/lambda-2015-03-31/UpdateFunctionUrlConfig) ++ [AWS SDK for Python](https://docs.aws.amazon.com/goto/boto3/lambda-2015-03-31/UpdateFunctionUrlConfig) ++ [AWS SDK for Ruby V3](https://docs.aws.amazon.com/goto/SdkForRubyV3/lambda-2015-03-31/UpdateFunctionUrlConfig) \ No newline at end of file diff --git a/doc_source/API_VpcConfig.md b/doc_source/API_VpcConfig.md old mode 100755 new mode 100644 diff --git a/doc_source/API_VpcConfigResponse.md b/doc_source/API_VpcConfigResponse.md old mode 100755 new mode 100644 diff --git a/doc_source/access-control-identity-based.md b/doc_source/access-control-identity-based.md old mode 100755 new mode 100644 index fec9dded..4e92f94e --- a/doc_source/access-control-identity-based.md +++ b/doc_source/access-control-identity-based.md @@ -23,7 +23,7 @@ AWS managed policies grant permission to API actions without restricting the Lam Use identity\-based policies to allow users to perform operations on Lambda functions\. **Note** -For a function defined as a container image, the user permission to access the image MUST be configured in the Amazon Elastic Container Registry For an example, see [Amazon ECR permissions\.](configuration-images.md#configuration-images-permissions) +For a function defined as a container image, the user permission to access the image MUST be configured in the Amazon Elastic Container Registry For an example, see [Amazon ECR permissions\.](gettingstarted-images.md#configuration-images-permissions) The following shows an example of a permissions policy with limited scope\. It allows a user to create and manage Lambda functions named with a designated prefix \(`intern-`\), and configured with a designated execution role\. diff --git a/doc_source/access-control-resource-based.md b/doc_source/access-control-resource-based.md old mode 100755 new mode 100644 index 32620b0f..512d29da --- a/doc_source/access-control-resource-based.md +++ b/doc_source/access-control-resource-based.md @@ -1,8 +1,8 @@ # Using resource\-based policies for AWS Lambda -AWS Lambda supports resource\-based permissions policies for Lambda functions and layers\. Resource\-based policies let you grant usage permission to other AWS accounts on a per\-resource basis\. You also use a resource\-based policy to allow an AWS service to invoke your function on your behalf\. +AWS Lambda supports resource\-based permissions policies for Lambda functions and layers\. Resource\-based policies let you grant usage permission to other AWS accounts or organizations on a per\-resource basis\. You also use a resource\-based policy to allow an AWS service to invoke your function on your behalf\. -For Lambda functions, you can [grant an account permission](#permissions-resource-xaccountinvoke) to invoke or manage a function\. You can add multiple statements to grant access to several accounts, or let any account invoke your function\. You can also use the policy to [grant invoke permission to an AWS service](#permissions-resource-serviceinvoke) that invokes a function in response to activity in your account\. +For Lambda functions, you can [grant an account permission](#permissions-resource-xaccountinvoke) to invoke or manage a function\. You can also use a single resource\-based policy to grant permissions to an entire organization in AWS Organizations\. You can also use resource\-based policies to [grant invoke permission to an AWS service](#permissions-resource-serviceinvoke) that invokes a function in response to activity in your account\. **To view a function's resource\-based policy** @@ -50,6 +50,7 @@ Resource\-based policies apply to a single function, version, alias, or layer ve **Topics** + [Granting function access to AWS services](#permissions-resource-serviceinvoke) ++ [Granting function access to an organization](#permissions-resource-xorginvoke) + [Granting function access to other accounts](#permissions-resource-xaccountinvoke) + [Granting layer access to other accounts](#permissions-resource-xaccountlayer) + [Cleaning up resource\-based policies](#permissions-resource-cleanup) @@ -88,19 +89,56 @@ aws lambda add-permission --function-name my-function --action lambda:InvokeFunc --principal s3.amazonaws.com --source-arn arn:aws:s3:::my-bucket-123456 --source-account 123456789012 ``` +## Granting function access to an organization + +To grant permissions to an organization in AWS Organizations, specify the organization ID as the `principal-org-id`\. The following [AddPermission](API_AddPermission.md) AWS CLI command grants invocation access to all users in organization `o-a1b2c3d4e5f`\. + +``` +aws lambda add-permission --function-name example \ +--statement-id PrincipalOrgIDExample --action lambda:InvokeFunction \ +--principal * --principal-org-id o-a1b2c3d4e5f +``` + +**Note** +In this command, `Principal` is `*`\. This means that all users in the organization `o-a1b2c3d4e5f` get function invocation permissions\. If you specify an AWS account or role as the `Principal`, then only that principal gets function invocation permissions, but only if they are also part of the `o-a1b2c3d4e5f` organization\. + +This command creates a resource\-based policy that looks like the following: + +``` +{ + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "PrincipalOrgIDExample", + "Effect": "Allow", + "Principal": "*", + "Action": "lambda:InvokeFunction", + "Resource": "arn:aws:lambda:us-west-2:123456789012:function:example", + "Condition": { + "StringEquals": { + "aws:PrincipalOrgID": "o-a1b2c3d4e5f" + } + } + } + ] +} +``` + +For more information, see [ aws:PrincipalOrgID](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-principalorgid) in the AWS Identity and Access Management user guide\. + ## Granting function access to other accounts -To grant permissions to another AWS account, specify the account ID as the `principal`\. The following example grants account `210987654321` permission to invoke `my-function` with the `prod` alias\. +To grant permissions to another AWS account, specify the account ID as the `principal`\. The following example grants account `111122223333` permission to invoke `my-function` with the `prod` alias\. ``` aws lambda add-permission --function-name my-function:prod --statement-id xaccount --action lambda:InvokeFunction \ ---principal 210987654321 --output text +--principal 111122223333 --output text ``` You should see the following output: ``` -{"Sid":"xaccount","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::210987654321:root"},"Action":"lambda:InvokeFunction","Resource":"arn:aws:lambda:us-east-2:123456789012:function:my-function"} +{"Sid":"xaccount","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::111122223333:root"},"Action":"lambda:InvokeFunction","Resource":"arn:aws:lambda:us-east-2:123456789012:function:my-function"} ``` The resource\-based policy grants permission for the other account to access the function, but doesn't allow users in that account to exceed their permissions\. Users in the other account must have the corresponding [user permissions](access-control-identity-based.md) to use the Lambda API\. @@ -128,7 +166,7 @@ You can grant cross\-account access for most API actions that [operate on an exi **Cross\-account APIs** -Currently, Lambda doesn’t currently support cross\-account actions for all of its APIs via resource\-based policies\. The following APIs are supported: +Currently, Lambda doesn’t support cross\-account actions for all of its APIs via resource\-based policies\. The following APIs are supported: + [Invoke](API_Invoke.md) + [GetFunction](API_GetFunction.md) + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) @@ -156,13 +194,13 @@ To grant layer\-usage permission to another account, add a statement to the laye ``` aws lambda add-layer-version-permission --layer-name xray-sdk-nodejs --statement-id xaccount \ ---action lambda:GetLayerVersion --principal 210987654321 --version-number 1 --output text +--action lambda:GetLayerVersion --principal 111122223333 --version-number 1 --output text ``` You should see output similar to the following: ``` -e210ffdc-e901-43b0-824b-5fcd0dd26d16 {"Sid":"xaccount","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::210987654321:root"},"Action":"lambda:GetLayerVersion","Resource":"arn:aws:lambda:us-east-2:123456789012:layer:xray-sdk-nodejs:1"} +e210ffdc-e901-43b0-824b-5fcd0dd26d16 {"Sid":"xaccount","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::111122223333:root"},"Action":"lambda:GetLayerVersion","Resource":"arn:aws:lambda:us-east-2:123456789012:layer:xray-sdk-nodejs:1"} ``` Permissions apply only to a single layer version\. Repeat the process each time that you create a new layer version\. diff --git a/doc_source/applications-console.md b/doc_source/applications-console.md old mode 100755 new mode 100644 diff --git a/doc_source/applications-tutorial.md b/doc_source/applications-tutorial.md old mode 100755 new mode 100644 index 5f7c9b22..95c2aea7 --- a/doc_source/applications-tutorial.md +++ b/doc_source/applications-tutorial.md @@ -29,7 +29,7 @@ The pipeline maps a single branch in a repository to a single application stack\ ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/applications-usecases.md b/doc_source/applications-usecases.md old mode 100755 new mode 100644 diff --git a/doc_source/best-practices.md b/doc_source/best-practices.md old mode 100755 new mode 100644 index a8793dde..4aae31ac --- a/doc_source/best-practices.md +++ b/doc_source/best-practices.md @@ -34,7 +34,7 @@ For more information about best practices for Lambda applications, see [Applicat + **Control the dependencies in your function's deployment package\. ** The AWS Lambda execution environment contains a number of libraries such as the AWS SDK for the Node\.js and Python runtimes \(a full list can be found here: [Lambda runtimes](lambda-runtimes.md)\)\. To enable the latest set of features and security updates, Lambda will periodically update these libraries\. These updates may introduce subtle changes to the behavior of your Lambda function\. To have full control of the dependencies your function uses, package all of your dependencies with your deployment package\. + **Minimize your deployment package size to its runtime necessities\. ** This will reduce the amount of time that it takes for your deployment package to be downloaded and unpacked ahead of invocation\. For functions authored in Java or \.NET Core, avoid uploading the entire AWS SDK library as part of your deployment package\. Instead, selectively depend on the modules which pick up components of the SDK you need \(e\.g\. DynamoDB, Amazon S3 SDK modules and [Lambda core libraries](https://github.com/aws/aws-lambda-java-libs)\)\. + **Reduce the time it takes Lambda to unpack deployment packages** authored in Java by putting your dependency `.jar` files in a separate /lib directory\. This is faster than putting all your function’s code in a single jar with a large number of `.class` files\. See [Deploy Java Lambda functions with \.zip or JAR file archives](java-package.md) for instructions\. -+ **Minimize the complexity of your dependencies\.** Prefer simpler frameworks that load quickly on [execution environment](runtimes-context.md) startup\. For example, prefer simpler Java dependency injection \(IoC\) frameworks like [Dagger](https://google.github.io/dagger/) or [Guice](https://github.com/google/guice), over more complex ones like [Spring Framework](https://github.com/spring-projects/spring-framework)\. ++ **Minimize the complexity of your dependencies\.** Prefer simpler frameworks that load quickly on [execution environment](lambda-runtime-environment.md) startup\. For example, prefer simpler Java dependency injection \(IoC\) frameworks like [Dagger](https://google.github.io/dagger/) or [Guice](https://github.com/google/guice), over more complex ones like [Spring Framework](https://github.com/spring-projects/spring-framework)\. + **Avoid using recursive code** in your Lambda function, wherein the function automatically calls itself until some arbitrary criteria is met\. This could lead to unintended volume of function invocations and escalated costs\. If you do accidentally do so, set the function reserved concurrency to `0` immediately to throttle all invocations to the function, while you update the code\. + **Do not use non\-documented, non\-public APIs** in your Lambda function code\. For AWS Lambda managed runtimes, Lambda periodically applies security and functional updates to Lambda's internal APIs\. These internal API updates may be backwards\-incompatible, leading to unintended consequences such as invocation failures if your function has a dependency on these non\-public APIs\. See [the API reference](API_Operations.md) for a list of publicly available APIs\. diff --git a/doc_source/configuration-aliases.md b/doc_source/configuration-aliases.md old mode 100755 new mode 100644 diff --git a/doc_source/configuration-codesigning.md b/doc_source/configuration-codesigning.md old mode 100755 new mode 100644 diff --git a/doc_source/configuration-concurrency.md b/doc_source/configuration-concurrency.md old mode 100755 new mode 100644 diff --git a/doc_source/configuration-database.md b/doc_source/configuration-database.md old mode 100755 new mode 100644 diff --git a/doc_source/configuration-envvars.md b/doc_source/configuration-envvars.md old mode 100755 new mode 100644 index ff33dc53..44ce603d --- a/doc_source/configuration-envvars.md +++ b/doc_source/configuration-envvars.md @@ -177,14 +177,14 @@ Lambda [runtimes](lambda-runtimes.md) set several environment variables during i + `_HANDLER` – The handler location configured on the function\. + `_X_AMZN_TRACE_ID` – The [X\-Ray tracing header](services-xray.md)\. + `AWS_REGION` – The AWS Region where the Lambda function is executed\. -+ `AWS_EXECUTION_ENV` – The [runtime identifier](lambda-runtimes.md), prefixed by `AWS_Lambda_`—for example, `AWS_Lambda_java8`\. ++ `AWS_EXECUTION_ENV` – The [runtime identifier](lambda-runtimes.md), prefixed by `AWS_Lambda_` \(for example, `AWS_Lambda_java8`\)\. This environment variable is not defined for custom runtimes \(for example, runtimes that use the `provided` or `provided.al2` identifiers\)\. + `AWS_LAMBDA_FUNCTION_NAME` – The name of the function\. + `AWS_LAMBDA_FUNCTION_MEMORY_SIZE` – The amount of memory available to the function in MB\. + `AWS_LAMBDA_FUNCTION_VERSION` – The version of the function being executed\. `AWS_LAMBDA_INITIALIZATION_TYPE` – The initialization type of the function, which is either `on-demand` or `provisioned-concurrency`\. For information, see [ Configuring provisioned concurrency](provisioned-concurrency.md)\. + `AWS_LAMBDA_LOG_GROUP_NAME`, `AWS_LAMBDA_LOG_STREAM_NAME` – The name of the Amazon CloudWatch Logs group and stream for the function\. -+ `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_SESSION_TOKEN` – The access keys obtained from the function's [execution role](lambda-intro-execution-role.md)\. ++ `AWS_ACCESS_KEY`, `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_SESSION_TOKEN` – The access keys obtained from the function's [execution role](lambda-intro-execution-role.md)\. + `AWS_LAMBDA_RUNTIME_API` – \([Custom runtime](runtimes-custom.md)\) The host and port of the [runtime API](runtimes-api.md)\. + `LAMBDA_TASK_ROOT` – The path to your Lambda function code\. + `LAMBDA_RUNTIME_DIR` – The path to runtime libraries\. diff --git a/doc_source/configuration-filesystem.md b/doc_source/configuration-filesystem.md old mode 100755 new mode 100644 diff --git a/doc_source/configuration-function-common.md b/doc_source/configuration-function-common.md old mode 100755 new mode 100644 index 840bb9ad..da40c4d1 --- a/doc_source/configuration-function-common.md +++ b/doc_source/configuration-function-common.md @@ -12,6 +12,7 @@ For function configuration best practices, see [Function configuration](best-pra + [Configuring functions \(console\)](#configuration-common-summary) + [Configuring functions \(API\)](#configuration-function-api) + [Configuring function memory \(console\)](#configuration-memory-console) ++ [Configuring ephemeral storage \(console\)](#configuration-ephemeral-storage) + [Accepting function memory recommendations \(console\)](#configuration-memory-optimization-accept) + [Configuring triggers \(console\)](#configuration-common-triggers) + [Testing functions \(console\)](#configuration-common-test) @@ -40,6 +41,7 @@ For the following function configurations, you can change the settings only for + **Virtual private cloud \(VPC\)** – If your function needs network access to resources that are not available over the internet, [configure it to connect to a virtual private cloud \(VPC\)](configuration-vpc.md)\. + **Monitoring and operations tools** – configure CloudWatch and other monitoring tools\. + **Concurrency** – [Reserve concurrency for a function](configuration-concurrency.md) to set the maximum number of simultaneous executions for a function\. Provision concurrency to ensure that a function can scale without fluctuations in latency\. Reserved concurrency applies to the entire function, including all versions and aliases\. ++ **Function URL** – Configure a [function URL](lambda-urls.md) to add a unique HTTP\(S\) endpoint to your Lambda function\. You can configure a function URL on the `$LATEST` unpublished function version, or on any function alias\. You can configure the following options on a function, a function version, or an alias\. + **Triggers** – Configure [triggers](#configuration-common-triggers)\. @@ -72,6 +74,8 @@ To configure functions with the Lambda API, use the following actions: + [PublishVersion](API_PublishVersion.md) – Create an immutable version with the current code and configuration\. + [CreateAlias](API_CreateAlias.md) – Create aliases for function versions\. + [PutFunctionEventInvokeConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_PutFunctionEventInvokeConfig.html) – Configure error handling for asynchronous invocation\. ++ [CreateFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunctionUrlConfig.html) – Create a function URL configuration\. ++ [UpdateFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionUrlConfig.html) – Update an existing function URL configuration\. ## Configuring function memory \(console\) @@ -91,6 +95,27 @@ You can configure the memory of your function in the Lambda console\. 1. Choose **Save**\. +## Configuring ephemeral storage \(console\) + + By default, Lambda allocates 512 MB for a function’s /tmp directory\. You can increase or decrease this amount using the **Ephemeral storage \(MB\)** setting\. To configure the size of a function’s /tmp directory, set a whole number value between 512 MB and 10,240 MB\. + +**Note** + Configuring ephemeral storage past the default 512 MB allocated incurs a cost\. For more information, see [Lambda pricing](https://aws.amazon.com/lambda/pricing)\. + +You can configure the size of a function’s /tmp directory in the Lambda console\. + +**To update the size of a function’s /tmp directory** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose a function\. + +1. On the function configuration page, on the **General configuration** pane, choose **Edit**\. + +1. For **Ephemeral storage \(MB\)**, set a value from 512 MB to 10,240 MB\. + +1. Choose **Save**\. + ## Accepting function memory recommendations \(console\) If you have administrator permissions in AWS Identity and Access Management \(IAM\), you can opt in to receive Lambda function memory setting recommendations from AWS Compute Optimizer\. For instructions on opting in to memory recommendations for your account or organization, see [Opting in your account](https://docs.aws.amazon.com/compute-optimizer/latest/ug/getting-started.html#account-opt-in) in the *AWS Compute Optimizer User Guide*\. diff --git a/doc_source/configuration-function-zip.md b/doc_source/configuration-function-zip.md old mode 100755 new mode 100644 index dead45ae..ce20435d --- a/doc_source/configuration-function-zip.md +++ b/doc_source/configuration-function-zip.md @@ -1,6 +1,6 @@ -# Creating Lambda functions defined as \.zip file archives +# Deploying Lambda functions as \.zip file archives -When you create a Lambda function, you package your function code into a deployment package\. Lambda supports two types of deployment packages: [container images](gettingstarted-package.md#gettingstarted-package-images) and [\.zip file archives](gettingstarted-package.md#gettingstarted-package-zip)\. The workflow to create a function depends on the deployment package type\. To configure a function defined as a container image, see [Creating Lambda functions defined as container images](configuration-images.md)\. +When you create a Lambda function, you package your function code into a deployment package\. Lambda supports two types of deployment packages: [container images](gettingstarted-package.md#gettingstarted-package-images) and [\.zip file archives](gettingstarted-package.md#gettingstarted-package-zip)\. The workflow to create a function depends on the deployment package type\. To configure a function defined as a container image, see [Deploying Lambda functions as container images](gettingstarted-images.md)\. You can use the Lambda console and the Lambda API to create a function defined with a \.zip file archive\. You can also upload an updated \.zip file to change the function code\. @@ -8,15 +8,15 @@ You can use the Lambda console and the Lambda API to create a function defined w You cannot convert an existing container image function to use a \.zip file archive\. You must create a new function\. **Topics** -+ [Creating a function \(console\)](#configuration-function-create) ++ [Creating the function](#configuration-function-create) + [Using the console code editor](#configuration-functions-console-update) -+ [Updating function code \(console\)](#configuration-function-update) -+ [Change the runtime or runtime version \(console\)](#configuration-function-runtime) -+ [Change the architecture \(console\)](#configuration-function-arch) ++ [Updating function code](#configuration-function-update) ++ [Changing the runtime or runtime version](#configuration-function-runtime) ++ [Changing the architecture](#configuration-function-arch) + [Using the Lambda API](#configuration-function-api) + [AWS CloudFormation](#configuration-function-cloudformation) -## Creating a function \(console\) +## Creating the function When you create a function defined with a \.zip file archive, you choose a code template, the language version, and the execution role for the function\. You add your function code after Lambda creates the function\. @@ -42,40 +42,7 @@ When you create a function defined with a \.zip file archive, you choose a code 1. Choose **Create function**\. -Lambda creates the new function\. You can now use the console to add the function code and configure other function parameters and features\. - -## Using the console code editor - -The console creates a Lambda function with a single source file\. For scripting languages, you can edit this file and add more files using the built\-in [code editor](foundation-console.md#code-editor)\. To save your changes, choose **Save**\. Then, to run your code, choose **Test**\. - -**Note** -The Lambda console uses AWS Cloud9 to provide an integrated development environment in the browser\. You can also use AWS Cloud9 to develop Lambda functions in your own environment\. For more information, see [Working with Lambda Functions](https://docs.aws.amazon.com/cloud9/latest/user-guide/lambda-functions.html) in the AWS Cloud9 user guide\. - -When you save your function code, the Lambda console creates a \.zip file archive deployment package\. When you develop your function code outside of the console \(using an SDE\) you need to [create a deployment package](nodejs-package.md) to upload your code to the Lambda function\. - -## Updating function code \(console\) - -For scripting languages \(Node\.js, Python, and Ruby\), you can edit your function code in the embedded code [editor](foundation-console.md#code-editor)\. If the code is larger than 3MB, or if you need to add libraries, or for languages that the editor doesn't support \(Java, Go, C\#\), you must upload your function code as a \.zip archive\. If the \.zip file archive is smaller than 50 MB, you can upload the \.zip file archive from your local machine\. If the file is larger than 50 MB, upload the file to the function from an Amazon S3 bucket\. - -**To upload function code as a \.zip archive** - -1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. - -1. Choose the function to update and choose the **Code** tab\. - -1. Under **Code source**, choose **Upload from**\. - -1. Choose **\.zip file**, and then choose **Upload**\. - - 1. In the file chooser, select the new image version, choose **Open**, and then choose **Save**\. - -1. \(Alternative to step 4\) Choose **Amazon S3 location**\. - - 1. In the text box, enter the S3 link URL of the \.zip file archive, then choose **Save**\. - -## Change the runtime or runtime version \(console\) - -If you update the function configuration to use a new runtime version, you may need to update the function code to be compatible with the new version\. If you update the function configuration to use a different runtime, you **must** provide new function code that is compatible with the runtime and architecture\. For instructions on how to create a deployment package for the function code, see the handler page for the runtime that the function uses\. +Lambda creates the new function\. You can now use the console to add the function code and configure other function parameters and features\. For code deployment instructions, see the handler page for the runtime your function uses\. ------ #### [ Node\.js ] @@ -114,66 +81,64 @@ If you update the function configuration to use a new runtime version, you may n ------ -**To change the runtime or runtime version** +## Using the console code editor -1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. +The console creates a Lambda function with a single source file\. For scripting languages, you can edit this file and add more files using the built\-in [code editor](foundation-console.md#code-editor)\. To save your changes, choose **Save**\. Then, to run your code, choose **Test**\. -1. Choose the function to update and choose the **Code** tab\. +**Note** +The Lambda console uses AWS Cloud9 to provide an integrated development environment in the browser\. You can also use AWS Cloud9 to develop Lambda functions in your own environment\. For more information, see [Working with Lambda Functions](https://docs.aws.amazon.com/cloud9/latest/user-guide/lambda-functions.html) in the AWS Cloud9 user guide\. -1. Under **Runtime settings**, choose **Edit**\. +When you save your function code, the Lambda console creates a \.zip file archive deployment package\. When you develop your function code outside of the console \(using an SDE\) you need to [create a deployment package](nodejs-package.md) to upload your code to the Lambda function\. - 1. For **Runtime**, select the runtime version\. +## Updating function code - 1. For **Handler**, specify file name and handler for your function\. +For scripting languages \(Node\.js, Python, and Ruby\), you can edit your function code in the embedded code [editor](foundation-console.md#code-editor)\. If the code is larger than 3MB, or if you need to add libraries, or for languages that the editor doesn't support \(Java, Go, C\#\), you must upload your function code as a \.zip archive\. If the \.zip file archive is smaller than 50 MB, you can upload the \.zip file archive from your local machine\. If the file is larger than 50 MB, upload the file to the function from an Amazon S3 bucket\. - 1. For **Architecture**, choose the instruction set architecture to use for your function\. +**To upload function code as a \.zip archive** -1. Choose **Save**\. +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. -## Change the architecture \(console\) +1. Choose the function to update and choose the **Code** tab\. -Before you can change the instruction set architecture, you need to ensure that your function's code is compatible with the target architecture\. +1. Under **Code source**, choose **Upload from**\. -If you use Node\.js, Python, or Ruby and you edit your function code in the embedded [editor](foundation-console.md#code-editor), the existing code may run without modification\. +1. Choose **\.zip file**, and then choose **Upload**\. -However, if you provide your function code using a \.zip file archive deployment package, you must prepare a new \.zip file archive that is compiled and built correctly for the target runtime and instruction\-set architecture\. For instructions, see the handler page for your function runtime\. + 1. In the file chooser, select the new image version, choose **Open**, and then choose **Save**\. ------- -#### [ Node\.js ] +1. \(Alternative to step 4\) Choose **Amazon S3 location**\. -[Deploy Node\.js Lambda functions with \.zip file archives](nodejs-package.md) + 1. In the text box, enter the S3 link URL of the \.zip file archive, then choose **Save**\. ------- -#### [ Python ] +## Changing the runtime or runtime version - [Deploy Python Lambda functions with \.zip file archives](python-package.md) +If you update the function configuration to use a new runtime version, you may need to update the function code to be compatible with the new version\. If you update the function configuration to use a different runtime, you **must** provide new function code that is compatible with the runtime and architecture\. For instructions on how to create a deployment package for the function code, see the handler page for the runtime that the function uses\. ------- -#### [ Ruby ] +**To change the runtime or runtime version** - [Deploy Ruby Lambda functions with \.zip file archives](ruby-package.md) +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. ------- -#### [ Java ] +1. Choose the function to update and choose the **Code** tab\. - [Deploy Java Lambda functions with \.zip or JAR file archives](java-package.md) +1. Scroll down to the **Runtime settings** section, which is under the code editor\. ------- -#### [ Go ] +1. Choose **Edit**\. - [Deploy Go Lambda functions with \.zip file archives](golang-package.md) + 1. For **Runtime**, select the runtime version\. ------- -#### [ C\# ] + 1. For **Handler**, specify file name and handler for your function\. - [Deploy C\# Lambda functions with \.zip file archives](csharp-package.md) + 1. For **Architecture**, choose the instruction set architecture to use for your function\. ------- -#### [ PowerShell ] +1. Choose **Save**\. - [Deploy PowerShell Lambda functions with \.zip file archives](powershell-package.md) +## Changing the architecture ------- +Before you can change the instruction set architecture, you need to ensure that your function's code is compatible with the target architecture\. + +If you use Node\.js, Python, or Ruby and you edit your function code in the embedded [editor](foundation-console.md#code-editor), the existing code may run without modification\. + +However, if you provide your function code using a \.zip file archive deployment package, you must prepare a new \.zip file archive that is compiled and built correctly for the target runtime and instruction\-set architecture\. For instructions, see the handler page for your function runtime\. **To change the instruction set architecture** diff --git a/doc_source/configuration-images.md b/doc_source/configuration-images.md deleted file mode 100755 index 0d8ff94c..00000000 --- a/doc_source/configuration-images.md +++ /dev/null @@ -1,259 +0,0 @@ -# Creating Lambda functions defined as container images - -When you create a Lambda function, you package your function code into a deployment package\. Lambda supports two types of deployment packages: [container images](gettingstarted-package.md#gettingstarted-package-images) and [\.zip file archives](gettingstarted-package.md#gettingstarted-package-zip)\. The workflow to create a function is different depending on the deployment package type\. To configure a function defined as a \.zip file archive, see [Creating Lambda functions defined as \.zip file archives](configuration-function-zip.md)\. - -You can use the Lambda console and the Lambda API to create a function defined as a container image, update and test the image code, and configure other function settings\. - -**Note** -You cannot convert an existing container image function to use a \.zip file archive\. You must create a new function\. - -When you select an image using an image tag, Lambda translates the tag to the underlying image digest\. To retrieve the digest for your image, use the [GetFunctionConfiguration](API_GetFunctionConfiguration.md) API operation\. To update the function to a newer image version, you must use the Lambda console to [update the function code](#configuration-images-update), or use the [UpdateFunctionCode](API_UpdateFunctionCode.md) API operation\. Configuration operations such as [UpdateFunctionConfiguration](API_UpdateFunctionConfiguration.md) do not update the function's container image\. - -**Note** -In Amazon ECR, if you reassign the image tag to another image, Lambda does not update the image version\. - -**Topics** -+ [Function version $LATEST](#configuration-images-latest) -+ [Container image deployment](#configuration-images-optimization) -+ [Amazon ECR permissions](#configuration-images-permissions) -+ [Override the container settings](#configuration-images-settings) -+ [Creating a function \(console\)](#configuration-images-create) -+ [Updating the function code \(console\)](#configuration-images-update) -+ [Overriding the image parameters \(console\)](#configuration-images-parms) -+ [Using the Lambda API](#configuration-images-api) -+ [AWS CloudFormation](#configuration-images-cloudformation) - -## Function version $LATEST - -When you publish a function version, the code and most of the configuration settings are locked to maintain a consistent experience for users of that version\. You can change the code and many configuration settings only on the unpublished version of the function\. By default, the console displays configuration information for the unpublished version of the function\. To view the versions of a function, choose **Qualifiers**\. The unpublished version is named **$LATEST**\. - -Note that Amazon Elastic Container Registry \(Amazon ECR\) also uses a *latest* tag to denote the latest version of the container image\. Be careful not to confuse this tag with the **$LATEST** function version\. - -For more information about managing versions, see [Lambda function versions](configuration-versions.md)\. - -## Container image deployment - -When you deploy code as a container image to a Lambda function, the image undergoes an optimization process for running on Lambda\. This process can take a few seconds, during which the function is in pending state\. When the optimization process completes, the function enters the active state\. - -## Amazon ECR permissions - -For a function in the same account as the container image in Amazon ECR, you can add `ecr:BatchGetImage` and `ecr:GetDownloadUrlForLayer` permissions to your Amazon ECR repository\. The following example shows the minimum policy: - -``` -{ - "Sid": "LambdaECRImageRetrievalPolicy", - "Effect": "Allow", - "Principal": { - "Service": "lambda.amazonaws.com" - }, - "Action": [ - "ecr:BatchGetImage", - "ecr:GetDownloadUrlForLayer" - ] -} -``` - -For more information about Amazon ECR repository permissions, see [Repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html) in the *Amazon Elastic Container Registry User Guide*\. - -If the Amazon ECR repository does not include these permissions, Lambda adds `ecr:BatchGetImage` and `ecr:GetDownloadUrlForLayer` to the container image repository permissions\. Lambda can add these permissions only if the Principal calling Lambda has `ecr:getRepositoryPolicy` and `ecr:setRepositoryPolicy` permissions\. - -To view or edit your Amazon ECR repository permissions, follow the directions in [Setting a repository policy statement](https://docs.aws.amazon.com/AmazonECR/latest/userguide/set-repository-policy.html) in the *Amazon Elastic Container Registry User Guide*\. - -### Amazon ECR cross\-account permissions - -A different account in the same region can create a function that uses a container image owned by your account\. In the following example, your Amazon ECR repository permissions policy needs the following statements to grant access to account number 123456789012\. -+ **CrossAccountPermission** – Allows account 123456789012 to create and update Lambda functions that use images from this ECR repository\. -+ **LambdaECRImageCrossAccountRetrievalPolicy** – Lambda will eventually set a function's state to inactive if it is not invoked for an extended period\. This statement is required so that Lambda can retrieve the container image for optimization and caching on behalf of the function owned by 123456789012\. - -**Example Add cross\-account permission to your repository** - -``` -{"Version": "2012-10-17", - "Statement": [ - { - "Sid": "CrossAccountPermission", - "Effect": "Allow", - "Action": [ - "ecr:BatchGetImage", - "ecr:GetDownloadUrlForLayer" - ], - "Principal": { - "AWS": "arn:aws:iam::123456789012:root" - } - }, - { - "Sid": "LambdaECRImageCrossAccountRetrievalPolicy", - "Effect": "Allow", - "Action": [ - "ecr:BatchGetImage", - "ecr:GetDownloadUrlForLayer" - ], - "Principal": { - "Service": "lambda.amazonaws.com" - }, - "Condition": { - "StringLike": { - "aws:sourceARN": - "arn:aws:lambda:us-east-1:123456789012:function:*" - } - } - } - ] -} -``` - -To give access to multiple accounts, you add the account IDs to the Principal list in the `CrossAccountPermission` policy and to the Condition evaluation list in the `LambdaECRImageCrossAccountRetrievalPolicy`\. - -If you are working with multiple accounts in an AWS Organization, we recommend that you enumerate each account ID in the ECR permissions policy\. This approach aligns with the AWS security best practice of setting narrow permissions in IAM policies\. - -## Override the container settings - -You can use the Lambda console or the Lambda API to override the following container image settings: -+ ENTRYPOINT – Specifies the absolute path of the entry point to the application\. -+ CMD – Specifies parameters that you want to pass in with ENTRYPOINT\. -+ WORKDIR – Specifies the absolute path of the working directory\. -+ ENV – Specifies an environment variable for the Lambda function\. - -Any values that you provide in the Lambda console or the Lambda API override the values [in the Dockerfile](images-create.md#images-parms)\. - -## Creating a function \(console\) - -To create a function defined as a container image, you must first [create the image](images-create.md) and then store the image in the Amazon ECR repository\. - -**To create the function** - -1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. - -1. Choose **Create function**\. - -1. Choose the **Container image** option\. - -1. Under **Basic information**, do the following: - - 1. For **Function name**, enter the function name\. Function names are limited to 64 characters in length\. - - 1. For **Container image URI**, provide a container image that is compatible with the instruction set architecture that you want for your function code\. - - You can enter the Amazon ECR image URI or browse for the Amazon ECR image\. - + Enter the Amazon ECR image URI\. - + Or, to browse an Amazon ECR repository for the image, choose **Browse images**\. Select the Amazon ECR repository from the dropdown list, and then select the image\. - -1. \(Optional\) To override configuration settings that are included in the Dockerfile, expand **Container image overrides**\. You can override any of the following settings: - + For **Entrypoint**, enter the full path of the runtime executable\. The following example shows an entrypoint for a Node\.js function: - - ``` - "/usr/bin/npx", "aws-lambda-ric" - ``` - + For **Command**, enter additional parameters to pass in to the image with **Entrypoint**\. The following example shows a command for a Node\.js function: - - ``` - "app.handler" - ``` - + For **Working directory**, enter the full path of the working directory for the function\. The following example shows the working directory for an AWS base image for Lambda: - - ``` - "/var/task" - ``` -**Note** -For the override settings, make sure that you enclose each string in quotation marks \(" "\)\. - -1. \(Optional\) For **Architecture**, choose the instruction set architecture for the function\. The default architecture is x86\_64\. Note: when you build the container image for your function, make sure that it is compatible with this [instruction set architecture](foundation-arch.md)\. - -1. \(Optional\) Under **Permissions**, expand **Change default execution role**\. Then, choose to create a new **Execution role**, or to use an existing role\. - -1. Choose **Create function**\. - -## Updating the function code \(console\) - -After you deploy a container image to a function, the image is read\-only\. To update the function code, you must first deploy a new image version\. [Create a new image version](images-create.md), and then store the image in the Amazon ECR repository\. - -**To configure the function to use an updated container image** - -1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. - -1. Choose the function to update\. - -1. Under **Image**, choose **Deploy new image**\. - -1. Choose **Browse images**\. - -1. In the **Select container image** dialog box, select the Amazon ECR repository from the dropdown list, and then select the new image version\. - -1. Choose **Save**\. - -## Overriding the image parameters \(console\) - -You can use the Lambda console to override the configuration values in the container image\. - -**To override the configuration values in the container image** - -1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. - -1. Choose the function to update\. - -1. Under **Image configuration**, choose **Edit**\. - -1. Enter new values for any of the override settings, and then choose **Save**\. - -1. \(Optional\) To add or override environment variables, under **Environment variables**, choose **Edit**\. - - For more information, see [Using AWS Lambda environment variables](configuration-envvars.md)\. - -## Using the Lambda API - -To manage functions defined as container images, use the following API operations: -+ [CreateFunction](API_CreateFunction.md) -+ [UpdateFunctionCode](API_UpdateFunctionCode.md) -+ [UpdateFunctionConfiguration](API_UpdateFunctionConfiguration.md) - -To create a function defined as container image, use the `create-function` command\. Set the `package-type` to `Image` and specify your container image URI using the `code` parameter\. - -When you create the function, you can specify the instruction set architecture\. The default architecture is `x86-64`\. Make sure that the code in your container image is compatible with the architecture\. - - You can create the function from the same account as the container registry or from a different account in the same region as the container registry in Amazon ECR\. For cross\-account access, adjust the [Amazon ECR permissions](#configuration-images-xaccount-permissions) for the image\. - -``` -aws lambda create-function --region sa-east-1 --function-name my-function \ - --package-type Image \ - --code ImageUri= \ - --role arn:aws:iam::123456789012:role/lambda-ex -``` - -To update the function code, use the `update-function-code` command\. Specify the container image location using the `image-uri` parameter\. - -**Note** -You cannot change the `package-type` of a function\. - -``` -aws lambda update-function-code --region sa-east-1 --function-name my-function \ - --image-uri \ -``` - -To update the function parameters, use the `update-function-configuration` operation\. Specify `EntryPoint` and `Command` as arrays of strings, and `WorkingDirectory` as a string\. - -``` -aws lambda update-function-configuration --function-name my-function \ ---image-config '{"EntryPoint": ["/usr/bin/npx", "aws-lambda-ric"], \ - "Command": ["app.handler"] , \ - "WorkingDirectory": "/var/task"}' -``` - -## AWS CloudFormation - -You can use AWS CloudFormation to create Lambda functions defined as container images\. In your AWS CloudFormation template, the `AWS::Lambda::Function` resource specifies the Lambda function\. For descriptions of the properties in the `AWS::Lambda::Function` resource, see [AWS::Lambda::Function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html) in the *AWS CloudFormation User Guide*\. - -In the `AWS::Lambda::Function` resource, set the following properties to create a function defined as a container image: -+ AWS::Lambda::Function - + PackageType – Set to `Image`\. - + Code – Enter your container image URI in the `ImageUri` field\. - + ImageConfig – \(Optional\) Override the container image configuration properties\. - -The `ImageConfig` property in `AWS::Lambda::Function` contains the following fields: -+ Command – Specifies parameters that you want to pass in with `EntryPoint`\. -+ EntryPoint – Specifies the entry point to the application\. -+ WorkingDirectory – Specifies the working directory\. - -**Note** -If you declare an `ImageConfig` property in your AWS CloudFormation template, you must provide values for all three of the `ImageConfig` properties\. - -For more information, see [ImageConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-imageconfig) in the *AWS CloudFormation User Guide*\. \ No newline at end of file diff --git a/doc_source/configuration-layers.md b/doc_source/configuration-layers.md old mode 100755 new mode 100644 index 63b41caa..ce8669c5 --- a/doc_source/configuration-layers.md +++ b/doc_source/configuration-layers.md @@ -4,7 +4,7 @@ Lambda [layers](gettingstarted-concepts.md#gettingstarted-concepts-layer) provid A layer is a \.zip file archive that can contain additional code or data\. A layer can contain libraries, a [custom runtime](runtimes-custom.md), data, or configuration files\. Layers promote code sharing and separation of responsibilities so that you can iterate faster on writing business logic\. -You can use layers only with Lambda functions [deployed as a \.zip file archive](gettingstarted-package.md#gettingstarted-package-zip)\. For functions [defined as a container image](lambda-images.md), you package your preferred runtime and all code dependencies when you create the container image\. For more information, see [Working with Lambda layers and extensions in container images](http://aws.amazon.com/blogs/compute/working-with-lambda-layers-and-extensions-in-container-images/) on the AWS Compute Blog\. +You can use layers only with Lambda functions [deployed as a \.zip file archive](gettingstarted-package.md#gettingstarted-package-zip)\. For functions [defined as a container image](images-create.md), you package your preferred runtime and all code dependencies when you create the container image\. For more information, see [Working with Lambda layers and extensions in container images](http://aws.amazon.com/blogs/compute/working-with-lambda-layers-and-extensions-in-container-images/) on the AWS Compute Blog\. You can create layers using the Lambda console, the Lambda API, AWS CloudFormation, or the AWS Serverless Application Model \(AWS SAM\)\. For more information about creating layers with AWS SAM, see [Working with layers](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-layers.html) in the *AWS Serverless Application Model Developer Guide*\. @@ -233,13 +233,13 @@ To grant layer\-usage permission to another account, add a statement to the laye ``` aws lambda add-layer-version-permission --layer-name xray-sdk-nodejs --statement-id xaccount \ ---action lambda:GetLayerVersion --principal 210987654321 --version-number 1 --output text +--action lambda:GetLayerVersion --principal 111122223333 --version-number 1 --output text ``` You should see output similar to the following: ``` -e210ffdc-e901-43b0-824b-5fcd0dd26d16 {"Sid":"xaccount","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::210987654321:root"},"Action":"lambda:GetLayerVersion","Resource":"arn:aws:lambda:us-east-2:123456789012:layer:xray-sdk-nodejs:1"} +e210ffdc-e901-43b0-824b-5fcd0dd26d16 {"Sid":"xaccount","Effect":"Allow","Principal":{"AWS":"arn:aws:iam::111122223333:root"},"Action":"lambda:GetLayerVersion","Resource":"arn:aws:lambda:us-east-2:123456789012:layer:xray-sdk-nodejs:1"} ``` Permissions apply only to a single layer version\. Repeat the process each time that you create a new layer version\. @@ -272,7 +272,7 @@ Resources: Layers: - !Ref libs libs: - Type: AWS::Serverless::LayerVersion + Type: AWS::Lambda::LayerVersion Properties: LayerName: blank-nodejs-lib Description: Dependencies for the blank sample app. diff --git a/doc_source/configuration-tags.md b/doc_source/configuration-tags.md old mode 100755 new mode 100644 index 3c3cc12e..7e67cbb3 --- a/doc_source/configuration-tags.md +++ b/doc_source/configuration-tags.md @@ -1,6 +1,6 @@ # Using tags on AWS Lambda functions -You can tag Lambda functions to organize them by owner, project or department\. Tags are freeform key\-value pairs that are supported across AWS services for use in filtering resources and adding detail to billing reports\. +You can tag Lambda functions to organize them by owner, project, or department\. Tags are freeform key\-value pairs that are supported across AWS services for use in filtering resources, and adding detail to billing reports\. **Topics** + [Using tags with the Lambda console](#using-tags-with-the-console) @@ -9,11 +9,33 @@ You can tag Lambda functions to organize them by owner, project or department\. ## Using tags with the Lambda console -You can use the console to add tags to existing functions and to filter functions by the tags that you add\. +You can use the console to create functions that have tags, add tags to existing functions, and filter functions by the tags that you add\. ### Adding tags to a function -**To add tags to a function \(console\)** +**To add tags when you create a function** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose **Create function**\. + +1. Choose **Author from scratch** or **Container image**\. + +1. Under **Basic information**, do the following: + + 1. For **Function name**, enter the function name\. Function names are limited to 64 characters in length\. + + 1. For **Runtime**, choose the language version to use for your function\. + + 1. \(Optional\) For **Architecture**, choose the instruction set architecture to use for your function\. The default architecture is x86\_64\. When you build the deployment package for your function, make sure that it is compatible with this [instruction set architecture](foundation-arch.md)\. + +1. Expand **Advanced settings** and then select **Enable tags**\. + +1. Enter a **Key** and an optional **Value**\. To add more tags, choose **Add new tag**, then repeat this step\. + +1. Choose **Create function**\. + +**To add tags to an existing function** 1. Grant appropriate permissions to the IAM identity \(user, group, or role\) for the person working with the function: + **lambda:ListTags**—When a function has tags, grant this permission to anyone who needs to view the function\. @@ -42,7 +64,7 @@ You can filter functions based on the presence or value of a tag with the Lambda Tags apply at the function level, not to versions or aliases\. Tags are not part of the version\-specific configuration that is snapshotted when you publish a version\. -**To filter functions with tags \(console\)** +**To filter functions with tags** 1. Make sure that you have the permissions you need: + lambda:ListTags grants permission to view functions that have tags\. @@ -64,7 +86,7 @@ With AWS Billing and Cost Management, you can use tags to customize billing repo ## Using tags with the AWS Command Line Interface -You can use the console to create functions that have tags, add tags to existing functions, and to filter functions by the tags that you add\. +You can use the AWS CLI to create functions that have tags, add tags to existing functions, and to filter functions by the tags that you add\. ### Permissions required for working with tags diff --git a/doc_source/configuration-versions.md b/doc_source/configuration-versions.md old mode 100755 new mode 100644 diff --git a/doc_source/configuration-vpc-endpoints.md b/doc_source/configuration-vpc-endpoints.md old mode 100755 new mode 100644 index 6f84d7d5..d72cbf49 --- a/doc_source/configuration-vpc-endpoints.md +++ b/doc_source/configuration-vpc-endpoints.md @@ -90,15 +90,15 @@ You need to include both the qualified and the unqualified function ARN in the r { "Principal": { - "AWS": "arn:aws:iam::123412341234:user/MyUser" + "AWS": "arn:aws:iam::111122223333:user/MyUser" }, "Effect":"Allow", "Action":[ "lambda:InvokeFunction" ], "Resource": [ - "arn:aws:lambda:us-east-2:123456789012:function:my-function”, - "arn:aws:lambda:us-east-2:123456789012:function:my-function:*” + "arn:aws:lambda:us-east-2:123456789012:function:my-function", + "arn:aws:lambda:us-east-2:123456789012:function:my-function:*" ] } ] diff --git a/doc_source/configuration-vpc.md b/doc_source/configuration-vpc.md old mode 100755 new mode 100644 index 8ac162f6..9d42b340 --- a/doc_source/configuration-vpc.md +++ b/doc_source/configuration-vpc.md @@ -26,7 +26,7 @@ Multiple functions can share a network interface, if the functions share the sam If your functions aren't active for a long period of time, Lambda reclaims its network interfaces, and the functions become `Idle`\. To reactivate an idle function, invoke it\. This invocation fails, and the function enters a `Pending` state again until a network interface is available\. -If you update your function to access a different VPC, it terminates connectivity from the Hyperplane ENI to the previous VPC\. The process to update the connectivity to a new VPC can take several minutes\. During this time, Lambda connects funtion invocations to the previous VPC\. After the update is complete, new invocations start using the the new VPC and the Lambda function is no longer connected to the older VPC\. +If you update your function to access a different VPC, it terminates connectivity from the Hyperplane ENI to the previous VPC\. The process to update the connectivity to a new VPC can take several minutes\. During this time, Lambda connects function invocations to the previous VPC\. After the update is complete, new invocations start using the the new VPC and the Lambda function is no longer connected to the older VPC\. For short\-lived operations, such as DynamoDB queries, the latency overhead of setting up a TCP connection might be greater than the operation itself\. To ensure connection reuse for short\-lived/infrequently invoked functions, we recommend that you use *TCP keep\-alive* for connections that were created during your function initialization, to avoid creating new connections for subsequent invokes\. For more information on reusing connections using keep\-alive, refer to [Lambda documentation on reusing connections](https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/node-reusing-connections.html)[\.](https://docs.aws.amazon.com/sdk-for-javascript/v2/developer-guide/node-reusing-connections.html) @@ -39,7 +39,10 @@ Lambda uses your function's permissions to create and manage network interfaces\ + **ec2:DescribeNetworkInterfaces** + **ec2:DeleteNetworkInterface** -These permissions are included in the AWS managed policy **AWSLambdaVPCAccessExecutionRole**\. +These permissions are included in the AWS managed policy **AWSLambdaVPCAccessExecutionRole**\. Note that these permissions are required only to create ENIs, not to invoke your VPC function\. In other words, you are still able to invoke your VPC function successfully even if you remove these permissions from your execution role\. To completely disassociate your Lambda function from the VPC, update the function's VPC configuration settings using the console or the [UpdateFunctionConfiguration](API_UpdateFunctionConfiguration.md) API\. + +**Note** +If you don't specify a resource ID for **DeleteNetworkInterface** in the execution role, your function may not be able to access the VPC\. Either specify a unique resource ID, or include all resource IDs, for example, `"Resource": "arn:aws:ec2:us-west-2:123456789012:*/*"`\. When you configure VPC connectivity, Lambda uses your permissions to verify network resources\. To configure a function to connect to a VPC, your AWS Identity and Access Management \(IAM\) user needs the following permissions: diff --git a/doc_source/csharp-context.md b/doc_source/csharp-context.md old mode 100755 new mode 100644 diff --git a/doc_source/csharp-exceptions.md b/doc_source/csharp-exceptions.md old mode 100755 new mode 100644 diff --git a/doc_source/csharp-handler.md b/doc_source/csharp-handler.md old mode 100755 new mode 100644 diff --git a/doc_source/csharp-image.md b/doc_source/csharp-image.md old mode 100755 new mode 100644 index 14631ea0..7da8e942 --- a/doc_source/csharp-image.md +++ b/doc_source/csharp-image.md @@ -3,11 +3,11 @@ You can deploy your Lambda function code as a [container image](images-create.md)\. AWS provides the following resources to help you build a container image for your \.NET function: + +AWS provides base images for the x86\_64 architecture for all supported \.NET runtimes, and for the arm64 architecture for the \.NET Core 3\.1 and \.NET 6\.0 runtimes\. + AWS base images for Lambda These base images are preloaded with a language runtime and other components that are required to run the image on Lambda\. AWS provides a Dockerfile for each of the base images to help with building your container image\. - - AWS provides base images for the x86\_64 architecture for all supported \.NET runtimes, and for the arm64 architecture for the \.NET Core 3\.1 and \.NET 6\.0 runtimes\. + Open\-source runtime interface clients \(RIC\) If you use a community or private enterprise base image, you must add a [Runtime interface client](runtimes-images.md#runtimes-api-client) to the base image to make it compatible with Lambda\. @@ -19,9 +19,9 @@ The workflow for a function defined as a container image includes these steps: 1. Build your container image using the resources listed in this topic\. -1. Upload the image to your Amazon ECR container registry\. See steps 7\-9 in [Create image](images-create.md#images-create-from-base)\. +1. Upload the image to your [Amazon ECR container registry](images-create.md#images-upload)\. -1. [Create](configuration-images.md#configuration-images-create) the Lambda function or [update the function code](configuration-images.md#configuration-images-update) to deploy the image to an existing function\. +1. [Create](gettingstarted-images.md#configuration-images-create) the Lambda function or [update the function code](gettingstarted-images.md#configuration-images-update) to deploy the image to an existing function\. **Topics** + [AWS base images for \.NET](#csharp-image-base) @@ -39,22 +39,17 @@ AWS provides the following base images for \.NET: | 6 | \.NET 6\.0 | Amazon Linux 2 | [Dockerfile for \.NET 6\.0 on GitHub](https://github.com/aws/aws-lambda-dotnet/tree/master/LambdaRuntimeDockerfiles/Images/net6) | | 5\.0 | \.NET 5\.0 | Amazon Linux 2 | [Dockerfile for \.NET 5\.0 on GitHub](https://github.com/aws/aws-lambda-base-images/blob/dotnet5.0/Dockerfile.dotnet5.0) | | core3\.1 | \.NET Core 3\.1 | Amazon Linux 2 | [Dockerfile for \.NET 3\.1 on GitHub](https://github.com/aws/aws-lambda-base-images/blob/dotnetcore3.1/Dockerfile.dotnetcore3.1) | -| core2\.1 | \.NET Core 2\.1 | Amazon Linux 2018\.03 | [Dockerfile for \.NET 2\.1 on GitHub](https://github.com/aws/aws-lambda-base-images/blob/dotnetcore2.1/Dockerfile.dotnetcore2.1) | -Docker Hub repository: amazon/aws\-lambda\-dotnet - -Amazon ECR repository: gallery\.ecr\.aws/lambda/dotnet +Amazon ECR repository: [gallery\.ecr\.aws/lambda/dotnet](https://gallery.ecr.aws/lambda/dotnet) ## Using a \.NET base image For instructions on how to use a \.NET base image, choose the **usage** tab on [AWS Lambda base images for \.NET](https://gallery.ecr.aws/lambda/dotnet) in the *Amazon ECR repository*\. -The instructions are also available on [Lambda base images for \.NET](https://hub.docker.com/r/amazon/aws-lambda-dotnet) in the *Docker Hub repository*\. - ## \.NET runtime interface clients Download the \.NET runtime interface client from the [AWS Lambda for \.NET Core](https://github.com/aws/aws-lambda-dotnet) repository on GitHub\. ## Deploy the container image -For a new function, you deploy the container image when you [create the function](configuration-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](configuration-images.md#configuration-images-update)\. \ No newline at end of file +For a new function, you deploy the container image when you [create the function](gettingstarted-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](gettingstarted-images.md#configuration-images-update)\. \ No newline at end of file diff --git a/doc_source/csharp-logging.md b/doc_source/csharp-logging.md old mode 100755 new mode 100644 index 9acc742d..a7e07e07 --- a/doc_source/csharp-logging.md +++ b/doc_source/csharp-logging.md @@ -44,7 +44,7 @@ public async Task FunctionHandler(SQSEvent invocationEvent, ILambd START RequestId: d1cf0ccb-xmpl-46e6-950d-04c96c9b1c5d Version: $LATEST ENVIRONMENT VARIABLES: { - "AWS_EXECUTION_ENV": "AWS_Lambda_dotnetcore2.1", + "AWS_EXECUTION_ENV": "AWS_Lambda_dotnet6", "AWS_LAMBDA_FUNCTION_MEMORY_SIZE": "256", "AWS_LAMBDA_LOG_GROUP_NAME": "/aws/lambda/blank-csharp-function-WU56XMPLV2XA", "AWS_LAMBDA_FUNCTION_VERSION": "$LATEST", @@ -122,7 +122,7 @@ You can use the Amazon CloudWatch console to view logs for all Lambda function i 1. Choose a log stream\. -Each log stream corresponds to an [instance of your function](runtimes-context.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. +Each log stream corresponds to an [instance of your function](lambda-runtime-environment.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. To use a sample application that correlates logs and traces with X\-Ray, see [Error processor sample application for AWS Lambda](samples-errorprocessor.md)\. @@ -177,7 +177,7 @@ The cli\-binary\-format option is required if you are using AWS CLI version 2\. aws lambda invoke --function-name my-function --cli-binary-format raw-in-base64-out --payload '{"key": "value"}' out sed -i'' -e 's/"//g' out sleep 15 -aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name $(cat out) --limit 5 +aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name stream1 --limit 5 ``` **Example macOS and Linux \(only\)** diff --git a/doc_source/csharp-package-cli.md b/doc_source/csharp-package-cli.md old mode 100755 new mode 100644 diff --git a/doc_source/csharp-package-toolkit.md b/doc_source/csharp-package-toolkit.md old mode 100755 new mode 100644 diff --git a/doc_source/csharp-package.md b/doc_source/csharp-package.md old mode 100755 new mode 100644 diff --git a/doc_source/csharp-tracing.md b/doc_source/csharp-tracing.md old mode 100755 new mode 100644 index f468b4d5..c6e20d97 --- a/doc_source/csharp-tracing.md +++ b/doc_source/csharp-tracing.md @@ -23,11 +23,11 @@ To trace requests that don't have a tracing header, enable active tracing in you 1. Choose **Save**\. **Pricing** -X\-Ray has a perpetual free tier\. Beyond the free tier threshold, X\-Ray charges for trace storage and retrieval\. For details, see [AWS X\-Ray pricing](https://aws.amazon.com/xray/pricing/)\. +You can use X\-Ray tracing for free each month up to a certain limit as part of the AWS Free Tier\. Beyond that threshold, X\-Ray charges for trace storage and retrieval\. For more information, see [AWS X\-Ray pricing](http://aws.amazon.com/xray/pricing/)\. Your function needs permission to upload trace data to X\-Ray\. When you enable active tracing in the Lambda console, Lambda adds the required permissions to your function's [execution role](lambda-intro-execution-role.md)\. Otherwise, add the [AWSXRayDaemonWriteAccess](https://console.aws.amazon.com/iam/home#/policies/arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess) policy to the execution role\. -X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rule is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. +X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rate is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. When active tracing is enabled, Lambda records a trace for a subset of invocations\. Lambda records two *segments*, which creates two nodes on the service map\. The first node represents the Lambda service that receives the invocation request\. The second node is recorded by the function's [runtime](gettingstarted-concepts.md#gettingstarted-concepts-runtime)\. @@ -91,7 +91,7 @@ To manage tracing configuration with the AWS CLI or AWS SDK, use the following A + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [CreateFunction](API_CreateFunction.md) -The following example AWS CLI command enables active tracing on a function named my\-function\. +The following example AWS CLI command enables active tracing on a function named **my\-function**\. ``` aws lambda update-function-configuration --function-name my-function \ @@ -102,7 +102,7 @@ Tracing mode is part of the version\-specific configuration that is locked when ## Enabling active tracing with AWS CloudFormation -To enable active tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. +To activate tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. **Example [function\-inline\.yml](https://github.com/awsdocs/aws-lambda-developer-guide/blob/master/templates/function-inline.yml) – Tracing configuration** diff --git a/doc_source/deploying-lambda-apps.md b/doc_source/deploying-lambda-apps.md old mode 100755 new mode 100644 diff --git a/doc_source/extensions-api-partners.md b/doc_source/extensions-api-partners.md new file mode 100644 index 00000000..4afc6572 --- /dev/null +++ b/doc_source/extensions-api-partners.md @@ -0,0 +1,27 @@ +# AWS Lambda extensions partners + +AWS Lambda has partnered with several third party entities to provide extensions to integrate with your Lambda functions\. The following list details third party extensions that are ready for you to use at any time\. ++ [AppDynamics](https://docs.appdynamics.com/display/PRO20X/Use+the+AppDynamics+AWS+Lambda+Extension+to+Instrument+Serverless+APM+at+Runtime) – Provides automatic instrumentation of Node\.js or Python Lambda functions, providing visibility and alerting on function performance\. ++ [Check Point CloudGuard](https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk172491&partition=Advanced&product=CloudGuard) – An extension\-based runtime solution that offers full lifecycle security for serverless applications\. ++ [Datadog](https://docs.datadoghq.com/serverless/datadog_lambda_library/extension/) – Provides comprehensive, real\-time visibility to your serverless applications through the use of metrics, traces, and logs\. ++ [Dynatrace](https://www.dynatrace.com/support/help/technology-support/cloud-platforms/amazon-web-services/integrations/deploy-oneagent-as-lambda-extension/) – Provides visibility into traces and metrics, and leverages AI for automated error detection and root cause analysis across the entire application stack\. ++ [Epsagon](https://docs.epsagon.com/docs/aws-lambda-layer) – Listens to invocation events, stores traces, and sends them in parallel to Lambda function executions\. ++ [HashiCorp Vault](https://learn.hashicorp.com/tutorials/vault/aws-lambda) – Manages secrets and makes them available for developers to use within function code, without making functions Vault aware\. ++ [Honeycomb](https://docs.honeycomb.io/getting-data-in/integrations/aws/aws-lambda/) – Observability tool for debugging your app stack\. ++ [Lumigo](https://docs.lumigo.io/docs/lambda-extensions) – Profiles Lambda function invocations and collects metrics for troubleshooting issues in serverless and microservice environments\. ++ [New Relic](https://docs.newrelic.com/docs/serverless-function-monitoring/aws-lambda-monitoring/get-started/monitoring-aws-lambda-serverless-monitoring) – Runs alongside Lambda functions, automatically collecting, enhancing, and transporting telemetry to New Relic's unified observability platform\. ++ [Sentry](https://docs.sentry.io/product/integrations/aws-lambda/) – Diagnose, fix, and optimize performance of Lambda functions\. ++ [Site24x7](https://www.site24x7.com/help/aws/lambda-execution-logs.html) – Achieve real\-time observability into your Lambda environments ++ [Splunk](https://github.com/signalfx/lambda-layer-versions/tree/master/lambda-extension) – Collects high\-resolution, low\-latency metrics for efficient and effective monitoring of Lambda functions\. ++ [Sumo Logic](https://help.sumologic.com/03Send-Data/Collect-from-Other-Data-Sources/Collect_AWS_Lambda_Logs_using_an_Extension) – Provides visibility into the health and performance of serverless applications\. ++ [Thundra](https://apm.docs.thundra.io/performance/zero-overhead-with-lambda-extensions) – Provides asynchronous telemetry reporting, such as traces, metrics, and logs\. + +## AWS managed extensions + +AWS provides its own managed extensions, including: ++ [AWS AppConfig](https://docs.aws.amazon.com/appconfig/latest/userguide/appconfig-integration-lambda-extensions.html#appconfig-integration-lambda-extensions-enabling) – Use feature flags and dynamic data to update your Lambda functions\. You can also use this extension to update other dynamic configuration, such as ops throttling and tuning\. ++ [Amazon CodeGuru Profiler](https://docs.aws.amazon.com/codeguru/latest/profiler-ug/python-lambda-layers.html) – Improves application performance and reduces cost by pinpointing an application's most expensive line of code and providing recommendations for improving code\. ++ [CloudWatch Lambda Insights](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights.html) – Monitor, troubleshoot, and optimize the performance of your Lambda functions through automated dashboards\. ++ [AWS Distro for Open Telemetry](https://aws-otel.github.io/docs/getting-started/lambda) – Enables functions to send trace data to AWS monitoring services such as AWS X\-Ray, and to destinations that support OpenTelemetry such as Honeycomb and Lightstep\. + +For additional extensions samples and demo projects, see [AWS Lambda Extensions](https://github.com/aws-samples/aws-lambda-extensions)\. \ No newline at end of file diff --git a/doc_source/foundation-arch.md b/doc_source/foundation-arch.md old mode 100755 new mode 100644 index 579df015..7c28f27b --- a/doc_source/foundation-arch.md +++ b/doc_source/foundation-arch.md @@ -9,7 +9,7 @@ + [Function migration to arm64 architecture](#foundation-arch-consider) + [Function code compatibility with arm64 architecture](#foundation-arch-considerations) + [Suggested migration steps](#foundation-arch-steps) -+ [Configuring the instruction set architecture](#foundation-arch-adv) ++ [Configuring the instruction set architecture](#foundation-arch-config) ## Advantages of using arm64 architecture @@ -66,7 +66,7 @@ To migrate a Lambda function to the arm64 architecture, we recommend following t For more information about how to create a code environment for arm64 architecture, including language\-specific information for Java, Go, \.NET, and Python, see the [Getting started with AWS Graviton](https://github.com/aws/aws-graviton-getting-started) GitHub repository\. -## Configuring the instruction set architecture +## Configuring the instruction set architecture You can configure the instruction set architecture for new Lambda functions using the Lambda console, AWS SDKs, AWS Command Line Interface \(AWS CLI\), or AWS CloudFormation\. You can deploy the function code to Lambda with either a \.zip archive file or a container image deployment package\. diff --git a/doc_source/foundation-console.md b/doc_source/foundation-console.md old mode 100755 new mode 100644 index 1cb4d6d6..c05eade3 --- a/doc_source/foundation-console.md +++ b/doc_source/foundation-console.md @@ -15,7 +15,7 @@ The [Applications](deploying-lambda-apps.md) page shows you a list of applicatio ## Functions -The functions page shows you a list of functions defined for your account in this region\. The initial console flow to create a function depends on whether the function uses a [container image](configuration-images.md) or [\.zip file archive](configuration-function-zip.md) for the deployment package\. Many of the optional [configuration tasks](configuration-function-common.md) are common to both types of function\. +The functions page shows you a list of functions defined for your account in this region\. The initial console flow to create a function depends on whether the function uses a [container image](gettingstarted-images.md) or [\.zip file archive](configuration-function-zip.md) for the deployment package\. Many of the optional [configuration tasks](configuration-function-common.md) are common to both types of function\. The console provides a [code editor](#code-editor) for your convenience\. diff --git a/doc_source/foundation-networking.md b/doc_source/foundation-networking.md old mode 100755 new mode 100644 diff --git a/doc_source/foundation-progmodel.md b/doc_source/foundation-progmodel.md old mode 100755 new mode 100644 diff --git a/doc_source/functions-states.md b/doc_source/functions-states.md old mode 100755 new mode 100644 diff --git a/doc_source/getting-started-create-function.md b/doc_source/getting-started-create-function.md deleted file mode 100755 index f24cab66..00000000 --- a/doc_source/getting-started-create-function.md +++ /dev/null @@ -1,98 +0,0 @@ -# Create a Lambda function with the console - -In this getting started exercise, you create a Lambda function using the console\. The function uses the default code that Lambda creates\. The Lambda console provides a [code editor](foundation-console.md#code-editor) for non\-compiled languages that lets you modify and test code quickly\. For compiled languages, you must create a [\.zip archive deployment package](gettingstarted-package.md#gettingstarted-package-zip) to upload your Lambda function code\. - -**Topics** -+ [Create the function](#gettingstarted-zip-function) -+ [Invoke the Lambda function](#get-started-invoke-manually) -+ [Clean up](#gettingstarted-cleanup) - -## Create the function - -You create a Node\.js Lambda function using the Lambda console\. Lambda automatically creates default code for the function\. - -**To create a Lambda function with the console** - -1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. - -1. Choose **Create function**\. - -1. Under **Basic information**, do the following: - - 1. For **Function name**, enter **my\-function**\. - - 1. For **Runtime**, confirm that **Node\.js 14\.x** is selected\. Note that Lambda provides runtimes for \.NET \(PowerShell, C\#\), Go, Java, Node\.js, Python, and Ruby\. - -1. Choose **Create function**\. - -Lambda creates a Node\.js function and an [execution role](lambda-intro-execution-role.md) that grants the function permission to upload logs\. The Lambda function assumes the execution role when you invoke your function, and uses the execution role to create credentials for the AWS SDK and to read data from event sources\. - -## Invoke the Lambda function - -Invoke your Lambda function using the sample event data provided in the console\. - -**To invoke a function** - -1. After selecting your function, choose the **Test** tab\. - -1. In the **Test event** section, choose **New event**\. In **Template**, leave the default **hello\-world** option\. Enter a **Name** for this test and note the following sample event template: - - ``` - { - "key1": "value1", - "key2": "value2", - "key3": "value3" - } - ``` - -1. Choose **Save changes**, and then choose **Test**\. Each user can create up to 10 test events per function\. Those test events are not available to other users\. - - Lambda runs your function on your behalf\. The function handler receives and then processes the sample event\. - -1. Upon successful completion, view the results in the console\. - + The **Execution result** shows the execution status as **succeeded**\. To view the function execution results, expand **Details**\. Note that the **logs** link opens the **Log groups** page in the CloudWatch console\. - + The **Summary** section shows the key information reported in the **Log output** section \(the *REPORT* line in the execution log\)\. - + The **Log output** section shows the log that Lambda generates for each invocation\. The function writes these logs to CloudWatch\. The Lambda console shows these logs for your convenience\. Choose **Click here** to add logs to the CloudWatch log group and open the **Log groups** page in the CloudWatch console\. - -1. Run the function \(choose **Test**\) a few more times to gather some metrics that you can view in the next step\. - -1. Choose the **Monitor** tab\. This page shows graphs for the metrics that Lambda sends to CloudWatch\. -![\[Image NOT FOUND\]](http://docs.aws.amazon.com/lambda/latest/dg/images/metrics-functions-list.png) - - For more information on these graphs, see [Monitoring functions on the Lambda console](monitoring-functions-access-metrics.md)\. - -## Clean up - -If you are done working with the example function, delete it\. You can also delete the log group that stores the function's logs, and the execution role that the console created\. - -**To delete a Lambda function** - -1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. - -1. Choose a function\. - -1. Choose **Actions**, **Delete**\. - -1. In the **Delete function** dialog box, choose **Delete**\. - -**To delete the log group** - -1. Open the [Log groups page](https://console.aws.amazon.com/cloudwatch/home#logs:) of the CloudWatch console\. - -1. Select the function's log group \(`/aws/lambda/my-function`\)\. - -1. Choose **Actions**, **Delete log group\(s\)**\. - -1. In the **Delete log group\(s\)** dialog box, choose **Delete**\. - -**To delete the execution role** - -1. Open the [Roles page](https://console.aws.amazon.com/iam/home?#/roles) of the AWS Identity and Access Management \(IAM\) console\. - -1. Select the function's role \(`my-function-role-31exxmpl`\)\. - -1. Choose **Delete role**\. - -1. In the **Delete role** dialog box, choose **Yes, delete**\. - -You can automate the creation and cleanup of functions, log groups, and roles with AWS CloudFormation and the AWS Command Line Interface \(AWS CLI\)\. For fully functional sample applications, see [Lambda sample applications](lambda-samples.md)\. \ No newline at end of file diff --git a/doc_source/getting-started.md b/doc_source/getting-started.md old mode 100755 new mode 100644 index 61859eb6..fdf9fafb --- a/doc_source/getting-started.md +++ b/doc_source/getting-started.md @@ -9,9 +9,99 @@ As a best practice, create an AWS Identity and Access Management \(IAM\) user wi You can author functions in the Lambda console, or with an IDE toolkit, command line tools, or the AWS SDKs\. The Lambda console provides a [code editor](foundation-console.md#code-editor) for non\-compiled languages that lets you modify and test code quickly\. The [AWS Command Line Interface \(AWS CLI\)](gettingstarted-awscli.md) gives you direct access to the Lambda API for advanced configuration and automation use cases\. You deploy your function code to Lambda using a deployment package\. Lambda supports two types of deployment packages: -+ A \.zip file archive that contains your function code and its dependencies\. For an example tutorial, see [Create a Lambda function with the console](getting-started-create-function.md)\. -+ A container image that is compatible with the [Open Container Initiative \(OCI\)](https://opencontainers.org/) specification\. For an example tutorial, see [Create a function defined as a container image](gettingstarted-images.md)\. ++ A [\.zip file archive](configuration-function-zip.md) that contains your function code and its dependencies\. For a tutorial, see [Create a Lambda function with the console](#getting-started-create-function)\. ++ A [container image](images-create.md) that is compatible with the [Open Container Initiative \(OCI\)](https://opencontainers.org/) specification\. -**Topics** -+ [Create a Lambda function with the console](getting-started-create-function.md) -+ [Create a function defined as a container image](gettingstarted-images.md) \ No newline at end of file +## Create a Lambda function with the console + +In this getting started exercise, you create a Lambda function using the console\. The function uses the default code that Lambda creates\. The Lambda console provides a [code editor](foundation-console.md#code-editor) for non\-compiled languages that lets you modify and test code quickly\. For compiled languages, you must create a [\.zip archive deployment package](gettingstarted-package.md#gettingstarted-package-zip) to upload your Lambda function code\. + +### Create the function + +You create a Node\.js Lambda function using the Lambda console\. Lambda automatically creates default code for the function\. + +**To create a Lambda function with the console** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose **Create function**\. + +1. Under **Basic information**, do the following: + + 1. For **Function name**, enter **my\-function**\. + + 1. For **Runtime**, confirm that **Node\.js 14\.x** is selected\. Note that Lambda provides runtimes for \.NET \(PowerShell, C\#\), Go, Java, Node\.js, Python, and Ruby\. + +1. Choose **Create function**\. + +Lambda creates a Node\.js function and an [execution role](lambda-intro-execution-role.md) that grants the function permission to upload logs\. The Lambda function assumes the execution role when you invoke your function, and uses the execution role to create credentials for the AWS SDK and to read data from event sources\. + +### Invoke the Lambda function + +Invoke your Lambda function using the sample event data provided in the console\. + +**To invoke a function** + +1. After selecting your function, choose the **Test** tab\. + +1. In the **Test event** section, choose **New event**\. In **Template**, leave the default **hello\-world** option\. Enter a **Name** for this test and note the following sample event template: + + ``` + { + "key1": "value1", + "key2": "value2", + "key3": "value3" + } + ``` + +1. Choose **Save changes**, and then choose **Test**\. Each user can create up to 10 test events per function\. Those test events are not available to other users\. + + Lambda runs your function on your behalf\. The function handler receives and then processes the sample event\. + +1. Upon successful completion, view the results in the console\. + + The **Execution result** shows the execution status as **succeeded**\. To view the function execution results, expand **Details**\. Note that the **logs** link opens the **Log groups** page in the CloudWatch console\. + + The **Summary** section shows the key information reported in the **Log output** section \(the *REPORT* line in the execution log\)\. + + The **Log output** section shows the log that Lambda generates for each invocation\. The function writes these logs to CloudWatch\. The Lambda console shows these logs for your convenience\. Choose **Click here** to add logs to the CloudWatch log group and open the **Log groups** page in the CloudWatch console\. + +1. Run the function \(choose **Test**\) a few more times to gather some metrics that you can view in the next step\. + +1. Choose the **Monitor** tab\. This page shows graphs for the metrics that Lambda sends to CloudWatch\. +![\[Image NOT FOUND\]](http://docs.aws.amazon.com/lambda/latest/dg/images/metrics-functions-list.png) + + For more information on these graphs, see [Monitoring functions on the Lambda console](monitoring-functions-access-metrics.md)\. + +### Clean up + +If you are done working with the example function, delete it\. You can also delete the log group that stores the function's logs, and the execution role that the console created\. + +**To delete a Lambda function** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose a function\. + +1. Choose **Actions**, **Delete**\. + +1. In the **Delete function** dialog box, choose **Delete**\. + +**To delete the log group** + +1. Open the [Log groups page](https://console.aws.amazon.com/cloudwatch/home#logs:) of the CloudWatch console\. + +1. Select the function's log group \(`/aws/lambda/my-function`\)\. + +1. Choose **Actions**, **Delete log group\(s\)**\. + +1. In the **Delete log group\(s\)** dialog box, choose **Delete**\. + +**To delete the execution role** + +1. Open the [Roles page](https://console.aws.amazon.com/iam/home?#/roles) of the AWS Identity and Access Management \(IAM\) console\. + +1. Select the function's role \(`my-function-role-31exxmpl`\)\. + +1. Choose **Delete role**\. + +1. In the **Delete role** dialog box, choose **Yes, delete**\. + +You can automate the creation and cleanup of functions, log groups, and roles with AWS CloudFormation and the AWS Command Line Interface \(AWS CLI\)\. For fully functional sample applications, see [Lambda sample applications](lambda-samples.md)\. \ No newline at end of file diff --git a/doc_source/gettingstarted-awscli.md b/doc_source/gettingstarted-awscli.md old mode 100755 new mode 100644 index 4e003bb0..2491b2e6 --- a/doc_source/gettingstarted-awscli.md +++ b/doc_source/gettingstarted-awscli.md @@ -6,7 +6,7 @@ In this tutorial, you manage and invoke Lambda functions with the AWS CLI\. For ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started-create-function.md)\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function)\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/gettingstarted-concepts.md b/doc_source/gettingstarted-concepts.md old mode 100755 new mode 100644 index 2389af5e..0d12a4b1 --- a/doc_source/gettingstarted-concepts.md +++ b/doc_source/gettingstarted-concepts.md @@ -63,7 +63,7 @@ For more information about events from AWS services, see [Using AWS Lambda with An *execution environment* provides a secure and isolated runtime environment for your Lambda function\. An execution environment manages the processes and resources that are required to run the function\. The execution environment provides lifecycle support for the function and for any [extensions](#gettingstarted-concepts-extensions) associated with your function\. -For more information, see [AWS Lambda execution environment](runtimes-context.md)\. +For more information, see [AWS Lambda execution environment](lambda-runtime-environment.md)\. ## Instruction set architecture diff --git a/doc_source/gettingstarted-features.md b/doc_source/gettingstarted-features.md old mode 100755 new mode 100644 index 302d59af..29fcc73f --- a/doc_source/gettingstarted-features.md +++ b/doc_source/gettingstarted-features.md @@ -5,6 +5,7 @@ Lambda provides a management console and API for managing and invoking functions **Topics** + [Scaling](#gettingstarted-features-scaling) + [Concurrency controls](#gettingstarted-features-concurrency) ++ [Function URLs](#gettingstarted-features-urls) + [Asynchronous invocation](#gettingstarted-features-async) + [Event source mappings](#gettingstarted-features-eventsourcemapping) + [Destinations](#gettingstarted-features-destinations) @@ -32,6 +33,12 @@ To enable functions to scale without fluctuations in latency, use *provisioned c For more information, see [Managing Lambda reserved concurrency](configuration-concurrency.md)\. +## Function URLs + +Lambda offers built\-in HTTP\(S\) endpoint support through *function URLs*\. With function URLs, you can assign a dedicated HTTP endpoint to your Lambda function\. When your function URL is configured, you can use it to invoke your function through a web browser, curl, Postman, or any HTTP client\. + +You can add a function URL to an existing function, or create a new function with a function URL\. For more information, see [Invoking Lambda function URLs](urls-invocation.md)\. + ## Asynchronous invocation When you invoke a function, you can choose to invoke it synchronously or asynchronously\. With [synchronous invocation](invocation-sync.md), you wait for the function to process the event and return a response\. With asynchronous invocation, Lambda queues the event for processing and returns a response immediately\. diff --git a/doc_source/gettingstarted-images.md b/doc_source/gettingstarted-images.md old mode 100755 new mode 100644 index 100149e1..7afb727f --- a/doc_source/gettingstarted-images.md +++ b/doc_source/gettingstarted-images.md @@ -1,15 +1,23 @@ -# Create a function defined as a container image +# Deploying Lambda functions as container images -In this getting started exercise, you create a function defined as a container image\. First, you use the Docker CLI to create a container image for your function code, and then use the Lambda console to create a function from the container image\. +When you create a Lambda function, you package your function code into a deployment package\. Lambda supports two types of deployment packages: [container images](gettingstarted-package.md#gettingstarted-package-images) and [\.zip file archives](gettingstarted-package.md#gettingstarted-package-zip)\. The workflow to create a function is different depending on the deployment package type\. To configure a function defined as a \.zip file archive, see [Deploying Lambda functions as \.zip file archives](configuration-function-zip.md)\. + +You can use the Lambda console and the Lambda API to create a function defined as a container image, update and test the image code, and configure other function settings\. + +**Note** +You cannot convert an existing container image function to use a \.zip file archive\. You must create a new function\. + +When you select an image using an image tag, Lambda translates the tag to the underlying image digest\. To retrieve the digest for your image, use the [GetFunctionConfiguration](API_GetFunctionConfiguration.md) API operation\. To update the function to a newer image version, you must use the Lambda console to [update the function code](#configuration-images-update), or use the [UpdateFunctionCode](API_UpdateFunctionCode.md) API operation\. Configuration operations such as [UpdateFunctionConfiguration](API_UpdateFunctionConfiguration.md) do not update the function's container image\. **Topics** + [Prerequisites](#gettingstarted-images-prereq) -+ [Create the container image](#gettingstarted-images-package) -+ [Upload the image to the Amazon ECR repository](#gettingstarted-create-upload) -+ [Update the user permissions](#gettingstarted-images-permissions) -+ [Create a Lambda function defined as a container image](#gettingstarted-images-function) -+ [Invoke the Lambda function](#get-started-invoke-function) -+ [Clean up](#gettingstarted-image-cleanup) ++ [Permissions](#gettingstarted-images-permissions) ++ [Creating the function](#configuration-images-create) ++ [Testing the function](#get-started-invoke-function) ++ [Overriding container settings](#configuration-images-settings) ++ [Updating function code](#configuration-images-update) ++ [Using the Lambda API](#configuration-images-api) ++ [AWS CloudFormation](#configuration-images-cloudformation) ## Prerequisites @@ -29,134 +37,151 @@ For long commands, an escape character \(`\`\) is used to split a command over m On Linux and macOS, use your preferred shell and package manager\. On Windows 10, you can [install the Windows Subsystem for Linux](https://docs.microsoft.com/en-us/windows/wsl/install-win10) to get a Windows\-integrated version of Ubuntu and Bash\. -This exercise uses Docker CLI commands to create the container image\. To install the Docker CLI, see [Get Docker](https://docs.docker.com/get-docker) on the Docker Docs website\. - -## Create the container image - -AWS provides a set of base images in the Amazon Elastic Container Registry \(Amazon ECR\)\. In this getting started exercise, we use the Node\.js base image to create a container image\. For more information about base images, see [AWS base images for Lambda](runtimes-images.md#runtimes-images-lp)\. - -In the following commands, replace `123456789012` with your AWS account ID\. - -**To create an image using the AWS Node\.js 14 base image** - -1. On your local machine, create a project directory for your new function\. - -1. Create a file named `app.js` in your project directory\. Add the following code to `app.js`: - - ``` - exports.handler = async (event) => { - // TODO implement - const response = { - statusCode: 200, - body: JSON.stringify('Hello from Lambda!'), - }; - return response; - }; - ``` +Before you create the function, you must [create a container image and upload it to Amazon ECR](images-create.md)\. -1. Use a text editor to create a new file named `Dockerfile` in your project directory\. Add the following content to `Dockerfile`: +## Permissions - ``` - FROM public.ecr.aws/lambda/nodejs:14 - - # Copy function code - COPY app.js ${LAMBDA_TASK_ROOT} - - # Set the CMD to your handler - CMD [ "app.handler" ] - ``` +Make sure that the permissions for the IAM user or role that creates the function contain the AWS managed policies `GetRepositoryPolicy` and `SetRepositoryPolicy`\. -1. Build your Docker image\. From your project directory, run the following command: +For example, use the IAM console to create a role with the following policy: - ``` - docker build -t hello-world . - ``` +``` +{ +"Version": "2012-10-17", +"Statement": [ + { + "Sid": "VisualEditor0", + "Effect": "Allow", + "Action": ["ecr:SetRepositoryPolicy","ecr:GetRepositoryPolicy"], + "Resource": "arn:aws:ecr:::repository//" + } +] +} +``` -1. \(Optional\) AWS base images include the Lambda runtime interface emulator, so you can test your function locally\. +### Amazon ECR permissions - 1. Run your Docker image\. From your project directory, run the `docker run` command: +For a function in the same account as the container image in Amazon ECR, you can add `ecr:BatchGetImage` and `ecr:GetDownloadUrlForLayer` permissions to your Amazon ECR repository\. The following example shows the minimum policy: - ``` - docker run -p 9000:8080 hello-world:latest - ``` +``` +{ + "Sid": "LambdaECRImageRetrievalPolicy", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com" + }, + "Action": [ + "ecr:BatchGetImage", + "ecr:GetDownloadUrlForLayer" + ] + } +``` - 1. Test your Lambda function\. In a new terminal window, run a `curl` command to invoke your function: +For more information about Amazon ECR repository permissions, see [Repository policies](https://docs.aws.amazon.com/AmazonECR/latest/userguide/repository-policies.html) in the *Amazon Elastic Container Registry User Guide*\. - ``` - curl -XPOST "http://localhost:9000/2015-03-31/functions/function/invocations" -d '{}' - ``` +If the Amazon ECR repository does not include these permissions, Lambda adds `ecr:BatchGetImage` and `ecr:GetDownloadUrlForLayer` to the container image repository permissions\. Lambda can add these permissions only if the Principal calling Lambda has `ecr:getRepositoryPolicy` and `ecr:setRepositoryPolicy` permissions\. -## Upload the image to the Amazon ECR repository +To view or edit your Amazon ECR repository permissions, follow the directions in [Setting a repository policy statement](https://docs.aws.amazon.com/AmazonECR/latest/userguide/set-repository-policy.html) in the *Amazon Elastic Container Registry User Guide*\. -In the following commands, replace `123456789012` with your AWS account ID and set the region value to the region where you want to create the ECR repository\. +#### Amazon ECR cross\-account permissions -1. Authenticate the Docker CLI to your Amazon ECR registry\. +A different account in the same region can create a function that uses a container image owned by your account\. In the following example, your Amazon ECR repository permissions policy needs the following statements to grant access to account number 123456789012\. ++ **CrossAccountPermission** – Allows account 123456789012 to create and update Lambda functions that use images from this ECR repository\. ++ **LambdaECRImageCrossAccountRetrievalPolicy** – Lambda will eventually set a function's state to inactive if it is not invoked for an extended period\. This statement is required so that Lambda can retrieve the container image for optimization and caching on behalf of the function owned by 123456789012\. - ``` - aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-east-1.amazonaws.com - ``` +**Example Add cross\-account permission to your repository** -1. Create a repository in Amazon ECR using the `create-repository` command\. +``` +{"Version": "2012-10-17", + "Statement": [ + { + "Sid": "CrossAccountPermission", + "Effect": "Allow", + "Action": [ + "ecr:BatchGetImage", + "ecr:GetDownloadUrlForLayer" + ], + "Principal": { + "AWS": "arn:aws:iam::123456789012:root" + } + }, + { + "Sid": "LambdaECRImageCrossAccountRetrievalPolicy", + "Effect": "Allow", + "Action": [ + "ecr:BatchGetImage", + "ecr:GetDownloadUrlForLayer" + ], + "Principal": { + "Service": "lambda.amazonaws.com" + }, + "Condition": { + "StringLike": { + "aws:sourceARN": + "arn:aws:lambda:us-east-1:123456789012:function:*" + } + } + } + ] + } +``` - ``` - aws ecr create-repository --region us-east-1 --repository-name hello-world --image-scanning-configuration scanOnPush=true --image-tag-mutability MUTABLE - ``` +To give access to multiple accounts, you add the account IDs to the Principal list in the `CrossAccountPermission` policy and to the Condition evaluation list in the `LambdaECRImageCrossAccountRetrievalPolicy`\. -1. Tag your image to match your repository name using the `docker tag` command\. +If you are working with multiple accounts in an AWS Organization, we recommend that you enumerate each account ID in the ECR permissions policy\. This approach aligns with the AWS security best practice of setting narrow permissions in IAM policies\. - ``` - docker tag hello-world:latest 123456789012.dkr.ecr.us-east-1.amazonaws.com/hello-world:latest - ``` +## Creating the function -1. Deploy the image to Amazon ECR using the `docker push` command\. +To create a function defined as a container image, you must first [create the image](images-create.md) and then store the image in the Amazon ECR repository\. - ``` - docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/hello-world:latest - ``` +**To create the function** -## Update the user permissions +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. -Make sure that the permissions for the IAM user or role that creates the function contain the AWS managed policies `GetRepositoryPolicy` and `SetRepositoryPolicy`\. For information about user permissions to access images in the Amazon ECR repository, see [ Amazon ECR permissions](configuration-images.md#configuration-images-permissions) +1. Choose **Create function**\. -For example, use the IAM console to create a role with the following policy: +1. Choose the **Container image** option\. -``` -{ -"Version": "2012-10-17", -"Statement": [ - { - "Sid": "VisualEditor0", - "Effect": "Allow", - "Action": ["ecr:SetRepositoryPolicy","ecr:GetRepositoryPolicy"], - "Resource": "arn:aws:ecr:::repository//" - } -] -} -``` +1. Under **Basic information**, do the following: -## Create a Lambda function defined as a container image + 1. For **Function name**, enter the function name\. -Use the Lambda console to create a function defined as a container image\. + 1. For **Container image URI**, provide a container image that is compatible with the instruction set architecture that you want for your function code\. -**To create the function with the console** + You can enter the Amazon ECR image URI or browse for the Amazon ECR image\. + + Enter the Amazon ECR image URI\. + + Or, to browse an Amazon ECR repository for the image, choose **Browse images**\. Select the Amazon ECR repository from the dropdown list, and then select the image\. -1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. +1. \(Optional\) To override configuration settings that are included in the Dockerfile, expand **Container image overrides**\. You can override any of the following settings: + + For **Entrypoint**, enter the full path of the runtime executable\. The following example shows an entrypoint for a Node\.js function: -1. Choose **Create function**\. + ``` + "/usr/bin/npx", "aws-lambda-ric" + ``` + + For **Command**, enter additional parameters to pass in to the image with **Entrypoint**\. The following example shows a command for a Node\.js function: -1. Choose the **Container image** option\. + ``` + "app.handler" + ``` + + For **Working directory**, enter the full path of the working directory for the function\. The following example shows the working directory for an AWS base image for Lambda: -1. Under **Basic information**, do the following: + ``` + "/var/task" + ``` +**Note** +For the override settings, make sure that you enclose each string in quotation marks \(" "\)\. - 1. For **Function name**, enter **my\-function**\. +1. \(Optional\) For **Architecture**, choose the instruction set architecture for the function\. The default architecture is x86\_64\. Note: when you build the container image for your function, make sure that it is compatible with this [instruction set architecture](foundation-arch.md)\. - 1. For **Container image URI**, enter the URI of the Amazon ECR image that you created previously\. +1. \(Optional\) Under **Permissions**, expand **Change default execution role**\. Then, choose to create a new **Execution role**, or to use an existing role\. 1. Choose **Create function**\. Lambda creates your function and an [execution role](lambda-intro-execution-role.md) that grants the function permission to upload logs\. Lambda assumes the execution role when you invoke your function, and uses the execution role to create credentials for the AWS SDK and to read data from event sources\. -## Invoke the Lambda function +When you deploy code as a container image to a Lambda function, the image undergoes an optimization process for running on Lambda\. This process can take a few seconds, during which the function is in pending state\. When the optimization process completes, the function enters the active state\. + +## Testing the function Invoke your Lambda function using the sample event data provided in the console\. @@ -190,40 +215,111 @@ Invoke your Lambda function using the sample event data provided in the console\ For more information on these graphs, see [Monitoring functions on the Lambda console](monitoring-functions-access-metrics.md)\. -## Clean up +## Overriding container settings -If you are finished with the container image, see [Deleting an image](https://docs.aws.amazon.com/AmazonECR/latest/userguide/delete_image.html) in the *Amazon Elastic Container Registry User Guide* +You can use the Lambda console or the Lambda API to override the following container image settings: ++ ENTRYPOINT – Specifies the absolute path of the entry point to the application\. ++ CMD – Specifies parameters that you want to pass in with ENTRYPOINT\. ++ WORKDIR – Specifies the absolute path of the working directory\. ++ ENV – Specifies an environment variable for the Lambda function\. -If you are done working with your function, delete it\. You can also delete the log group that stores the function's logs and the execution role that the console created\. +Any values that you provide in the Lambda console or the Lambda API override the values [in the Dockerfile](images-create.md#images-parms)\. -**To delete a Lambda function** +**To override the configuration values in the container image** 1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. -1. Choose a function\. +1. Choose the function to update\. + +1. Under **Image configuration**, choose **Edit**\. + +1. Enter new values for any of the override settings, and then choose **Save**\. -1. Choose **Actions**, **Delete**\. +1. \(Optional\) To add or override environment variables, under **Environment variables**, choose **Edit**\. -1. In the **Delete function** dialog box, choose **Delete**\. + For more information, see [Using AWS Lambda environment variables](configuration-envvars.md)\. -**To delete the log group** +## Updating function code -1. Open the [Log groups page](https://console.aws.amazon.com/cloudwatch/home#logs:) of the CloudWatch console\. +After you deploy a container image to a function, the image is read\-only\. To update the function code, you must first deploy a new image version\. [Create a new image version](images-create.md), and then store the image in the Amazon ECR repository\. + +**To configure the function to use an updated container image** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. -1. Select the function's log group \(`/aws/lambda/my-function`\)\. +1. Choose the function to update\. -1. Choose **Actions**, **Delete log group\(s\)**\. +1. Under **Image**, choose **Deploy new image**\. -1. In the **Delete log group\(s\)** dialog box, choose **Delete**\. +1. Choose **Browse images**\. + +1. In the **Select container image** dialog box, select the Amazon ECR repository from the dropdown list, and then select the new image version\. + +1. Choose **Save**\. + +### Function version $LATEST + +When you publish a function version, the code and most of the configuration settings are locked to maintain a consistent experience for users of that version\. You can change the code and many configuration settings only on the unpublished version of the function\. By default, the console displays configuration information for the unpublished version of the function\. To view the versions of a function, choose **Qualifiers**\. The unpublished version is named **$LATEST**\. + +Note that Amazon Elastic Container Registry \(Amazon ECR\) also uses a *latest* tag to denote the latest version of the container image\. Be careful not to confuse this tag with the **$LATEST** function version\. + +For more information about managing versions, see [Lambda function versions](configuration-versions.md)\. + +## Using the Lambda API + +To manage functions defined as container images, use the following API operations: ++ [CreateFunction](API_CreateFunction.md) ++ [UpdateFunctionCode](API_UpdateFunctionCode.md) ++ [UpdateFunctionConfiguration](API_UpdateFunctionConfiguration.md) + +To create a function defined as container image, use the `create-function` command\. Set the `package-type` to `Image` and specify your container image URI using the `code` parameter\. + +When you create the function, you can specify the instruction set architecture\. The default architecture is `x86-64`\. Make sure that the code in your container image is compatible with the architecture\. + + You can create the function from the same account as the container registry or from a different account in the same region as the container registry in Amazon ECR\. For cross\-account access, adjust the [Amazon ECR permissions](#configuration-images-xaccount-permissions) for the image\. + +``` +aws lambda create-function --region sa-east-1 --function-name my-function \ + --package-type Image \ + --code ImageUri= \ + --role arn:aws:iam::123456789012:role/lambda-ex +``` + +To update the function code, use the `update-function-code` command\. Specify the container image location using the `image-uri` parameter\. + +**Note** +You cannot change the `package-type` of a function\. + +``` +aws lambda update-function-code --region sa-east-1 --function-name my-function \ + --image-uri \ +``` + +To update the function parameters, use the `update-function-configuration` operation\. Specify `EntryPoint` and `Command` as arrays of strings, and `WorkingDirectory` as a string\. + +``` +aws lambda update-function-configuration --function-name my-function \ +--image-config '{"EntryPoint": ["/usr/bin/npx", "aws-lambda-ric"], \ + "Command": ["app.handler"] , \ + "WorkingDirectory": "/var/task"}' +``` -**To delete the execution role** +## AWS CloudFormation -1. Open the [Roles page](https://console.aws.amazon.com/iam/home?#/roles) of the IAM console\. +You can use AWS CloudFormation to create Lambda functions defined as container images\. In your AWS CloudFormation template, the `AWS::Lambda::Function` resource specifies the Lambda function\. For descriptions of the properties in the `AWS::Lambda::Function` resource, see [AWS::Lambda::Function](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html) in the *AWS CloudFormation User Guide*\. -1. Select the function's role \(`my-function-role-31exxmpl`\)\. +In the `AWS::Lambda::Function` resource, set the following properties to create a function defined as a container image: ++ AWS::Lambda::Function + + PackageType – Set to `Image`\. + + Code – Enter your container image URI in the `ImageUri` field\. + + ImageConfig – \(Optional\) Override the container image configuration properties\. -1. Choose **Delete role**\. +The `ImageConfig` property in `AWS::Lambda::Function` contains the following fields: ++ Command – Specifies parameters that you want to pass in with `EntryPoint`\. ++ EntryPoint – Specifies the entry point to the application\. ++ WorkingDirectory – Specifies the working directory\. -1. In the **Delete role** dialog box, choose **Yes, delete**\. +**Note** +If you declare an `ImageConfig` property in your AWS CloudFormation template, you must provide values for all three of the `ImageConfig` properties\. -You can automate the creation and cleanup of functions, log groups, and roles with AWS CloudFormation and the AWS CLI\. For fully functional sample applications, see [Lambda sample applications](lambda-samples.md)\. \ No newline at end of file +For more information, see [ImageConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html#cfn-lambda-function-imageconfig) in the *AWS CloudFormation User Guide*\. \ No newline at end of file diff --git a/doc_source/gettingstarted-limits.md b/doc_source/gettingstarted-limits.md old mode 100755 new mode 100644 index ac8debc9..caf5bc95 --- a/doc_source/gettingstarted-limits.md +++ b/doc_source/gettingstarted-limits.md @@ -1,12 +1,12 @@ # Lambda quotas +**Important** +New AWS accounts have reduced concurrency and memory quotas\. AWS raises these quotas automatically based on your usage\. You can also [request a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html)\. + ## Compute and storage Lambda sets quotas for the amount of compute and storage resources that you can use to run and store functions\. The following quotas apply per AWS Region and can be increased\. For more information, see [Requesting a quota increase](https://docs.aws.amazon.com/servicequotas/latest/userguide/request-quota-increase.html) in the *Service Quotas User Guide*\. -**Note** -A few new AWS accounts might start out with limits that are lower than these defaults\. AWS monitors usage and raises your limits automatically based on your usage\. - | Resource | Default quota | Can be increased up to | | --- | --- | --- | @@ -35,9 +35,9 @@ The Lambda documentation, log messages, and console use the abbreviation MB \(ra | Function [burst concurrency](invocation-scaling.md) | 500 \- 3000 \(varies per Region\) | | [Invocation payload](lambda-invocation.md) \(request and response\) | 6 MB \(synchronous\) 256 KB \(asynchronous\) | | [Deployment package \(\.zip file archive\)](gettingstarted-package.md) size | 50 MB \(zipped, for direct upload\) 250 MB \(unzipped\) This quota applies to all the files you upload, including layers and custom runtimes\. 3 MB \(console editor\) | -| [Container image](lambda-images.md) code package size | 10 GB | +| [Container image](images-create.md) code package size | 10 GB | | Test events \(console editor\) | 10 | -| `/tmp` directory storage | 512 MB | +| `/tmp` directory storage | 512 MB to 10,240 MB, in 1\-MB increments\. | | File descriptors | 1,024 | | Execution processes/threads | 1,024 | diff --git a/doc_source/gettingstarted-package.md b/doc_source/gettingstarted-package.md old mode 100755 new mode 100644 index 73502536..f2d19702 --- a/doc_source/gettingstarted-package.md +++ b/doc_source/gettingstarted-package.md @@ -16,7 +16,7 @@ Lambda provides a set of open\-source base images that you can use to build your You upload your container images to Amazon Elastic Container Registry \(Amazon ECR\), a managed AWS container image registry service\. To deploy the image to your function, you specify the Amazon ECR image URL using the Lambda console, the Lambda API, command line tools, or the AWS SDKs\. -For more information about Lambda container images, see [Using container images with Lambda](lambda-images.md)\. +For more information about Lambda container images, see [Creating Lambda container images](images-create.md)\. ## \.zip file archives diff --git a/doc_source/glossary.md b/doc_source/glossary.md old mode 100755 new mode 100644 diff --git a/doc_source/go-image.md b/doc_source/go-image.md old mode 100755 new mode 100644 index 5e2efbb7..2299c69a --- a/doc_source/go-image.md +++ b/doc_source/go-image.md @@ -4,8 +4,6 @@ You can deploy your Lambda function code as a [container image](images-create.md + AWS base images for Lambda These base images are preloaded with a language runtime and other components that are required to run the image on Lambda\. AWS provides a Dockerfile for each of the base images to help with building your container image\. - - AWS provides base images for the x86\_64 architecture for all supported \.NET runtimes, and for the arm64 architecture for the \.NET Core 3\.1 and \.NET 6\.0 runtimes\. + Open\-source runtime interface clients \(RIC\) If you use a community or private enterprise base image, you must add a [Runtime interface client](runtimes-images.md#runtimes-api-client) to the base image to make it compatible with Lambda\. @@ -17,9 +15,9 @@ The workflow for a function defined as a container image includes these steps: 1. Build your container image using the resources listed in this topic\. -1. Upload the image to your Amazon ECR container registry\. See steps 7\-9 in [Create image](images-create.md#images-create-from-base)\. +1. Upload the image to your [Amazon ECR container registry](images-create.md#images-upload)\. -1. [Create](configuration-images.md#configuration-images-create) the Lambda function or [update the function code](configuration-images.md#configuration-images-update) to deploy the image to an existing function\. +1. [Create](gettingstarted-images.md#configuration-images-create) the Lambda function or [update the function code](gettingstarted-images.md#configuration-images-update) to deploy the image to an existing function\. **Topics** + [AWS base images for Go](#go-image-base) @@ -38,9 +36,7 @@ AWS provides the following base image for Go: | --- | --- | --- | --- | | 1 | Go 1\.x | Amazon Linux 2018\.03 | [Dockerfile for Go 1\.x on GitHub](https://github.com/aws/aws-lambda-base-images/blob/go1.x/Dockerfile.go1.x) | -Docker Hub repository: amazon/aws\-lambda\-go - -Amazon ECR repository: gallery\.ecr\.aws/lambda/go +Amazon ECR repository: [gallery\.ecr\.aws/lambda/go](https://gallery.ecr.aws/lambda/go) ## Go runtime interface clients @@ -48,9 +44,7 @@ AWS does not provide a separate runtime interface client for Go\. The `aws-lambd ## Using the Go:1\.x base image -For instructions on how to use the base image for Go:1\.x, choose the **usage** tab on [Lambda base images for Go](https://gallery.ecr.aws/lambda/go) in the *Amazon ECR repository*\. - -The instructions are also available on [Lambda base images for Go](https://hub.docker.com/r/amazon/aws-lambda-go) in the *Docker Hub repository*\. +For instructions on how to use the base image for Go:1\.x, choose the **usage** tab on [Lambda base images for Go](https://gallery.ecr.aws/lambda/go) in the *Amazon ECR repository*\. ## Create a Go image from the `provided.al2` base image @@ -112,7 +106,7 @@ Note that the first three steps are identical whether you deploy your function a docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/hello-world:latest ``` -Now that your container image resides in the Amazon ECR container registry, you can [create](configuration-images.md) the Lambda function and deploy the image\. +Now that your container image resides in the Amazon ECR container registry, you can [create](gettingstarted-images.md) the Lambda function and deploy the image\. ## Create a Go image from an alternative base image @@ -189,8 +183,8 @@ If you do not want to add the RIE to your image, you can test your image locally This command invokes the function running in the container image and returns a response\. -Now that your container image resides in the Amazon ECR container registry, you can you can [create](configuration-images.md) the Lambda function and deploy the image\. +Now that your container image resides in the Amazon ECR container registry, you can you can [create](gettingstarted-images.md) the Lambda function and deploy the image\. ## Deploy the container image -For a new function, you deploy the Go image when you [create the function](configuration-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](configuration-images.md#configuration-images-update)\. \ No newline at end of file +For a new function, you deploy the Go image when you [create the function](gettingstarted-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](gettingstarted-images.md#configuration-images-update)\. \ No newline at end of file diff --git a/doc_source/golang-context.md b/doc_source/golang-context.md old mode 100755 new mode 100644 diff --git a/doc_source/golang-envvars.md b/doc_source/golang-envvars.md old mode 100755 new mode 100644 diff --git a/doc_source/golang-exceptions.md b/doc_source/golang-exceptions.md old mode 100755 new mode 100644 diff --git a/doc_source/golang-handler.md b/doc_source/golang-handler.md old mode 100755 new mode 100644 diff --git a/doc_source/golang-logging.md b/doc_source/golang-logging.md old mode 100755 new mode 100644 index ba85177c..c97c8d57 --- a/doc_source/golang-logging.md +++ b/doc_source/golang-logging.md @@ -88,7 +88,7 @@ You can use the Amazon CloudWatch console to view logs for all Lambda function i 1. Choose a log stream\. -Each log stream corresponds to an [instance of your function](runtimes-context.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. +Each log stream corresponds to an [instance of your function](lambda-runtime-environment.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. To use a sample application that correlates logs and traces with X\-Ray, see [Error processor sample application for AWS Lambda](samples-errorprocessor.md)\. @@ -143,7 +143,7 @@ The cli\-binary\-format option is required if you are using AWS CLI version 2\. aws lambda invoke --function-name my-function --cli-binary-format raw-in-base64-out --payload '{"key": "value"}' out sed -i'' -e 's/"//g' out sleep 15 -aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name $(cat out) --limit 5 +aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name stream1 --limit 5 ``` **Example macOS and Linux \(only\)** diff --git a/doc_source/golang-package.md b/doc_source/golang-package.md old mode 100755 new mode 100644 index bca5bf0f..08e32f12 --- a/doc_source/golang-package.md +++ b/doc_source/golang-package.md @@ -149,4 +149,4 @@ Go is implemented differently than other native runtimes\. Lambda treats Go as a cp ./bootstrap $(ARTIFACTS_DIR)/. ``` -For an example application, download [ Go on AL2](https://github.com/aws-samples/sessions-with-aws-sam/tree/master/go-al2)\. The readme file contains the instructions to build and run the application\. You can also view the blog post [ Migrating AWS Lambda functions to Amazon Linux 2](https://github.com/aws-samples/sessions-with-aws-sam/tree/master/go-al2)\. \ No newline at end of file +For an example application, download [ Go on AL2](https://github.com/aws-samples/sessions-with-aws-sam/tree/master/go-al2)\. The readme file contains the instructions to build and run the application\. You can also view the blog post [ Migrating AWS Lambda functions to Amazon Linux 2](https://aws.amazon.com/blogs/compute/migrating-aws-lambda-functions-to-al2/)\. \ No newline at end of file diff --git a/doc_source/golang-tracing.md b/doc_source/golang-tracing.md old mode 100755 new mode 100644 index 1c22aaf7..f0e476b1 --- a/doc_source/golang-tracing.md +++ b/doc_source/golang-tracing.md @@ -23,11 +23,11 @@ To trace requests that don't have a tracing header, enable active tracing in you 1. Choose **Save**\. **Pricing** -X\-Ray has a perpetual free tier\. Beyond the free tier threshold, X\-Ray charges for trace storage and retrieval\. For details, see [AWS X\-Ray pricing](https://aws.amazon.com/xray/pricing/)\. +You can use X\-Ray tracing for free each month up to a certain limit as part of the AWS Free Tier\. Beyond that threshold, X\-Ray charges for trace storage and retrieval\. For more information, see [AWS X\-Ray pricing](http://aws.amazon.com/xray/pricing/)\. Your function needs permission to upload trace data to X\-Ray\. When you enable active tracing in the Lambda console, Lambda adds the required permissions to your function's [execution role](lambda-intro-execution-role.md)\. Otherwise, add the [AWSXRayDaemonWriteAccess](https://console.aws.amazon.com/iam/home#/policies/arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess) policy to the execution role\. -X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rule is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. +X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rate is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. When active tracing is enabled, Lambda records a trace for a subset of invocations\. Lambda records two *segments*, which creates two nodes on the service map\. The first node represents the Lambda service that receives the invocation request\. The second node is recorded by the function's [runtime](gettingstarted-concepts.md#gettingstarted-concepts-runtime)\. @@ -73,7 +73,7 @@ To manage tracing configuration with the AWS CLI or AWS SDK, use the following A + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [CreateFunction](API_CreateFunction.md) -The following example AWS CLI command enables active tracing on a function named my\-function\. +The following example AWS CLI command enables active tracing on a function named **my\-function**\. ``` aws lambda update-function-configuration --function-name my-function \ @@ -84,7 +84,7 @@ Tracing mode is part of the version\-specific configuration that is locked when ## Enabling active tracing with AWS CloudFormation -To enable active tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. +To activate tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. **Example [function\-inline\.yml](https://github.com/awsdocs/aws-lambda-developer-guide/blob/master/templates/function-inline.yml) – Tracing configuration** diff --git a/doc_source/images-create.md b/doc_source/images-create.md old mode 100755 new mode 100644 index 2c5c7ce2..69aac407 --- a/doc_source/images-create.md +++ b/doc_source/images-create.md @@ -1,24 +1,30 @@ # Creating Lambda container images -You can package your Lambda function code and dependencies as a container image, using tools such as the Docker CLI\. You can then upload the image to your container registry hosted on Amazon Elastic Container Registry \(Amazon ECR\)\. - AWS provides a set of open\-source [base images](runtimes-images.md#runtimes-images-lp) that you can use to create your container image\. These base images include a [runtime interface client](runtimes-images.md#runtimes-api-client) to manage the interaction between Lambda and your function code\. -You can also use an alternative base image from another container registry\. Lambda provides open\-source runtime interface clients that you add to an alternative base image to make it compatible with Lambda\. - For example applications, including a Node\.js example and a Python example, see [Container image support for Lambda](http://aws.amazon.com/blogs/aws/new-for-aws-lambda-container-image-support/) on the AWS Blog\. -After you create a container image in the Amazon ECR container registry, you can [create and run](configuration-images.md) the Lambda function\. - **Topics** ++ [Base images for Lambda](runtimes-images.md) ++ [Testing Lambda container images locally](images-test.md) ++ [Prerequisites](#images-reqs) + [Image types](#images-types) + [Container tools](#images-tools) -+ [Lambda requirements for container images](#images-reqs) + [Container image settings](#images-parms) -+ [Create an image from an AWS base image for Lambda](#images-create-from-base) -+ [Create an image from an alternative base image](#images-create-from-alt) ++ [Creating images from AWS base images](#images-create-from-base) ++ [Creating images from alternative base images](#images-create-from-alt) ++ [Upload the image to the Amazon ECR repository](#images-upload) + [Create an image using the AWS SAM toolkit](#images-create-sam) +## Prerequisites + +To deploy a container image to Lambda, you need the [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html) and [Docker CLI](https://docs.docker.com/get-docker)\. Additionally, note the following requirements: ++ The container image must implement the Lambda [Runtime API](runtimes-api.md)\. The AWS open\-source [runtime interface clients](runtimes-images.md#runtimes-api-client) implement the API\. You can add a runtime interface client to your preferred base image to make it compatible with Lambda\. ++ The container image must be able to run on a read\-only file system\. Your function code can access a writable `/tmp` directory with 512 MB of storage\. ++ The default Lambda user must be able to read all the files required to run your function code\. Lambda follows security best practices by defining a default Linux user with least\-privileged permissions\. Verify that your application code does not rely on files that other Linux users are restricted from running\. ++ Lambda supports only Linux\-based container images\. ++ Lambda provides multi\-architecture base images\. However, the image you build for your function must target only one of the architectures\. Lambda does not support functions that use multi\-architecture container images\. + ## Image types You can use an AWS provided base image or an alternative base image, such as Alpine or Debian\. Lambda supports any image that conforms to one of the following image manifest formats: @@ -35,20 +41,6 @@ To create your container image, you can use any development tool that supports o For example, you can use the Docker CLI to build, test, and deploy your container images\. -## Lambda requirements for container images - -To deploy a container image to Lambda, note the following requirements: - -1. The container image must implement the Lambda [Runtime API](runtimes-api.md)\. The AWS open\-source [runtime interface clients](runtimes-images.md#runtimes-api-client) implement the API\. You can add a runtime interface client to your preferred base image to make it compatible with Lambda\. - -1. The container image must be able to run on a read\-only file system\. Your function code can access a writable `/tmp` directory with 512 MB of storage\. - -1. The default Lambda user must be able to read all the files required to run your function code\. Lambda follows security best practices by defining a default Linux user with least\-privileged permissions\. Verify that your application code does not rely on files that other Linux users are restricted from running\. - -1. Lambda supports only Linux\-based container images\. - -1. Lambda provides multi\-architecture base images\. However, the image you build for your function must target only one of the architectures\. Lambda does not support functions that use multi\-architecture container images\. - ## Container image settings Lambda supports the following container image settings in the Dockerfile: @@ -67,7 +59,7 @@ You can specify the container image settings in the Dockerfile when you build yo **Warning** When you specify ENTRYPOINT or CMD in the Dockerfile or as an override, make sure that you enter the absolute path\. Also, do not use symlinks as the entry point to the container\. -## Create an image from an AWS base image for Lambda +## Creating images from AWS base images To build a container image for a new Lambda function, you can start with an AWS base image for Lambda\. Lambda provides two types of base images: + Multi\-architecture base image @@ -77,23 +69,16 @@ To build a container image for a new Lambda function, you can start with an AWS Specify an image tag with an architecture suffix\. For example, specify `3.9-arm64` to choose the arm64 base image for Python 3\.9\. -**Note** -AWS periodically provides updates to the AWS base images for Lambda\. If your Dockerfile includes the image name in the FROM property, your Docker client pulls the latest version of the image from Docker Hub\. To use the updated base image, you must rebuild your container image and [update the function code](configuration-images.md#configuration-images-update)\. - -**Prerequisites** -+ The AWS Command Line Interface \(AWS CLI\) - - The following instructions use the AWS CLI to call AWS service API operations\. To install the AWS CLI, see [Installing, updating, and uninstalling the AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html) in the *AWS Command Line Interface User Guide*\. -+ Docker Desktop +You can also use an [alternative base image from another container registry](#images-create-from-alt)\. Lambda provides open\-source runtime interface clients that you add to an alternative base image to make it compatible with Lambda\. - The following instructions use Docker CLI commands to create the container image\. To install the Docker CLI, see [Get Docker](https://docs.docker.com/get-docker) on the Docker Docs website\. -+ Your function code +**Note** +AWS periodically provides updates to the AWS base images for Lambda\. If your Dockerfile includes the image name in the FROM property, your Docker client pulls the latest version of the image from the Amazon ECR repository\. To use the updated base image, you must rebuild your container image and [update the function code](gettingstarted-images.md#configuration-images-update)\. **To create an image from an AWS base image for Lambda** 1. On your local machine, create a project directory for your new function\. -1. Create a directory named **app** in in the project directory, and then add your function handler code to the app directory\. +1. Create a directory named **app** in the project directory, and then add your function handler code to the app directory\. 1. Use a text editor to create a new Dockerfile\. @@ -110,7 +95,6 @@ AWS periodically provides updates to the AWS base images for Lambda\. If your Do ``` FROM public.ecr.aws/lambda/nodejs:14 - # Alternatively, you can pull the base image from Docker Hub: amazon/aws-lambda-nodejs:12 # Assumes your function is named "app.js", and there is a package.json file in the app directory COPY app.js package.json ${LAMBDA_TASK_ROOT} @@ -183,28 +167,7 @@ AWS periodically provides updates to the AWS base images for Lambda\. If your Do This command invokes the function running in the container image and returns a response\. -1. Authenticate the Docker CLI to your Amazon ECR registry\. - - ``` - aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-east-1.amazonaws.com - ``` - -1. Create a repository in Amazon ECR using the `create-repository` command\. - - ``` - aws ecr create-repository --repository-name hello-world --image-scanning-configuration scanOnPush=true --image-tag-mutability MUTABLE - ``` - -1. Tag your image to match your repository name, and deploy the image to Amazon ECR using the `docker push` command\. - - ``` - docker tag hello-world:latest 123456789012.dkr.ecr.us-east-1.amazonaws.com/hello-world:latest - docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/hello-world:latest - ``` - -Now that your container image resides in the Amazon ECR container registry, you can [create and run](configuration-images.md) the Lambda function\. - -## Create an image from an alternative base image +## Creating images from alternative base images **Prerequisites** + The AWS CLI @@ -278,6 +241,13 @@ Now that your container image resides in the Amazon ECR container registry, you 1. \(Optional\) Test your application locally using the [Runtime interface emulator](images-test.md)\. +## Upload the image to the Amazon ECR repository + +In the following commands, replace `123456789012` with your AWS account ID and set the region value to the region where you want to create the Amazon ECR repository\. + +**Note** +In Amazon ECR, if you reassign the image tag to another image, Lambda does not update the image version\. + 1. Authenticate the Docker CLI to your Amazon ECR registry\. ``` @@ -297,7 +267,7 @@ Now that your container image resides in the Amazon ECR container registry, you docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/hello-world:latest ``` -Now that your container image resides in the Amazon ECR container registry, you can [create and run](configuration-images.md) the Lambda function\. +Now that your container image resides in the Amazon ECR container registry, you can [create and run](gettingstarted-images.md) the Lambda function\. ## Create an image using the AWS SAM toolkit diff --git a/doc_source/images-test.md b/doc_source/images-test.md old mode 100755 new mode 100644 diff --git a/doc_source/index.md b/doc_source/index.md old mode 100755 new mode 100644 index 3c817e0b..f6781c95 --- a/doc_source/index.md +++ b/doc_source/index.md @@ -15,10 +15,8 @@ Amazon's trademarks and trade dress may not be used in ----- ## Contents + [What is AWS Lambda?](welcome.md) -+ [Setting up with Lambda](lambda-settingup.md) ++ [Prerequisites](lambda-settingup.md) + [Getting started with Lambda](getting-started.md) - + [Create a Lambda function with the console](getting-started-create-function.md) - + [Create a function defined as a container image](gettingstarted-images.md) + [AWS Lambda foundations](lambda-foundation.md) + [Lambda concepts](gettingstarted-concepts.md) + [Lambda features](gettingstarted-features.md) @@ -35,10 +33,24 @@ Amazon's trademarks and trade dress may not be used in + [Identity-based IAM policies for Lambda](access-control-identity-based.md) + [Resources and conditions for Lambda actions](lambda-api-permissions-ref.md) + [Using permissions boundaries for AWS Lambda applications](permissions-boundary.md) ++ [Lambda runtimes](lambda-runtimes.md) + + [Modifying the runtime environment](runtimes-modify.md) + + [Custom AWS Lambda runtimes](runtimes-custom.md) + + [Tutorial – Publishing a custom runtime](runtimes-walkthrough.md) + + [Using AVX2 vectorization in Lambda](runtimes-avx2.md) ++ [AWS Lambda execution environment](lambda-runtime-environment.md) + + [Lambda Extensions API](runtimes-extensions-api.md) + + [AWS Lambda runtime API](runtimes-api.md) + + [Lambda Logs API](runtimes-logs-api.md) + + [AWS Lambda extensions partners](extensions-api-partners.md) ++ [Deploying Lambda functions](lambda-deploy-functions.md) + + [Deploying Lambda functions as .zip file archives](configuration-function-zip.md) + + [Deploying Lambda functions as container images](gettingstarted-images.md) ++ [Creating Lambda container images](images-create.md) + + [Base images for Lambda](runtimes-images.md) + + [Testing Lambda container images locally](images-test.md) + [Configuring AWS Lambda functions](lambda-functions.md) - + [Creating Lambda functions defined as .zip file archives](configuration-function-zip.md) + [Creating and sharing Lambda layers](configuration-layers.md) - + [Creating Lambda functions defined as container images](configuration-images.md) + [Configuring Lambda function options](configuration-function-common.md) + [Using AWS Lambda environment variables](configuration-envvars.md) + [Lambda function versions](configuration-versions.md) @@ -60,22 +72,15 @@ Amazon's trademarks and trade dress may not be used in + [Lambda event filtering](invocation-eventfiltering.md) + [Lambda function states](functions-states.md) + [Error handling and automatic retries in AWS Lambda](invocation-retries.md) + + [Testing Lambda functions in the console](testing-functions.md) + [Using Lambda extensions](using-extensions.md) + [Invoking functions defined as container images](invocation-images.md) -+ [Lambda runtimes](lambda-runtimes.md) - + [Runtime support policy](runtime-support-policy.md) - + [AWS Lambda execution environment](runtimes-context.md) - + [Runtime support for Lambda container images](runtimes-images.md) - + [AWS Lambda runtime API](runtimes-api.md) - + [Lambda Extensions API](runtimes-extensions-api.md) - + [Lambda Logs API](runtimes-logs-api.md) - + [Modifying the runtime environment](runtimes-modify.md) - + [Custom AWS Lambda runtimes](runtimes-custom.md) - + [Tutorial – Publishing a custom runtime](runtimes-walkthrough.md) - + [Using AVX2 vectorization in Lambda](runtimes-avx2.md) -+ [Using container images with Lambda](lambda-images.md) - + [Creating Lambda container images](images-create.md) - + [Testing Lambda container images locally](images-test.md) ++ [Lambda function URLs](lambda-urls.md) + + [Creating and managing Lambda function URLs](urls-configuration.md) + + [Security and auth model for Lambda function URLs](urls-auth.md) + + [Invoking Lambda function URLs](urls-invocation.md) + + [Monitoring Lambda function URLs](urls-monitoring.md) + + [Tutorial: Creating a Lambda function with a function URL](urls-tutorial.md) + [Building Lambda functions with Node.js](lambda-nodejs.md) + [AWS Lambda function handler in Node.js](nodejs-handler.md) + [Deploy Node.js Lambda functions with .zip file archives](nodejs-package.md) @@ -84,6 +89,11 @@ Amazon's trademarks and trade dress may not be used in + [AWS Lambda function logging in Node.js](nodejs-logging.md) + [AWS Lambda function errors in Node.js](nodejs-exceptions.md) + [Instrumenting Node.js code in AWS Lambda](nodejs-tracing.md) ++ [Building Lambda functions with TypeScript](lambda-typescript.md) + + [AWS Lambda function handler in TypeScript](typescript-handler.md) + + [Deploy transpiled TypeScript code in Lambda with .zip file archives](typescript-package.md) + + [Deploy transpiled TypeScript code in Lambda with container images](typescript-image.md) + + [AWS Lambda function errors in TypeScript](typescript-exceptions.md) + [Building Lambda functions with Python](lambda-python.md) + [Lambda function handler in Python](python-handler.md) + [Deploy Python Lambda functions with .zip file archives](python-package.md) @@ -107,7 +117,7 @@ Amazon's trademarks and trade dress may not be used in + [AWS Lambda context object in Java](java-context.md) + [AWS Lambda function logging in Java](java-logging.md) + [AWS Lambda function errors in Java](java-exceptions.md) - + [Instrumenting Java code in AWS Lambda](java-tracing.md) + + [Instrumenting Java code in Lambda](java-tracing.md) + [Creating a deployment package using Eclipse](java-package-eclipse.md) + [Java sample applications for AWS Lambda](java-samples.md) + [Building Lambda functions with Go](lambda-golang.md) @@ -247,6 +257,7 @@ Amazon's trademarks and trade dress may not be used in + [CreateCodeSigningConfig](API_CreateCodeSigningConfig.md) + [CreateEventSourceMapping](API_CreateEventSourceMapping.md) + [CreateFunction](API_CreateFunction.md) + + [CreateFunctionUrlConfig](API_CreateFunctionUrlConfig.md) + [DeleteAlias](API_DeleteAlias.md) + [DeleteCodeSigningConfig](API_DeleteCodeSigningConfig.md) + [DeleteEventSourceMapping](API_DeleteEventSourceMapping.md) @@ -254,6 +265,7 @@ Amazon's trademarks and trade dress may not be used in + [DeleteFunctionCodeSigningConfig](API_DeleteFunctionCodeSigningConfig.md) + [DeleteFunctionConcurrency](API_DeleteFunctionConcurrency.md) + [DeleteFunctionEventInvokeConfig](API_DeleteFunctionEventInvokeConfig.md) + + [DeleteFunctionUrlConfig](API_DeleteFunctionUrlConfig.md) + [DeleteLayerVersion](API_DeleteLayerVersion.md) + [DeleteProvisionedConcurrencyConfig](API_DeleteProvisionedConcurrencyConfig.md) + [GetAccountSettings](API_GetAccountSettings.md) @@ -265,6 +277,7 @@ Amazon's trademarks and trade dress may not be used in + [GetFunctionConcurrency](API_GetFunctionConcurrency.md) + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [GetFunctionEventInvokeConfig](API_GetFunctionEventInvokeConfig.md) + + [GetFunctionUrlConfig](API_GetFunctionUrlConfig.md) + [GetLayerVersion](API_GetLayerVersion.md) + [GetLayerVersionByArn](API_GetLayerVersionByArn.md) + [GetLayerVersionPolicy](API_GetLayerVersionPolicy.md) @@ -278,6 +291,7 @@ Amazon's trademarks and trade dress may not be used in + [ListFunctionEventInvokeConfigs](API_ListFunctionEventInvokeConfigs.md) + [ListFunctions](API_ListFunctions.md) + [ListFunctionsByCodeSigningConfig](API_ListFunctionsByCodeSigningConfig.md) + + [ListFunctionUrlConfigs](API_ListFunctionUrlConfigs.md) + [ListLayers](API_ListLayers.md) + [ListLayerVersions](API_ListLayerVersions.md) + [ListProvisionedConcurrencyConfigs](API_ListProvisionedConcurrencyConfigs.md) @@ -299,6 +313,7 @@ Amazon's trademarks and trade dress may not be used in + [UpdateFunctionCode](API_UpdateFunctionCode.md) + [UpdateFunctionConfiguration](API_UpdateFunctionConfiguration.md) + [UpdateFunctionEventInvokeConfig](API_UpdateFunctionEventInvokeConfig.md) + + [UpdateFunctionUrlConfig](API_UpdateFunctionUrlConfig.md) + [Data Types](API_Types.md) + [AccountLimit](API_AccountLimit.md) + [AccountUsage](API_AccountUsage.md) @@ -308,11 +323,13 @@ Amazon's trademarks and trade dress may not be used in + [CodeSigningConfig](API_CodeSigningConfig.md) + [CodeSigningPolicies](API_CodeSigningPolicies.md) + [Concurrency](API_Concurrency.md) + + [Cors](API_Cors.md) + [DeadLetterConfig](API_DeadLetterConfig.md) + [DestinationConfig](API_DestinationConfig.md) + [Environment](API_Environment.md) + [EnvironmentError](API_EnvironmentError.md) + [EnvironmentResponse](API_EnvironmentResponse.md) + + [EphemeralStorage](API_EphemeralStorage.md) + [EventSourceMappingConfiguration](API_EventSourceMappingConfiguration.md) + [FileSystemConfig](API_FileSystemConfig.md) + [Filter](API_Filter.md) @@ -321,6 +338,7 @@ Amazon's trademarks and trade dress may not be used in + [FunctionCodeLocation](API_FunctionCodeLocation.md) + [FunctionConfiguration](API_FunctionConfiguration.md) + [FunctionEventInvokeConfig](API_FunctionEventInvokeConfig.md) + + [FunctionUrlConfig](API_FunctionUrlConfig.md) + [ImageConfig](API_ImageConfig.md) + [ImageConfigError](API_ImageConfigError.md) + [ImageConfigResponse](API_ImageConfigResponse.md) diff --git a/doc_source/invocation-async.md b/doc_source/invocation-async.md old mode 100755 new mode 100644 diff --git a/doc_source/invocation-eventfiltering.md b/doc_source/invocation-eventfiltering.md old mode 100755 new mode 100644 diff --git a/doc_source/invocation-eventsourcemapping.md b/doc_source/invocation-eventsourcemapping.md old mode 100755 new mode 100644 index 60882025..28436d2a --- a/doc_source/invocation-eventsourcemapping.md +++ b/doc_source/invocation-eventsourcemapping.md @@ -22,7 +22,7 @@ To manage an event source with the [AWS Command Line Interface \(AWS CLI\)](http The following example uses the AWS CLI to map a function named `my-function` to a DynamoDB stream that its Amazon Resource Name \(ARN\) specifies, with a batch size of 500\. ``` -aws lambda create-event-source-mapping --function-name my-function --batch-size 500 --starting-position LATEST \ +aws lambda create-event-source-mapping --function-name my-function --batch-size 500 --maximum-batching-window-in-seconds 5 --starting-position LATEST \ --event-source-arn arn:aws:dynamodb:us-east-2:123456789012:table/my-table/stream/2019-06-10T19:26:16.525 ``` @@ -32,7 +32,7 @@ You should see the following output: { "UUID": "14e0db71-5d35-4eb5-b481-8945cf9d10c2", "BatchSize": 500, - "MaximumBatchingWindowInSeconds": 0, + "MaximumBatchingWindowInSeconds": 5, "ParallelizationFactor": 1, "EventSourceArn": "arn:aws:dynamodb:us-east-2:123456789012:table/my-table/stream/2019-06-10T19:26:16.525", "FunctionArn": "arn:aws:lambda:us-east-2:123456789012:function:my-function", diff --git a/doc_source/invocation-images.md b/doc_source/invocation-images.md old mode 100755 new mode 100644 diff --git a/doc_source/invocation-layers.md b/doc_source/invocation-layers.md old mode 100755 new mode 100644 index 4dd05457..de22876f --- a/doc_source/invocation-layers.md +++ b/doc_source/invocation-layers.md @@ -2,7 +2,7 @@ A Lambda layer is a \.zip file archive that can contain additional code or other content\. A layer can contain libraries, a custom runtime, data, or configuration files\. Use layers to reduce deployment package size and to promote code sharing and separation of responsibilities so that you can iterate faster on writing business logic\. -You can use layers only with Lambda functions [deployed as a \.zip file archive](gettingstarted-package.md#gettingstarted-package-zip)\. For a function [defined as a container image](lambda-images.md), you can package your preferred runtime and all code dependencies when you create the container image\. For more information, see [ Working with Lambda layers and extensions in container images](http://aws.amazon.com/blogs/compute/working-with-lambda-layers-and-extensions-in-container-images/) on the AWS Compute Blog\. +You can use layers only with Lambda functions [deployed as a \.zip file archive](gettingstarted-package.md#gettingstarted-package-zip)\. For a function [defined as a container image](images-create.md), you can package your preferred runtime and all code dependencies when you create the container image\. For more information, see [ Working with Lambda layers and extensions in container images](http://aws.amazon.com/blogs/compute/working-with-lambda-layers-and-extensions-in-container-images/) on the AWS Compute Blog\. **Topics** + [Configuring functions to use layers](#invocation-layers-using) @@ -63,19 +63,23 @@ The order in which you add the layers is the order in which Lambda later merges 1. Choose **Save**\. -Layers are versioned, and the content of each layer version is immutable\. The layer owner can release a new layer version to provide updated content\. You can use the console to update your function's layer versions\. +Layers are versioned, and the content of each layer version is immutable\. The layer owner can release a new layer version to provide updated content\. You can use the console to update your functions' layer versions\. **Update layer versions for your function** 1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. -1. Choose the function to configure\. +1. Under **Additional resources**, choose **Layers**\. -1. Under **Layers**, choose **Edit** +1. Choose the layer to modify\. -1. Under **Layer version**, enter the new layer version\. You can change the version for one or more of the listed layers\. +1. Under **Functions using this version**, select the functions you want to modify, then choose **Edit**\. -1. Choose **Save**\. +1. From **Layer version**, select the layer version to change to\. + +1. Choose **Update functions**\. + +You cannot update functions' layer versions across AWS accounts\. ### Configuring layers with the API @@ -84,7 +88,7 @@ To add layers to your function, use the update\-function\-configuration command\ ``` aws lambda update-function-configuration --function-name my-function \ --layers arn:aws:lambda:us-east-2:123456789012:layer:my-layer:3 \ -arn:aws:lambda:us-east-2:210987654321:layer:their-layer:2 +arn:aws:lambda:us-east-2:111122223333:layer:their-layer:2 ``` You should see output similar to the following: @@ -101,7 +105,7 @@ You should see output similar to the following: "CodeSize": 169 }, { - "Arn": "arn:aws:lambda:us-east-2:210987654321:layer:their-layer:2", + "Arn": "arn:aws:lambda:us-east-2:111122223333:layer:their-layer:2", "CodeSize": 169 } ], diff --git a/doc_source/invocation-retries.md b/doc_source/invocation-retries.md old mode 100755 new mode 100644 diff --git a/doc_source/invocation-scaling.md b/doc_source/invocation-scaling.md old mode 100755 new mode 100644 diff --git a/doc_source/invocation-sync.md b/doc_source/invocation-sync.md old mode 100755 new mode 100644 index 08a3ff0d..b7d56c45 --- a/doc_source/invocation-sync.md +++ b/doc_source/invocation-sync.md @@ -3,9 +3,11 @@ When you invoke a function synchronously, Lambda runs the function and waits for a response\. When the function completes, Lambda returns the response from the function's code with additional data, such as the version of the function that was invoked\. To invoke a function synchronously with the AWS CLI, use the `invoke` command\. ``` -aws lambda invoke --function-name my-function --payload '{ "key": "value" }' response.json +aws lambda invoke --function-name my-function --cli-binary-format raw-in-base64-out --payload '{ "key": "value" }' response.json ``` +The cli\-binary\-format option is required if you are using AWS CLI version 2\. You can also configure this option in your [AWS CLI config file](https://docs.aws.amazon.com/cli/latest/userguide/cliv2-migration.html#cliv2-migration-binaryparam)\. + You should see the following output: ``` @@ -29,7 +31,7 @@ For functions with a long timeout, your client might be disconnected during sync If Lambda isn't able to run the function, the error is displayed in the output\. ``` -aws lambda invoke --function-name my-function --payload value response.json +aws lambda invoke --function-name my-function --cli-binary-format raw-in-base64-out --payload value response.json ``` You should see the following output: diff --git a/doc_source/java-context.md b/doc_source/java-context.md old mode 100755 new mode 100644 diff --git a/doc_source/java-exceptions.md b/doc_source/java-exceptions.md old mode 100755 new mode 100644 index 58fb0f89..a8335733 --- a/doc_source/java-exceptions.md +++ b/doc_source/java-exceptions.md @@ -200,7 +200,7 @@ We recommend using AWS X\-Ray to determine the source of an error and its cause\ ![\[\]](http://docs.aws.amazon.com/lambda/latest/dg/images/tracemap-apig-502.png) -For more information, see [Instrumenting Java code in AWS Lambda](java-tracing.md)\. +For more information, see [Instrumenting Java code in Lambda](java-tracing.md)\. ## Sample applications diff --git a/doc_source/java-handler.md b/doc_source/java-handler.md old mode 100755 new mode 100644 diff --git a/doc_source/java-image.md b/doc_source/java-image.md old mode 100755 new mode 100644 index 0e5bc56e..96b496c6 --- a/doc_source/java-image.md +++ b/doc_source/java-image.md @@ -4,8 +4,6 @@ You can deploy your Lambda function code as a [container image](images-create.md + AWS base images for Lambda These base images are preloaded with a language runtime and other components that are required to run the image on Lambda\. AWS provides a Dockerfile for each of the base images to help with building your container image\. - - AWS provides base images for the x86\_64 architecture for all supported \.NET runtimes, and for the arm64 architecture for the \.NET Core 3\.1 and \.NET 6\.0 runtimes\. + Open\-source runtime interface clients \(RIC\) If you use a community or private enterprise base image, you must add a [Runtime interface client](runtimes-images.md#runtimes-api-client) to the base image to make it compatible with Lambda\. @@ -17,9 +15,9 @@ The workflow for a function defined as a container image includes these steps: 1. Build your container image using the resources listed in this topic\. -1. Upload the image to your Amazon ECR container registry\. See steps 7\-9 in [Create image](images-create.md#images-create-from-base)\. +1. Upload the image to your [Amazon ECR container registry](images-create.md#images-upload)\. -1. [Create](configuration-images.md#configuration-images-create) the Lambda function or [update the function code](configuration-images.md#configuration-images-update) to deploy the image to an existing function\. +1. [Create](gettingstarted-images.md#configuration-images-create) the Lambda function or [update the function code](gettingstarted-images.md#configuration-images-update) to deploy the image to an existing function\. **Topics** + [AWS base images for Java](#java-image-base) @@ -38,16 +36,12 @@ AWS provides the following base images for Java: | 8\.al2 | Java 8 \(Corretto\) | Amazon Linux 2 | [Dockerfile for Java 8\.al2 on GitHub](https://github.com/aws/aws-lambda-base-images/blob/java8.al2/Dockerfile.java8.al2) | | 8 | Java 8 \(OpenJDK\) | Amazon Linux 2018\.03 | [Dockerfile for Java 8 on GitHub](https://github.com/aws/aws-lambda-base-images/blob/java8/Dockerfile.java8) | -Docker Hub repository: amazon/aws\-lambda\-java - -Amazon ECR repository: gallery\.ecr\.aws/lambda/java +Amazon ECR repository: [gallery\.ecr\.aws/lambda/java](https://gallery.ecr.aws/lambda/java) ## Using a Java base image For instructions on how to use a Java base image, choose the **usage** tab on [Lambda base images for Java](https://gallery.ecr.aws/lambda/java) in the *Amazon ECR repository*\. -The instructions are also available on [Lambda base images for Java](https://hub.docker.com/r/amazon/aws-lambda-java) in the *Docker Hub repository*\. - ## Java runtime interface clients Install the runtime interface client for Java using the Apache Maven package manager\. Add the following to your `pom.xml` file: @@ -64,8 +58,8 @@ For package details, see [Lambda RIC](https://search.maven.org/artifact/com.amaz You can also view the Java client source code in the [AWS Lambda Java Support Libraries](https://github.com/aws/aws-lambda-java-libs) repository on GitHub\. -After your container image resides in the Amazon ECR container registry, you can [create and run](configuration-images.md) the Lambda function\. +After your container image resides in the Amazon ECR container registry, you can [create and run](gettingstarted-images.md) the Lambda function\. ## Deploy the container image -For a new function, you deploy the Java image when you [create the function](configuration-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](configuration-images.md#configuration-images-update)\. \ No newline at end of file +For a new function, you deploy the Java image when you [create the function](gettingstarted-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](gettingstarted-images.md#configuration-images-update)\. \ No newline at end of file diff --git a/doc_source/java-logging.md b/doc_source/java-logging.md old mode 100755 new mode 100644 index e9ebaa81..67eee3ae --- a/doc_source/java-logging.md +++ b/doc_source/java-logging.md @@ -102,7 +102,7 @@ You can use the Amazon CloudWatch console to view logs for all Lambda function i 1. Choose a log stream\. -Each log stream corresponds to an [instance of your function](runtimes-context.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. +Each log stream corresponds to an [instance of your function](lambda-runtime-environment.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. To use a sample application that correlates logs and traces with X\-Ray, see [Error processor sample application for AWS Lambda](samples-errorprocessor.md)\. @@ -157,7 +157,7 @@ The cli\-binary\-format option is required if you are using AWS CLI version 2\. aws lambda invoke --function-name my-function --cli-binary-format raw-in-base64-out --payload '{"key": "value"}' out sed -i'' -e 's/"//g' out sleep 15 -aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name $(cat out) --limit 5 +aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name stream1 --limit 5 ``` **Example macOS and Linux \(only\)** @@ -315,9 +315,9 @@ dependencies { implementation 'com.amazonaws:aws-lambda-java-core:1.2.1' implementation 'com.amazonaws:aws-lambda-java-events:3.11.0' implementation 'com.google.code.gson:gson:2.8.6' - implementation 'org.apache.logging.log4j:log4j-api:2.17.0' - implementation 'org.apache.logging.log4j:log4j-core:2.17.0' - runtimeOnly 'org.apache.logging.log4j:log4j-slf4j18-impl:2.17.0' + implementation 'org.apache.logging.log4j:log4j-api:2.17.1' + implementation 'org.apache.logging.log4j:log4j-core:2.17.1' + runtimeOnly 'org.apache.logging.log4j:log4j-slf4j18-impl:2.17.1' runtimeOnly 'com.amazonaws:aws-lambda-java-log4j2:1.5.1' testImplementation 'org.junit.jupiter:junit-jupiter-api:5.6.0' testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.6.0' diff --git a/doc_source/java-package-eclipse.md b/doc_source/java-package-eclipse.md old mode 100755 new mode 100644 diff --git a/doc_source/java-package.md b/doc_source/java-package.md old mode 100755 new mode 100644 index 7f3c20f0..87002652 --- a/doc_source/java-package.md +++ b/doc_source/java-package.md @@ -112,9 +112,9 @@ dependencies { implementation 'com.amazonaws:aws-lambda-java-core:1.2.1' implementation 'com.amazonaws:aws-lambda-java-events:3.11.0' implementation 'com.google.code.gson:gson:2.8.6' - implementation 'org.apache.logging.log4j:log4j-api:2.13.0' - implementation 'org.apache.logging.log4j:log4j-core:2.13.0' - runtimeOnly 'org.apache.logging.log4j:log4j-slf4j18-impl:2.13.0' + implementation 'org.apache.logging.log4j:log4j-api:2.17.1' + implementation 'org.apache.logging.log4j:log4j-core:2.17.1' + runtimeOnly 'org.apache.logging.log4j:log4j-slf4j18-impl:2.17.1' runtimeOnly 'com.amazonaws:aws-lambda-java-log4j2:1.5.1' testImplementation 'org.junit.jupiter:junit-jupiter-api:5.6.0' testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.6.0' diff --git a/doc_source/java-samples.md b/doc_source/java-samples.md old mode 100755 new mode 100644 diff --git a/doc_source/java-tracing.md b/doc_source/java-tracing.md old mode 100755 new mode 100644 index 1087a16c..54c41f2a --- a/doc_source/java-tracing.md +++ b/doc_source/java-tracing.md @@ -1,39 +1,35 @@ -# Instrumenting Java code in AWS Lambda +# Instrumenting Java code in Lambda -Lambda integrates with AWS X\-Ray to enable you to trace, debug, and optimize Lambda applications\. You can use X\-Ray to trace a request as it traverses resources in your application, from the frontend API to storage and database on the backend\. By simply adding the X\-Ray SDK library to your build configuration, you can record errors and latency for any call that your function makes to an AWS service\. +Lambda integrates with AWS X\-Ray to help you trace, debug, and optimize Lambda applications\. You can use X\-Ray to trace a request as it traverses resources in your application, which may include Lambda functions and other AWS services\. -The X\-Ray *service map* shows the flow of requests through your application\. The following example from the [error processor](samples-errorprocessor.md) sample application shows an application with two functions\. The primary function processes events and sometimes returns errors\. The second function processes errors that appear in the first's log group and uses the AWS SDK to call X\-Ray, Amazon S3 and Amazon CloudWatch Logs\. +To send tracing data to X\-Ray, you can use one of two SDK libraries: ++ [AWS Distro for OpenTelemetry \(ADOT\)](http://aws.amazon.com/otel) – A secure, production\-ready, AWS\-supported distribution of the OpenTelemetry \(OTel\) SDK\. ++ [AWS X\-Ray SDK for Java](https://docs.aws.amazon.com/xray/latest/devguide/xray-sdk-java.html) – A collection of libraries for generating and sending trace data to X\-Ray\. -![\[Image NOT FOUND\]](http://docs.aws.amazon.com/lambda/latest/dg/images/sample-errorprocessor-servicemap.png) +Both ADOT and the X\-Ray SDK offer ways to send your telemetry data to the X\-Ray service\. You can then use X\-Ray to view, filter, and gain insights into your application's performance metrics to identify issues and opportunities for optimization\. -To trace requests that don't have a tracing header, enable active tracing in your function's configuration\. +**Important** +**ADOT is the preferred method for instrumenting your Lambda functions**\. We recommend using ADOT for all new applications\. -**To enable active tracing** - -1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. - -1. Choose a function\. - -1. Choose **Configuration** and then choose **Monitoring tools**\. - -1. Choose **Edit**\. - -1. Under **X\-Ray**, enable **Active tracing**\. - -1. Choose **Save**\. - -**Pricing** -X\-Ray has a perpetual free tier\. Beyond the free tier threshold, X\-Ray charges for trace storage and retrieval\. For details, see [AWS X\-Ray pricing](https://aws.amazon.com/xray/pricing/)\. +**Topics** ++ [Using ADOT to instrument your Java functions](#java-adot) ++ [Using the X\-Ray SDK to instrument your Java functions](#java-xray-sdk) ++ [Activating tracing with the Lambda API](#java-tracing-api) ++ [Activating tracing with AWS CloudFormation](#java-tracing-cloudformation) ++ [Storing runtime dependencies in a layer \(X\-Ray SDK\)](#java-tracing-layers) ++ [X\-Ray tracing in sample applications \(X\-Ray SDK\)](#java-tracing-samples) -Your function needs permission to upload trace data to X\-Ray\. When you enable active tracing in the Lambda console, Lambda adds the required permissions to your function's [execution role](lambda-intro-execution-role.md)\. Otherwise, add the [AWSXRayDaemonWriteAccess](https://console.aws.amazon.com/iam/home#/policies/arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess) policy to the execution role\. +## Using ADOT to instrument your Java functions -X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rule is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. +ADOT provides fully managed Lambda [layers](gettingstarted-concepts.md#gettingstarted-concepts-layer) that package everything you need to collect telemetry data using the OTel SDK\. By consuming this layer, you can instrument your Lambda functions without having to modify any function code\. You can also configure your layer to do custom initialization of OTel\. For more information, see [Custom configuration for the ADOT Collector on Lambda](https://aws-otel.github.io/docs/getting-started/lambda#custom-configuration-for-the-adot-collector-on-lambda) in the ADOT documentation\. -When active tracing is enabled, Lambda records a trace for a subset of invocations\. Lambda records two *segments*, which creates two nodes on the service map\. The first node represents the Lambda service that receives the invocation request\. The second node is recorded by the function's [runtime](gettingstarted-concepts.md#gettingstarted-concepts-runtime)\. +For Java runtimes, you can choose between two layers to consume: ++ **AWS managed Lambda layer for ADOT Java \(Auto\-instrumentation Agent\)** – This layer automatically transforms your function code at startup to collect tracing data\. For detailed instructions on how to consume this layer together with the ADOT Java agent, see [AWS Distro for OpenTelemetry Lambda Support for Java \(Auto\-instrumentation Agent\)](https://aws-otel.github.io/docs/getting-started/lambda/lambda-java-auto-instr) in the ADOT documentation\. ++ **AWS managed Lambda layer for ADOT Java** – This layer also provides built\-in instrumentation for Lambda functions, but it requires a few manual code changes to initialize the OTel SDK\. For detailed instructions on how to consume this layer, see [AWS Distro for OpenTelemetry Lambda Support for Java](https://aws-otel.github.io/docs/getting-started/lambda/lambda-java) in the ADOT documentation\. -![\[\]](http://docs.aws.amazon.com/lambda/latest/dg/images/xray-servicemap-function.png) +## Using the X\-Ray SDK to instrument your Java functions -To record detail about calls that your function makes to other resources and services, add the X\-Ray SDK for Java to your build configuration\. The following example shows a Gradle build configuration that includes the libraries that enable automatic instrumentation of AWS SDK for Java 2\.x clients\. +To record data about calls that your function makes to other resources and services in your application, you can add the X\-Ray SDK for Java to your build configuration\. The following example shows a Gradle build configuration that includes the libraries that activate automatic instrumentation of AWS SDK for Java 2\.x clients\. **Example [build\.gradle](https://github.com/awsdocs/aws-lambda-developer-guide/tree/main/sample-apps/blank-java/build.gradle) – Tracing dependencies** @@ -50,31 +46,56 @@ dependencies { } ``` -The following example shows a trace with 2 segments\. Both are named **my\-function**, but one is type `AWS::Lambda` and the other is `AWS::Lambda::Function`\. The function segment is expanded to show its subsegments\. +After you add the correct dependencies, activate tracing in your function's configuration: -![\[Image NOT FOUND\]](http://docs.aws.amazon.com/lambda/latest/dg/images/nodejs-xray-timeline.png) +**To turn on active tracing** -The first segment represents the invocation request processed by the Lambda service\. The second segment records the work done by your function\. The function segment has 3 subsegments\. -+ **Initialization** – Represents time spent loading your function and running [initialization code](foundation-progmodel.md)\. This subsegment only appears for the first event processed by each instance of your function\. -+ **Invocation** – Represents the work done by your handler code\. By instrumenting your code, you can extend this subsegment with additional subsegments\. -+ **Overhead** – Represents the work done by the Lambda runtime to prepare to handle the next event\. +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose a function\. -You can also instrument HTTP clients, record SQL queries, and create custom subsegments with annotations and metadata\. For more information, see [AWS X\-Ray SDK for Java ](https://docs.aws.amazon.com/xray/latest/devguide/xray-sdk-java.html) in the AWS X\-Ray Developer Guide\. +1. Choose **Configuration**, and then choose **Monitoring and operations tools**\. -**Topics** -+ [Enabling active tracing with the Lambda API](#java-tracing-api) -+ [Enabling active tracing with AWS CloudFormation](#java-tracing-cloudformation) -+ [Storing runtime dependencies in a layer](#java-tracing-layers) -+ [Tracing in sample applications](#java-tracing-samples) +1. Choose **Edit**\. + +1. Under **AWS X\-Ray**, turn on **Active tracing**\. + +1. Choose **Save**\. + +**Pricing** +You can use X\-Ray tracing for free each month up to a certain limit as part of the AWS Free Tier\. Beyond that threshold, X\-Ray charges for trace storage and retrieval\. For more information, see [AWS X\-Ray pricing](http://aws.amazon.com/xray/pricing/)\. + +Your function needs permissions to upload trace data to X\-Ray\. When you turn on active tracing in the Lambda console, Lambda adds the required permissions to your function's [execution role](lambda-intro-execution-role.md)\. You can also manually add the AWS Identity and Access Management \(IAM\) policy [AWSXRayDaemonWriteAccess](https://console.aws.amazon.com/iam/home#policies/arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess) to your execution role\. + +After you've configured active tracing, you can observe specific requests through your application\. The [X\-Ray service graph](https://docs.aws.amazon.com/xray/latest/devguide/xray-concepts.html#xray-concepts-servicegraph) shows information about your application and all its components\. The following example from the [error processor sample application](samples-errorprocessor.md) shows an application with two Lambda functions\. The primary function processes events and sometimes returns errors\. The second function at the top processes errors that appear in the first function's log group and uses the AWS SDK to call X\-Ray, Amazon Simple Storage Service \(Amazon S3\), and Amazon CloudWatch Logs\. + +![\[\]](http://docs.aws.amazon.com/lambda/latest/dg/images/sample-errorprocessor-servicemap.png) + +X\-Ray may not trace all requests to your application\. X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of all requests\. The default sample rule is one request per second and five percent of additional requests\. You cannot configure this sampling rate for your functions\. + +For each trace, Lambda records two segments, which creates two nodes on the service graph\. The following image highlights the primary function from the error processor example\. + +![\[\]](http://docs.aws.amazon.com/lambda/latest/dg/images/xray-servicemap-function.png) + +The first node on the left represents the Lambda service, which receives the invocation request\. The second node on the right records the work of your function\. The following example shows a trace with these two segments\. Both are named **my\-function**, but one is type `AWS::Lambda` and the other is `AWS::Lambda::Function`\. + +![\[\]](http://docs.aws.amazon.com/lambda/latest/dg/images/nodejs-xray-timeline.png) + +This example expands the function segment to show its three subsegments: ++ **Initialization** – Represents time spent loading your function and running [initialization code](foundation-progmodel.md)\. This subsegment appears only for the first event that each instance of your function processes\. ++ **Invocation** – Represents the work that your handler code does\. ++ **Overhead** – Represents the work that the Lambda runtime does to prepare to handle the next event\. + +You can also instrument HTTP clients, record SQL queries, and create custom subsegments with annotations and metadata\. For more information, see [AWS X\-Ray SDK for Java](https://docs.aws.amazon.com/xray/latest/devguide/xray-sdk-java.html) in the *AWS X\-Ray Developer Guide*\. -## Enabling active tracing with the Lambda API +## Activating tracing with the Lambda API To manage tracing configuration with the AWS CLI or AWS SDK, use the following API operations: + [UpdateFunctionConfiguration](API_UpdateFunctionConfiguration.md) + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [CreateFunction](API_CreateFunction.md) -The following example AWS CLI command enables active tracing on a function named my\-function\. +The following example AWS CLI command enables active tracing on a function named **my\-function**\. ``` aws lambda update-function-configuration --function-name my-function \ @@ -83,9 +104,9 @@ aws lambda update-function-configuration --function-name my-function \ Tracing mode is part of the version\-specific configuration that is locked when you publish a version of your function\. You can't change the tracing mode on a published version\. -## Enabling active tracing with AWS CloudFormation +## Activating tracing with AWS CloudFormation -To enable active tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. +To activate tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. **Example [function\-inline\.yml](https://github.com/awsdocs/aws-lambda-developer-guide/blob/master/templates/function-inline.yml) – Tracing configuration** @@ -112,11 +133,11 @@ Resources: ... ``` -## Storing runtime dependencies in a layer +## Storing runtime dependencies in a layer \(X\-Ray SDK\) -If you use the X\-Ray SDK to instrument AWS SDK clients your function code, your deployment package can become quite large\. To avoid uploading runtime dependencies every time you update your functions code, package them in a [Lambda layer](configuration-layers.md)\. +If you use the X\-Ray SDK to instrument AWS SDK clients in your function code, your deployment package can become quite large\. To avoid uploading runtime dependencies every time that you update your function code, package them in a Lambda layer\. -The following example shows an `AWS::Serverless::LayerVersion` resource that stores the SDK for Java and X\-Ray SDK for Java\. +The following example shows an `AWS::Serverless::LayerVersion` resource that stores the AWS SDK for Java and X\-Ray SDK for Java\. **Example [template\.yml](https://github.com/awsdocs/aws-lambda-developer-guide/tree/main/sample-apps/blank-java/template.yml) – Dependencies layer** @@ -140,13 +161,13 @@ Resources: - java8 ``` -With this configuration, you only update library layer if you change your runtime dependencies\. The function deployment package only contains your code\. When you update your function code, upload time is much faster than if you include dependencies in the deployment package\. +With this configuration, you update the library layer only if you change your runtime dependencies\. The function deployment package contains only your code\. When you update your function code, upload time is much faster than if you include dependencies in the deployment package\. -Creating a layer for dependencies requires build configuration changes to generate the layer archive prior to deployment\. For a working example, see the [java\-basic](https://github.com/awsdocs/aws-lambda-developer-guide/tree/main/sample-apps/java-basic) sample application\. +Creating a layer for dependencies requires build configuration changes to generate the layer archive prior to deployment\. For a working example, see the [java\-basic](https://github.com/awsdocs/aws-lambda-developer-guide/tree/main/sample-apps/java-basic) sample application on GitHub\. -## Tracing in sample applications +## X\-Ray tracing in sample applications \(X\-Ray SDK\) -The GitHub repository for this guide includes sample applications that demonstrate the use of tracing\. Each sample application includes scripts for easy deployment and cleanup, an AWS SAM template, and supporting resources\. +The GitHub repository for this guide includes sample applications that demonstrate the use of X\-Ray tracing\. Each sample application includes scripts for easy deployment and cleanup, an AWS SAM template, and supporting resources\. **Sample Lambda applications in Java** + [blank\-java](https://github.com/awsdocs/aws-lambda-developer-guide/tree/main/sample-apps/blank-java) – A Java function that shows the use of Lambda's Java libraries, logging, environment variables, layers, AWS X\-Ray tracing, unit tests, and the AWS SDK\. @@ -158,4 +179,4 @@ All of the sample applications have active tracing enabled for Lambda functions\ ![\[\]](http://docs.aws.amazon.com/lambda/latest/dg/images/blank-java-servicemap.png) -This example from the `blank-java` sample application shows nodes for the Lambda service, a function, and the Lambda API\. The function calls the Lambda API to monitor storage use in Lambda\. \ No newline at end of file +This example from the `blank-java` sample application shows nodes for the Lambda service, a function, and the Lambda API\. The function calls the Lambda API to monitor storage usage in Lambda\. \ No newline at end of file diff --git a/doc_source/kinesis-tutorial-spec.md b/doc_source/kinesis-tutorial-spec.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-api-permissions-ref.md b/doc_source/lambda-api-permissions-ref.md old mode 100755 new mode 100644 index 5b7f022f..8df8a3bc --- a/doc_source/lambda-api-permissions-ref.md +++ b/doc_source/lambda-api-permissions-ref.md @@ -36,6 +36,15 @@ For example, the following policy allows a user in account `123456789012` to inv This is a special case where the action identifier \(`lambda:InvokeFunction`\) differs from the API operation \([Invoke](API_Invoke.md)\)\. For other actions, the action identifier is the operation name prefixed by `lambda:`\. +**Topics** ++ [Policy conditions](#authorization-conditions) ++ [Function resource names](#function-resources) ++ [Function actions](#permissions-resources-function) ++ [Event source mapping actions](#permissions-resources-eventsource) ++ [Layer actions](#permissions-resources-layers) + +## Policy conditions + Conditions are an optional policy element that applies additional logic to determine if an action is allowed\. In addition to [common conditions](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html) supported by all actions, Lambda defines condition types that you can use to restrict the values of additional parameters on some actions\. For example, the `lambda:Principal` condition lets you restrict the service or account that a user can grant invocation access to on a function's resource\-based policy\. The following policy lets a user grant permission to SNS topics to invoke a function named `test`\. @@ -68,12 +77,6 @@ The condition requires that the principal is Amazon SNS and not another service For more information on resources and conditions for Lambda and other AWS services, see [Actions, resources, and condition keys](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_actions-resources-contextkeys.html) in the *IAM User Guide*\. -**Topics** -+ [Function resource names](#function-resources) -+ [Function actions](#permissions-resources-function) -+ [Event source mapping actions](#permissions-resources-eventsource) -+ [Layer actions](#permissions-resources-layers) - ## Function resource names You reference a Lambda function in a policy statement using an Amazon Resource Name \(ARN\)\. The format of a function ARN depends on whether you are referencing the whole function \(unqualified\) or a function [version](configuration-versions.md) or [alias](configuration-aliases.md) \(qualified\)\. @@ -82,6 +85,9 @@ When making Lambda API calls, users can specify a version or alias by passing a Whether you are allowing or denying an action on your function, you must use the correct function ARN types in your policy statement to achieve the results that you expect\. For example, if your policy references the unqualified ARN, Lambda accepts requests that reference the unqualified ARN but denies requests that reference a qualified ARN\. +**Note** +You can't use a wildcard character to match the Account ID\. For more information on accepted syntax, see [IAM JSON policy reference](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)\. + **Example allowing invocation of an unqualified arn** ``` @@ -91,7 +97,8 @@ Whether you are allowing or denying an action on your function, you must use the { "Effect": "Allow", "Action": "lambda:InvokeFunction", - "Resource": "arn:aws:lambda:us-west-2:123456789012:myFunction" + "Resource": "arn:aws:lambda:us-west-2:123456789012:function:myFunction" + } ] } ``` @@ -107,7 +114,7 @@ If your policy references a specific qualified ARN, Lambda accepts requests that { "Effect": "Allow", "Action": "lambda:InvokeFunction", - "Resource": "arn:aws:lambda:us-west-2:123456789012:myFunction:1" + "Resource": "arn:aws:lambda:us-west-2:123456789012:function:myFunction:1" } ] } @@ -124,7 +131,7 @@ If your policy references any qualified ARN using `:*`, Lambda accepts any quali { "Effect": "Allow", "Action": "lambda:InvokeFunction", - "Resource": "arn:aws:lambda:us-west-2:123456789012:myFunction:*" + "Resource": "arn:aws:lambda:us-west-2:123456789012:function:myFunction:*" } ] } @@ -141,7 +148,7 @@ If your policy references any ARN using `*`, Lambda accepts any qualified or unq { "Effect": "Allow", "Action": "lambda:InvokeFunction", - "Resource": "arn:aws:lambda:us-west-2:123456789012:myFunction*" + "Resource": "arn:aws:lambda:us-west-2:123456789012:function:myFunction*" } ] } diff --git a/doc_source/lambda-csharp.md b/doc_source/lambda-csharp.md old mode 100755 new mode 100644 index fae83b69..b87a382c --- a/doc_source/lambda-csharp.md +++ b/doc_source/lambda-csharp.md @@ -25,10 +25,9 @@ These packages are available at [Nuget packages](https://www.nuget.org/packages/ | --- | --- | --- | --- | | \.NET 6 | `dotnet6` | Amazon Linux 2 | x86\_64, arm64 | | \.NET Core 3\.1 | `dotnetcore3.1` | Amazon Linux 2 | x86\_64, arm64 | -| \.NET Core 2\.1 | `dotnetcore2.1` | Amazon Linux | x86\_64 | **Note** -For end of support information about \.NET Core 2\.1, see [Runtime support policy](runtime-support-policy.md)\. +For end of support information about \.NET Core 2\.1, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. To get started with application development in your local environment, deploy one of the sample applications available in this guide's GitHub repository\. diff --git a/doc_source/lambda-images.md b/doc_source/lambda-deploy-functions.md old mode 100755 new mode 100644 similarity index 52% rename from doc_source/lambda-images.md rename to doc_source/lambda-deploy-functions.md index 47a5c9d1..7513748d --- a/doc_source/lambda-images.md +++ b/doc_source/lambda-deploy-functions.md @@ -1,4 +1,16 @@ -# Using container images with Lambda +# Deploying Lambda functions + +You can deploy code to your Lambda function by uploading a zip file archive, or by creating and uploading a container image\. + +## \.zip file archives + +A \.zip file archive includes your application code and its dependencies\. When you author functions using the Lambda console or a toolkit, Lambda automatically creates a \.zip file archive of your code\. + +When you create functions with the Lambda API, command line tools, or the AWS SDKs, you must create a deployment package\. You also must create a deployment package if your function uses a compiled language, or to add dependencies to your function\. To deploy your function's code, you upload the deployment package from Amazon Simple Storage Service \(Amazon S3\) or your local machine\. + +You can upload a \.zip file as your deployment package using the Lambda console, AWS Command Line Interface \(AWS CLI\), or to an Amazon Simple Storage Service \(Amazon S3\) bucket\. + +## Container images You can package your code and dependencies as a container image using tools such as the Docker command line interface \(CLI\)\. You can then upload the image to your container registry hosted on Amazon Elastic Container Registry \(Amazon ECR\)\. @@ -13,5 +25,7 @@ The image that you build for your function must target only one of the architect There is no additional charge for packaging and deploying functions as container images\. When a function deployed as a container image is invoked, you pay for invocation requests and execution duration\. You do incur charges related to storing your container images in Amazon ECR\. For more information, see [Amazon ECR pricing](http://aws.amazon.com/ecr/pricing/)\. **Topics** -+ [Creating Lambda container images](images-create.md) -+ [Testing Lambda container images locally](images-test.md) \ No newline at end of file ++ [\.zip file archives](#deploying-zip-archives) ++ [Container images](#deploying-containers) ++ [Deploying Lambda functions as \.zip file archives](configuration-function-zip.md) ++ [Deploying Lambda functions as container images](gettingstarted-images.md) \ No newline at end of file diff --git a/doc_source/lambda-edge.md b/doc_source/lambda-edge.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-foundation.md b/doc_source/lambda-foundation.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-functions.md b/doc_source/lambda-functions.md old mode 100755 new mode 100644 index 02878bd5..4957dbd0 --- a/doc_source/lambda-functions.md +++ b/doc_source/lambda-functions.md @@ -1,6 +1,6 @@ # Configuring AWS Lambda functions -You can use the AWS Lambda API or console to create functions and configure function settings\. When you create the function, you chose the type of deployment package for the function\. The deployment package type cannot be changed later\. The workflow to create a function is different for a function deployed as a [container image](configuration-images.md) and for a function deployed as a [\.zip file archive](configuration-function-zip.md)\. +You can use the AWS Lambda API or console to create functions and configure function settings\. When you create the function, you chose the type of deployment package for the function\. The deployment package type cannot be changed later\. The workflow to create a function is different for a function deployed as a [container image](gettingstarted-images.md) and for a function deployed as a [\.zip file archive](configuration-function-zip.md)\. After you create the function, you can configure settings for many [function capabilities and options ](configuration-function-common.md) such as permissions, environment variables, tags, and layers\. diff --git a/doc_source/lambda-golang.md b/doc_source/lambda-golang.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-intro-execution-role.md b/doc_source/lambda-intro-execution-role.md old mode 100755 new mode 100644 index 6871fb4d..f271de16 --- a/doc_source/lambda-intro-execution-role.md +++ b/doc_source/lambda-intro-execution-role.md @@ -26,7 +26,7 @@ When you add permissions to your function, make an update to its code or configu ## Creating an execution role in the IAM console -By default, Lambda creates an execution role with minimal permissions when you [create a function in the Lambda console](getting-started-create-function.md)\. You can also create an execution role in the IAM console\. +By default, Lambda creates an execution role with minimal permissions when you [create a function in the Lambda console](getting-started.md#getting-started-create-function)\. You can also create an execution role in the IAM console\. **To create an execution role in the IAM console** diff --git a/doc_source/lambda-invocation.md b/doc_source/lambda-invocation.md old mode 100755 new mode 100644 index d545ac54..b2b7b7d0 --- a/doc_source/lambda-invocation.md +++ b/doc_source/lambda-invocation.md @@ -1,6 +1,6 @@ # Invoking Lambda functions -You can invoke Lambda functions directly [using the Lambda console](getting-started-create-function.md#get-started-invoke-manually), the Lambda API, an AWS SDK, the AWS Command Line Interface \(AWS CLI\), and AWS toolkits\. You can also configure other AWS services to invoke your function, or you can configure Lambda to read from a stream or queue and invoke your function\. +You can invoke Lambda functions directly using [the Lambda console](getting-started.md#get-started-invoke-manually), a [function URL](lambda-urls.md) HTTP\(S\) endpoint, the Lambda API, an AWS SDK, the AWS Command Line Interface \(AWS CLI\), and AWS toolkits\. You can also configure other AWS services to invoke your function, or you can configure Lambda to read from a stream or queue and invoke your function\. When you invoke a function, you can choose to invoke it synchronously or asynchronously\. With [synchronous invocation](invocation-sync.md), you wait for the function to process the event and return a response\. With [asynchronous](invocation-async.md) invocation, Lambda queues the event for processing and returns a response immediately\. For asynchronous invocation, Lambda handles retries and can send invocation records to a [destination](invocation-async.md#invocation-async-destinations)\. @@ -19,5 +19,6 @@ Depending on who invokes your function and how it's invoked, scaling behavior an + [Lambda event filtering](invocation-eventfiltering.md) + [Lambda function states](functions-states.md) + [Error handling and automatic retries in AWS Lambda](invocation-retries.md) ++ [Testing Lambda functions in the console](testing-functions.md) + [Using Lambda extensions](using-extensions.md) + [Invoking functions defined as container images](invocation-images.md) \ No newline at end of file diff --git a/doc_source/lambda-java.md b/doc_source/lambda-java.md old mode 100755 new mode 100644 index f533c6e3..1ad435a2 --- a/doc_source/lambda-java.md +++ b/doc_source/lambda-java.md @@ -78,6 +78,6 @@ Your Lambda function comes with a CloudWatch Logs log group\. The function runti + [AWS Lambda context object in Java](java-context.md) + [AWS Lambda function logging in Java](java-logging.md) + [AWS Lambda function errors in Java](java-exceptions.md) -+ [Instrumenting Java code in AWS Lambda](java-tracing.md) ++ [Instrumenting Java code in Lambda](java-tracing.md) + [Creating a deployment package using Eclipse](java-package-eclipse.md) + [Java sample applications for AWS Lambda](java-samples.md) \ No newline at end of file diff --git a/doc_source/lambda-managing.md b/doc_source/lambda-managing.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-monitoring.md b/doc_source/lambda-monitoring.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-nodejs.md b/doc_source/lambda-nodejs.md old mode 100755 new mode 100644 index 2c167189..c5b5f3b9 --- a/doc_source/lambda-nodejs.md +++ b/doc_source/lambda-nodejs.md @@ -9,12 +9,9 @@ Lambda supports the following Node\.js runtimes\. | Name | Identifier | SDK for JavaScript | Operating system | Architectures | | --- | --- | --- | --- | --- | -| Node\.js 14 | `nodejs14.x` | 2\.1001\.0 | Amazon Linux 2 | x86\_64, arm64 | -| Node\.js 12 | `nodejs12.x` | 2\.1001\.0 | Amazon Linux 2 | x86\_64, arm64 | -| Node\.js 10 | `nodejs10.x` | 2\.1001\.0 | Amazon Linux 2 | x86\_64 | - -**Note** -For end of support information about Node\.js 10, see [Runtime support policy](runtime-support-policy.md)\. +| Node\.js 16 | `nodejs16.x` | 2\.1055\.0 | Amazon Linux 2 | x86\_64, arm64 | +| Node\.js 14 | `nodejs14.x` | 2\.1055\.0 | Amazon Linux 2 | x86\_64, arm64 | +| Node\.js 12 | `nodejs12.x` | 2\.1055\.0 | Amazon Linux 2 | x86\_64, arm64 | Lambda functions use an [execution role](lambda-intro-execution-role.md) to get permission to write logs to Amazon CloudWatch Logs, and to access other services and resources\. If you don't already have an execution role for function development, create one\. @@ -41,7 +38,7 @@ You can add permissions to the role later, or swap it out for a different role t 1. Configure the following settings: + **Name** – **my\-function**\. - + **Runtime** – **Node\.js 14\.x**\. + + **Runtime** – **Node\.js 16\.x**\. + **Role** – **Choose an existing role**\. + **Existing role** – **lambda\-role**\. diff --git a/doc_source/lambda-permissions.md b/doc_source/lambda-permissions.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-powershell.md b/doc_source/lambda-powershell.md old mode 100755 new mode 100644 index eee3dc93..daafd65d --- a/doc_source/lambda-powershell.md +++ b/doc_source/lambda-powershell.md @@ -9,7 +9,6 @@ The following sections explain how common programming patterns and core concepts | --- | --- | --- | --- | | \.NET 6 | `dotnet6` | Amazon Linux 2 | x86\_64, arm64 | | \.NET Core 3\.1 | `dotnetcore3.1` | Amazon Linux 2 | x86\_64, arm64 | -| \.NET Core 2\.1 | `dotnetcore2.1` | Amazon Linux | x86\_64 | Lambda provides the following sample applications for the PowerShell runtime: + [blank\-powershell](https://github.com/awsdocs/aws-lambda-developer-guide/tree/main/sample-apps/blank-powershell) – A PowerShell function that shows the use of logging, environment variables, and the AWS SDK\. diff --git a/doc_source/lambda-python.md b/doc_source/lambda-python.md old mode 100755 new mode 100644 index 14d40a41..e74a48f3 --- a/doc_source/lambda-python.md +++ b/doc_source/lambda-python.md @@ -4,19 +4,17 @@ You can run Python code in AWS Lambda\. Lambda provides [runtimes](lambda-runtim Lambda supports the following Python runtimes\. -**Note** -End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime support policy](runtime-support-policy.md)\. - **Python runtimes** | Name | Identifier | AWS SDK for Python | Operating system | Architectures | | --- | --- | --- | --- | --- | -| Python 3\.9 | `python3.9` | boto3\-1\.18\.55 botocore\-1\.21\.55 | Amazon Linux 2 | x86\_64, arm64 | -| Python 3\.8 | `python3.8` | boto3\-1\.18\.55 botocore\-1\.21\.55 | Amazon Linux 2 | x86\_64, arm64 | -| Python 3\.7 | `python3.7` | boto3\-1\.18\.55 botocore\-1\.21\.55 | Amazon Linux | x86\_64 | -| Python 3\.6 | `python3.6` | boto3\-1\.18\.55 botocore\-1\.21\.55 | Amazon Linux | x86\_64 | -| Python 2\.7 | `python2.7` | boto3\-1\.17\.100 botocore\-1\.20\.100 | Amazon Linux | x86\_64 | +| Python 3\.9 | `python3.9` | boto3\-1\.20\.32 botocore\-1\.23\.32 | Amazon Linux 2 | x86\_64, arm64 | +| Python 3\.8 | `python3.8` | boto3\-1\.20\.32 botocore\-1\.23\.32 | Amazon Linux 2 | x86\_64, arm64 | +| Python 3\.7 | `python3.7` | boto3\-1\.20\.32 botocore\-1\.23\.32 | Amazon Linux | x86\_64 | +| Python 3\.6 | `python3.6` | boto3\-1\.20\.32 botocore\-1\.23\.32 | Amazon Linux | x86\_64 | + +The runtime information in this table undergoes continuous updates\. For more information on using AWS SDKs in Lambda, see [Managing AWS SDKs in Lambda functions](https://docs.aws.amazon.com/lambda/latest/operatorguide/sdks-functions.html)\. **To create a Python function** diff --git a/doc_source/lambda-releases.md b/doc_source/lambda-releases.md old mode 100755 new mode 100644 index de0e7e9c..8fec4b94 --- a/doc_source/lambda-releases.md +++ b/doc_source/lambda-releases.md @@ -4,6 +4,12 @@ The following table describes the important changes to the *AWS Lambda Developer | Change | Description | Date | | --- |--- |--- | +| [Node\.js 16 runtime](https://docs.aws.amazon.com/lambda/latest/dg/programming-model.html?icmpid=docs_lambda_rss) | Lambda now supports a new runtime for Node\.js 16\. Node\.js 16 uses Amazon Linux 2\. For details, see [Building Lambda functions with Node\.js](https://docs.aws.amazon.com/lambda/latest/dg/programming-model.html?icmpid=docs_lambda_rss)\. | May 11, 2022 | +| [Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/lambda-urls.html?icmpid=docs_lambda_rss) | Lambda now supports function URLs, which are dedicated HTTP\(S\) endpoints for Lambda functions\. For details, see [Lambda function URLs](https://docs.aws.amazon.com/lambda/latest/dg/lambda-urls.html?icmpid=docs_lambda_rss)\. | April 6, 2022 | +| [Shared test events in the AWS Lambda console](https://docs.aws.amazon.com/lambda/latest/dg/testing-functions.html?icmpid=docs_lambda_rss) | Lambda now supports sharing test events with other IAM users in the same AWS account\. For details, see [Testing Lambda functions in the console](https://docs.aws.amazon.com/lambda/latest/dg/testing-functions.html?icmpid=docs_lambda_rss)\. | March 16, 2022 | +| [PrincipalOrgId in resource\-based policies](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html?icmpid=docs_lambda_rss) | Lambda now supports granting permissions to an organization in AWS Organizations\. For details, see [Using resource\-based policies for AWS Lambda](https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html?icmpid=docs_lambda_rss)\. | March 11, 2022 | +| [\.NET 6 runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html?icmpid=docs_lambda_rss) | Lambda now supports a new runtime for \.NET 6\. For details, see [Lambda runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html?icmpid=docs_lambda_rss)\. | February 23, 2022 | +| [Event filtering for Kinesis, DynamoDB, and Amazon SQS event sources](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html?icmpid=docs_lambda_rss) | Lambda now supports event filtering for Kinesis, DynamoDB, and Amazon SQS event sources\. For details, see [Lambda event filtering](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html?icmpid=docs_lambda_rss)\. | November 24, 2021 | | [mTLS authentication for Amazon MSK and self\-managed Apache Kafka event sources](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html?icmpid=docs_lambda_rss) | Lambda now supports mTLS authentication for Amazon MSK and self\-managed Apache Kafka event sources\. For details, see [Using Lambda with Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html?icmpid=docs_lambda_rss)\. | November 19, 2021 | | [Lambda on Graviton2](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html?icmpid=docs_lambda_rss) | Lambda now supports Graviton2 for functions using arm64 architecture\. For details, see [Lambda instruction set architectures](https://docs.aws.amazon.com/lambda/latest/dg/foundation-arch.html?icmpid=docs_lambda_rss)\. | September 29, 2021 | | [Python 3\.9 runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html?icmpid=docs_lambda_rss) | Lambda now supports a new runtime for Python 3\.9\. For details, see [Lambda runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html?icmpid=docs_lambda_rss)\. | August 16, 2021 | @@ -13,7 +19,7 @@ The following table describes the important changes to the *AWS Lambda Developer | [Lambda Extensions API](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-extensions-api.html?icmpid=docs_lambda_rss) | General availability for Lambda extensions\. Use extensions to augment your Lambda functions\. You can use extensions provided by Lambda Partners, or you can create your own Lambda extensions\. For details, see [Lambda Extensions API](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-extensions-api.html?icmpid=docs_lambda_rss)\. | May 24, 2021 | | [New Lambda console experience](#lambda-releases) | The Lambda console has been redesigned to improve performance and consistency\. | March 2, 2021 | | [Node\.js 14 runtime](https://docs.aws.amazon.com/lambda/latest/dg/programming-model.html?icmpid=docs_lambda_rss) | Lambda now supports a new runtime for Node\.js 14\. Node\.js 14 uses Amazon Linux 2\. For details, see [Building Lambda functions with Node\.js](https://docs.aws.amazon.com/lambda/latest/dg/programming-model.html?icmpid=docs_lambda_rss)\. | January 27, 2021 | -| [Lambda container images](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html?icmpid=docs_lambda_rss) | Lambda now supports functions defined as container images\. You can combine the flexibility of container tooling with the agility and operational simplicity of Lambda to build applications\. For details, see [ Using container images with Lambda](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html?icmpid=docs_lambda_rss)\. | December 1, 2020 | +| [Lambda container images](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html?icmpid=docs_lambda_rss) | Lambda now supports functions defined as container images\. You can combine the flexibility of container tooling with the agility and operational simplicity of Lambda to build applications\. For details, see [ Using container images with Lambda](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html?icmpid=docs_lambda_rss)\. | December 1, 2020 | | [ Code signing for Lambda functions](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html?icmpid=docs_lambda_rss) | Lambda now supports code signing\. Administrators can configure Lambda functions to accept only signed code on deployment\. Lambda checks the signatures to ensure that the code is not altered or tampered\. Additionally, Lambda ensures that the code is signed by trusted developers before accepting the deployment\. For details, see [Configuring code signing for Lambda](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html?icmpid=docs_lambda_rss)\. | November 23, 2020 | | [Preview: Lambda Runtime Logs API](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-logs-api.html?icmpid=docs_lambda_rss) | Lambda now supports the Runtime Logs API\. Lambda extensions can use the Logs API to subscribe to log streams in the execution environment\. For details, see [Lambda Runtime Logs API](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-logs-api.html?icmpid=docs_lambda_rss)\. | November 12, 2020 | | [New event source to for Amazon MQ](https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html?icmpid=docs_lambda_rss) | Lambda now supports Amazon MQ as an event source\. Use a Lambda function to process records from your Amazon MQ message broker\. For details, see [Using Lambda with Amazon MQ](https://docs.aws.amazon.com/lambda/latest/dg/with-mq.html?icmpid=docs_lambda_rss)\. | November 5, 2020 | @@ -94,7 +100,7 @@ The following table describes the important changes in each release of the *AWS | Introduced the AWS SAM for creating and deploying Lambda\-based applications and using environment variables for Lambda function configuration settings\. | AWS SAM: You can now use the AWS SAM to define the syntax for expressing resources within a serverless application\. In order to deploy your application, simply specify the resources you need as part of your application, along with their associated permissions policies in a AWS CloudFormation template file \(written in either JSON or YAML\), package your deployment artifacts, and deploy the template\. For more information, see [AWS Lambda applications](deploying-lambda-apps.md)\. Environment variables: You can use environment variables to specify configuration settings for your Lambda function outside of your function code\. For more information, see [Using AWS Lambda environment variables](configuration-envvars.md)\. | November 18, 2016 | | Asia Pacific \(Seoul\) Region | AWS Lambda is now available in the Asia Pacific \(Seoul\) Region\. For more information about Lambda regions and endpoints, see [Regions and endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#lambda_region) in the *AWS General Reference*\. | August 29, 2016 | | Asia Pacific \(Sydney\) Region | Lambda is now available in the Asia Pacific \(Sydney\) Region\. For more information about Lambda regions and endpoints, see [Regions and endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#lambda_region) in the *AWS General Reference*\. | June 23, 2016 | -| Updates to the Lambda console | The Lambda console has been updated to simplify the role\-creation process\. For more information, see [Create a Lambda function with the console](getting-started-create-function.md)\. | June 23, 2016 | +| Updates to the Lambda console | The Lambda console has been updated to simplify the role\-creation process\. For more information, see [Create a Lambda function with the console](getting-started.md#getting-started-create-function)\. | June 23, 2016 | | AWS Lambda now supports Node\.js runtime v4\.3 | AWS Lambda added support for Node\.js runtime v4\.3\. For more information, see [Building Lambda functions with Node\.js](lambda-nodejs.md)\. | April 07, 2016 | | Europe \(Frankfurt\) region | Lambda is now available in the Europe \(Frankfurt\) region\. For more information about Lambda regions and endpoints, see [Regions and endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#lambda_region) in the *AWS General Reference*\. | March 14, 2016 | | VPC support | You can now configure a Lambda function to access resources in your VPC\. For more information, see [Configuring a Lambda function to access resources in a VPC](configuration-vpc.md)\. | February 11, 2016 | diff --git a/doc_source/lambda-rolling-deployments.md b/doc_source/lambda-rolling-deployments.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-ruby.md b/doc_source/lambda-ruby.md old mode 100755 new mode 100644 index d03e8d90..a5be3ac4 --- a/doc_source/lambda-ruby.md +++ b/doc_source/lambda-ruby.md @@ -10,10 +10,9 @@ Lambda supports the following Ruby runtimes\. | Name | Identifier | SDK for Ruby | Operating system | Architectures | | --- | --- | --- | --- | --- | | Ruby 2\.7 | `ruby2.7` | 3\.0\.1 | Amazon Linux 2 | x86\_64, arm64 | -| Ruby 2\.5 | `ruby2.5` | 3\.0\.1 | Amazon Linux | x86\_64 | **Note** -For end of support information about Ruby 2\.5, see [Runtime support policy](runtime-support-policy.md)\. +For end of support information about Ruby 2\.5, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. Lambda functions use an [execution role](lambda-intro-execution-role.md) to get permission to write logs to Amazon CloudWatch Logs, and to access other services and resources\. If you don't already have an execution role for function development, create one\. diff --git a/doc_source/runtimes-context.md b/doc_source/lambda-runtime-environment.md old mode 100755 new mode 100644 similarity index 82% rename from doc_source/runtimes-context.md rename to doc_source/lambda-runtime-environment.md index 75729f85..569bb00c --- a/doc_source/runtimes-context.md +++ b/doc_source/lambda-runtime-environment.md @@ -1,8 +1,8 @@ -# AWS Lambda execution environment +# AWS Lambda execution environment -Lambda invokes your function in an execution environment, which provides a secure and isolated runtime environment\. The execution environment manages the resources required to run your function\. The execution environment also provides lifecycle support for the function's runtime and any [external extensions](using-extensions.md) associated with your function\. + Lambda invokes your function in an execution environment, which provides a secure and isolated runtime environment\. The execution environment manages the resources required to run your function\. The execution environment also provides lifecycle support for the function's runtime and any [external extensions](using-extensions.md) associated with your function\. -The function's runtime communicates with Lambda using the [Runtime API](runtimes-api.md)\. Extensions communicate with Lambda using the [Extensions API](runtimes-extensions-api.md)\. Extensions can also receive log messages from the function by subscribing to logs using the [Logs API](runtimes-logs-api.md)\. +The function's runtime communicates with Lambda using the [Runtime API](runtimes-api.md)\. Extensions communicate with Lambda using the [Extensions API](runtimes-extensions-api.md)\. Extensions can also receive log messages from the function by subscribing to logs using the [Logs API](runtimes-logs-api.md)\. @@ -12,6 +12,13 @@ When you create your Lambda function, you specify configuration information, suc The function's runtime and each external extension are processes that run within the execution environment\. Permissions, resources, credentials, and environment variables are shared between the function and the extensions\. +**Topics** ++ [Lambda Extensions API](runtimes-extensions-api.md) ++ [AWS Lambda runtime API](runtimes-api.md) ++ [Lambda Logs API](runtimes-logs-api.md) ++ [AWS Lambda extensions partners](extensions-api-partners.md) ++ [Lambda execution environment lifecycle](#runtimes-lifecycle) + ## Lambda execution environment lifecycle The lifecycle of the execution environment includes the following phases: @@ -56,13 +63,13 @@ The Lambda reset does not clear the `/tmp` directory content prior to the next i ### Shutdown phase -When Lambda is about to shut down the runtime, it sends a `Shutdown` event to the runtime and to each external extension\. Extensions can use this time for final cleanup tasks\. The `Shutdown` event is a response to a `Next` API request\. +When Lambda is about to shut down the runtime, it sends a `Shutdown` event to each registered external extension\. Extensions can use this time for final cleanup tasks\. The `Shutdown` event is a response to a `Next` API request\. **Duration**: The entire `Shutdown` phase is capped at 2 seconds\. If the runtime or any extension does not respond, Lambda terminates it via a signal \(`SIGKILL`\)\. After the function and all extensions have completed, Lambda maintains the execution environment for some time in anticipation of another function invocation\. In effect, Lambda freezes the execution environment\. When the function is invoked again, Lambda thaws the environment for reuse\. Reusing the execution environment has the following implications: + Objects declared outside of the function's handler method remain initialized, providing additional optimization when the function is invoked again\. For example, if your Lambda function establishes a database connection, instead of reestablishing the connection, the original connection is used in subsequent invocations\. We recommend adding logic in your code to check if a connection exists before creating a new one\. -+ Each execution environment provides 512 MB of disk space in the `/tmp` directory\. The directory content remains when the execution environment is frozen, providing a transient cache that can be used for multiple invocations\. You can add extra code to check if the cache has the data that you stored\. For more information on deployment size limits, see [Lambda quotas](gettingstarted-limits.md)\. ++ Each execution environment provides 512 MB to 10,240 MB, in 1\-MB increments\. of disk space in the `/tmp` directory\. The directory content remains when the execution environment is frozen, providing a transient cache that can be used for multiple invocations\. You can add extra code to check if the cache has the data that you stored\. For more information on deployment size limits, see [Lambda quotas](gettingstarted-limits.md)\. + Background processes or callbacks that were initiated by your Lambda function and did not complete when the function ended resume if Lambda reuses the execution environment\. Make sure that any background processes or callbacks in your code are complete before the code exits\. When you write your function code, do not assume that Lambda automatically reuses the execution environment for subsequent function invocations\. Other factors may dictate a need for Lambda to create a new execution environment, which can lead to unexpected results, such as database connection failures\. \ No newline at end of file diff --git a/doc_source/lambda-runtimes.md b/doc_source/lambda-runtimes.md old mode 100755 new mode 100644 index 2b7980e6..f0c76900 --- a/doc_source/lambda-runtimes.md +++ b/doc_source/lambda-runtimes.md @@ -1,46 +1,42 @@ # Lambda runtimes -Lambda supports multiple languages through the use of [runtimes](gettingstarted-concepts.md#gettingstarted-concepts-runtime)\. For a [function defined as a container image](configuration-images.md), you choose a runtime and the Linux distribution when you [create the container image](images-create.md)\. To change the runtime, you create a new container image\. +Lambda supports multiple languages through the use of [runtimes](gettingstarted-concepts.md#gettingstarted-concepts-runtime)\. For a [function defined as a container image](gettingstarted-images.md), you choose a runtime and the Linux distribution when you [create the container image](images-create.md)\. To change the runtime, you create a new container image\. -When you use a \.zip file archive for the deployment package, you choose a runtime when you create the function\. To change the runtime, you can [update your function's configuration](configuration-function-zip.md)\. The runtime is paired with one of the Amazon Linux distributions\. The underlying execution environment provides additional libraries and [environment variables](configuration-envvars.md) that you can access from your function code\. +When you use a \.zip file archive for the deployment package, you choose a runtime when you create the function\. To change or upgrade the runtime, you can [update your function's configuration](configuration-function-zip.md#configuration-function-runtime)\. The runtime is paired with one of the Amazon Linux distributions\. The underlying execution environment provides additional libraries and [environment variables](configuration-envvars.md) that you can access from your function code\. **Amazon Linux** + Image – [amzn\-ami\-hvm\-2018\.03\.0\.20181129\-x86\_64\-gp2](https://console.aws.amazon.com/ec2/v2/home#Images:visibility=public-images;search=amzn-ami-hvm-2018.03.0.20181129-x86_64-gp2) -+ Linux kernel – 4\.14\.171\-105\.231\.amzn1\.x86\_64 ++ Linux kernel – 4\.14 **Amazon Linux 2** + Image – Custom -+ Linux kernel – 4\.14\.165\-102\.205\.amzn2\.x86\_64 ++ Linux kernel – 4\.14 -Lambda invokes your function in an [execution environment](runtimes-context.md)\. The execution environment provides a secure and isolated runtime environment that manages the resources required to run your function\. Lambda re\-uses the execution environment from a previous invocation if one is available, or it can create a new execution environment\. +Lambda invokes your function in an [execution environment](lambda-runtime-environment.md)\. The execution environment provides a secure and isolated runtime environment that manages the resources required to run your function\. Lambda re\-uses the execution environment from a previous invocation if one is available, or it can create a new execution environment\. -A runtime can support a single version of a language, multiple versions of a language, or multiple languages\. Runtimes specific to a language or framework version are [deprecated](runtime-support-policy.md) when the version reaches end of life\. +A runtime can support a single version of a language, multiple versions of a language, or multiple languages\. Runtimes specific to a language or framework version are [deprecated](#runtime-support-policy) when the version reaches end of life\. **Node\.js runtimes** | Name | Identifier | SDK for JavaScript | Operating system | Architectures | | --- | --- | --- | --- | --- | -| Node\.js 14 | `nodejs14.x` | 2\.1001\.0 | Amazon Linux 2 | x86\_64, arm64 | -| Node\.js 12 | `nodejs12.x` | 2\.1001\.0 | Amazon Linux 2 | x86\_64, arm64 | -| Node\.js 10 | `nodejs10.x` | 2\.1001\.0 | Amazon Linux 2 | x86\_64 | +| Node\.js 16 | `nodejs16.x` | 2\.1055\.0 | Amazon Linux 2 | x86\_64, arm64 | +| Node\.js 14 | `nodejs14.x` | 2\.1055\.0 | Amazon Linux 2 | x86\_64, arm64 | +| Node\.js 12 | `nodejs12.x` | 2\.1055\.0 | Amazon Linux 2 | x86\_64, arm64 | **Note** -For end of support information about Node\.js 10, see [Runtime support policy](runtime-support-policy.md)\. +For end of support information about Node\.js 10, see [Runtime deprecation policy](#runtime-support-policy)\. **Python runtimes** | Name | Identifier | AWS SDK for Python | Operating system | Architectures | | --- | --- | --- | --- | --- | -| Python 3\.9 | `python3.9` | boto3\-1\.18\.55 botocore\-1\.21\.55 | Amazon Linux 2 | x86\_64, arm64 | -| Python 3\.8 | `python3.8` | boto3\-1\.18\.55 botocore\-1\.21\.55 | Amazon Linux 2 | x86\_64, arm64 | -| Python 3\.7 | `python3.7` | boto3\-1\.18\.55 botocore\-1\.21\.55 | Amazon Linux | x86\_64 | -| Python 3\.6 | `python3.6` | boto3\-1\.18\.55 botocore\-1\.21\.55 | Amazon Linux | x86\_64 | -| Python 2\.7 | `python2.7` | boto3\-1\.17\.100 botocore\-1\.20\.100 | Amazon Linux | x86\_64 | - -**Important** -Python 2\.7 reached end of life on January 1, 2020\. End of support \(phase 1\) for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Announcing end of support for Python 2\.7 in AWS Lambda](http://aws.amazon.com/blogs/compute/announcing-end-of-support-for-python-2-7-in-aws-lambda/) on the AWS Compute Blog\. +| Python 3\.9 | `python3.9` | boto3\-1\.20\.32 botocore\-1\.23\.32 | Amazon Linux 2 | x86\_64, arm64 | +| Python 3\.8 | `python3.8` | boto3\-1\.20\.32 botocore\-1\.23\.32 | Amazon Linux 2 | x86\_64, arm64 | +| Python 3\.7 | `python3.7` | boto3\-1\.20\.32 botocore\-1\.23\.32 | Amazon Linux | x86\_64 | +| Python 3\.6 | `python3.6` | boto3\-1\.20\.32 botocore\-1\.23\.32 | Amazon Linux | x86\_64 | **Ruby runtimes** @@ -48,10 +44,9 @@ Python 2\.7 reached end of life on January 1, 2020\. End of support \(phase 1\) | Name | Identifier | SDK for Ruby | Operating system | Architectures | | --- | --- | --- | --- | --- | | Ruby 2\.7 | `ruby2.7` | 3\.0\.1 | Amazon Linux 2 | x86\_64, arm64 | -| Ruby 2\.5 | `ruby2.5` | 3\.0\.1 | Amazon Linux | x86\_64 | **Note** -For end of support information about Ruby 2\.5, see [Runtime support policy](runtime-support-policy.md)\. +For end of support information about Ruby 2\.5, see [Runtime deprecation policy](#runtime-support-policy)\. **Java runtimes** @@ -79,10 +74,9 @@ Runtimes that use the Amazon Linux operating system, such as Go 1\.x, do not sup | --- | --- | --- | --- | | \.NET 6 | `dotnet6` | Amazon Linux 2 | x86\_64, arm64 | | \.NET Core 3\.1 | `dotnetcore3.1` | Amazon Linux 2 | x86\_64, arm64 | -| \.NET Core 2\.1 | `dotnetcore2.1` | Amazon Linux | x86\_64 | **Note** -For end of support information about \.NET Core 2\.1, see [Runtime support policy](runtime-support-policy.md)\. +For end of support information about \.NET Core 2\.1, see [Runtime deprecation policy](#runtime-support-policy)\. To use other languages in Lambda, you can implement a [custom runtime](runtimes-custom.md)\. The Lambda execution environment provides a [runtime interface](runtimes-api.md) for getting invocation events and sending responses\. You can deploy a custom runtime alongside your function code, or in a [layer](configuration-layers.md)\. @@ -95,13 +89,50 @@ To use other languages in Lambda, you can implement a [custom runtime](runtimes- | Custom Runtime | `provided` | Amazon Linux | x86\_64 | **Topics** -+ [Runtime support policy](runtime-support-policy.md) -+ [AWS Lambda execution environment](runtimes-context.md) -+ [Runtime support for Lambda container images](runtimes-images.md) -+ [AWS Lambda runtime API](runtimes-api.md) -+ [Lambda Extensions API](runtimes-extensions-api.md) -+ [Lambda Logs API](runtimes-logs-api.md) + [Modifying the runtime environment](runtimes-modify.md) + [Custom AWS Lambda runtimes](runtimes-custom.md) + [Tutorial – Publishing a custom runtime](runtimes-walkthrough.md) -+ [Using AVX2 vectorization in Lambda](runtimes-avx2.md) \ No newline at end of file ++ [Using AVX2 vectorization in Lambda](runtimes-avx2.md) ++ [Runtime deprecation policy](#runtime-support-policy) + +## Runtime deprecation policy + +[Lambda runtimes](#lambda-runtimes) for \.zip file archives are built around a combination of operating system, programming language, and software libraries that are subject to maintenance and security updates\. When security updates are no longer available for a component of a runtime, Lambda deprecates the runtime\. + +Deprecation \(end of support\) for a runtime occurs in two phases\. + +Phase 1 \- Lambda no longer applies security patches or other updates to the runtime\. You can no longer **create** functions that use the runtime, but you can continue to update existing functions\. This includes updating the runtime version, and rolling back to the previous runtime version\. Note that functions that use a deprecated runtime are no longer eligible for technical support\. + +Phase 2 \- you can no longer **create or update** functions that use the runtime\. To update a function, you need to migrate it to a supported runtime version\. After you migrate the function to a supported runtime version, you cannot rollback the function to the previous runtime\. Phase 2 starts at least 30 days after the start of Phase 1\. + +Lambda does not block invocations of functions that use deprecated runtime versions\. Function invocations continue indefinitely after the runtime version reaches end of support\. However, AWS strongly recommends that you migrate functions to a supported runtime version so that you continue to receive security patches and remain eligible for technical support\. + +In the table below, each phase starts at midnight \(Pacific time zone\) on the specified date\. The following runtimes have reached or are scheduled for end of support: + + +**Runtime end of support dates** + +| Name | Identifier | Operating system | Deprecation Phase 1 | Deprecation Phase 2 | +| --- | --- | --- | --- | --- | +| \.NET Core 2\.1 | `dotnetcore2.1` | Amazon Linux | Jan 5, 2022 | Apr 13, 2022 | +| Python 3\.6 | `python3.6` | Amazon Linux | July 18, 2022 | Aug 17, 2022 | +| Python 2\.7 | `python2.7` | Amazon Linux | July 15, 2021 | Feb 14, 2022 | +| Ruby 2\.5 | `ruby2.5` | Amazon Linux | July 30, 2021 | March 31, 2022 | +| Node\.js 10\.x | `nodejs10.x` | Amazon Linux 2 | July 30, 2021 | Feb 14, 2022 | +| Node\.js 8\.10 | `nodejs8.10` | Amazon Linux | | March 6, 2020 | +| Node\.js 6\.10 | `nodejs6.10` | Amazon Linux | | August 12, 2019 | +| Node\.js 4\.3 edge | `nodejs4.3-edge` | Amazon Linux | | April 30, 2019 | +| Node\.js 4\.3 | `nodejs4.3` | Amazon Linux | | March 6, 2020 | +| Node\.js 0\.10 | `nodejs` | Amazon Linux | | October 31, 2016 | +| \.NET Core 2\.0 | `dotnetcore2.0` | Amazon Linux | | May 30, 2019 | +| \.NET Core 1\.0 | `dotnetcore1.0` | Amazon Linux | | July 30, 2019 | + +In almost all cases, the end\-of\-life date of a language version or operating system is known well in advance\. Lambda notifies you by email if you have functions using a runtime that is scheduled for end of support in the next 60 days\. In rare cases, advance notice of support ending might not be possible\. For example, security issues that require a backwards\-incompatible update, or a runtime component that doesn't provide a long\-term support \(LTS\) schedule\. + +**Language and framework support policies** ++ **Node\.js** – [github\.com](https://github.com/nodejs/Release#release-schedule) ++ **Python** – [devguide\.python\.org](https://devguide.python.org/#status-of-python-branches) ++ **Ruby** – [www\.ruby\-lang\.org](https://www.ruby-lang.org/en/downloads/branches/) ++ **Java** – [www\.oracle\.com](https://www.oracle.com/java/technologies/java-se-support-roadmap.html) and [Corretto FAQs](http://aws.amazon.com/corretto/faqs/) ++ **Go** – [golang\.org](https://golang.org/doc/devel/release.html) ++ **\.NET Core** – [dotnet\.microsoft\.com](https://dotnet.microsoft.com/platform/support/policy/dotnet-core) \ No newline at end of file diff --git a/doc_source/lambda-samples.md b/doc_source/lambda-samples.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-security.md b/doc_source/lambda-security.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-services.md b/doc_source/lambda-services.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-settingup.md b/doc_source/lambda-settingup.md old mode 100755 new mode 100644 index 09907139..74d81bd2 --- a/doc_source/lambda-settingup.md +++ b/doc_source/lambda-settingup.md @@ -1,4 +1,4 @@ -# Setting up with Lambda +# Prerequisites To use AWS Lambda, you need an AWS account\. If you plan to configure and use Lambda functions from the command line, set up the AWS CLI\. You can set up other development and build tools as required for the environment and language that you are planning to use\. diff --git a/doc_source/lambda-stepfunctions.md b/doc_source/lambda-stepfunctions.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-troubleshooting.md b/doc_source/lambda-troubleshooting.md old mode 100755 new mode 100644 diff --git a/doc_source/lambda-typescript.md b/doc_source/lambda-typescript.md new file mode 100644 index 00000000..4351befa --- /dev/null +++ b/doc_source/lambda-typescript.md @@ -0,0 +1,47 @@ +# Building Lambda functions with TypeScript + +You can use the Node\.js runtime to run TypeScript code in AWS Lambda\. Because Node\.js doesn't run TypeScript code natively, you must first transpile your TypeScript code into JavaScript\. Then, use the JavaScript files to deploy your function code to Lambda\. Your code runs in an environment that includes the AWS SDK for JavaScript, with credentials from an AWS Identity and Access Management \(IAM\) role that you manage\. + +## Setting up a TypeScript development environment + +Use a local integrated development environment \(IDE\), text editor, or [AWS Cloud9](https://docs.aws.amazon.com/cloud9/latest/user-guide/sample-typescript.html) to write your TypeScript function code\. You can’t create TypeScript code on the Lambda console\. + +To transpile your TypeScript code, set up a compiler such as [esbuild](https://esbuild.github.io/) or Microsoft's TypeScript compiler \(`tsc`\) , which is bundled with the [TypeScript distribution](https://www.typescriptlang.org/download)\. You can use the [AWS Serverless Application Model \(AWS SAM\)](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-getting-started.html) or the [AWS Cloud Development Kit \(CDK\)](https://docs.aws.amazon.com/cdk/v2/guide/getting_started.html) to simplify building and deploying TypeScript code\. Both tools use esbuild to transpile TypeScript code into JavaScript\. + +When using esbuild, consider the following: ++ There are several [TypeScript caveats](https://esbuild.github.io/content-types/#typescript-caveats)\. ++ You must configure your TypeScript transpilation settings to match the Node\.js runtime that you plan to use\. For more information, see [Target](https://esbuild.github.io/api/#target) in the esbuild documentation\. For an example of a **tsconfig\.json** file that demonstrates how to target a specific Node\.js version supported by Lambda, refer to the [TypeScript GitHub repository](https://github.com/tsconfig/bases/blob/main/bases/node14.json)\. ++ esbuild doesn’t perform type checks\. To check types, use the `tsc` compiler\. Run `tsc -noEmit` or add a `"noEmit"` parameter to your **tsconfig\.json** file, as shown in the following example\. This configures `tsc` to not emit JavaScript files\. After checking types, use esbuild to convert the TypeScript files into JavaScript\. + +**Example tsconfig\.json** + +``` + { + "compilerOptions": { + "target": "es2020", + "strict": true, + "preserveConstEnums": true, + "noEmit": true, + "sourceMap": false, + "module":"commonjs", + "moduleResolution":"node", + "esModuleInterop": true, + "skipLibCheck": true, + "forceConsistentCasingInFileNames": true, + "isolatedModules": true, + }, + "exclude": ["node_modules", "**/*.test.ts"] +} +``` + +**Topics** ++ [Setting up a TypeScript development environment](#typescript-dev) ++ [AWS Lambda function handler in TypeScript](typescript-handler.md) ++ [Deploy transpiled TypeScript code in Lambda with \.zip file archives](typescript-package.md) ++ [Deploy transpiled TypeScript code in Lambda with container images](typescript-image.md) ++ [AWS Lambda function errors in TypeScript](typescript-exceptions.md) + +The following topics about the Node\.js runtime are also relevant for TypeScript: ++ [AWS Lambda context object in Node\.js](nodejs-context.md) ++ [AWS Lambda function logging in Node\.js](nodejs-logging.md) ++ [Instrumenting Node\.js code in AWS Lambda](nodejs-tracing.md) \ No newline at end of file diff --git a/doc_source/lambda-urls.md b/doc_source/lambda-urls.md new file mode 100644 index 00000000..8dce6e3f --- /dev/null +++ b/doc_source/lambda-urls.md @@ -0,0 +1,20 @@ +# Lambda function URLs + +A function URL is a dedicated HTTP\(S\) endpoint for your Lambda function\. You can create and configure a function URL through the Lambda console or the Lambda API\. When you create a function URL, Lambda automatically generates a unique URL endpoint for you\. Function URL endpoints have the following format: + +``` +https://.lambda-url..on.aws +``` + +Lambda generates the `` portion of the endpoint based on a number of factors, including your AWS account ID\. Because this process is deterministic, it may be possible for anyone to retrieve your account ID from the ``\. + +Function URLs are dual stack\-enabled, supporting IPv4 and IPv6\. After you configure a function URL for your function, you can invoke your function through its HTTP\(S\) endpoint via a web browser, curl, Postman, or any HTTP client\. Lambda function URLs use [resource\-based policies](access-control-resource-based.md) for security and access control\. Function URLs also support cross\-origin resource sharing \(CORS\) configuration options\. + +You can apply function URLs to any function alias, or to the `$LATEST` unpublished function version\. You can't add a function URL to any other function version\. + +**Topics** ++ [Creating and managing Lambda function URLs](urls-configuration.md) ++ [Security and auth model for Lambda function URLs](urls-auth.md) ++ [Invoking Lambda function URLs](urls-invocation.md) ++ [Monitoring Lambda function URLs](urls-monitoring.md) ++ [Tutorial: Creating a Lambda function with a function URL](urls-tutorial.md) \ No newline at end of file diff --git a/doc_source/logging-using-cloudtrail.md b/doc_source/logging-using-cloudtrail.md old mode 100755 new mode 100644 index 526ce6c7..3bf9f78a --- a/doc_source/logging-using-cloudtrail.md +++ b/doc_source/logging-using-cloudtrail.md @@ -36,21 +36,26 @@ In the CloudTrail log file, the `eventName` might include date and version infor + [CreateFunction](API_CreateFunction.md) \(The `ZipFile` parameter is omitted from the CloudTrail logs for `CreateFunction`\.\) ++ [CreateFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunctionUrlConfig.html) + [DeleteEventSourceMapping](API_DeleteEventSourceMapping.md) + [DeleteFunction](API_DeleteFunction.md) ++ [DeleteFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionUrlConfig.html) + [GetEventSourceMapping](API_GetEventSourceMapping.md) + [GetFunction](API_GetFunction.md) ++ [GetFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionUrlConfig.html) + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [GetLayerVersionPolicy](API_GetLayerVersionPolicy.md) + [GetPolicy](API_GetPolicy.md) + [ListEventSourceMappings](API_ListEventSourceMappings.md) + [ListFunctions](API_ListFunctions.md) ++ [ListFunctionUrlConfigs](https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctionUrlConfigs.html) + [RemovePermission](API_RemovePermission.md) + [UpdateEventSourceMapping](API_UpdateEventSourceMapping.md) + [UpdateFunctionCode](API_UpdateFunctionCode.md) \(The `ZipFile` parameter is omitted from the CloudTrail logs for `UpdateFunctionCode`\.\) + [UpdateFunctionConfiguration](API_UpdateFunctionConfiguration.md) ++ [UpdateFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionUrlConfig.html) ## Understanding Lambda log file entries diff --git a/doc_source/monitoring-cloudwatchlogs.md b/doc_source/monitoring-cloudwatchlogs.md old mode 100755 new mode 100644 diff --git a/doc_source/monitoring-code-profiler.md b/doc_source/monitoring-code-profiler.md old mode 100755 new mode 100644 diff --git a/doc_source/monitoring-functions-access-metrics.md b/doc_source/monitoring-functions-access-metrics.md old mode 100755 new mode 100644 diff --git a/doc_source/monitoring-insights.md b/doc_source/monitoring-insights.md old mode 100755 new mode 100644 diff --git a/doc_source/monitoring-metrics.md b/doc_source/monitoring-metrics.md old mode 100755 new mode 100644 index 9a953755..e89b82c7 --- a/doc_source/monitoring-metrics.md +++ b/doc_source/monitoring-metrics.md @@ -1,6 +1,8 @@ # Working with Lambda function metrics -When your Lambda function finishes processing an event, Lambda sends metrics about the invocation to Amazon CloudWatch\. You can build graphs and dashboards with these metrics on the CloudWatch console, and set alarms to respond to changes in utilization, performance, or error rates\. Lambda sends metric data to CloudWatch in 1\-minute intervals\. +When your AWS Lambda function finishes processing an event, Lambda sends metrics about the invocation to Amazon CloudWatch\. There is no charge for these metrics\. + +On the CloudWatch console, you can build graphs and dashboards with these metrics\. You can set alarms to respond to changes in utilization, performance, or error rates\. Lambda sends metric data to CloudWatch in 1\-minute intervals\. If you want more immediate insight into your Lambda function, you can create high\-resolution [custom metrics](https://docs.aws.amazon.com/lambda/latest/operatorguide/custom-metrics.html)\. Charges apply for custom metrics and CloudWatch Alarms\. For more information, see [CloudWatch pricing\.](https://aws.amazon.com/cloudwatch/pricing/)\. This page describes the Lambda function invocation, performance, and concurrency metrics available on the CloudWatch console\. diff --git a/doc_source/monitoring-servicemap.md b/doc_source/monitoring-servicemap.md old mode 100755 new mode 100644 diff --git a/doc_source/nodejs-context.md b/doc_source/nodejs-context.md old mode 100755 new mode 100644 diff --git a/doc_source/nodejs-exceptions.md b/doc_source/nodejs-exceptions.md old mode 100755 new mode 100644 diff --git a/doc_source/nodejs-handler.md b/doc_source/nodejs-handler.md old mode 100755 new mode 100644 index 24bba014..5cf5123d --- a/doc_source/nodejs-handler.md +++ b/doc_source/nodejs-handler.md @@ -21,7 +21,7 @@ The second argument is the [context object](nodejs-context.md), which contains i The third argument, `callback`, is a function that you can call in [non\-async handlers](#nodejs-handler-sync) to send a response\. The callback function takes two arguments: an `Error` and a response\. When you call it, Lambda waits for the event loop to be empty and then returns the response or error to the invoker\. The response object must be compatible with `JSON.stringify`\. -For async handlers, you return a response, error, or promise to the runtime instead of using `callback`\. +For asynchronous function handlers, you return a response, error, or promise to the runtime instead of using `callback`\. If your function has additional dependencies, [use npm to include them in your deployment package](nodejs-package.md#nodejs-package-dependencies)\. diff --git a/doc_source/nodejs-image.md b/doc_source/nodejs-image.md old mode 100755 new mode 100644 index 48ce65af..261b1771 --- a/doc_source/nodejs-image.md +++ b/doc_source/nodejs-image.md @@ -4,8 +4,6 @@ You can deploy your Lambda function code as a [container image](images-create.md + AWS base images for Lambda These base images are preloaded with a language runtime and other components that are required to run the image on Lambda\. AWS provides a Dockerfile for each of the base images to help with building your container image\. - - AWS provides base images for the x86\_64 architecture for all supported \.NET runtimes, and for the arm64 architecture for the \.NET Core 3\.1 and \.NET 6\.0 runtimes\. + Open\-source runtime interface clients \(RIC\) If you use a community or private enterprise base image, you must add a [Runtime interface client](runtimes-images.md#runtimes-api-client) to the base image to make it compatible with Lambda\. @@ -17,9 +15,9 @@ The workflow for a function defined as a container image includes these steps: 1. Build your container image using the resources listed in this topic\. -1. Upload the image to your Amazon ECR container registry\. See steps 7\-9 in [Create image](images-create.md#images-create-from-base)\. +1. Upload the image to your [Amazon ECR container registry](images-create.md#images-upload)\. -1. [Create](configuration-images.md#configuration-images-create) the Lambda function or [update the function code](configuration-images.md#configuration-images-update) to deploy the image to an existing function\. +1. [Create](gettingstarted-images.md#configuration-images-create) the Lambda function or [update the function code](gettingstarted-images.md#configuration-images-update) to deploy the image to an existing function\. **Topics** + [AWS base images for Node\.js](#nodejs-image-base) @@ -34,20 +32,16 @@ AWS provides the following base images for Node\.js: | Tags | Runtime | Operating system | Dockerfile | | --- | --- | --- | --- | +| 16 | NodeJS 16\.x | Amazon Linux 2 | [Dockerfile for Node\.js 16\.x on GitHub](https://github.com/aws/aws-lambda-base-images/blob/nodejs16.x/Dockerfile.nodejs16.x) | | 14 | NodeJS 14\.x | Amazon Linux 2 | [Dockerfile for Node\.js 14\.x on GitHub](https://github.com/aws/aws-lambda-base-images/blob/nodejs14.x/Dockerfile.nodejs14.x) | | 12 | NodeJS 12\.x | Amazon Linux 2 | [Dockerfile for Node\.js 12\.x on GitHub](https://github.com/aws/aws-lambda-base-images/blob/nodejs12.x/Dockerfile.nodejs12.x) | -| 10 | NodeJS 10\.x | Amazon Linux 2 | [Dockerfile for Node\.js 10\.x on GitHub](https://github.com/aws/aws-lambda-base-images/blob/nodejs10.x/Dockerfile.nodejs10.x) | - -Docker Hub repository: amazon/aws\-lambda\-nodejs -Amazon ECR repository: gallery\.ecr\.aws/lambda/nodejs +Amazon ECR repository: [gallery\.ecr\.aws/lambda/nodejs](https://gallery.ecr.aws/lambda/nodejs) ## Using a Node\.js base image For instructions on how to use a Node\.js base image, choose the **usage** tab on [AWS Lambda base images for Node\.js](https://gallery.ecr.aws/lambda/nodejs) in the *Amazon ECR repository*\. -The instructions are also available on [AWS Lambda base images for Node\.js](https://hub.docker.com/r/amazon/aws-lambda-nodejs) in the *Docker Hub repository*\. - ## Node\.js runtime interface clients Install the runtime interface client for Node\.js using the npm package manager: @@ -62,4 +56,4 @@ You can also download the [Node\.js runtime interface client](https://github.com ## Deploy the container image -For a new function, you deploy the Node\.js image when you [create the function](configuration-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](configuration-images.md#configuration-images-update)\. \ No newline at end of file +For a new function, you deploy the Node\.js image when you [create the function](gettingstarted-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](gettingstarted-images.md#configuration-images-update)\. \ No newline at end of file diff --git a/doc_source/nodejs-logging.md b/doc_source/nodejs-logging.md old mode 100755 new mode 100644 index 41bb4637..9027855e --- a/doc_source/nodejs-logging.md +++ b/doc_source/nodejs-logging.md @@ -81,7 +81,7 @@ You can use the Amazon CloudWatch console to view logs for all Lambda function i 1. Choose a log stream\. -Each log stream corresponds to an [instance of your function](runtimes-context.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. +Each log stream corresponds to an [instance of your function](lambda-runtime-environment.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. To use a sample application that correlates logs and traces with X\-Ray, see [Error processor sample application for AWS Lambda](samples-errorprocessor.md)\. @@ -136,7 +136,7 @@ The cli\-binary\-format option is required if you are using AWS CLI version 2\. aws lambda invoke --function-name my-function --cli-binary-format raw-in-base64-out --payload '{"key": "value"}' out sed -i'' -e 's/"//g' out sleep 15 -aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name $(cat out) --limit 5 +aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name stream1 --limit 5 ``` **Example macOS and Linux \(only\)** diff --git a/doc_source/nodejs-package.md b/doc_source/nodejs-package.md old mode 100755 new mode 100644 diff --git a/doc_source/nodejs-tracing.md b/doc_source/nodejs-tracing.md old mode 100755 new mode 100644 index 65896465..8aee76f8 --- a/doc_source/nodejs-tracing.md +++ b/doc_source/nodejs-tracing.md @@ -23,11 +23,11 @@ To trace requests that don't have a tracing header, enable active tracing in you 1. Choose **Save**\. **Pricing** -X\-Ray has a perpetual free tier\. Beyond the free tier threshold, X\-Ray charges for trace storage and retrieval\. For details, see [AWS X\-Ray pricing](https://aws.amazon.com/xray/pricing/)\. +You can use X\-Ray tracing for free each month up to a certain limit as part of the AWS Free Tier\. Beyond that threshold, X\-Ray charges for trace storage and retrieval\. For more information, see [AWS X\-Ray pricing](http://aws.amazon.com/xray/pricing/)\. Your function needs permission to upload trace data to X\-Ray\. When you enable active tracing in the Lambda console, Lambda adds the required permissions to your function's [execution role](lambda-intro-execution-role.md)\. Otherwise, add the [AWSXRayDaemonWriteAccess](https://console.aws.amazon.com/iam/home#/policies/arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess) policy to the execution role\. -X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rule is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. +X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rate is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. When active tracing is enabled, Lambda records a trace for a subset of invocations\. Lambda records two *segments*, which creates two nodes on the service map\. The first node represents the Lambda service that receives the invocation request\. The second node is recorded by the function's [runtime](gettingstarted-concepts.md#gettingstarted-concepts-runtime)\. @@ -108,7 +108,7 @@ To manage tracing configuration with the AWS CLI or AWS SDK, use the following A + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [CreateFunction](API_CreateFunction.md) -The following example AWS CLI command enables active tracing on a function named my\-function\. +The following example AWS CLI command enables active tracing on a function named **my\-function**\. ``` aws lambda update-function-configuration --function-name my-function \ @@ -119,7 +119,7 @@ Tracing mode is part of the version\-specific configuration that is locked when ## Enabling active tracing with AWS CloudFormation -To enable active tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. +To activate tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. **Example [function\-inline\.yml](https://github.com/awsdocs/aws-lambda-developer-guide/blob/master/templates/function-inline.yml) – Tracing configuration** @@ -174,6 +174,6 @@ Resources: - nodejs12.x ``` -With this configuration, you only update library layer if you change your runtime dependencies\. The function deployment package only contains your code\. When you update your function code, upload time is much faster than if you include dependencies in the deployment package\. +With this configuration, you update the library layer only if you change your runtime dependencies\. The function deployment package contains only your code\. When you update your function code, upload time is much faster than if you include dependencies in the deployment package\. Creating a layer for dependencies requires build changes to generate the layer archive prior to deployment\. For a working example, see the [blank\-nodejs](https://github.com/awsdocs/aws-lambda-developer-guide/tree/main/sample-apps/blank-nodejs) sample application\. \ No newline at end of file diff --git a/doc_source/permissions-boundary.md b/doc_source/permissions-boundary.md old mode 100755 new mode 100644 diff --git a/doc_source/powershell-context.md b/doc_source/powershell-context.md old mode 100755 new mode 100644 diff --git a/doc_source/powershell-devenv.md b/doc_source/powershell-devenv.md old mode 100755 new mode 100644 diff --git a/doc_source/powershell-exceptions.md b/doc_source/powershell-exceptions.md old mode 100755 new mode 100644 diff --git a/doc_source/powershell-handler.md b/doc_source/powershell-handler.md old mode 100755 new mode 100644 diff --git a/doc_source/powershell-logging.md b/doc_source/powershell-logging.md old mode 100755 new mode 100644 index f2bb52f6..5a322009 --- a/doc_source/powershell-logging.md +++ b/doc_source/powershell-logging.md @@ -39,7 +39,7 @@ Importing module ./Modules/AWSPowerShell.NetCore/3.3.618.0/AWSPowerShell.NetCore [Information] - AWS_LAMBDA_FUNCTION_VERSION=$LATEST [Information] - AWS_LAMBDA_LOG_GROUP_NAME=/aws/lambda/blank-powershell-function-18CIXMPLHFAJJ [Information] - AWS_LAMBDA_LOG_STREAM_NAME=2020/04/01/[$LATEST]53c5xmpl52d64ed3a744724d9c201089 -[Information] - AWS_EXECUTION_ENV=AWS_Lambda_dotnetcore2.1_powershell_1.0.0 +[Information] - AWS_EXECUTION_ENV=AWS_Lambda_dotnet6_powershell_1.0.0 [Information] - AWS_LAMBDA_FUNCTION_NAME=blank-powershell-function-18CIXMPLHFAJJ [Information] - PATH=/var/lang/bin:/usr/local/bin:/usr/bin/:/bin:/opt/bin [Information] - ## Event @@ -91,7 +91,7 @@ You can use the Amazon CloudWatch console to view logs for all Lambda function i 1. Choose a log stream\. -Each log stream corresponds to an [instance of your function](runtimes-context.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. +Each log stream corresponds to an [instance of your function](lambda-runtime-environment.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. To use a sample application that correlates logs and traces with X\-Ray, see [Error processor sample application for AWS Lambda](samples-errorprocessor.md)\. @@ -146,7 +146,7 @@ The cli\-binary\-format option is required if you are using AWS CLI version 2\. aws lambda invoke --function-name my-function --cli-binary-format raw-in-base64-out --payload '{"key": "value"}' out sed -i'' -e 's/"//g' out sleep 15 -aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name $(cat out) --limit 5 +aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name stream1 --limit 5 ``` **Example macOS and Linux \(only\)** diff --git a/doc_source/powershell-package.md b/doc_source/powershell-package.md old mode 100755 new mode 100644 diff --git a/doc_source/provisioned-concurrency.md b/doc_source/provisioned-concurrency.md old mode 100755 new mode 100644 index da53abaf..9597a647 --- a/doc_source/provisioned-concurrency.md +++ b/doc_source/provisioned-concurrency.md @@ -29,7 +29,7 @@ To manage provisioned concurrency settings for a version or alias, use the Lambd If you change the version that an alias points to, Lambda deallocates the provisioned concurrency from the old version and allocates it to the new version\. You can add a routing configuration to an alias that has provisioned concurrency\. For more information, see [Lambda function aliases](configuration-aliases.md)\. Note that you can't manage provisioned concurrency settings on the alias while the routing configuration is in place\. **Note** - Provisioned Concurrency is not supported on $LATEST\. Ensure your client application is not pointing to $LATEST before configuring provisioned concurrency\. + Provisioned Concurrency is not supported on the unpublished version of the function \($LATEST\)\. Ensure your client application is not pointing to $LATEST before configuring provisioned concurrency\. **To allocate provisioned concurrency for an alias or version** @@ -139,7 +139,7 @@ Application Auto Scaling allows you to manage provisioned concurrency on a sched To increase provisioned concurrency automatically as needed, use the `RegisterScalableTarget` and `PutScalingPolicy` Application Auto Scaling API operations to register a target and create a scaling policy: -1. Register a function's alias as a scaling target\. The following example registers the BLUE alias of a function named `function`my\-: +1. Register a function's alias as a scaling target\. The following example registers the BLUE alias of a function named `my-function`: ``` aws application-autoscaling register-scalable-target --service-namespace lambda \ diff --git a/doc_source/python-context.md b/doc_source/python-context.md old mode 100755 new mode 100644 index 6a259e73..59f1d264 --- a/doc_source/python-context.md +++ b/doc_source/python-context.md @@ -1,7 +1,7 @@ # AWS Lambda context object in Python **Note** -End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime support policy](runtime-support-policy.md)\. +End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. When Lambda runs your function, it passes a context object to the [handler](python-handler.md)\. This object provides methods and properties that provide information about the invocation, function, and execution environment\. For more information on how the context object is passed to the function handler, see [Lambda function handler in Python](python-handler.md)\. diff --git a/doc_source/python-exceptions.md b/doc_source/python-exceptions.md old mode 100755 new mode 100644 index 7793b3eb..fd9b07ee --- a/doc_source/python-exceptions.md +++ b/doc_source/python-exceptions.md @@ -1,7 +1,7 @@ # AWS Lambda function errors in Python **Note** -End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime support policy](runtime-support-policy.md)\. +End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. When your code raises an error, Lambda generates a JSON representation of the error\. This error document appears in the invocation log and, for synchronous invocations, in the output\. diff --git a/doc_source/python-handler.md b/doc_source/python-handler.md old mode 100755 new mode 100644 index a8a3bc70..e19cc90e --- a/doc_source/python-handler.md +++ b/doc_source/python-handler.md @@ -1,7 +1,7 @@ # Lambda function handler in Python **Note** -End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime support policy](runtime-support-policy.md)\. +End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. The Lambda function *handler* is the method in your function code that processes events\. When your function is invoked, Lambda runs the handler method\. When the handler exits or returns a response, it becomes available to handle another event\. diff --git a/doc_source/python-image.md b/doc_source/python-image.md old mode 100755 new mode 100644 index 6709b05d..9d80c4e5 --- a/doc_source/python-image.md +++ b/doc_source/python-image.md @@ -1,14 +1,12 @@ # Deploy Python Lambda functions with container images **Note** -End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime support policy](runtime-support-policy.md)\. +End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. You can deploy your Lambda function code as a [container image](images-create.md)\. AWS provides the following resources to help you build a container image for your Python function: + AWS base images for Lambda These base images are preloaded with a language runtime and other components that are required to run the image on Lambda\. AWS provides a Dockerfile for each of the base images to help with building your container image\. - - AWS provides base images for the x86\_64 architecture for all supported \.NET runtimes, and for the arm64 architecture for the \.NET Core 3\.1 and \.NET 6\.0 runtimes\. + Open\-source runtime interface clients \(RIC\) If you use a community or private enterprise base image, you must add a [Runtime interface client](runtimes-images.md#runtimes-api-client) to the base image to make it compatible with Lambda\. @@ -20,9 +18,9 @@ The workflow for a function defined as a container image includes these steps: 1. Build your container image using the resources listed in this topic\. -1. Upload the image to your Amazon ECR container registry\. See steps 7\-9 in [Create image](images-create.md#images-create-from-base)\. +1. Upload the image to your [Amazon ECR container registry](images-create.md#images-upload)\. -1. [Create](configuration-images.md#configuration-images-create) the Lambda function or [update the function code](configuration-images.md#configuration-images-update) to deploy the image to an existing function\. +1. [Create](gettingstarted-images.md#configuration-images-create) the Lambda function or [update the function code](gettingstarted-images.md#configuration-images-update) to deploy the image to an existing function\. **Topics** + [AWS base images for Python](#python-image-base) @@ -44,9 +42,7 @@ AWS provides the following base images for Python: | 3\.6 | Python 3\.6 | Amazon Linux 2018\.03 | [Dockerfile for Python 3\.6 on GitHub](https://github.com/aws/aws-lambda-base-images/blob/python3.6/Dockerfile.python3.6) | | 2, 2\.7 | Python 2\.7 | Amazon Linux 2018\.03 | [Dockerfile for Python 2\.7 on GitHub](https://github.com/aws/aws-lambda-base-images/blob/python2.7/Dockerfile.python2.7) | -Docker Hub repository: amazon/aws\-lambda\-python - -Amazon ECR repository: gallery\.ecr\.aws/lambda/python +Amazon ECR repository: [gallery\.ecr\.aws/lambda/python](https://gallery.ecr.aws/lambda/python) ## Create a Python image from an AWS base image @@ -108,4 +104,4 @@ You can also download the [Python runtime interface client](https://github.com/a ## Deploy the container image -For a new function, you deploy the Python image when you [create the function](configuration-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](configuration-images.md#configuration-images-update)\. \ No newline at end of file +For a new function, you deploy the Python image when you [create the function](gettingstarted-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](gettingstarted-images.md#configuration-images-update)\. \ No newline at end of file diff --git a/doc_source/python-logging.md b/doc_source/python-logging.md old mode 100755 new mode 100644 index 5fba3a46..cd833a4d --- a/doc_source/python-logging.md +++ b/doc_source/python-logging.md @@ -1,7 +1,7 @@ # AWS Lambda function logging in Python **Note** -End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime support policy](runtime-support-policy.md)\. +End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. AWS Lambda automatically monitors Lambda functions on your behalf and sends function metrics to Amazon CloudWatch\. Your Lambda function comes with a CloudWatch Logs log group and a log stream for each instance of your function\. The Lambda runtime environment sends details about each invocation to the log stream, and relays logs and other output from your function's code\. @@ -73,7 +73,7 @@ You can use the Amazon CloudWatch console to view logs for all Lambda function i 1. Choose a log stream\. -Each log stream corresponds to an [instance of your function](runtimes-context.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. +Each log stream corresponds to an [instance of your function](lambda-runtime-environment.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. To use a sample application that correlates logs and traces with X\-Ray, see [Error processor sample application for AWS Lambda](samples-errorprocessor.md)\. @@ -128,7 +128,7 @@ The cli\-binary\-format option is required if you are using AWS CLI version 2\. aws lambda invoke --function-name my-function --cli-binary-format raw-in-base64-out --payload '{"key": "value"}' out sed -i'' -e 's/"//g' out sleep 15 -aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name $(cat out) --limit 5 +aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name stream1 --limit 5 ``` **Example macOS and Linux \(only\)** diff --git a/doc_source/python-package.md b/doc_source/python-package.md old mode 100755 new mode 100644 index cd9c70dd..0f757e90 --- a/doc_source/python-package.md +++ b/doc_source/python-package.md @@ -1,7 +1,7 @@ # Deploy Python Lambda functions with \.zip file archives **Note** -End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime support policy](runtime-support-policy.md)\. +End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. Your AWS Lambda function's code consists of scripts or compiled programs and their dependencies\. You use a *deployment package* to deploy your function code to Lambda\. Lambda supports two types of deployment packages: container images and \.zip file archives\. @@ -16,7 +16,7 @@ To create the deployment package for a \.zip file archive, you can use a built\- **Note** A python package may contain initialization code in the \_\_init\_\_\.py file\. Prior to Python 3\.9, Lambda did not run the \_\_init\_\_\.py code for packages in the function handler’s directory or parent directories\. In Python 3\.9 and later releases, Lambda runs the init code for packages in these directories during initialization\. -Note that Lambda runs the init code only when the execution environment is first initialized, not for each function invocation in that intialized environment\. +Note that Lambda runs the init code only when the execution environment is first initialized, not for each function invocation in that initialized environment\. **Topics** + [Prerequisites](#python-package-prereqs) diff --git a/doc_source/python-tracing.md b/doc_source/python-tracing.md old mode 100755 new mode 100644 index 7b1a6c85..40775db9 --- a/doc_source/python-tracing.md +++ b/doc_source/python-tracing.md @@ -1,7 +1,7 @@ # Instrumenting Python code in AWS Lambda **Note** -End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime support policy](runtime-support-policy.md)\. +End of support for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. Lambda integrates with AWS X\-Ray to enable you to trace, debug, and optimize Lambda applications\. You can use X\-Ray to trace a request as it traverses resources in your application, from the frontend API to storage and database on the backend\. By simply adding the X\-Ray SDK library to your build configuration, you can record errors and latency for any call that your function makes to an AWS service\. @@ -26,11 +26,11 @@ To trace requests that don't have a tracing header, enable active tracing in you 1. Choose **Save**\. **Pricing** -X\-Ray has a perpetual free tier\. Beyond the free tier threshold, X\-Ray charges for trace storage and retrieval\. For details, see [AWS X\-Ray pricing](https://aws.amazon.com/xray/pricing/)\. +You can use X\-Ray tracing for free each month up to a certain limit as part of the AWS Free Tier\. Beyond that threshold, X\-Ray charges for trace storage and retrieval\. For more information, see [AWS X\-Ray pricing](http://aws.amazon.com/xray/pricing/)\. Your function needs permission to upload trace data to X\-Ray\. When you enable active tracing in the Lambda console, Lambda adds the required permissions to your function's [execution role](lambda-intro-execution-role.md)\. Otherwise, add the [AWSXRayDaemonWriteAccess](https://console.aws.amazon.com/iam/home#/policies/arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess) policy to the execution role\. -X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rule is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. +X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rate is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. When active tracing is enabled, Lambda records a trace for a subset of invocations\. Lambda records two *segments*, which creates two nodes on the service map\. The first node represents the Lambda service that receives the invocation request\. The second node is recorded by the function's [runtime](gettingstarted-concepts.md#gettingstarted-concepts-runtime)\. @@ -89,7 +89,7 @@ To manage tracing configuration with the AWS CLI or AWS SDK, use the following A + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [CreateFunction](API_CreateFunction.md) -The following example AWS CLI command enables active tracing on a function named my\-function\. +The following example AWS CLI command enables active tracing on a function named **my\-function**\. ``` aws lambda update-function-configuration --function-name my-function \ @@ -100,7 +100,7 @@ Tracing mode is part of the version\-specific configuration that is locked when ## Enabling active tracing with AWS CloudFormation -To enable active tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. +To activate tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. **Example [function\-inline\.yml](https://github.com/awsdocs/aws-lambda-developer-guide/blob/master/templates/function-inline.yml) – Tracing configuration** @@ -155,6 +155,6 @@ Resources: - python3.8 ``` -With this configuration, you only update library layer if you change your runtime dependencies\. The function deployment package only contains your code\. When you update your function code, upload time is much faster than if you include dependencies in the deployment package\. +With this configuration, you update the library layer only if you change your runtime dependencies\. The function deployment package contains only your code\. When you update your function code, upload time is much faster than if you include dependencies in the deployment package\. Creating a layer for dependencies requires build changes to generate the layer archive prior to deployment\. For a working example, see the [blank\-python](https://github.com/awsdocs/aws-lambda-developer-guide/tree/main/sample-apps/blank-python) sample application\. \ No newline at end of file diff --git a/doc_source/ruby-context.md b/doc_source/ruby-context.md old mode 100755 new mode 100644 diff --git a/doc_source/ruby-exceptions.md b/doc_source/ruby-exceptions.md old mode 100755 new mode 100644 diff --git a/doc_source/ruby-handler.md b/doc_source/ruby-handler.md old mode 100755 new mode 100644 index fe3c6e88..bba1956f --- a/doc_source/ruby-handler.md +++ b/doc_source/ruby-handler.md @@ -36,4 +36,4 @@ The two objects that the handler accepts are the invocation event and context\. The function handler is executed every time your Lambda function is invoked\. Static code outside of the handler is executed once per instance of the function\. If your handler uses resources like SDK clients and database connections, you can create them outside of the handler method to reuse them for multiple invocations\. -Each instance of your function can process multiple invocation events, but it only processes one event at a time\. The number of instances processing an event at any given time is your function's *concurrency*\. For more information about the Lambda execution environment, see [AWS Lambda execution environment](runtimes-context.md)\. \ No newline at end of file +Each instance of your function can process multiple invocation events, but it only processes one event at a time\. The number of instances processing an event at any given time is your function's *concurrency*\. For more information about the Lambda execution environment, see [AWS Lambda execution environment](lambda-runtime-environment.md)\. \ No newline at end of file diff --git a/doc_source/ruby-image.md b/doc_source/ruby-image.md old mode 100755 new mode 100644 index d42ca1e3..b8602556 --- a/doc_source/ruby-image.md +++ b/doc_source/ruby-image.md @@ -4,8 +4,6 @@ You can deploy your Lambda function code as a [container image](images-create.md + AWS base images for Lambda These base images are preloaded with a language runtime and other components that are required to run the image on Lambda\. AWS provides a Dockerfile for each of the base images to help with building your container image\. - - AWS provides base images for the x86\_64 architecture for all supported \.NET runtimes, and for the arm64 architecture for the \.NET Core 3\.1 and \.NET 6\.0 runtimes\. + Open\-source runtime interface clients \(RIC\) If you use a community or private enterprise base image, you must add a [Runtime interface client](runtimes-images.md#runtimes-api-client) to the base image to make it compatible with Lambda\. @@ -17,9 +15,9 @@ The workflow for a function defined as a container image includes these steps: 1. Build your container image using the resources listed in this topic\. -1. Upload the image to your Amazon ECR container registry\. See steps 7\-9 in [Create image](images-create.md#images-create-from-base)\. +1. Upload the image to your [Amazon ECR container registry](images-create.md#images-upload)\. -1. [Create](configuration-images.md#configuration-images-create) the Lambda function or [update the function code](configuration-images.md#configuration-images-update) to deploy the image to an existing function\. +1. [Create](gettingstarted-images.md#configuration-images-create) the Lambda function or [update the function code](gettingstarted-images.md#configuration-images-update) to deploy the image to an existing function\. **Topics** + [AWS base images for Ruby](#ruby-image-base) @@ -38,15 +36,11 @@ AWS provides the following base images for Ruby: | 2, 2\.7 | Ruby 2\.7 | Amazon Linux 2 | [Dockerfile for Ruby 2\.7 on GitHub](https://github.com/aws/aws-lambda-base-images/blob/ruby2.7/Dockerfile.ruby2.7) | | 2\.5 | Ruby 2\.5 | Amazon Linux 2018\.03 | [Dockerfile for Ruby 2\.5 on GitHub](https://github.com/aws/aws-lambda-base-images/blob/ruby2.5/Dockerfile.ruby2.5) | -Docker Hub repository: amazon/aws\-lambda\-ruby - -Amazon ECR repository: gallery\.ecr\.aws/lambda/ruby +Amazon ECR repository: [gallery\.ecr\.aws/lambda/ruby](https://gallery.ecr.aws/lambda/ruby) ## Using a Ruby base image -For instructions on how to use a Ruby base image, choose the **usage** tab on [AWS Lambda base images for Ruby](https://gallery.ecr.aws/lambda/ruby) in the *Amazon ECR repository*\. - -The instructions are also available on [AWS Lambda base images for Ruby](https://hub.docker.com/r/amazon/aws-lambda-ruby) in the *Docker Hub repository*\. +For instructions on how to use a Ruby base image, choose the **usage** tab on [AWS Lambda base images for Ruby](https://gallery.ecr.aws/lambda/ruby) in the *Amazon ECR repository*\. ## Ruby runtime interface clients @@ -103,4 +97,4 @@ When you build a container image for Ruby using an AWS base image, you only need ## Deploy the container image -For a new function, you deploy the Ruby image when you [create the function](configuration-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](configuration-images.md#configuration-images-update)\. \ No newline at end of file +For a new function, you deploy the Ruby image when you [create the function](gettingstarted-images.md#configuration-images-create)\. For an existing function, if you rebuild the container image, you need to redeploy the image by [updating the function code](gettingstarted-images.md#configuration-images-update)\. \ No newline at end of file diff --git a/doc_source/ruby-logging.md b/doc_source/ruby-logging.md old mode 100755 new mode 100644 index 9a57855a..9376cf77 --- a/doc_source/ruby-logging.md +++ b/doc_source/ruby-logging.md @@ -103,7 +103,7 @@ You can use the Amazon CloudWatch console to view logs for all Lambda function i 1. Choose a log stream\. -Each log stream corresponds to an [instance of your function](runtimes-context.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. +Each log stream corresponds to an [instance of your function](lambda-runtime-environment.md)\. A log stream appears when you update your Lambda function, and when additional instances are created to handle multiple concurrent invocations\. To find logs for a specific invocation, we recommend instrumenting your function with AWS X\-Ray\. X\-Ray records details about the request and the log stream in the trace\. To use a sample application that correlates logs and traces with X\-Ray, see [Error processor sample application for AWS Lambda](samples-errorprocessor.md)\. @@ -158,7 +158,7 @@ The cli\-binary\-format option is required if you are using AWS CLI version 2\. aws lambda invoke --function-name my-function --cli-binary-format raw-in-base64-out --payload '{"key": "value"}' out sed -i'' -e 's/"//g' out sleep 15 -aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name $(cat out) --limit 5 +aws logs get-log-events --log-group-name /aws/lambda/my-function --log-stream-name stream1 --limit 5 ``` **Example macOS and Linux \(only\)** diff --git a/doc_source/ruby-package.md b/doc_source/ruby-package.md old mode 100755 new mode 100644 diff --git a/doc_source/ruby-tracing.md b/doc_source/ruby-tracing.md old mode 100755 new mode 100644 index 0ea13d40..f40b734a --- a/doc_source/ruby-tracing.md +++ b/doc_source/ruby-tracing.md @@ -23,11 +23,11 @@ To trace requests that don't have a tracing header, enable active tracing in you 1. Choose **Save**\. **Pricing** -X\-Ray has a perpetual free tier\. Beyond the free tier threshold, X\-Ray charges for trace storage and retrieval\. For details, see [AWS X\-Ray pricing](https://aws.amazon.com/xray/pricing/)\. +You can use X\-Ray tracing for free each month up to a certain limit as part of the AWS Free Tier\. Beyond that threshold, X\-Ray charges for trace storage and retrieval\. For more information, see [AWS X\-Ray pricing](http://aws.amazon.com/xray/pricing/)\. Your function needs permission to upload trace data to X\-Ray\. When you enable active tracing in the Lambda console, Lambda adds the required permissions to your function's [execution role](lambda-intro-execution-role.md)\. Otherwise, add the [AWSXRayDaemonWriteAccess](https://console.aws.amazon.com/iam/home#/policies/arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess) policy to the execution role\. -X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rule is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. +X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rate is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. When active tracing is enabled, Lambda records a trace for a subset of invocations\. Lambda records two *segments*, which creates two nodes on the service map\. The first node represents the Lambda service that receives the invocation request\. The second node is recorded by the function's [runtime](gettingstarted-concepts.md#gettingstarted-concepts-runtime)\. @@ -88,7 +88,7 @@ To manage tracing configuration with the AWS CLI or AWS SDK, use the following A + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [CreateFunction](API_CreateFunction.md) -The following example AWS CLI command enables active tracing on a function named my\-function\. +The following example AWS CLI command enables active tracing on a function named **my\-function**\. ``` aws lambda update-function-configuration --function-name my-function \ @@ -99,7 +99,7 @@ Tracing mode is part of the version\-specific configuration that is locked when ## Enabling active tracing with AWS CloudFormation -To enable active tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. +To activate tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. **Example [function\-inline\.yml](https://github.com/awsdocs/aws-lambda-developer-guide/blob/master/templates/function-inline.yml) – Tracing configuration** @@ -154,6 +154,6 @@ Resources: - ruby2.5 ``` -With this configuration, you only update library layer if you change your runtime dependencies\. The function deployment package only contains your code\. When you update your function code, upload time is much faster than if you include dependencies in the deployment package\. +With this configuration, you update the library layer only if you change your runtime dependencies\. The function deployment package contains only your code\. When you update your function code, upload time is much faster than if you include dependencies in the deployment package\. Creating a layer for dependencies requires build changes to generate the layer archive prior to deployment\. For a working example, see the [blank\-ruby](https://github.com/awsdocs/aws-lambda-developer-guide/tree/main/sample-apps/blank-ruby) sample application\. \ No newline at end of file diff --git a/doc_source/runtime-support-policy.md b/doc_source/runtime-support-policy.md deleted file mode 100755 index 201e3cf2..00000000 --- a/doc_source/runtime-support-policy.md +++ /dev/null @@ -1,41 +0,0 @@ -# Runtime support policy - -[Lambda runtimes](lambda-runtimes.md) for \.zip file archives are built around a combination of operating system, programming language, and software libraries that are subject to maintenance and security updates\. When security updates are no longer available for a component of a runtime, Lambda deprecates the runtime\. - -Deprecation \(end of support\) for a runtime occurs in two phases\. In phase 1, Lambda no longer applies security patches or other updates to the runtime\. You can no longer create functions that use the runtime, but you can continue to update existing functions\. This includes updating the runtime version, and rolling back to the previous runtime version\. Note that functions that use a deprecated runtime are no longer eligible for technical support\. - -In phase 2, which starts at least 30 days after the start of phase 1, you can no longer create or update functions that use the runtime\. To update a function, you need to migrate it to a supported runtime version\. After you migrate the function to a supported runtime version, you cannot rollback the function to the previous runtime\. - -Lambda does not block invocations of functions that use deprecated runtime versions\. Function invocations continue indefinitely after the runtime version reaches end of support\. However, AWS strongly recommends that you migrate functions to a supported runtime version so that you continue to receive security patches and remain eligible for technical support\. - -**Important** -Python 2\.7 reached end of life on January 1, 2020\. End of support \(phase 1\) for the Python 2\.7 runtime started on July 15, 2021\. For more information, see [Announcing end of support for Python 2\.7 in AWS Lambda](http://aws.amazon.com/blogs/compute/announcing-end-of-support-for-python-2-7-in-aws-lambda/) on the AWS Compute Blog\. - -In the table below, each of the phases starts at midnight \(Pacific time zone\) on the specified date\. The following runtimes have reached or are scheduled for end of support: - - -**Runtime end of support dates** - -| Name | Identifier | Operating system | End of support phase 1 start | End of support phase 2 start | -| --- | --- | --- | --- | --- | -| \.NET Core 2\.1 | `dotnetcore2.1` | Amazon Linux | Jan 5, 2022 | Feb 14, 2022 | -| Python 2\.7 | `python2.7` | Amazon Linux | July 15, 2021 | Feb 14, 2022 | -| Ruby 2\.5 | `ruby2.5` | Amazon Linux | July 30, 2021 | Feb 14, 2022 | -| Node\.js 10\.x | `nodejs10.x` | Amazon Linux 2 | July 30, 2021 | Feb 14, 2022 | -| Node\.js 8\.10 | `nodejs8.10` | Amazon Linux | | March 6, 2020 | -| Node\.js 6\.10 | `nodejs6.10` | Amazon Linux | | August 12, 2019 | -| Node\.js 4\.3 edge | `nodejs4.3-edge` | Amazon Linux | | April 30, 2019 | -| Node\.js 4\.3 | `nodejs4.3` | Amazon Linux | | March 6, 2020 | -| Node\.js 0\.10 | `nodejs` | Amazon Linux | | October 31, 2016 | -| \.NET Core 2\.0 | `dotnetcore2.0` | Amazon Linux | | May 30, 2019 | -| \.NET Core 1\.0 | `dotnetcore1.0` | Amazon Linux | | July 30, 2019 | - -In almost all cases, the end\-of\-life date of a language version or operating system is known well in advance\. Lambda notifies you by email if you have functions using a runtime that is scheduled for end of support in the next 60 days\. In rare cases, advance notice of support ending might not be possible\. For example, security issues that require a backwards\-incompatible update, or a runtime component that doesn't provide a long\-term support \(LTS\) schedule\. - -**Language and framework support policies** -+ **Node\.js** – [github\.com](https://github.com/nodejs/Release#release-schedule) -+ **Python** – [devguide\.python\.org](https://devguide.python.org/#status-of-python-branches) -+ **Ruby** – [www\.ruby\-lang\.org](https://www.ruby-lang.org/en/downloads/branches/) -+ **Java** – [www\.oracle\.com](https://www.oracle.com/java/technologies/java-se-support-roadmap.html) and [Corretto FAQs](http://aws.amazon.com/corretto/faqs/) -+ **Go** – [golang\.org](https://golang.org/doc/devel/release.html) -+ **\.NET Core** – [dotnet\.microsoft\.com](https://dotnet.microsoft.com/platform/support/policy/dotnet-core) \ No newline at end of file diff --git a/doc_source/runtimes-api.md b/doc_source/runtimes-api.md old mode 100755 new mode 100644 index 8e13f1bf..69cc6f2d --- a/doc_source/runtimes-api.md +++ b/doc_source/runtimes-api.md @@ -2,6 +2,8 @@ AWS Lambda provides an HTTP API for [custom runtimes](runtimes-custom.md) to receive invocation events from Lambda and send response data back within the Lambda [execution environment](lambda-runtimes.md)\. +![\[Architecture diagram of the execution environment.\]](http://docs.aws.amazon.com/lambda/latest/dg/images/logs-api-concept-diagram.png) + The OpenAPI specification for the runtime API version **2018\-06\-01** is available in [runtime\-api\.zip](samples/runtime-api.zip) To create an API request URL, runtimes get the API endpoint from the `AWS_LAMBDA_RUNTIME_API` environment variable, add the API version, and add the desired resource path\. @@ -73,13 +75,13 @@ If the function returns an error or the runtime encounters an error during initi **Headers** -`Lambda-Runtime-Function-Error-Type` – Error type that the extension encountered\. Required: no\. +`Lambda-Runtime-Function-Error-Type` – Error type that the runtime encountered\. Required: no\. This header consists of a string value\. Lambda accepts any string, but we recommend a format of \. For example: + Runtime\.NoSuchHandler -+ Extension\.APIKeyNotFound -+ Extension\.ConfigInvalid -+ Extension\.UnknownReason ++ Runtime\.APIKeyNotFound ++ Runtime\.ConfigInvalid ++ Runtime\.UnknownReason **Body parameters** @@ -116,7 +118,7 @@ The following example shows a Lambda function error message in which the functio **Response codes** + 202 – Accepted + 403 – Forbidden -+ 500 – Container error\. Non\-recoverable state\. Extension should exit promptly\. ++ 500 – Container error\. Non\-recoverable state\. Runtime should exit promptly\. **Example initialization error request** @@ -135,13 +137,13 @@ If the function returns an error or the runtime encounters an error, the runtime **Headers** -`Lambda-Runtime-Function-Error-Type` – Error type that the extension encountered\. Required: no\. +`Lambda-Runtime-Function-Error-Type` – Error type that the runtime encountered\. Required: no\. This header consists of a string value\. Lambda accepts any string, but we recommend a format of \. For example: + Runtime\.NoSuchHandler -+ Extension\.APIKeyNotFound -+ Extension\.ConfigInvalid -+ Extension\.UnknownReason ++ Runtime\.APIKeyNotFound ++ Runtime\.ConfigInvalid ++ Runtime\.UnknownReason **Body parameters** @@ -179,7 +181,7 @@ The following example shows a Lambda function error message in which the functio + 202 – Accepted + 400 – Bad Request + 403 – Forbidden -+ 500 – Container error\. Non\-recoverable state\. Extension should exit promptly\. ++ 500 – Container error\. Non\-recoverable state\. Runtime should exit promptly\. **Example error request** diff --git a/doc_source/runtimes-avx2.md b/doc_source/runtimes-avx2.md old mode 100755 new mode 100644 diff --git a/doc_source/runtimes-custom.md b/doc_source/runtimes-custom.md old mode 100755 new mode 100644 index 371cc746..06960cfd --- a/doc_source/runtimes-custom.md +++ b/doc_source/runtimes-custom.md @@ -38,7 +38,7 @@ cd $LAMBDA_TASK_ROOT ./node-v11.1.0-linux-x64/bin/node runtime.js ``` -Your runtime code is responsible for completing some initialization tasks\. Then it processes invocation events in a loop until it's terminated\. The initialization tasks run once [per instance of the function](runtimes-context.md) to prepare the environment to handle invocations\. +Your runtime code is responsible for completing some initialization tasks\. Then it processes invocation events in a loop until it's terminated\. The initialization tasks run once [per instance of the function](lambda-runtime-environment.md) to prepare the environment to handle invocations\. **Initialization tasks** + **Retrieve settings** – Read environment variables to get details about the function and environment\. diff --git a/doc_source/runtimes-extensions-api.md b/doc_source/runtimes-extensions-api.md old mode 100755 new mode 100644 index 94d26b24..484cd1a6 --- a/doc_source/runtimes-extensions-api.md +++ b/doc_source/runtimes-extensions-api.md @@ -1,27 +1,12 @@ # Lambda Extensions API -Lambda function authors use extensions to integrate Lambda with their preferred tools for monitoring, observability, security, and governance\. Function authors can use extensions from AWS, AWS Partners, and open\-source projects\. For more information on using extensions, see [Introducing AWS Lambda Extensions](http://aws.amazon.com/blogs/compute/introducing-aws-lambda-extensions-in-preview/) on the AWS Compute Blog\. +Lambda function authors use extensions to integrate Lambda with their preferred tools for monitoring, observability, security, and governance\. Function authors can use extensions from AWS, [AWS Partners](extensions-api-partners.md), and open\-source projects\. For more information on using extensions, see [Introducing AWS Lambda Extensions](http://aws.amazon.com/blogs/aws/getting-started-with-using-your-favorite-operational-tools-on-aws-lambda-extensions-are-now-generally-available/) on the AWS Compute Blog\. -As an extension author, you can use the Lambda Extensions API to integrate deeply into the Lambda [execution environment](runtimes-context.md)\. Your extension can register for function and execution environment lifecycle events\. In response to these events, you can start new processes, run logic, and control and participate in all phases of the Lambda lifecycle: initialization, invocation, and shutdown\. In addition, you can use the [Runtime Logs API](runtimes-logs-api.md) to receive a stream of logs\. +![\[Architecture diagram of the execution environment.\]](http://docs.aws.amazon.com/lambda/latest/dg/images/logs-api-concept-diagram.png) -An extension runs as an independent process in the execution environment and can continue to run after the function invocation is fully processed\. Because extensions run as processes, you can write them in a different language than the function\. We recommend that you implement extensions using a compiled language\. In this case, the extension is a self\-contained binary that is compatible with all of the supported runtimes\. If you use a non\-compiled language, ensure that you include a compatible runtime in the extension\. +As an extension author, you can use the Lambda Extensions API to integrate deeply into the Lambda [execution environment](lambda-runtime-environment.md)\. Your extension can register for function and execution environment lifecycle events\. In response to these events, you can start new processes, run logic, and control and participate in all phases of the Lambda lifecycle: initialization, invocation, and shutdown\. In addition, you can use the [Runtime Logs API](runtimes-logs-api.md) to receive a stream of logs\. -The following [Lambda runtimes](lambda-runtimes.md) support extensions: -+ \.NET Core 3\.1 \(C\#/PowerShell\) \(`dotnetcore3.1`\) -+ Custom runtime \(`provided`\) -+ Custom runtime on Amazon Linux 2 \(`provided.al2`\) -+ Java 11 \(Corretto\) \(`java11`\) -+ Java 8 \(Corretto\) \(`java8.al2`\) -+ Node\.js 14\.x \(`nodejs14.x`\) -+ Node\.js 12\.x \(`nodejs12.x`\) -+ Node\.js 10\.x \(`nodejs10.x`\) -+ Python 3\.9 \(`python3.9`\) -+ Python 3\.8 \(`python3.8`\) -+ Python 3\.7 \(`python3.7`\) -+ Ruby 2\.7 \(`ruby2.7`\) -+ Ruby 2\.5 \(`ruby2.5`\) - -Note that the Go 1\.x runtime does not support extensions\. To support extensions, you can create Go functions on the `provided.al2` runtime\. For more information, see [ Migrating Lambda functions to Amazon Linux 2](http://aws.amazon.com/blogs/compute/migrating-aws-lambda-functions-to-al2/)\. +An extension runs as an independent process in the execution environment and can continue to run after the function invocation is fully processed\. Because extensions run as processes, you can write them in a different language than the function\. We recommend that you implement extensions using a compiled language\. In this case, the extension is a self\-contained binary that is compatible with supported runtimes\. All [Lambda runtimes](lambda-runtimes.md) support extensions\. If you use a non\-compiled language, ensure that you include a compatible runtime in the extension\. Lambda also supports *internal extensions*\. An internal extension runs as a separate thread in the runtime process\. The runtime starts and stops the internal extension\. An alternative way to integrate with the Lambda environment is to use language\-specific [environment variables and wrapper scripts](runtimes-modify.md)\. You can use these to configure the runtime environment and modify the startup behavior of the runtime process\. @@ -116,10 +101,10 @@ Function developers can run different versions of their functions side by side t ### Shutdown phase -When Lambda is about to shut down the runtime, it sends a `Shutdown` event to the runtime and then to each registered external extension\. Extensions can use this time for final cleanup tasks\. The `Shutdown` event is sent in response to a `Next` API request\. +When Lambda is about to shut down the runtime, it sends a `Shutdown` to each registered external extension\. Extensions can use this time for final cleanup tasks\. The `Shutdown` event is sent in response to a `Next` API request\. **Duration limit**: The maximum duration of the `Shutdown` phase depends on the configuration of registered extensions: -+ 300 ms – A function with no registered extensions ++ 0 ms – A function with no registered extensions + 500 ms – A function with a registered internal extension + 2,000 ms – A function with one or more registered external extensions @@ -281,7 +266,7 @@ The extension uses this method to report an initialization error to Lambda\. Cal `Lambda-Extension-Function-Error-Type` – Error type that the extension encountered\. Required: yes\. This header consists of a string value\. Lambda accepts any string, but we recommend a format of \. For example: -+ Runtime\.NoSuchHandler ++ Extension\.NoSuchHandler + Extension\.APIKeyNotFound + Extension\.ConfigInvalid + Extension\.UnknownReason @@ -338,7 +323,7 @@ The extension uses this method to report an error to Lambda before exiting\. Cal `Lambda-Extension-Function-Error-Type` – Error type that the extension encountered\. Required: yes\. This header consists of a string value\. Lambda accepts any string, but we recommend a format of \. For example: -+ Runtime\.NoSuchHandler ++ Extension\.NoSuchHandler + Extension\.APIKeyNotFound + Extension\.ConfigInvalid + Extension\.UnknownReason diff --git a/doc_source/runtimes-images.md b/doc_source/runtimes-images.md old mode 100755 new mode 100644 index a2e180f8..984482eb --- a/doc_source/runtimes-images.md +++ b/doc_source/runtimes-images.md @@ -1,4 +1,4 @@ -# Runtime support for Lambda container images +# Base images for Lambda AWS provides a set of open\-source base images that you can use\. You can also use a preferred community or private base image\. Lambda provides client software that you add to your preferred base image to make it compatible with the Lambda service\. @@ -35,9 +35,7 @@ AWS provides base images that contain the required Lambda components and the Ama | al2 | provided\.al2 | Amazon Linux 2 | | alami | provided | Amazon Linux | -DockerHub: amazon/aws\-lambda\-provided - -ECR Public: public\.ecr\.aws/lambda/provided +Amazon ECR Public Gallery: [gallery\.ecr\.aws/lambda/provided](https://gallery.ecr.aws/lambda/provided) ## Runtime interface clients diff --git a/doc_source/runtimes-logs-api.md b/doc_source/runtimes-logs-api.md old mode 100755 new mode 100644 index 7c8d7571..37a9082c --- a/doc_source/runtimes-logs-api.md +++ b/doc_source/runtimes-logs-api.md @@ -2,7 +2,7 @@ Lambda automatically captures runtime logs and streams them to Amazon CloudWatch\. This log stream contains the logs that your function code and extensions generate, and also the logs that Lambda generates as part of the function invocation\. -[Lambda extensions](runtimes-extensions-api.md) can use the Lambda Runtime Logs API to subscribe to log streams directly from within the Lambda [execution environment](runtimes-context.md)\. Lambda streams the logs to the extension, and the extension can then process, filter, and send the logs to any preferred destination\. +[Lambda extensions](runtimes-extensions-api.md) can use the Lambda Runtime Logs API to subscribe to log streams directly from within the Lambda [execution environment](lambda-runtime-environment.md)\. Lambda streams the logs to the extension, and the extension can then process, filter, and send the logs to any preferred destination\. ![\[\]](http://docs.aws.amazon.com/lambda/latest/dg/images/logs-api-concept-diagram.png) @@ -28,7 +28,7 @@ Lambda sends all logs to CloudWatch, even when an extension subscribes to one or A Lambda extension can subscribe to receive logs by sending a subscription request to the Logs API\. -To subscribe to receive logs, you need the extension identifier \(`Lambda-Extension-Identifier`\)\. First [register the extension](runtimes-extensions-api.md#extensions-registration-api-a) to receive the extension identifier\. Then subscribe to the Logs API during [initialization](runtimes-context.md#runtimes-lifecycle-ib)\. After the initialization phase completes, Lambda does not process subscription requests\. +To subscribe to receive logs, you need the extension identifier \(`Lambda-Extension-Identifier`\)\. First [register the extension](runtimes-extensions-api.md#extensions-registration-api-a) to receive the extension identifier\. Then subscribe to the Logs API during [initialization](lambda-runtime-environment.md#runtimes-lifecycle-ib)\. After the initialization phase completes, Lambda does not process subscription requests\. **Note** Logs API subscription is idempotent\. Duplicate subscribe requests do not result in duplicate subscriptions\. diff --git a/doc_source/runtimes-modify.md b/doc_source/runtimes-modify.md old mode 100755 new mode 100644 index a571dd38..46fcb149 --- a/doc_source/runtimes-modify.md +++ b/doc_source/runtimes-modify.md @@ -7,7 +7,7 @@ Lambda provides language\-specific [environment variables](configuration-envvars ## Language\-specific environment variables Lambda supports configuration\-only ways to enable code to be pre\-loaded during function initialization through the following language\-specific environment variables: -+ `JAVA_TOOL_OPTIONS` – On Java 11 and Java 8 \(`java8.al2`\), Lambda supports this environment variable to set additional command\-line variables in Lambda\. This environment variable allows you to specify the initialization of tools, specifically the launching of native or Java programming language agents using the `agentlib` or `javaagent` options\. ++ `JAVA_TOOL_OPTIONS` – On Java, Lambda supports this environment variable to set additional command\-line variables in Lambda\. This environment variable allows you to specify the initialization of tools, specifically the launching of native or Java programming language agents using the `agentlib` or `javaagent` options\. + `NODE_OPTIONS` – On Node\.js 10x and above, Lambda supports this environment variable\. + `DOTNET_STARTUP_HOOKS` – On \.NET Core 3\.1 and above, this environment variable specifies a path to an assembly \(dll\) that Lambda can use\. diff --git a/doc_source/runtimes-walkthrough.md b/doc_source/runtimes-walkthrough.md old mode 100755 new mode 100644 index 843fb4fc..e942a02b --- a/doc_source/runtimes-walkthrough.md +++ b/doc_source/runtimes-walkthrough.md @@ -4,7 +4,7 @@ In this tutorial, you create a Lambda function with a custom runtime\. You start ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/samples-blank.md b/doc_source/samples-blank.md old mode 100755 new mode 100644 diff --git a/doc_source/samples-errorprocessor.md b/doc_source/samples-errorprocessor.md old mode 100755 new mode 100644 diff --git a/doc_source/samples-listmanager.md b/doc_source/samples-listmanager.md old mode 100755 new mode 100644 diff --git a/doc_source/security-compliance.md b/doc_source/security-compliance.md old mode 100755 new mode 100644 diff --git a/doc_source/security-configuration.md b/doc_source/security-configuration.md old mode 100755 new mode 100644 index c995e7a0..3abaed8c --- a/doc_source/security-configuration.md +++ b/doc_source/security-configuration.md @@ -2,6 +2,6 @@ AWS Lambda provides [runtimes](lambda-runtimes.md) that run your function code in an Amazon Linux–based execution environment\. Lambda is responsible for keeping software in the runtime and execution environment up to date, releasing new runtimes for new languages and frameworks, and deprecating runtimes when the underlying software is no longer supported\. -If you use additional libraries with your function, you're responsible for updating the libraries\. You can include additional libraries in the [deployment package](gettingstarted-images.md#gettingstarted-images-package), or in [layers](configuration-layers.md) that you attach to your function\. You can also build [custom runtimes](runtimes-custom.md) and use layers to share them with other accounts\. +If you use additional libraries with your function, you're responsible for updating the libraries\. You can include additional libraries in the [deployment package](images-create.md), or in [layers](configuration-layers.md) that you attach to your function\. You can also build [custom runtimes](runtimes-custom.md) and use layers to share them with other accounts\. -Lambda deprecates runtimes when the software on the runtime or its execution environment reaches end of life\. When Lambda deprecates a runtime, you're responsible for migrating your functions to a supported runtime for the same language or framework\. For details, see [Runtime support policy](runtime-support-policy.md)\. \ No newline at end of file +Lambda deprecates runtimes when the software on the runtime or its execution environment reaches end of life\. When Lambda deprecates a runtime, you're responsible for migrating your functions to a supported runtime for the same language or framework\. For details, see [Runtime deprecation policy](lambda-runtimes.md#runtime-support-policy)\. \ No newline at end of file diff --git a/doc_source/security-dataprotection.md b/doc_source/security-dataprotection.md old mode 100755 new mode 100644 index 28df3a13..f64307f8 --- a/doc_source/security-dataprotection.md +++ b/doc_source/security-dataprotection.md @@ -30,6 +30,6 @@ You can use [environment variables](configuration-envvars.md) to store secrets s On a per\-function basis, you can optionally configure Lambda to use a customer managed key instead of the default AWS managed key to encrypt your environment variables\. For more information, see [Securing environment variables](configuration-envvars.md#configuration-envvars-encryption)\. -Lambda always encrypts files that you upload to Lambda, including [deployment packages](gettingstarted-images.md#gettingstarted-images-package) and [layer archives](configuration-layers.md)\. +Lambda always encrypts files that you upload to Lambda, including [deployment packages](images-create.md) and [layer archives](configuration-layers.md)\. Amazon CloudWatch Logs and AWS X\-Ray also encrypt data by default, and can be configured to use a customer managed key\. For details, see [Encrypt log data in CloudWatch Logs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/encrypt-log-data-kms.html) and [Data protection in AWS X\-Ray](https://docs.aws.amazon.com/xray/latest/devguide/xray-console-encryption.html)\. \ No newline at end of file diff --git a/doc_source/security-iam.md b/doc_source/security-iam.md old mode 100755 new mode 100644 diff --git a/doc_source/security-infrastructure.md b/doc_source/security-infrastructure.md old mode 100755 new mode 100644 diff --git a/doc_source/security-resilience.md b/doc_source/security-resilience.md old mode 100755 new mode 100644 diff --git a/doc_source/security_iam_id-based-policy-examples.md b/doc_source/security_iam_id-based-policy-examples.md old mode 100755 new mode 100644 diff --git a/doc_source/security_iam_service-with-iam.md b/doc_source/security_iam_service-with-iam.md old mode 100755 new mode 100644 diff --git a/doc_source/security_iam_troubleshoot.md b/doc_source/security_iam_troubleshoot.md old mode 100755 new mode 100644 diff --git a/doc_source/services-alb.md b/doc_source/services-alb.md old mode 100755 new mode 100644 diff --git a/doc_source/services-alexa.md b/doc_source/services-alexa.md old mode 100755 new mode 100644 diff --git a/doc_source/services-apigateway-blueprint.md b/doc_source/services-apigateway-blueprint.md old mode 100755 new mode 100644 diff --git a/doc_source/services-apigateway-code.md b/doc_source/services-apigateway-code.md old mode 100755 new mode 100644 diff --git a/doc_source/services-apigateway-template.md b/doc_source/services-apigateway-template.md old mode 100755 new mode 100644 diff --git a/doc_source/services-apigateway-tutorial.md b/doc_source/services-apigateway-tutorial.md old mode 100755 new mode 100644 index feb395a0..cba4383f --- a/doc_source/services-apigateway-tutorial.md +++ b/doc_source/services-apigateway-tutorial.md @@ -27,7 +27,7 @@ For more information about these API Gateway features, see [Set up a proxy integ ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/services-apigateway.md b/doc_source/services-apigateway.md old mode 100755 new mode 100644 index df218f34..0f68c728 --- a/doc_source/services-apigateway.md +++ b/doc_source/services-apigateway.md @@ -26,13 +26,15 @@ Resources in your API define one or more methods, such as GET or POST\. Methods 1. Choose a function\. -1. Under **Functional overview**, choose **Add trigger**\. +1. Under **Function overview**, choose **Add trigger**\. 1. Select **API Gateway**\. -1. For **API**, choose **Create an API**\. +1. Choose **Create an API** or **Use an existing API**\. -1. For **API type**, choose **HTTP API**\. For more information, see [API types](#services-apigateway-apitypes) + 1. **New API:** For **API type**, choose **HTTP API**\. For more information, see [API types](#services-apigateway-apitypes)\. + + 1. **Existing API:** Select the API from the dropdown menu or enter the API ID \(for example, r3pmxmplak\)\. 1. For **Security**, choose **Open**\. @@ -139,7 +141,7 @@ The Lambda runtime serializes the response object into JSON and sends it to the Amazon API Gateway gets permission to invoke your function from the function's [resource\-based policy](access-control-resource-based.md)\. You can grant invoke permission to an entire API, or grant limited access to a stage, resource, or method\. -When you add an API to your function by using the Lambda console, using the API Gateway console, or in an AWS SAM template, the function's resource\-based policy is updated automatically\. The following example shows a function policy with a statement that was added by an AWS SAM template\. +When you add an API to your function by using the Lambda console, using the API Gateway console, or in an AWS SAM template, the function's resource\-based policy is updated automatically\. The following is an example function policy\. **Example function policy** @@ -169,8 +171,6 @@ When you add an API to your function by using the Lambda console, using the API } ``` -[Confirm the function policy](access-control-resource-based.md) in the **Permissions** tab of the Lambda console\. - You can manage function policy permissions manually with the following API operations: + [AddPermission](API_AddPermission.md) + [RemovePermission](API_RemovePermission.md) diff --git a/doc_source/services-cloudformation.md b/doc_source/services-cloudformation.md old mode 100755 new mode 100644 diff --git a/doc_source/services-cloudwatchevents-expressions.md b/doc_source/services-cloudwatchevents-expressions.md old mode 100755 new mode 100644 diff --git a/doc_source/services-cloudwatchevents-tutorial.md b/doc_source/services-cloudwatchevents-tutorial.md old mode 100755 new mode 100644 index 27d178da..4bbb1202 --- a/doc_source/services-cloudwatchevents-tutorial.md +++ b/doc_source/services-cloudwatchevents-tutorial.md @@ -9,7 +9,7 @@ In this tutorial, you do the following: ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. ## Create a Lambda function diff --git a/doc_source/services-cloudwatchevents.md b/doc_source/services-cloudwatchevents.md old mode 100755 new mode 100644 diff --git a/doc_source/services-cloudwatchlogs.md b/doc_source/services-cloudwatchlogs.md old mode 100755 new mode 100644 diff --git a/doc_source/services-codecommit.md b/doc_source/services-codecommit.md old mode 100755 new mode 100644 diff --git a/doc_source/services-codepipeline.md b/doc_source/services-codepipeline.md old mode 100755 new mode 100644 diff --git a/doc_source/services-cognito.md b/doc_source/services-cognito.md old mode 100755 new mode 100644 diff --git a/doc_source/services-config.md b/doc_source/services-config.md old mode 100755 new mode 100644 index e1dfc5ea..3a9e0933 --- a/doc_source/services-config.md +++ b/doc_source/services-config.md @@ -10,11 +10,11 @@ You can use AWS Lambda functions to evaluate whether your AWS resource configura "ruleParameters": "{\"myParameterKey\":\"myParameterValue\"}", "resultToken": "myResultToken", "eventLeftScope": false, - "executionRoleArn": "arn:aws:iam::012345678912:role/config-role", - "configRuleArn": "arn:aws:config:us-east-1:012345678912:config-rule/config-rule-0123456", + "executionRoleArn": "arn:aws:iam::111122223333:role/config-role", + "configRuleArn": "arn:aws:config:us-east-1:111122223333:config-rule/config-rule-0123456", "configRuleName": "change-triggered-config-rule", "configRuleId": "config-rule-0123456", - "accountId": "012345678912", + "accountId": "111122223333", "version": "1.0" } ``` diff --git a/doc_source/services-connect.md b/doc_source/services-connect.md old mode 100755 new mode 100644 diff --git a/doc_source/services-ec2-tutorial.md b/doc_source/services-ec2-tutorial.md old mode 100755 new mode 100644 diff --git a/doc_source/services-ec2.md b/doc_source/services-ec2.md old mode 100755 new mode 100644 index ee9b970d..21fc692b --- a/doc_source/services-ec2.md +++ b/doc_source/services-ec2.md @@ -12,11 +12,11 @@ EventBridge \(CloudWatch Events\) invokes your Lambda function asynchronously wi "id": "b6ba298a-7732-2226-xmpl-976312c1a050", "detail-type": "EC2 Instance State-change Notification", "source": "aws.ec2", - "account": "123456798012", + "account": "111122223333", "time": "2019-10-02T17:59:30Z", "region": "us-east-2", "resources": [ - "arn:aws:ec2:us-east-2:123456798012:instance/i-0c314xmplcd5b8173" + "arn:aws:ec2:us-east-2:111122223333:instance/i-0c314xmplcd5b8173" ], "detail": { "instance-id": "i-0c314xmplcd5b8173", diff --git a/doc_source/services-efs.md b/doc_source/services-efs.md old mode 100755 new mode 100644 diff --git a/doc_source/services-elasticache-tutorial.md b/doc_source/services-elasticache-tutorial.md old mode 100755 new mode 100644 index 785af70b..c9cfbf05 --- a/doc_source/services-elasticache-tutorial.md +++ b/doc_source/services-elasticache-tutorial.md @@ -9,7 +9,7 @@ For details on using Lambda with Amazon VPC, see [Configuring a Lambda function ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/services-iot.md b/doc_source/services-iot.md old mode 100755 new mode 100644 diff --git a/doc_source/services-iotevents.md b/doc_source/services-iotevents.md old mode 100755 new mode 100644 diff --git a/doc_source/services-kinesisfirehose.md b/doc_source/services-kinesisfirehose.md old mode 100755 new mode 100644 diff --git a/doc_source/services-lex.md b/doc_source/services-lex.md old mode 100755 new mode 100644 diff --git a/doc_source/services-rds-tutorial.md b/doc_source/services-rds-tutorial.md old mode 100755 new mode 100644 index 33b28b27..2f7239b6 --- a/doc_source/services-rds-tutorial.md +++ b/doc_source/services-rds-tutorial.md @@ -9,7 +9,7 @@ For details on using Lambda with Amazon VPC, see [Configuring a Lambda function ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/services-rds.md b/doc_source/services-rds.md old mode 100755 new mode 100644 diff --git a/doc_source/services-s3-batch.md b/doc_source/services-s3-batch.md old mode 100755 new mode 100644 diff --git a/doc_source/services-s3-object-lambda.md b/doc_source/services-s3-object-lambda.md old mode 100755 new mode 100644 diff --git a/doc_source/services-ses.md b/doc_source/services-ses.md old mode 100755 new mode 100644 index 43858e5c..9b08ce31 --- a/doc_source/services-ses.md +++ b/doc_source/services-ses.md @@ -88,7 +88,7 @@ When you use Amazon SES to receive messages, you can configure Amazon SES to cal "action": { "type": "Lambda", "invocationType": "Event", - "functionArn": "arn:aws:lambda:us-west-2:012345678912:function:Example" + "functionArn": "arn:aws:lambda:us-west-2:111122223333:function:Example" }, "spfVerdict": { "status": "PASS" diff --git a/doc_source/services-stepfunctions.md b/doc_source/services-stepfunctions.md old mode 100755 new mode 100644 diff --git a/doc_source/services-xray.md b/doc_source/services-xray.md old mode 100755 new mode 100644 index 71fe5a4a..96377ffb --- a/doc_source/services-xray.md +++ b/doc_source/services-xray.md @@ -21,13 +21,13 @@ To trace requests that don't have a tracing header, enable active tracing in you 1. Choose **Save**\. **Pricing** -X\-Ray has a perpetual free tier\. Beyond the free tier threshold, X\-Ray charges for trace storage and retrieval\. For details, see [AWS X\-Ray pricing](https://aws.amazon.com/xray/pricing/)\. +You can use X\-Ray tracing for free each month up to a certain limit as part of the AWS Free Tier\. Beyond that threshold, X\-Ray charges for trace storage and retrieval\. For more information, see [AWS X\-Ray pricing](http://aws.amazon.com/xray/pricing/)\. Your function needs permission to upload trace data to X\-Ray\. When you enable active tracing in the Lambda console, Lambda adds the required permissions to your function's [execution role](lambda-intro-execution-role.md)\. Otherwise, add the [AWSXRayDaemonWriteAccess](https://console.aws.amazon.com/iam/home#/policies/arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess) policy to the execution role\. -X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rule is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. +X\-Ray applies a sampling algorithm to ensure that tracing is efficient, while still providing a representative sample of the requests that your application serves\. The default sampling rate is 1 request per second and 5 percent of additional requests\. This sampling rate cannot be configured for Lambda functions\. -In X\-Ray, a *trace* records information about a request that is processed by one or more *services*\. Services record *segments* that contain layers of *subsegments*\. Lambda records a segment for the Lambda service that handles the invocation request, and one for the work done by the function\. The function segment comes with subsegments for `Initialization`, `Invocation` and `Overhead`\. For more information see [ Lambda execution environment lifecycle](runtimes-context.md)\. +In X\-Ray, a *trace* records information about a request that is processed by one or more *services*\. Services record *segments* that contain layers of *subsegments*\. Lambda records a segment for the Lambda service that handles the invocation request, and one for the work done by the function\. The function segment comes with subsegments for `Initialization`, `Invocation` and `Overhead`\. For more information see [ Lambda execution environment lifecycle](lambda-runtime-environment.md)\. The `Initialization` subsegment represents the init phase of the Lambda execution environment lifecycle\. During this phase, Lambda creates or unfreezes an execution environment with the resources you have configured, downloads the function code and all layers, initializes extensions, initializes the runtime, and runs the function's initialization code\. @@ -48,7 +48,7 @@ See the following topics for a language\-specific introduction to tracing in Lam + [Instrumenting Node\.js code in AWS Lambda](nodejs-tracing.md) + [Instrumenting Python code in AWS Lambda](python-tracing.md) + [Instrumenting Ruby code in AWS Lambda](ruby-tracing.md) -+ [Instrumenting Java code in AWS Lambda](java-tracing.md) ++ [Instrumenting Java code in Lambda](java-tracing.md) + [Instrumenting Go code in AWS Lambda](golang-tracing.md) + [Instrumenting C\# code in AWS Lambda](csharp-tracing.md) @@ -85,7 +85,7 @@ To manage tracing configuration with the AWS CLI or AWS SDK, use the following A + [GetFunctionConfiguration](API_GetFunctionConfiguration.md) + [CreateFunction](API_CreateFunction.md) -The following example AWS CLI command enables active tracing on a function named my\-function\. +The following example AWS CLI command enables active tracing on a function named **my\-function**\. ``` aws lambda update-function-configuration --function-name my-function \ @@ -96,7 +96,7 @@ Tracing mode is part of the version\-specific configuration that is locked when ## Enabling active tracing with AWS CloudFormation -To enable active tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. +To activate tracing on an `AWS::Lambda::Function` resource in an AWS CloudFormation template, use the `TracingConfig` property\. **Example [function\-inline\.yml](https://github.com/awsdocs/aws-lambda-developer-guide/blob/master/templates/function-inline.yml) – Tracing configuration** diff --git a/doc_source/stepfunctions-lc.md b/doc_source/stepfunctions-lc.md old mode 100755 new mode 100644 diff --git a/doc_source/stepfunctions-patterns.md b/doc_source/stepfunctions-patterns.md old mode 100755 new mode 100644 diff --git a/doc_source/testing-functions.md b/doc_source/testing-functions.md new file mode 100644 index 00000000..fc2a5e51 --- /dev/null +++ b/doc_source/testing-functions.md @@ -0,0 +1,98 @@ +# Testing Lambda functions in the console + +You can test your Lambda function in the console by invoking your function with a test event\. A *test event* is a JSON input to your function\. If your function doesn't require input, the event can be an empty document `({})`\. + +## Private test events + +Private test events are available only to the event creator, and they require no additional permissions to use\. You can create and save up to 10 private test events per function\. + +**To create a private test event** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose the name of the function that you want to test\. + +1. Choose the **Test** tab\. + +1. Under **Test event**, do the following: + + 1. Choose a **Template**\. + + 1. Enter a **Name** for the test\. + + 1. In the text entry box, enter the JSON test event\. + + 1. Under **Event sharing settings**, choose **Private**\. + +1. Choose **Save changes**\. + +You can also create new test events on the **Code** tab\. From there, choose **Test**, **Configure test event**\. + +## Shareable test events + +Shareable test events are test events that you can share with other AWS Identity and Access Management \(IAM\) users in the same AWS account\. You can edit other users' shareable test events and invoke your function with them\. + +Lambda saves shareable test events as schemas in an [Amazon EventBridge \(CloudWatch Events\) schema registry](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-schema-registry.html) named `lambda-testevent-schemas`\. As Lambda utilizes this registry to store and call shareable test events you create, we recommend that you do not edit this registry or create a registry using the `lambda-testevent-schemas` name\. + +To see, share, and edit shareable test events, you must have permissions for all of the following [EventBridge \(CloudWatch Events\) schema registry API operations](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/operations.html): ++ [https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#CreateRegistry](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#CreateRegistry) ++ [https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#CreateSchema](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#CreateSchema) ++ [https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#DeleteSchema](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#DeleteSchema) ++ [https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-version-schemaversion.html#DeleteSchemaVersion](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-version-schemaversion.html#DeleteSchemaVersion) ++ [https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#DescribeRegistry](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname.html#DescribeRegistry) ++ [https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#DescribeSchema](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#DescribeSchema) ++ [https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discover.html#GetDiscoveredSchema](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-discover.html#GetDiscoveredSchema) ++ [https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-versions.html#ListSchemaVersions](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname-versions.html#ListSchemaVersions) ++ [https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#UpdateSchema](https://docs.aws.amazon.com/eventbridge/latest/schema-reference/v1-registries-name-registryname-schemas-name-schemaname.html#UpdateSchema) + +Note that saving edits made to a shareable test event overwrites that event\. + +If you cannot create, edit, or see shareable test events, check that your account has the required permissions for these operations\. If you have the required permissions but still cannot access shareable test events, check for any [resource\-based policies](access-control-resource-based.md) that might limit access to the EventBridge \(CloudWatch Events\) registry\. + +**To create a shareable test event** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose the name of the function that you want to test\. + +1. Choose the **Test** tab\. + +1. Under **Test event**, do the following: + + 1. Choose a **Template**\. + + 1. Enter a **Name** for the test\. + + 1. In the text entry box, enter the JSON test event\. + + 1. Under **Event sharing settings**, choose **Shareable**\. + +1. Choose **Save changes**\. + +## Invoking functions with test events + +When you run a test event in the console, Lambda synchronously invokes your function with the test event\. The function runtime converts the JSON document into an object and passes it to your code's handler method for processing\. + +**To test a function** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose the name of the function that you want to test\. + +1. Choose the **Test** tab\. + +1. Under **Test event**, choose **Saved event**, and then choose the saved event that you want to use\. + +1. Choose **Test**\. + +1. To review the test results, under **Execution result**, expand **Details**\. + +To invoke your function without saving your test event, choose **Test** before saving\. This creates an unsaved test event that Lambda preserves for the duration of the session\. + +You can also access your saved and unsaved test events on the **Code** tab\. From there, choose **Test**, and then choose your test event\. + +## Deleting shareable test event schemas + +When you delete shareable test events, Lambda removes them from the `lambda-testevent-schemas` registry\. If you remove the last shareable test event from the registry, Lambda deletes the registry\. + +If you delete the function, Lambda does not delete any associated shareable test event schemas\. You must clean up these resources manually from the [EventBridge \(CloudWatch Events\) console](https://console.aws.amazon.com/events)\. \ No newline at end of file diff --git a/doc_source/troubleshooting-deployment.md b/doc_source/troubleshooting-deployment.md old mode 100755 new mode 100644 diff --git a/doc_source/troubleshooting-execution.md b/doc_source/troubleshooting-execution.md old mode 100755 new mode 100644 diff --git a/doc_source/troubleshooting-images.md b/doc_source/troubleshooting-images.md old mode 100755 new mode 100644 diff --git a/doc_source/troubleshooting-invocation.md b/doc_source/troubleshooting-invocation.md old mode 100755 new mode 100644 index afdc6aef..3d9f1b2f --- a/doc_source/troubleshooting-invocation.md +++ b/doc_source/troubleshooting-invocation.md @@ -67,7 +67,7 @@ Lambda uses a simple probabilistic model to distribute the traffic between the t When the number of concurrent executions on a function is less than or equal to the [configured level of provisioned concurrency](provisioned-concurrency.md), there shouldn't be any cold starts\. To help you confirm if provisioned concurrency is operating normally, do the following: + [Check that provisioned concurrency is enabled](provisioned-concurrency.md) on the function version or alias\. **Note** -Provisioned concurrency is not configurable on the [$LATEST version](configuration-images.md#configuration-images-latest)\. +Provisioned concurrency is not configurable on the [$LATEST version](gettingstarted-images.md#configuration-images-latest)\. + Ensure that your triggers invoke the correct function version or alias\. For example, if you're using Amazon API Gateway, check that API Gateway invokes the function version or alias with provisioned concurrency, not $LATEST\. To confirm that provisioned concurrency is being used, you can check the [ProvisionedConcurrencyInvocations Amazon CloudWatch metric](monitoring-metrics.md#monitoring-metrics-invocation)\. A non\-zero value indicates that the function is processing invocations on initialized execution environments\. + Determine whether your function concurrency exceeds the configured level of provisioned concurrency by checking the [ProvisionedConcurrencySpilloverInvocations CloudWatch metric](monitoring-metrics.md#monitoring-metrics-invocation)\. A non\-zero value indicates that all provisioned concurrency is in use and some invocation occurred with a cold start\. + Check your [invocation frequency](gettingstarted-limits.md) \(requests per second\)\. Functions with provisioned concurrency have a maximum rate of 10 requests per second per provisioned concurrency\. For example, a function configured with 100 provisioned concurrency can handle 1,000 requests per second\. If the invocation rate exceeds 1,000 requests per second, some cold starts can occur\. diff --git a/doc_source/troubleshooting-networking.md b/doc_source/troubleshooting-networking.md old mode 100755 new mode 100644 diff --git a/doc_source/typescript-exceptions.md b/doc_source/typescript-exceptions.md new file mode 100644 index 00000000..246b6923 --- /dev/null +++ b/doc_source/typescript-exceptions.md @@ -0,0 +1,90 @@ +# AWS Lambda function errors in TypeScript + +If an exception occurs in TypeScript code that's transpiled into JavaScript, use source map files to determine where the error occurred\. Source map files allow debuggers to map compiled JavaScript files to the TypeScript source code\. + +For example, the following code results in an error: + +``` +export const handler = async (event: unknown): Promise => { + throw new Error('Some exception'); +}; +``` + +AWS Lambda catches the error and generates a JSON document\. However, this JSON document refers to the compiled JavaScript file \(**app\.js**\), not the TypeScript source file\. + +``` +{ + "errorType": "Error", + "errorMessage": "Some exception", + "stack": [ + "Error: Some exception", + " at Runtime.p [as handler] (/var/task/app.js:1:491)", + " at Runtime.handleOnce (/var/runtime/Runtime.js:66:25)" + ] +} +``` + +**To get an error response that maps to your TypeScript source file** +**Note** +The following steps aren't valid for Lambda@Edge functions because Lambda@Edge doesn't support environment variables\. + +1. Generate a source map file with esbuild or another TypeScript compiler\. Example: + + ``` + esbuild app.ts —sourcemap —outfile=output.js + ``` + +1. Add the source map to your deployment\. + +1. Turn on source maps for the Node\.js runtime by adding `--enable-source-maps` to your `NODE_OPTIONS`\. + +**Example for the AWS Serverless Application Model \(AWS SAM\)** + +``` +Globals: + Function: + Environment: + Variables: + NODE_OPTIONS: '--enable-source-maps' +``` +Make sure that the esbuild properties in your **template\.yaml** file include `Sourcemap: true`\. Example: + +``` +Metadata: # Manage esbuild properties + BuildMethod: esbuild + BuildProperties: + Minify: true + Target: "es2020" + Sourcemap: true + EntryPoints: + - app.ts +``` + +**Example for the AWS Cloud Development Kit \(CDK\)** +To use a source map with an AWS CDK application, add the following code to the file that contains the [NodejsFunction construct](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda_nodejs-readme.html)\. + +``` +const helloFunction = new NodejsFunction(this, 'function',{ + bundling: { + minify: true, + sourceMap: true + }, + environment:{ + NODE_OPTIONS: '--enable-source-maps', + } +}); +``` + +When you use a source map in your code, you get an error response similar to the following\. This response shows that the error happened at line 2, column 11 in the **app\.ts** file\. + +``` +{ + "errorType": "Error", + "errorMessage": "Some exception", + "stack": [ + "Error: Some exception", + " at Runtime.p (/private/var/folders/3c/0d4wz7dn2y75bw_hxdwc0h6w0000gr/T/tmpfmxb4ziy/app.ts:2:11)", + " at Runtime.handleOnce (/var/runtime/Runtime.js:66:25)" + ] +} +``` \ No newline at end of file diff --git a/doc_source/typescript-handler.md b/doc_source/typescript-handler.md new file mode 100644 index 00000000..b0328acf --- /dev/null +++ b/doc_source/typescript-handler.md @@ -0,0 +1,99 @@ +# AWS Lambda function handler in TypeScript + +The AWS Lambda function *handler* is the method in your function code that processes events\. When your function is invoked, Lambda runs the handler method\. When the handler exits or returns a response, it becomes available to handle another event\. + +The Node\.js runtime passes three arguments to the handler method: ++ The `event` object: Contains information from the invoker\. ++ The [context object](nodejs-context.md): Contains information about the invocation, function, and execution environment\. ++ The third argument, `callback`, is a function that you can call in non\-async handlers to send a response\. For async handlers, you return a response, error, or promise to the runtime instead of using `callback`\. + +## Non\-async handlers + +For non\-async handlers, the runtime passes the event object, the [context object](nodejs-context.md), and the callback function to the handler method\. The response object in the callback function must be compatible with `JSON.stringify`\. + +**Example TypeScript function – synchronous** + +``` +import { Context, APIGatewayProxyCallback, APIGatewayEvent } from 'aws-lambda'; + +export const lambdaHandler = (event: APIGatewayEvent, context: Context, callback: APIGatewayProxyCallback): void => { + console.log(`Event: ${JSON.stringify(event, null, 2)}`); + console.log(`Context: ${JSON.stringify(context, null, 2)}`); + callback(null, { + statusCode: 200, + body: JSON.stringify({ + message: 'hello world', + }), + }); +}; +``` + +## Async handlers + +For async handlers, you can use `return` and `throw` to send a response or error, respectively\. Functions must use the `async` keyword to use these methods to return a response or error\. + +If your code performs an asynchronous task, return a promise to make sure that it finishes running\. When you resolve or reject the promise, Lambda sends the response or error to the invoker\. + +**Example TypeScript function – asynchronous** + +``` +import { Context, APIGatewayProxyResult, APIGatewayEvent } from 'aws-lambda'; + +export const lambdaHandler = async (event: APIGatewayEvent, context: Context): Promise => { + console.log(`Event: ${JSON.stringify(event, null, 2)}`); + console.log(`Context: ${JSON.stringify(context, null, 2)}`); + return { + statusCode: 200, + body: JSON.stringify({ + message: 'hello world', + }), + }; +}; +``` + +## Using types for the event object + +We recommend that you don’t use the [any](https://www.typescriptlang.org/docs/handbook/declaration-files/do-s-and-don-ts.html#any) type for the handler arguments and return type because you lose the ability to check types\. Instead, generate an event using the [sam local generate\-event](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-cli-command-reference-sam-local-generate-event.html) AWS Serverless Application Model CLI command, or use an open\-source definition from the [@types/aws\-lambda package](https://www.npmjs.com/package/@types/aws-lambda)\. + +**Generating an event using the sam local generate\-event command** + +1. Generate an Amazon Simple Storage Service \(Amazon S3\) proxy event\. + + ``` + sam local generate-event s3 put >> S3PutEvent.json + ``` + +1. Use the [quicktype utility](https://quicktype.io/typescript) to generate type definitions from the **S3PutEvent\.json** file\. + + ``` + npm install -g quicktype + quicktype S3PutEvent.json -o S3PutEvent.ts + ``` + +1. Use the generated types in your code\. + + ``` + import { S3PutEvent } from './S3PutEvent'; + + export const lambdaHandler = async (event: S3PutEvent): Promise => { + event.Records.map((record) => console.log(record.s3.object.key)); + }; + ``` + +**Generating an event using an open\-source definition from the @types/aws\-lambda package** + +1. Add the [@types/aws\-lambda](https://www.npmjs.com/package/@types/aws-lambda) package as a development dependency\. + + ``` + npm install -D @types/aws-lambda + ``` + +1. Use the types in your code\. + + ``` + import { S3Event } from "aws-lambda"; + + export const lambdaHandler = async (event: S3Event): Promise => { + event.Records.map((record) => console.log(record.s3.object.key)); + }; + ``` \ No newline at end of file diff --git a/doc_source/typescript-image.md b/doc_source/typescript-image.md new file mode 100644 index 00000000..6c1309b5 --- /dev/null +++ b/doc_source/typescript-image.md @@ -0,0 +1,109 @@ +# Deploy transpiled TypeScript code in Lambda with container images + +You can deploy your TypeScript code to an AWS Lambda function as a Node\.js [container image](images-create.md)\. AWS provides [base images](nodejs-image.md#nodejs-image-base) for Node\.js to help you build the container image\. These base images are preloaded with a language runtime and other components that are required to run the image on Lambda\. AWS provides a Dockerfile for each of the base images to help with building your container image\. + +If you use a community or private enterprise base image, you must [add the Node\.js runtime interface client \(RIC\)](nodejs-image.md#nodejs-image-clients) to the base image to make it compatible with Lambda\. For more information, see [Creating images from alternative base images](images-create.md#images-create-from-alt)\. + +Lambda provides a runtime interface emulator \(RIE\) for you to test your function locally\. The base images for Lambda and base images for custom runtimes include the RIE\. For other base images, you can download the RIE for [testing your image](images-test.md)locally\. + +## Using a Node\.js base image to build and package TypeScript function code + +**Prerequisites** + +To complete the steps in this section, you must have the following: ++ [AWS Command Line Interface \(AWS CLI\) version 2](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) ++ Docker + + The following instructions use Docker CLI commands to create the container image\. To install Docker, see [Get Docker](https://docs.docker.com/get-docker) on the Docker website\. ++ Node\.js 14\.x or later + +**To create an image from an AWS base image for Lambda** + +1. On your local machine, create a project directory for your new function\. + +1. Create a new Node\.js project with `npm` or a package manager of your choice\. + + ``` + npm init + ``` + +1. Add the [@types/aws\-lambda](https://www.npmjs.com/package/@types/aws-lambda) and [esbuild](https://esbuild.github.io/) packages as development dependencies\. + + ``` + npm install -D @types/aws-lambda esbuild + ``` + +1. Add a [build script](https://esbuild.github.io/getting-started/#build-scripts) to the **package\.json** file\. + + ``` + "scripts": { + "build": "esbuild index.ts --bundle --minify --sourcemap --platform=node --target=es2020 --outfile=dist/index.js" + } + ``` + +1. Create a new file called **index\.ts**\. Add the following sample code to the new file\. This is the code for the Lambda function\. The function returns a `hello world` message\. + + ``` + import { Context, APIGatewayProxyResult, APIGatewayEvent } from 'aws-lambda'; + + export const handler = async (event: APIGatewayEvent, context: Context): Promise => { + console.log(`Event: ${JSON.stringify(event, null, 2)}`); + console.log(`Context: ${JSON.stringify(context, null, 2)}`); + return { + statusCode: 200, + body: JSON.stringify({ + message: 'hello world', + }), + }; + }; + ``` + +1. Create a new Dockerfile with the following configuration: + + Set the `FROM` property to the URI of the base image\. + + Set the `CMD` argument to specify the Lambda function handler\. +**Example Dockerfile** + + The following Dockerfile uses a multi\-stage build\. The first step transpiles the TypeScript code into JavaScript\. The second step produces a container image that contains only JavaScript files and production dependencies\. + + ``` + FROM public.ecr.aws/lambda/nodejs:16 as builder + WORKDIR /usr/app + COPY package.json index.ts ./ + RUN npm install + RUN npm run build + + + FROM public.ecr.aws/lambda/nodejs:16 + WORKDIR ${LAMBDA_TASK_ROOT} + COPY --from=builder /usr/app/dist/* ./ + CMD ["index.handler"] + ``` + +1. Build your image\. + + ``` + docker build -t hello-world . + ``` + +1. Authenticate the Docker CLI to your Amazon Elastic Container Registry \(Amazon ECR\) registry\. + + ``` + aws ecr get-login-password --region us-east-1 | docker login --username AWS --password-stdin 123456789012.dkr.ecr.us-east-1.amazonaws.com + ``` + +1. Create a repository in Amazon ECR using the `create-repository` command\. + + ``` + aws ecr create-repository --repository-name hello-world --image-scanning-configuration scanOnPush=true --image-tag-mutability MUTABLE + ``` + +1. Tag your image to match your repository name, and deploy the image to Amazon ECR using the `docker push` command\. + + ``` + docker tag hello-world:latest 123456789012.dkr.ecr.us-east-1.amazonaws.com/hello-world:latest + docker push 123456789012.dkr.ecr.us-east-1.amazonaws.com/hello-world:latest + ``` + +1. [Create and test](gettingstarted-images.md#configuration-images-create) the Lambda function\. + +To update the function code, you must create a new image version and store the image in the Amazon ECR repository\. For more information, see [Updating function code](gettingstarted-images.md#configuration-images-update)\. \ No newline at end of file diff --git a/doc_source/typescript-package.md b/doc_source/typescript-package.md new file mode 100644 index 00000000..8171f2b7 --- /dev/null +++ b/doc_source/typescript-package.md @@ -0,0 +1,249 @@ +# Deploy transpiled TypeScript code in Lambda with \.zip file archives + +Before you can deploy TypeScript code to AWS Lambda, you need to transpile it into JavaScript\. This page explains three ways to build and deploy TypeScript code to Lambda: ++ [Using the AWS Serverless Application Model \(AWS SAM\)](#aws-sam-ts) ++ [Using the AWS Cloud Development Kit \(CDK\)](#aws-cdk-ts) ++ [Using the AWS Command Line Interface \(AWS CLI\) and esbuild](#aws-cli-ts) + +The AWS SAM and AWS CDK simplify building and deploying TypeScript functions\. The [AWS SAM template specification](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification.html) provides a simple and clean syntax to describe the Lambda functions, APIs, permissions, configurations, and events that make up your serverless application\. The [AWS CDK](https://docs.aws.amazon.com/cdk/v2/guide/home.html) lets you build reliable, scalable, cost\-effective applications in the cloud with the considerable expressive power of a programming language\. The AWS CDK is intended for moderately to highly experienced AWS users\. Both the AWS CDK and the AWS SAM use esbuild to transpile TypeScript code into JavaScript\. + +## Using the AWS SAM to deploy TypeScript code to Lambda + +Follow the steps below to download, build, and deploy a sample Hello World TypeScript application using the AWS SAM\. This application implements a basic API backend\. It consists of an Amazon API Gateway endpoint and a Lambda function\. When you send a GET request to the API Gateway endpoint, the Lambda function is invoked\. The function returns a `hello world` message\. + +**Note** +The AWS SAM uses esbuild to create Node\.js Lambda functions from TypeScript code\. esbuild support is currently in public preview\. During public preview, esbuild support may be subject to backwards incompatible changes\. + +**Prerequisites** + +To complete the steps in this section, you must have the following: ++ [AWS CLI version 2](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) ++ [AWS SAM CLI version 1\.39 or later](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-install.html) ++ Node\.js 14\.x or later + +**Deploy a sample AWS SAM application** + +1. Initialize the application using the Hello World TypeScript template\. + + ``` + sam init --app-template hello-world-typescript --name sam-app --package-type Zip --runtime nodejs16.x + ``` + +1. \(Optional\) The sample application includes configurations for commonly used tools, such as [ESLlint](https://eslint.org/) for code linting and [Jest](https://jestjs.io/) for unit testing\. To run lint and test commands: + + ``` + cd sam-app/hello-world + npm install + npm run lint + npm run test + ``` + +1. Build the app\. The `--beta-features` option is required because esbuild support is in public preview\. + + ``` + cd sam-app + sam build --beta-features + ``` + +1. Deploy the app\. + + ``` + sam deploy --guided + ``` + +1. Follow the on\-screen prompts\. To accept the default options provided in the interactive experience, respond with `Enter`\. + +1. The output shows the endpoint for the REST API\. Open the endpoint in a browser to test the function\. You should see this response: + + ``` + {"message":"hello world"} + ``` + +1. This is a public API endpoint that is accessible over the internet\. We recommend that you delete the endpoint after testing\. + + ``` + sam delete + ``` + +## Using the AWS CDK to deploy TypeScript code to Lambda + +Follow the steps below to build and deploy a sample TypeScript application using the AWS CDK\. This application implements a basic API backend\. It consists of an API Gateway endpoint and a Lambda function\. When you send a GET request to the API Gateway endpoint, the Lambda function is invoked\. The function returns a `hello world` message\. + +**Prerequisites** + +To complete the steps in this section, you must have the following: ++ [AWS CLI version 2](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) ++ [AWS CDK version 2](https://docs.aws.amazon.com/cdk/v2/guide/getting_started.html#getting_started_prerequisites) ++ Node\.js 14\.x or later + +**Deploy a sample AWS CDK application** + +1. Create a project directory for your new application\. + + ``` + mkdir hello-world + cd hello-world + ``` + +1. Initialize the app\. + + ``` + cdk init app --language typescript + ``` + +1. Add the [@types/aws\-lambda](https://www.npmjs.com/package/@types/aws-lambda) package as a development dependency\. + + ``` + npm install -D @types/aws-lambda + ``` + +1. Open the **lib** directory\. You should see a file called **hello\-world\-stack\.ts**\. Create new two new files in this directory: **hello\-world\.function\.ts** and **hello\-world\.ts**\. + +1. Open **hello\-world\.function\.ts** and add the following code to the file\. This is the code for the Lambda function\. + + ``` + import { Context, APIGatewayProxyResult, APIGatewayEvent } from 'aws-lambda'; + + export const handler = async (event: APIGatewayEvent, context: Context): Promise => { + console.log(`Event: ${JSON.stringify(event, null, 2)}`); + console.log(`Context: ${JSON.stringify(context, null, 2)}`); + return { + statusCode: 200, + body: JSON.stringify({ + message: 'hello world', + }), + }; + }; + ``` + +1. Open **hello\-world\.ts** and add the following code to the file\. This contains the [NodejsFunction construct](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda_nodejs-readme.html), which creates the Lambda function, and the [LambdaRestApi construct](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_apigateway.LambdaRestApi.html), which creates the REST API\. + + ``` + import { Construct } from 'constructs'; + import { NodejsFunction } from 'aws-cdk-lib/aws-lambda-nodejs'; + import { LambdaRestApi } from 'aws-cdk-lib/aws-apigateway'; + + export class HelloWorld extends Construct { + constructor(scope: Construct, id: string) { + super(scope, id); + const helloFunction = new NodejsFunction(this, 'function'); + new LambdaRestApi(this, 'apigw', { + handler: helloFunction, + }); + } + } + ``` + + The `NodejsFunction` construct assumes the following by default: + + Your function handler is called `handler`\. + + The \.ts file that contains the function code \(**hello\-world\.function\.ts**\) is in the same directory as the \.ts file that contains the construct \(**hello\-world\.ts**\)\. The construct uses the construct's ID \("hello\-world"\) and the name of the Lambda handler file \("function"\) to find the function code\. For example, if your function code is in a file called **hello\-world\.my\-function\.ts**, the **hello\-world\.ts** file must reference the function code like this: + + ``` + const helloFunction = new NodejsFunction(this, 'my-function'); + ``` + + You can change this behavior and configure other esbuild parameters\. For more information, see [Configuring esbuild](https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_lambda_nodejs-readme.html#configuring-esbuild) in the AWS CDK API reference\. + +1. Open **hello\-world\-stack\.ts**\. This is the code that defines your [AWS CDK stack](https://docs.aws.amazon.com/cdk/v2/guide/stacks.html)\. Replace the code with the following: + + ``` + import { Stack, StackProps } from 'aws-cdk-lib'; + import { Construct } from 'constructs'; + import { HelloWorld } from './hello-world'; + + export class HelloWorldStack extends Stack { + constructor(scope: Construct, id: string, props?: StackProps) { + super(scope, id, props); + new HelloWorld(this, 'hello-world'); + } + } + ``` + +1. Deploy your application\. + + ``` + cdk deploy + ``` + +1. The AWS CDK builds and packages the Lambda function using esbuild, and then deploys the function to the Lambda runtime\. The output shows the endpoint for the REST API\. Open the endpoint in a browser to test the function\. You should see this response: + + ``` + {"message":"hello world"} + ``` + + This is a public API endpoint that is accessible over the internet\. We recommend that you delete the endpoint after testing\. + +## Using the AWS CLI and esbuild to deploy TypeScript code to Lambda + +The following example demonstrates how to transpile and deploy TypeScript code to Lambda using esbuild and the AWS CLI\. esbuild produces one JavaScript file with all dependencies\. This is the only file that you need to add to the \.zip archive\. + +**Prerequisites** + +To complete the steps in this section, you must have the following: ++ [AWS CLI version 2](https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html) ++ Node\.js 14\.x or later ++ An [execution role](lambda-intro-execution-role.md) for the Lambda function + +**Deploy a sample function** + +1. On your local machine, create a project directory for your new function\. + +1. Create a new Node\.js project with npm or a package manager of your choice\. + + ``` + npm init + ``` + +1. Add the [@types/aws\-lambda](https://www.npmjs.com/package/@types/aws-lambda) and [esbuild](https://esbuild.github.io/) packages as development dependencies\. + + ``` + npm install -D @types/aws-lambda esbuild + ``` + +1. Create a new file called **index\.ts**\. Add the following code to the new file\. This is the code for the Lambda function\. The function returns a `hello world` message\. The function doesn’t create any API Gateway resources\. + + ``` + import { Context, APIGatewayProxyResult, APIGatewayEvent } from 'aws-lambda'; + + export const handler = async (event: APIGatewayEvent, context: Context): Promise => { + console.log(`Event: ${JSON.stringify(event, null, 2)}`); + console.log(`Context: ${JSON.stringify(context, null, 2)}`); + return { + statusCode: 200, + body: JSON.stringify({ + message: 'hello world', + }), + }; + }; + ``` + +1. Add a build script to the **package\.json** file\. This configures esbuild to automatically create the \.zip deployment package\. For more information, see [Build scripts](https://esbuild.github.io/getting-started/#build-scripts) in the esbuild documentation\. + + ``` + "scripts": { + "prebuild": "rm -rf dist", + "build": "esbuild index.ts --bundle --minify --sourcemap --platform=node --target=es2020 --outfile=dist/index.js", + "postbuild": "cd dist && zip -r index.zip index.js*" + }, + ``` + +1. Build the package\. + + ``` + npm run build + ``` + +1. Create a Lambda function using the \.zip deployment package\. Replace the highlighted text with the Amazon Resource Name \(ARN\) of your [execution role](lambda-intro-execution-role.md)\. + + ``` + aws lambda create-function --function-name hello-world --runtime "nodejs16.x" --role arn:aws:iam::123456789012:role/lambda-ex --zip-file "fileb://dist/index.zip" --handler index.handler + ``` + +1. [Run a test event](testing-functions.md) to confirm that the function returns the following response\. If you want to invoke this function using API Gateway, [create and configure a REST API](https://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-create-api.html)\. + + ``` + { + "statusCode": 200, + "body": "{\"message\":\"hello world\"}" + } + ``` \ No newline at end of file diff --git a/doc_source/urls-auth.md b/doc_source/urls-auth.md new file mode 100644 index 00000000..132ed002 --- /dev/null +++ b/doc_source/urls-auth.md @@ -0,0 +1,237 @@ +# Security and auth model for Lambda function URLs + +You can control access to your Lambda function URLs using the `AuthType` parameter combined with [resource\-based policies](access-control-resource-based.md) attached to your specific function\. The configuration of these two components determines who can invoke or perform other administrative actions on your function URL\. + +The `AuthType` parameter determines how Lambda authenticates or authorizes requests to your function URL\. When you configure your function URL, you must specify one of the following `AuthType` options: ++ `AWS_IAM` – Lambda uses AWS Identity and Access Management \(IAM\) to authenticate and authorize requests based on the IAM principal's identity policy and the function's resource\-based policy\. Choose this option if you want only authenticated IAM users and roles to invoke your function via the function URL\. ++ `NONE` – Lambda doesn't perform any authentication before invoking your function\. However, your function's resource\-based policy is always in effect and must grant public access before your function URL can receive requests\. Choose this option to allow public, unauthenticated access to your function URL\. + +In addition to `AuthType`, you can also use resource\-based policies to grant permissions to other AWS accounts to invoke your function\. For more information, see [Using resource\-based policies for AWS Lambda](access-control-resource-based.md)\. + +For additional insights into security, you can use AWS Identity and Access Management Access Analyzer to get a comprehensive analysis of external access to your function URL\. IAM Access Analyzer also monitors for new or updated permissions on your Lambda functions to help you identify permissions that grant public and cross\-account access\. IAM Access Analyzer is free to use for any AWS customer\. To get started with IAM Access Analyzer, see [Using AWS IAM Access Analyzer](https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html)\. + +This page contains examples of resource\-based policies for both auth types, and also how to create these policies using the [AddPermission](API_AddPermission.md) API operation or the Lambda console\. For information on how to invoke your function URL after you've set up permissions, see [Invoking Lambda function URLs](urls-invocation.md)\. + +**Topics** ++ [Using the `AWS_IAM` auth type](#urls-auth-iam) ++ [Using the `NONE` auth type](#urls-auth-none) ++ [Governance and access control](#urls-governance) + +## Using the `AWS_IAM` auth type + +If you choose the `AWS_IAM` auth type, users who need to invoke your Lambda function URL must have the `lambda:InvokeFunctionUrl` permission\. Depending on who makes the invocation request, you may have to grant this permission using a resource\-based policy\. + +If the principal making the request is in the same AWS account as the function URL, then the principal must **either** have `lambda:InvokeFunctionUrl` permissions in their [identity\-based policy](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_identity-vs-resource.html), **or** have permissions granted to them in the function's resource\-based policy\. In other words, a resource\-based policy is optional if the user already has `lambda:InvokeFunctionUrl` permissions in their identity\-based policy\. Policy evaluation follows the rules outlined in [Determining whether a request is allowed or denied within an account](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow)\. + +If the principal making the request is in a different account, then the principal must have **both** an identity\-based policy that gives them `lambda:InvokeFunctionUrl` permissions **and** permissions granted to them in a resource\-based policy on the function that they are trying to invoke\. In these cross\-account cases, policy evaluation follows the rules outlined in [Determining whether a cross\-account request is allowed](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic-cross-account.html#policy-eval-cross-account)\. + +For an example cross\-account interaction, the following resource\-based policy allows the `example` role in AWS account `444455556666` to invoke the function URL associated with function `my-function`: + +**Example function URL cross\-account invoke policy** + +``` +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "AWS": "arn:aws:iam::444455556666:role/example" + }, + "Action": "lambda:InvokeFunctionUrl", + "Resource": "arn:aws:lambda:us-east-1:123456789012:function:my-function", + "Condition": { + "StringEquals": { + "lambda:FunctionUrlAuthType": "AWS_IAM" + } + } + } + ] +} +``` + +You can create this policy statement through the console by following these steps: + +**To grant URL invocation permissions to another account \(console\)** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose the name of the function that you want to grant URL invocation permissions for\. + +1. Choose the **Configuration** tab, and then choose **Permissions**\. + +1. Under **Resource\-based policy**, choose **Add permissions**\. + +1. Choose **Function URL**\. + +1. For **Auth type**, choose **AWS\_IAM**\. + +1. \(Optional\) For **Statement ID**, enter a statement ID for your policy statement\. + +1. For **Principal**, enter the Amazon Resource Name \(ARN\) of the IAM user or role that you want to grant permissions to\. For example: **arn:aws:iam::444455556666:role/example**\. + +1. Choose **Save**\. + +Alternatively, you can create this policy statement using the following [add\-permission](https://awscli.amazonaws.com/v2/documentation/api/latest/reference/lambda/add-permission.html) AWS Command Line Interface \(AWS CLI\) command: + +``` +aws lambda add-permission --function-name my-function \ +--statement-id example0-cross-account-statement \ +--action lambda:InvokeFunctionUrl \ +--principal arn:aws:iam::444455556666:role/example \ +--function-url-auth-type AWS_IAM +``` + +In the previous example, the `lambda:FunctionUrlAuthType` condition key value is `AWS_IAM`\. This policy only allows access when your function URL's auth type is also `AWS_IAM`\. + +## Using the `NONE` auth type + +**Important** +When your function URL auth type is `NONE` and you have a resource\-based policy that grants public access, any unauthenticated user with your function URL can invoke your function\. + +In some cases, you may want your function URL to be public\. For example, you might want to serve requests made directly from a web browser\. To allow public access to your function URL, choose the `NONE` auth type\. + +If you choose the `NONE` auth type, Lambda doesn't use IAM to authenticate requests to your function URL\. However, users must still have `lambda:InvokeFunctionUrl` permissions in order to successfully invoke your function URL\. You can grant `lambda:InvokeFunctionUrl` permissions using the following resource\-based policy: + +**Example function URL invoke policy for all unauthenticated principals** + +``` +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": "*", + "Action": "lambda:InvokeFunctionUrl", + "Resource": "arn:aws:lambda:us-east-1:123456789012:function:my-function", + "Condition": { + "StringEquals": { + "lambda:FunctionUrlAuthType": "NONE" + } + } + } + ] +} +``` + +**Note** +When you create a function URL with auth type `NONE` via the console or AWS Serverless Application Model \(AWS SAM\), Lambda automatically creates the preceding resource\-based policy statement for you\. \(If the policy already exists, or the user or role creating the application doesn't have the appropriate permissions, then Lambda won't create it for you\.\) If you're using the AWS CLI, AWS CloudFormation, or the Lambda API directly, you must add `lambda:InvokeFunctionUrl` permissions yourself\. This makes your function public\. + +In this statement, the `lambda:FunctionUrlAuthType` condition key value is `NONE`\. This policy statement allows access only when your function URL's auth type is also `NONE`\. + +If a function's resource\-based policy doesn't grant `lambda:invokeFunctionUrl` permissions, then users will get a 403 Forbidden error code when they try to invoke your function URL, even if the function URL uses the `NONE` auth type\. + +## Governance and access control + +In addition to function URL invocation permissions, you can also control access on actions used to configure function URLs\. Lambda supports the following IAM policy actions for function URLs: ++ `lambda:InvokeFunctionUrl` – Invoke a Lambda function using the function URL\. ++ `lambda:CreateFunctionUrlConfig` – Create a function URL and set its `AuthType`\. ++ `lambda:UpdateFunctionUrlConfig` – Update a function URL configuration and its `AuthType`\. ++ `lambda:GetFunctionUrlConfig` – View the details of a function URL\. ++ `lambda:ListFunctionUrlConfigs` – List function URL configurations\. ++ `lambda:DeleteFunctionUrlConfig` – Delete a function URL\. + +**Note** +The Lambda console supports adding permissions only for `lambda:InvokeFunctionUrl`\. For all other actions, you must add permissions using the Lambda API or AWS CLI\. + +To allow or deny function URL access to other AWS entities, include these actions in IAM policies\. For example, the following policy grants the `example` role in AWS account `444455556666` permissions to update the function URL for function **my\-function** in account `123456789012`\. + +**Example cross\-account function URL policy** + +``` +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "AWS": "arn:aws:iam::444455556666:role/example" + }, + "Action": "lambda:UpdateFunctionUrlConfig", + "Resource": "arn:aws:lambda:us-east-2:123456789012:function:my-function" + } + ] +} +``` + +### Condition keys + +For fine\-grained access control over your function URLs, use a condition key\. Lambda supports one additional condition key for function URLs: `FunctionUrlAuthType`\. The `FunctionUrlAuthType` key defines an enum value describing the auth type that your function URL uses\. The value can be either `AWS_IAM` or `NONE`\. + +You can use this condition key in policies associated with your function\. For example, you might want to restrict who can make configuration changes to your function URLs\. To deny all `UpdateFunctionUrlConfig` requests to any function with URL auth type `NONE`, you can define the following policy: + +**Example function URL policy with explicit deny** + +``` +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Deny", + "Principal": "*", + "Action":[ + "lambda:UpdateFunctionUrlConfig" + ], + "Resource": "arn:aws:lambda:us-east-1:123456789012:function:*", + "Condition": { + "StringEquals": { + "lambda:FunctionUrlAuthType": "NONE" + } + } + } + ] +} +``` + +To grant the `example` role in AWS account `444455556666` permissions to make `CreateFunctionUrlConfig` and `UpdateFunctionUrlConfig` requests on functions with URL auth type `AWS_IAM`, you can define the following policy: + +**Example function URL policy with explicit allow** + +``` +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "AWS": "arn:aws:iam::444455556666:role/example" + }, + "Action":[ + "lambda:CreateFunctionUrlConfig", + "lambda:UpdateFunctionUrlConfig" + ], + "Resource": "arn:aws:lambda:us-east-1:123456789012:function:*", + "Condition": { + "StringEquals": { + "lambda:FunctionUrlAuthType": "AWS_IAM" + } + } + } + ] +} +``` + +You can also use this condition key in a [service control policy](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps.html) \(SCP\)\. Use SCPs to manage permissions across an entire organization in AWS Organizations\. For example, to deny users from creating or updating function URLs that use anything other than the `AWS_IAM` auth type, use the following service control policy: + +**Example function URL SCP with explicit deny** + +``` +{ + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Deny", + "Action":[ + "lambda:CreateFunctionUrlConfig", + "lambda:UpdateFunctionUrlConfig" + ], + "Resource": "arn:aws:lambda:*:123456789012:function:*", + "Condition": { + "StringNotEquals": { + "lambda:FunctionUrlAuthType": "AWS_IAM" + } + } + } + ] +} +``` \ No newline at end of file diff --git a/doc_source/urls-configuration.md b/doc_source/urls-configuration.md new file mode 100644 index 00000000..ac829a33 --- /dev/null +++ b/doc_source/urls-configuration.md @@ -0,0 +1,216 @@ +# Creating and managing Lambda function URLs + +A function URL is a dedicated HTTP\(S\) endpoint for your Lambda function\. You can create and configure a function URL through the Lambda console or the Lambda API\. When you create a function URL, Lambda automatically generates a unique URL endpoint for you\. Function URL endpoints have the following format: + +``` +https://.lambda-url..on.aws +``` + +Lambda generates the `` portion of the endpoint based on a number of factors, including your AWS account ID\. Because this process is deterministic, it may be possible for anyone to retrieve your account ID from the ``\. + +**Topics** ++ [Creating a function URL \(console\)](#create-url-console) ++ [Creating a function URL \(AWS CLI\)](#create-url-cli) ++ [Adding a function URL to a CloudFormation template](#urls-cfn) ++ [Cross\-origin resource sharing \(CORS\)](#urls-cors) ++ [Throttling function URLs](#urls-throttling) ++ [Deactivating function URLs](#urls-deactivating) ++ [Deleting function URLs](#w723aac55c19c39) + +## Creating a function URL \(console\) + +Follow these steps to create a function URL using the console\. + +### To create a function URL for an existing function \(console\) + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose the name of the function that you want to create the function URL for\. + +1. Choose the **Configuration** tab, and then choose **Function URL**\. + +1. Choose **Create function URL**\. + +1. For **Auth type**, choose **AWS\_IAM** or **NONE**\. For more information about function URL authentication, see [Security and auth model](urls-auth.md)\. + +1. \(Optional\) Select **Configure cross\-origin resource sharing \(CORS\)**, and then configure the CORS settings for your function URL\. For more information about CORS, see [Cross\-origin resource sharing \(CORS\)](#urls-cors)\. + +1. Choose **Save**\. + +This creates a function URL for the `$LATEST` unpublished version of your function\. The function URL appears in the **Function overview** section of the console\. + +### To create a function URL for an existing alias \(console\) + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose the name of the function with the alias that you want to create the function URL for\. + +1. Choose the **Aliases** tab, and then choose the name of the alias that you want to create the function URL for\. + +1. Choose the **Configuration** tab, and then choose **Function URL**\. + +1. Choose **Create function URL**\. + +1. For **Auth type**, choose **AWS\_IAM** or **NONE**\. For more information about function URL authentication, see [Security and auth model](urls-auth.md)\. + +1. \(Optional\) Select **Configure cross\-origin resource sharing \(CORS\)**, and then configure the CORS settings for your function URL\. For more information about CORS, see [Cross\-origin resource sharing \(CORS\)](#urls-cors)\. + +1. Choose **Save**\. + +This creates a function URL for your function alias\. The function URL appears in the console's **Function overview** section for your alias\. + +### To create a new function with a function URL \(console\) + +**To create a new function with a function URL \(console\)** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose **Create function**\. + +1. Under **Basic information**, do the following: + + 1. For **Function name**, enter a name for your function, such as **my\-function**\. + + 1. For **Runtime**, choose the language runtime that you prefer, such as **Node\.js 14\.x**\. + + 1. For **Architecture**, choose either **x86\_64** or **arm64**\. + + 1. Expand **Permissions**, then choose whether to create a new execution role or use an existing one\. + +1. Expand **Advanced settings**, and then select **Function URL**\. + +1. For **Auth type**, choose **AWS\_IAM** or **NONE**\. For more information about function URL authentication, see [Security and auth model](urls-auth.md)\. + +1. \(Optional\) Select **Configure cross\-origin resource sharing \(CORS\)**\. By selecting this option during function creation, your function URL allows requests from all origins by default\. You can edit the CORS settings for your function URL after creating the function\. For more information about CORS, see [Cross\-origin resource sharing \(CORS\)](#urls-cors)\. + +1. Choose **Create function**\. + +This creates a new function with a function URL for the `$LATEST` unpublished version of the function\. The function URL appears in the **Function overview** section of the console\. + +## Creating a function URL \(AWS CLI\) + +To create a function URL for an existing Lambda function using the AWS Command Line Interface \(AWS CLI\), run the following command: + +``` +aws lambda create-function-url-config \ + --function-name my-function \ + --qualifier prod \ // optional + --auth-type AWS_IAM + --cors-config {AllowOrigins="https://example.com"} // optional +``` + +This adds a function URL to the **prod** qualifier for the function **my\-function**\. For more information about these configuration parameters, see [CreateFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunctionUrlConfig.html) in the API reference\. + +**Note** +To create a function URL via the AWS CLI, the function must already exist\. + +## Adding a function URL to a CloudFormation template + +To add an `AWS::Lambda::Url` resource to your AWS CloudFormation template, use the following syntax: + +### JSON + +``` +{ + "Type" : "AWS::Lambda::Url", + "Properties" : { + "AuthType" : String, + "Cors" : Cors, + "Qualifier" : String, + "TargetFunctionArn" : String + } +} +``` + +### YAML + +``` +Type: AWS::Lambda::Url +Properties: + AuthType: String + Cors: + Cors + Qualifier: String + TargetFunctionArn: String +``` + +### Parameters ++ \(Required\) `AuthType` – Defines the type of authentication for your function URL\. Possible values are either `AWS_IAM` or `NONE`\. To restrict access to authenticated IAM users only, set to `AWS_IAM`\. To bypass IAM authentication and allow any user to make requests to your function, set to `NONE`\. ++ \(Optional\) `Cors` – Defines the [CORS settings](#urls-cors) for your function URL\. To add `Cors` to your `AWS::Lambda::Url` resource in CloudFormation, use the following syntax\. + + +**Example AWS::Lambda::Url\.Cors \(JSON\)** + + ``` + { + "AllowCredentials" : Boolean, + "AllowHeaders" : [ String, ... ], + "AllowMethods" : [ String, ... ], + "AllowOrigins" : [ String, ... ], + "ExposeHeaders" : [ String, ... ], + "MaxAge" : Integer + } + ``` +**Example AWS::Lambda::Url\.Cors \(YAML\)** + + ``` + AllowCredentials: Boolean + AllowHeaders: + - String + AllowMethods: + - String + AllowOrigins: + - String + ExposeHeaders: + - String + MaxAge: Integer + ``` ++ \(Optional\) `Qualifier` – The alias name\. ++ \(Required\) `TargetFunctionArn` – The name or Amazon Resource Name \(ARN\) of the Lambda function\. Valid name formats include the following: + + **Function name** – `my-function` + + **Function ARN** – `arn:aws:lambda:us-west-2:123456789012:function:my-function` + + **Partial ARN** – `123456789012:function:my-function` + +## Cross\-origin resource sharing \(CORS\) + +To define how different origins can access your function URL, use [cross\-origin resource sharing \(CORS\)](https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS)\. We recommend configuring CORS if you intend to call your function URL from a different domain\. Lambda supports the following CORS headers for function URLs\. + + +| CORS header | CORS configuration property | Example values | +| --- | --- | --- | +| [ Access\-Control\-Allow\-Origin](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) | `AllowOrigins` | `*` \(allow all origins\) `https://www.example.com` `http://localhost:60905` | +| [ Access\-Control\-Allow\-Methods](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) | `AllowMethods` | `GET`, `POST`, `DELETE`, `*` | +| [ Access\-Control\-Allow\-Headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) | `AllowHeaders` | `Date`, `Keep-Alive`, `X-Custom-Header` | +| [ Access\-Control\-Expose\-Headers](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) | `ExposeHeaders` | `Date`, `Keep-Alive`, `X-Custom-Header` | +| [ Access\-Control\-Allow\-Credentials](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) | `AllowCredentials` | `TRUE` | +| [ Access\-Control\-Max\-Age](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) | `MaxAge` | `5` \(default\), `300` | + +When you configure CORS for a function URL using the Lambda console or the AWS CLI, Lambda automatically adds the CORS headers to all responses through the function URL\. Alternatively, you can manually add CORS headers to your function response\. If there are conflicting headers, the configured CORS headers on the function URL take precedence\. + +## Throttling function URLs + +Throttling limits the rate at which your function processes requests\. This is useful in many situations, such as preventing your function from overloading downstream resources, or handling a sudden surge in requests\. + +You can throttle the rate of requests that your Lambda function processes through a function URL by configuring reserved concurrency\. Reserved concurrency limits the number of maximum concurrent invocations for your function\. Your function's maximum request rate per second \(RPS\) is equivalent to 10 times the configured reserved concurrency\. For example, if you configure your function with a reserved concurrency of 100, then the maximum RPS is 1,000\. + +Whenever your function concurrency exceeds the reserved concurrency, your function URL returns an HTTP `429` status code\. If your function receives a request that exceeds the 10x RPS maximum based on your configured reserved concurrency, you also receive an HTTP `429` error\. For more information about reserved concurrency, see [Managing Lambda reserved concurrency](configuration-concurrency.md)\. + +## Deactivating function URLs + +In an emergency, you might want to reject all traffic to your function URL\. To deactivate your function URL, set the reserved concurrency to zero\. This throttles all requests to your function URL, resulting in HTTP `429` status responses\. To reactivate your function URL, delete the reserved concurrency configuration, or set the configuration to an amount greater than zero\. + +## Deleting function URLs + +When you delete a function URL, you can’t recover it\. Creating a new function URL will result in a different URL address\. + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Choose the name of the function\. + +1. Choose the **Configuration** tab, and then choose **Function URL**\. + +1. Choose **Delete**\. + +1. Enter the word *delete* into the field to confirm the deletion\. + +1. Choose **Delete**\. \ No newline at end of file diff --git a/doc_source/urls-invocation.md b/doc_source/urls-invocation.md new file mode 100644 index 00000000..3089e34e --- /dev/null +++ b/doc_source/urls-invocation.md @@ -0,0 +1,203 @@ +# Invoking Lambda function URLs + +A function URL is a dedicated HTTP\(S\) endpoint for your Lambda function\. You can create and configure a function URL through the Lambda console or the Lambda API\. When you create a function URL, Lambda automatically generates a unique URL endpoint for you\. Function URL endpoints have the following format: + +``` +https://.lambda-url..on.aws +``` + +Lambda generates the `` portion of the endpoint based on a number of factors, including your AWS account ID\. Because this process is deterministic, it may be possible for anyone to retrieve your account ID from the ``\. + +Function URLs are dual stack\-enabled, supporting IPv4 and IPv6\. After configuring your function URL, you can invoke your function through its HTTP\(S\) endpoint via a web browser, curl, Postman, or any HTTP client\. To invoke a function URL, you must have `lambda:InvokeFunctionUrl` permissions\. For more information, see [Security and auth model](urls-auth.md)\. + +**Topics** ++ [Function URL invocation basics](#urls-invocation-basics) ++ [Request and response payloads](#urls-payloads) + +## Function URL invocation basics + +If your function URL uses the `AWS_IAM` auth type, you must sign each HTTP request using [AWS Signature Version 4 \(SigV4\)](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html)\. Tools such as [awscurl](https://github.com/okigan/awscurl), [Postman](http://www.postman.com/), and [AWS SigV4 Proxy](https://github.com/awslabs/aws-sigv4-proxy) offer built\-in ways to sign your requests with SigV4\. + +If you don't use a tool to sign HTTP requests to your function URL, you must manually sign each request using SigV4\. When your function URL receives a request, Lambda also calculates the SigV4 signature\. Lambda processes the request only if the signatures match\. For instructions on how to manually sign your requests with SigV4, see [Signing AWS requests with Signature Version 4](https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html) in the *Amazon Web Services General Reference Guide*\. + +If your function URL uses the `NONE` auth type, you don't have to sign your requests using SigV4\. You can invoke your function using a web browser, curl, Postman, or any HTTP client\. + +To test simple `GET` requests to your function, use a web browser\. For example, if your function URL is `https://abcdefg.lambda-url.us-east-1.on.aws`, and it takes in a string parameter `message`, your request URL could look like this: + +``` +https://abcdefg.lambda-url.us-east-1.on.aws/?message=HelloWorld +``` + +To test other HTTP requests, such as a `POST` request, you can use a tool such as curl\. For example, if you want to include some JSON data in a `POST` request to your function URL, you could use the following curl command: + +``` +curl -v -X POST \ + 'https://abcdefg.lambda-url.us-east-1.on.aws/?message=HelloWorld' \ + -H 'content-type: application/json' \ + -d '{ "example": "test" }' +``` + +## Request and response payloads + +When a client calls your function URL, Lambda maps the request to an event object before passing it to your function\. Your function's response is then mapped to an HTTP response that Lambda sends back to the client through the function URL\. + +The request and response event formats follow the same schema as the [Amazon API Gateway payload format version 2\.0](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.proxy-format)\. + +### Request payload format + +A request payload has the following structure: + +``` +{ + "version": "2.0", + "routeKey": "$default", + "rawPath": "/my/path", + "rawQueryString": "parameter1=value1¶meter1=value2¶meter2=value", + "cookies": [ + "cookie1", + "cookie2" + ], + "headers": { + "header1": "value1", + "header2": "value1,value2" + }, + "queryStringParameters": { + "parameter1": "value1,value2", + "parameter2": "value" + }, + "requestContext": { + "accountId": "123456789012", + "apiId": "", + "authentication": null, + "authorizer": { + "iam": { + "accessKey": "AKIA...", + "accountId": "111122223333", + "callerId": "AIDA...", + "cognitoIdentity": null, + "principalOrgId": null, + "userArn": "arn:aws:iam::111122223333:user/example-user", + "userId": "AIDA..." + } + }, + "domainName": ".lambda-url.us-west-2.on.aws", + "domainPrefix": "", + "http": { + "method": "POST", + "path": "/my/path", + "protocol": "HTTP/1.1", + "sourceIp": "123.123.123.123", + "userAgent": "agent" + }, + "requestId": "id", + "routeKey": "$default", + "stage": "$default", + "time": "12/Mar/2020:19:03:58 +0000", + "timeEpoch": 1583348638390 + }, + "body": "Hello from client!", + "pathParameters": null, + "isBase64Encoded": false, + "stageVariables": null +} +``` + + +| Parameter | Description | Example | +| --- | --- | --- | +| `version` | The payload format version for this event\. Lambda function URLs currently support [payload format version 2\.0](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-develop-integrations-lambda.html#http-api-develop-integrations-lambda.proxy-format)\. | `2.0` | +| `routeKey` | Function URLs don't use this parameter\. Lambda sets this to `$default` as a placeholder\. | `$default` | +| `rawPath` | The request path\. For example, if the request URL is `https://{url-id}.lambda-url.{region}.on.aws/example/test/demo`, then the raw path value is `/example/test/demo`\. | `/example/test/demo` | +| `rawQueryString` | The raw string containing the request's query string parameters\. | `"?parameter1=value1¶meter2=value2"` | +| `cookies` | An array containing all cookies sent as part of the request\. | `["Cookie_1=Value_1", "Cookie_2=Value_2"]` | +| `headers` | The list of request headers, presented as key\-value pairs\. | `{"header1": "value1", "header2": "value2"}` | +| `queryStringParameters` | The query parameters for the request\. For example, if the request URL is `https://{url-id}.lambda-url.{region}.on.aws/example?name=Jane`, then the `queryStringParameters` value is a JSON object with a key of `name` and a value of `Jane`\. | `{"name": "Jane"}` | +| `requestContext` | An object that contains additional information about the request, such as the `requestId`, the time of the request, and the identity of the caller if authorized via AWS Identity and Access Management \(IAM\)\. | | +| `requestContext.accountId` | The AWS account ID of the function owner\. | `"123456789012"` | +| `requestContext.apiId` | The ID of the function URL\. | `"33anwqw8fj"` | +| `requestContext.authentication` | Function URLs don't use this parameter\. Lambda sets this to `null`\. | `null` | +| `requestContext.authorizer` | An object that contains information about the caller identity, if the function URL uses the `AWS_IAM` auth type\. Otherwise, Lambda sets this to `null`\. | | +| `requestContext.authorizer.iam.accessKey` | The access key of the caller identity\. | `"AKIAIOSFODNN7EXAMPLE"` | +| `requestContext.authorizer.iam.accountId` | The AWS account ID of the caller identity\. | `"111122223333"` | +| `requestContext.authorizer.iam.callerId` | The ID \(IAM user ID\) of the caller\. | `"AIDACKCEVSQ6C2EXAMPLE"` | +| `requestContext.authorizer.iam.cognitoIdentity` | Function URLs don't use this parameter\. Lambda sets this to `null` or excludes this from the JSON\. | `null` | +| `requestContext.authorizer.iam.principalOrgId` | The principal org ID associated with the caller identity\. | `"AIDACKCEVSQORGEXAMPLE"` | +| `requestContext.authorizer.iam.userArn` | The user Amazon Resource Name \(ARN\) of the caller identity\. | `"arn:aws:iam::111122223333:user/example-user"` | +| `requestContext.authorizer.iam.userId` | The user ID of the caller identity\. | `"AIDACOSFODNN7EXAMPLE2"` | +| `requestContext.domainName` | The domain name of the function URL\. | `".lambda-url.us-west-2.on.aws"` | +| `requestContext.domainPrefix` | The domain prefix of the function URL\. | `""` | +| `requestContext.http` | An object that contains details about the HTTP request\. | | +| `requestContext.http.method` | The HTTP method used in this request\. Valid values include `GET`, `POST`, `PUT`, `HEAD`, `OPTIONS`, `PATCH`, and `DELETE`\. | `GET` | +| `requestContext.http.path` | The request path\. For example, if the request URL is `https://{url-id}.lambda-url.{region}.on.aws/example/test/demo`, then the path value is `/example/test/demo`\. | `/example/test/demo` | +| `requestContext.http.protocol` | The protocol of the request\. | `HTTP/1.1` | +| `requestContext.http.sourceIp` | The source IP address of the immediate TCP connection making the request\. | `123.123.123.123` | +| `requestContext.http.userAgent` | The User\-Agent request header value\. | `Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Gecko/20100101 Firefox/42.0` | +| `requestContext.requestId` | The ID of the invocation request\. You can use this ID to trace invocation logs related to your function\. | `e1506fd5-9e7b-434f-bd42-4f8fa224b599` | +| `requestContext.routeKey` | Function URLs don't use this parameter\. Lambda sets this to `$default` as a placeholder\. | `$default` | +| `requestContext.stage` | Function URLs don't use this parameter\. Lambda sets this to `$default` as a placeholder\. | `$default` | +| `requestContext.time` | The timestamp of the request\. | `"07/Sep/2021:22:50:22 +0000"` | +| `requestContext.timeEpoch` | The timestamp of the request, in Unix epoch time\. | `"1631055022677"` | +| `body` | The body of the request\. If the content type of the request is binary, the body is base64\-encoded\. | `{"key1": "value1", "key2": "value2"}` | +| `pathParameters` | Function URLs don't use this parameter\. Lambda sets this to `null` or excludes this from the JSON\. | `null` | +| `isBase64Encoded` | `TRUE` if the body is a binary payload and base64\-encoded\. `FALSE` otherwise\. | `FALSE` | +| `stageVariables` | Function URLs don't use this parameter\. Lambda sets this to `null` or excludes this from the JSON\. | `null` | + +### Response payload format + +When your function returns a response, Lambda parses the response and converts it into an HTTP response\. Function response payloads have the following format: + +``` +{ + "statusCode": 201, + "headers": { + "Content-Type": "application/json", + "My-Custom-Header": "Custom Value" + }, + "body": "{ \"message\": \"Hello, world!\" }", + "cookies": [ + "Cookie_1=Value1; Expires=21 Oct 2021 07:48 GMT", + "Cookie_2=Value2; Max-Age=78000" + ], + "isBase64Encoded": false +} +``` + +Lambda infers the response format for you\. If your function returns valid JSON and doesn't return a `statusCode`, Lambda assumes the following: ++ `statusCode` is `200`\. ++ `content-type` is `application/json`\. ++ `body` is the function response\. ++ `isBase64Encoded` is `false`\. + +The following examples show how the output of your Lambda function maps to the response payload, and how the response payload maps to the final HTTP response\. When the client invokes your function URL, they see the HTTP response\. + + +**Example output for a string response** + +| Lambda function output | Interpreted response output | HTTP response \(what the client sees\) | +| --- | --- | --- | +|
"Hello, world!"
|
{
"statusCode": 200,
"body": "Hello, world!",
"headers": {
"content-type": "application/json"
}
"isBase64Encoded": false,
}
|
HTTP/2 200
date: Wed, 08 Sep 2021 18:02:24 GMT
content-type: application/json
content-length: 15

"Hello, world!"
| + + +**Example output for a JSON response** + +| Lambda function output | Interpreted response output | HTTP response \(what the client sees\) | +| --- | --- | --- | +|
{
"message": "Hello, world!"
}
|
{
"statusCode": 200,
"body": {
"message": "Hello, world!"
},
"headers": {
"content-type": "application/json"
}
"isBase64Encoded": false,
}
|
HTTP/2 200
date: Wed, 08 Sep 2021 18:02:24 GMT
content-type: application/json
content-length: 34

{
"message": "Hello, world!"
}
| + + +**Example output for a custom response** + +| Lambda function output | Interpreted response output | HTTP response \(what the client sees\) | +| --- | --- | --- | +|
{
"statusCode": 201,
"headers": {
"Content-Type": "application/json",
"My-Custom-Header": "Custom Value"
},
"body": JSON.stringify({
"message": "Hello, world!"
}),
"isBase64Encoded": false
}
|
{
"statusCode": 201,
"headers": {
"Content-Type": "application/json",
"My-Custom-Header": "Custom Value"
},
"body": JSON.stringify({
"message": "Hello, world!"
}),
"isBase64Encoded": false
}
|
HTTP/2 201
date: Wed, 08 Sep 2021 18:02:24 GMT
content-type: application/json
content-length: 27
my-custom-header: Custom Value

{
"message": "Hello, world!"
}
| + +### Cookies + +To return cookies from your function, don't manually add `set-cookie` headers\. Instead, include the cookies in your response payload object\. Lambda automatically interprets this and adds them as `set-cookie` headers in your HTTP response, as in the following example\. + + +**Example output for a response returning cookies** + +| Lambda function output | HTTP response \(what the client sees\) | +| --- | --- | +|
{
"statusCode": 201,
"headers": {
"Content-Type": "application/json",
"My-Custom-Header": "Custom Value"
},
"body": JSON.stringify({
"message": "Hello, world!"
}),
"cookies": [
"Cookie_1=Value1; Expires=21 Oct 2021 07:48 GMT",
"Cookie_2=Value2; Max-Age=78000"
],
"isBase64Encoded": false
}
|
HTTP/2 201
date: Wed, 08 Sep 2021 18:02:24 GMT
content-type: application/json
content-length: 27
my-custom-header: Custom Value
set-cookie: Cookie_1=Value2; Expires=21 Oct 2021 07:48 GMT
set-cookie: Cookie_2=Value2; Max-Age=78000

{
"message": "Hello, world!"
}
| \ No newline at end of file diff --git a/doc_source/urls-monitoring.md b/doc_source/urls-monitoring.md new file mode 100644 index 00000000..70b53761 --- /dev/null +++ b/doc_source/urls-monitoring.md @@ -0,0 +1,37 @@ +# Monitoring Lambda function URLs + +You can use AWS CloudTrail and Amazon CloudWatch to monitor your function URLs\. + +**Topics** ++ [Monitoring function URLs with CloudTrail](#urls-cloudtrail) ++ [CloudWatch metrics for function URLs](#urls-cloudwatch) + +## Monitoring function URLs with CloudTrail + +For function URLs, Lambda automatically supports logging the following API operations as events in CloudTrail log files: ++ [CreateFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_CreateFunctionUrlConfig.html) ++ [UpdateFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_UpdateFunctionUrlConfig.html) ++ [DeleteFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_DeleteFunctionUrlConfig.html) ++ [GetFunctionUrlConfig](https://docs.aws.amazon.com/lambda/latest/dg/API_GetFunctionUrlConfig.html) ++ [ListFunctionUrlConfigs](https://docs.aws.amazon.com/lambda/latest/dg/API_ListFunctionUrlConfigs.html) + +Each log entry contains information about the caller identity, when the request was made, and other details\. You can see all events within the last 90 days by viewing your CloudTrail **Event history**\. To retain records past 90 days, you can create a trail\. For more information, see [Using AWS Lambda with AWS CloudTrail](with-cloudtrail.md)\. + +By default, CloudTrail doesn't log `InvokeFunctionUrl` requests, which are considered data events\. However, you can turn on data event logging in CloudTrail\. For more information, see [Logging data events for trails](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) in the *AWS CloudTrail User Guide*\. + +## CloudWatch metrics for function URLs + +Lambda sends aggregated metrics about function URL requests to CloudWatch\. With these metrics, you can monitor your function URLs, build dashboards, and configure alarms in the CloudWatch console\. + +Function URLs support the following invocation metrics\. We recommend viewing these metrics with the `Sum` statistic\. ++ `UrlRequestCount` – The number of requests made to this function URL\. ++ `Url4xxError` – The number of requests that returned a 4XX HTTP status code\. 4XX series codes indicate client\-side errors, such as bad requests\. ++ `Url5xxError` – The number of requests that returned a 5XX HTTP status code\. 5XX series codes indicate server\-side errors, such as function errors and timeouts\. + +Function URLs also support the following performance metric\. We recommend viewing this metric with the `Average` or `Max` statistics\. ++ `UrlRequestLatency` – The time between when the function URL receives a request and when the function URL returns a response\. + +Each of these invocation and performance metrics supports the following dimensions: ++ `FunctionName` – View aggregate metrics for function URLs assigned to a function's `$LATEST` unpublished version, or to any of the function's aliases\. For example, `hello-world-function`\. ++ `Resource` – View metrics for a specific function URL\. This is defined by a function name, along with either the function's `$LATEST` unpublished version or one of the function's aliases\. For example, `hello-world-function:$LATEST`\. ++ `ExecutedVersion` – View metrics for a specific function URL based on the executed version\. You can use this dimension primarily to track the function URL assigned to the `$LATEST` unpublished version\. \ No newline at end of file diff --git a/doc_source/urls-tutorial.md b/doc_source/urls-tutorial.md new file mode 100644 index 00000000..f9f2ca9f --- /dev/null +++ b/doc_source/urls-tutorial.md @@ -0,0 +1,181 @@ +# Tutorial: Creating a Lambda function with a function URL + +In this tutorial, you create a Lambda function defined as a \.zip file archive with a function URL endpoint that returns the product of two numbers\. For more information about configuring function URLs, see [Creating and managing function URLs](urls-configuration.md)\. + +## Prerequisites + +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. + +To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: + +``` +aws --version +``` + +You should see the following output: + +``` +aws-cli/2.0.57 Python/3.7.4 Darwin/19.6.0 exe/x86_64 +``` + +For long commands, an escape character \(`\`\) is used to split a command over multiple lines\. + +On Linux and macOS, use your preferred shell and package manager\. On Windows 10, you can [install the Windows Subsystem for Linux](https://docs.microsoft.com/en-us/windows/wsl/install-win10) to get a Windows\-integrated version of Ubuntu and Bash\. + +## Create an execution role + +Create the [execution role](lambda-intro-execution-role.md) that gives your Lambda function permission to access AWS resources\. + +**To create an execution role** + +1. Open the [Roles page](https://console.aws.amazon.com/iam/home#/roles) of the AWS Identity and Access Management \(IAM\) console\. + +1. Choose **Create role**\. + +1. Create a role with the following properties\. + + **Trusted entity** – **AWS Lambda**\. + + **Permissions** – **AWSLambdaBasicExecutionRole**\. + + **Role name** – **lambda\-url\-role**\. + +The **AWSLambdaBasicExecutionRole** policy has the permissions that the function needs to write logs to Amazon CloudWatch Logs\. + +## Create a Lambda function with a function URL \(\.zip file archive\) + +Create a Lambda function with a function URL endpoint using a \.zip file archive\. + +**To create the function** + +1. Copy the following code example into a file named `index.js`\. +**Example index\.js** + + ``` + exports.handler = async (event) => { + let body = JSON.parse(event.body) + const product = body.num1 * body.num2; + const response = { + statusCode: 200, + body: "The product of " + body.num1 + " and " + body.num2 + " is " + product, + }; + return response; + }; + ``` + +1. Create a deployment package\. + + ``` + zip function.zip index.js + ``` + +1. Create a Lambda function with the `create-function` command\. + + ``` + aws lambda create-function \ + --function-name my-url-function \ + --runtime nodejs14.x \ + --zip-file fileb://function.zip \ + --handler index.handler \ + --role arn:aws:iam::123456789012:role/lambda-url-role + ``` + +1. Create a URL endpoint for the function with the `create-function-url-config` command\. + + ``` + aws lambda create-function-url-config \ + --function-name my-url-function \ + --auth-type NONE + ``` + +## Test the function URL endpoint + +Invoke your Lambda function by calling your function URL endpoint using an HTTP client such as curl or Postman\. + +``` +curl -X POST \ + 'https://abcdefg.lambda-url.us-east-1.on.aws/' \ + -H 'Content-Type: application/json' \ + -d '{"num1": "10", "num2": "10"}' +``` + +You should see the following output: + +``` +The product of 10 and 10 is 100 +``` + +## Create a Lambda function with a function URL \(CloudFormation\) + +You can also create a Lambda function with a function URL endpoint using the AWS CloudFormation type `AWS::Lambda::Url`\. + +``` +Resources: + MyUrlFunction: + Type: AWS::Lambda::Function + Properties: + Handler: index.handler + Runtime: nodejs14.x + Role: arn:aws:iam::123456789012:role/lambda-url-role + Code: + ZipFile: | + exports.handler = async (event) => { + let body = JSON.parse(event.body) + const product = body.num1 * body.num2; + const response = { + statusCode: 200, + body: "The product of " + body.num1 + " and " + body.num2 + " is " + product, + }; + return response; + }; + Description: Create a function with a URL. + MyUrlFunctionPermissions: + Type: AWS::Lambda::Permission + Properties: + FunctionName: !Ref MyUrlFunction + Action: lambda:InvokeFunctionUrl + Principal: "*" + FunctionUrlAuthType: NONE + MyFunctionUrl: + Type: AWS::Lambda::Url + Properties: + TargetFunctionArn: !Ref MyUrlFunction + AuthType: NONE +``` + +## Create a Lambda function with a function URL \(AWS SAM\) + +You can also create a Lambda function configured with a function URL using AWS Serverless Application Model \(AWS SAM\)\. + +``` +ProductFunction: + Type: AWS::Serverless::Function + Properties: + CodeUri: function/. + Handler: index.handler + Runtime: nodejs14.x + AutoPublishAlias: live + FunctionUrlConfig: + AuthType: NONE +``` + +## Clean up your resources + +You can now delete the resources that you created for this tutorial, unless you want to retain them\. By deleting AWS resources that you're no longer using, you prevent unnecessary charges to your AWS account\. + +**To delete the execution role** + +1. Open the [Roles page](https://console.aws.amazon.com/iam/home#/roles) of the IAM console\. + +1. Select the execution role that you created\. + +1. Choose **Delete role**\. + +1. Choose **Yes, delete**\. + +**To delete the Lambda function** + +1. Open the [Functions page](https://console.aws.amazon.com/lambda/home#/functions) of the Lambda console\. + +1. Select the function that you created\. + +1. Choose **Actions**, then choose **Delete**\. + +1. Choose **Delete**\. \ No newline at end of file diff --git a/doc_source/using-extensions.md b/doc_source/using-extensions.md old mode 100755 new mode 100644 index a19746ec..c17ff88c --- a/doc_source/using-extensions.md +++ b/doc_source/using-extensions.md @@ -2,29 +2,12 @@ You can use Lambda extensions to augment your Lambda functions\. For example, use Lambda extensions to integrate functions with your preferred monitoring, observability, security, and governance tools\. You can choose from a broad set of tools that [AWS Lambda Partners](http://aws.amazon.com/lambda/partners/) provides, or you can [create your own Lambda extensions](runtimes-extensions-api.md)\. -Lambda supports external and internal extensions\. An external extension runs as an independent process in the execution environment and continues to run after the function invocation is fully processed\. Because extensions run as separate processes, you can write them in a different language than the function\. +Lambda supports external and internal extensions\. An external extension runs as an independent process in the execution environment and continues to run after the function invocation is fully processed\. Because extensions run as separate processes, you can write them in a different language than the function\. All [Lambda runtimes](lambda-runtimes.md) support extensions\. An internal extension runs as part of the runtime process\. Your function accesses internal extensions by using wrapper scripts or in\-process mechanisms such as `JAVA_TOOL_OPTIONS`\. For more information, see [Modifying the runtime environment](runtimes-modify.md)\. You can add extensions to a function using the Lambda console, the AWS Command Line Interface \(AWS CLI\), or infrastructure as code \(IaC\) services and tools such as AWS CloudFormation, AWS Serverless Application Model \(AWS SAM\), and Terraform\. -The following [Lambda runtimes](lambda-runtimes.md) support extensions: -+ \.NET Core 3\.1 \(C\#/PowerShell\) \(`dotnetcore3.1`\) -+ Custom runtime \(`provided`\) -+ Custom runtime on Amazon Linux 2 \(`provided.al2`\) -+ Java 11 \(Corretto\) \(`java11`\) -+ Java 8 \(Corretto\) \(`java8.al2`\) -+ Node\.js 14\.x \(`nodejs14.x`\) -+ Node\.js 12\.x \(`nodejs12.x`\) -+ Node\.js 10\.x \(`nodejs10.x`\) -+ Python 3\.9 \(`python3.9`\) -+ Python 3\.8 \(`python3.8`\) -+ Python 3\.7 \(`python3.7`\) -+ Ruby 2\.7 \(`ruby2.7`\) -+ Ruby 2\.5 \(`ruby2.5`\) - -Note that the Go 1\.x runtime does not support extensions\. To support extensions, you can create Go functions on the `provided.al2` runtime\. For more information, see [ Migrating Lambda functions to Amazon Linux 2](http://aws.amazon.com/blogs/compute/migrating-aws-lambda-functions-to-al2/)\. - You are charged for the execution time that the extension consumes \(in 1 ms increments\)\. For more pricing information for extensions, see [AWS Lambda Pricing](http://aws.amazon.com/lambda/pricing/)\. For pricing information for partner extensions, see those partners' websites\. There is no cost to install your own extensions\. **Topics** @@ -37,7 +20,7 @@ You are charged for the execution time that the extension consumes \(in 1 ms inc ## Execution environment -Lambda invokes your function in an [execution environment](runtimes-context.md), which provides a secure and isolated runtime environment\. The execution environment manages the resources required to run your function and provides lifecycle support for the function's runtime and extensions\. +Lambda invokes your function in an [execution environment](lambda-runtime-environment.md), which provides a secure and isolated runtime environment\. The execution environment manages the resources required to run your function and provides lifecycle support for the function's runtime and extensions\. The lifecycle of the execution environment includes the following phases: + `Init`: In this phase, Lambda creates or unfreezes an execution environment with the configured resources, downloads the code for the function and all layers, initializes any extensions, initializes the runtime, and then runs the function’s initialization code \(the code outside the main handler\)\. The `Init` phase happens either during the first invocation, or in advance of function invocations if you have enabled [provisioned concurrency](provisioned-concurrency.md)\. @@ -88,7 +71,7 @@ You add the extension to your function using the same method as you would for an ## Using extensions in container images -You can add extensions to your [container image](lambda-images.md)\. The ENTRYPOINT container image setting specifies the main process for the function\. Configure the ENTRYPOINT setting in the Dockerfile, or as an override in the function configuration\. +You can add extensions to your [container image](images-create.md)\. The ENTRYPOINT container image setting specifies the main process for the function\. Configure the ENTRYPOINT setting in the Dockerfile, or as an override in the function configuration\. You can run multiple processes within a container\. Lambda manages the lifecycle of the main process and any additional processes\. Lambda uses the [Extensions API](runtimes-extensions-api.md) to manage the extension lifecycle\. diff --git a/doc_source/welcome.md b/doc_source/welcome.md old mode 100755 new mode 100644 index 2071ad2b..4e77d8df --- a/doc_source/welcome.md +++ b/doc_source/welcome.md @@ -24,7 +24,7 @@ Lambda is a highly available service\. For more information, see the [AWS Lambda ## When should I use Lambda? -Lambda is an ideal compute service for many application scenarios, as long as you can run your application code using the Lambda [standard runtime environment](runtimes-context.md) and within the resources that Lambda provides\. Lambda is best suited for shorter, event\-driven workloads, since Lambda functions run for up to 15 minutes per invocation\. +Lambda is an ideal compute service for many application scenarios, as long as you can run your application code using the Lambda [standard runtime environment](lambda-runtime-environment.md) and within the resources that Lambda provides\. When using Lambda, you are responsible only for your code\. Lambda manages the compute fleet that offers a balance of memory, CPU, network, and other resources to run your code\. Because Lambda manages these resources, you cannot log in to compute instances or customize the operating system on [provided runtimes](lambda-runtimes.md)\. Lambda performs operational and administrative activities on your behalf, including managing capacity, monitoring, and logging your Lambda functions\. @@ -40,7 +40,7 @@ The following key features help you develop Lambda applications that are scalabl [Concurrency and scaling controls](invocation-scaling.md) such as concurrency limits and provisioned concurrency give you fine\-grained control over the scaling and responsiveness of your production applications\. **Functions defined as container images** -Use your preferred [container image](lambda-images.md) tooling, workflows, and dependencies to build, test, and deploy your Lambda functions\. +Use your preferred [container image](images-create.md) tooling, workflows, and dependencies to build, test, and deploy your Lambda functions\. **Code signing ** [Code signing](configuration-codesigning.md) for Lambda provides trust and integrity controls that let you verify that only unaltered code that approved developers have published is deployed in your Lambda functions\. @@ -96,7 +96,7 @@ You can create, invoke, and manage your Lambda functions using any of the follow + **AWS Command Line Interface \(AWS CLI\)** – Provides commands for a broad set of AWS services, including Lambda, and is supported on Windows, macOS, and Linux\. For more information, see [Using Lambda with the AWS CLI](gettingstarted-awscli.md)\. + **AWS SDKs** – Provide language\-specific APIs and manage many of the connection details, such as signature calculation, request retry handling, and error handling\. For more information, see [AWS SDKs](http://aws.amazon.com/tools/#SDKs)\. + **AWS CloudFormation** – Enables you to create templates that define your Lambda applications\. For more information, see [AWS Lambda applications](deploying-lambda-apps.md)\. AWS CloudFormation also supports the [AWS Cloud Development Kit \(CDK\)](http://aws.amazon.com/cdk)\. -+ **AWS Serverless Application Model \(AWS SAM\)** – Provides templates and a CLI to configure and manage AWS serverless applications\. For more information, see [AWS SAM](lambda-settingup.md#lambda-settingup-awssam)\. ++ **AWS Serverless Application Model \(AWS SAM\)** – Provides templates and a CLI to configure and manage AWS serverless applications\. For more information, see [SAM CLI](lambda-settingup.md#lambda-settingup-samcli)\. diff --git a/doc_source/with-android-create-package.md b/doc_source/with-android-create-package.md old mode 100755 new mode 100644 diff --git a/doc_source/with-android-example.md b/doc_source/with-android-example.md old mode 100755 new mode 100644 index 205569ac..9b71a9ac --- a/doc_source/with-android-example.md +++ b/doc_source/with-android-example.md @@ -6,7 +6,7 @@ The mobile application retrieves AWS credentials from an Amazon Cognito identity ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/with-cloudtrail-create-package.md b/doc_source/with-cloudtrail-create-package.md old mode 100755 new mode 100644 diff --git a/doc_source/with-cloudtrail-example.md b/doc_source/with-cloudtrail-example.md old mode 100755 new mode 100644 index d1293e28..56ef6580 --- a/doc_source/with-cloudtrail-example.md +++ b/doc_source/with-cloudtrail-example.md @@ -10,7 +10,7 @@ Use the following instructions to create a Lambda function that notifies you whe ## Requirements -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. Before you begin, make sure that you have the following tools: + [Node\.js 12\.x with `npm`](https://nodejs.org/en/download/releases/)\. diff --git a/doc_source/with-cloudtrail.md b/doc_source/with-cloudtrail.md old mode 100755 new mode 100644 diff --git a/doc_source/with-ddb-create-package.md b/doc_source/with-ddb-create-package.md old mode 100755 new mode 100644 diff --git a/doc_source/with-ddb-example.md b/doc_source/with-ddb-example.md old mode 100755 new mode 100644 index 1ddadfdb..31e4fbe5 --- a/doc_source/with-ddb-example.md +++ b/doc_source/with-ddb-example.md @@ -4,7 +4,7 @@ ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/with-ddb.md b/doc_source/with-ddb.md old mode 100755 new mode 100644 index 635f7a30..45371233 --- a/doc_source/with-ddb.md +++ b/doc_source/with-ddb.md @@ -162,7 +162,7 @@ To manage an event source with the [AWS Command Line Interface \(AWS CLI\)](http The following example uses the AWS CLI to map a function named `my-function` to a DynamoDB stream that its Amazon Resource Name \(ARN\) specifies, with a batch size of 500\. ``` -aws lambda create-event-source-mapping --function-name my-function --batch-size 500 --starting-position LATEST \ +aws lambda create-event-source-mapping --function-name my-function --batch-size 500 --maximum-batching-window-in-seconds 5 --starting-position LATEST \ --event-source-arn arn:aws:dynamodb:us-east-2:123456789012:table/my-table/stream/2019-06-10T19:26:16.525 ``` @@ -172,7 +172,7 @@ You should see the following output: { "UUID": "14e0db71-5d35-4eb5-b481-8945cf9d10c2", "BatchSize": 500, - "MaximumBatchingWindowInSeconds": 0, + "MaximumBatchingWindowInSeconds": 5, "ParallelizationFactor": 1, "EventSourceArn": "arn:aws:dynamodb:us-east-2:123456789012:table/my-table/stream/2019-06-10T19:26:16.525", "FunctionArn": "arn:aws:lambda:us-east-2:123456789012:function:my-function", @@ -550,6 +550,8 @@ When a partial batch success response is received and both `BisectBatchOnFunctio import com.amazonaws.services.lambda.runtime.Context; import com.amazonaws.services.lambda.runtime.RequestHandler; import com.amazonaws.services.lambda.runtime.events.DynamodbEvent; +import com.amazonaws.services.lambda.runtime.events.StreamsEventResponse; +import com.amazonaws.services.lambda.runtime.events.models.dynamodb.StreamRecord; import java.io.Serializable; import java.util.ArrayList; @@ -558,17 +560,17 @@ import java.util.List; public class ProcessDynamodbRecords implements RequestHandler { @Override - public Serializable handleRequest(DynamodbEvent input, Context context) { + public StreamsEventResponse handleRequest(DynamodbEvent input, Context context) { - List batchItemFailures = new ArrayList<*>(); + List batchItemFailures = new ArrayList<>(); String curRecordSequenceNumber = ""; - for (DynamodbEvent.DynamodbEventRecord dynamodbEventRecord : input.getRecords()) { - try { + for (DynamodbEvent.DynamodbStreamRecord dynamodbStreamRecord : input.getRecords()) { + try { //Process your record - DynamodbEvent.Record dynamodbRecord = dynamodbEventRecord.getDynamodb(); + StreamRecord dynamodbRecord = dynamodbStreamRecord.getDynamodb(); curRecordSequenceNumber = dynamodbRecord.getSequenceNumber(); - + } catch (Exception e) { //Return failed record's sequence number batchItemFailures.add(new StreamsEventResponse.BatchItemFailure(curRecordSequenceNumber)); @@ -576,7 +578,7 @@ public class ProcessDynamodbRecords implements RequestHandler -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/with-kinesis.md b/doc_source/with-kinesis.md old mode 100755 new mode 100644 index 139150a5..325c0d8f --- a/doc_source/with-kinesis.md +++ b/doc_source/with-kinesis.md @@ -499,17 +499,18 @@ When a partial batch success response is received and both `BisectBatchOnFunctio import com.amazonaws.services.lambda.runtime.Context; import com.amazonaws.services.lambda.runtime.RequestHandler; import com.amazonaws.services.lambda.runtime.events.KinesisEvent; +import com.amazonaws.services.lambda.runtime.events.StreamsEventResponse; import java.io.Serializable; import java.util.ArrayList; import java.util.List; -public class ProcessKinesisRecords implements RequestHandler { +public class ProcessKinesisRecords implements RequestHandler { @Override - public Serializable handleRequest(KinesisEvent input, Context context) { + public StreamsEventResponse handleRequest(KinesisEvent input, Context context) { - List batchItemFailures = new ArrayList<*>(); + List batchItemFailures = new ArrayList<>(); String curRecordSequenceNumber = ""; for (KinesisEvent.KinesisEventRecord kinesisEventRecord : input.getRecords()) { diff --git a/doc_source/with-mq.md b/doc_source/with-mq.md old mode 100755 new mode 100644 index b3fa1075..e3e690bf --- a/doc_source/with-mq.md +++ b/doc_source/with-mq.md @@ -48,7 +48,7 @@ You can monitor a given function's concurrency usage using the `ConcurrentExecut ``` { "eventSource": "aws:amq", - "eventSourceArn": "arn:aws:mq:us-west-2:112556298976:broker:test:b-9bcfa592-423a-4942-879d-eb284b418fc8", + "eventSourceArn": "arn:aws:mq:us-west-2:111122223333:broker:test:b-9bcfa592-423a-4942-879d-eb284b418fc8", "messages": [ { "messageID": "ID:b-9bcfa592-423a-4942-879d-eb284b418fc8-1.mq.us-west-2.amazonaws.com-37557-1234520418293-4:1:1:1:1", @@ -83,7 +83,7 @@ You can monitor a given function's concurrency usage using the `ConcurrentExecut ``` { "eventSource": "aws:rmq", - "eventSourceArn": "arn:aws:mq:us-west-2:112556298976:broker:pizzaBroker:b-9bcfa592-423a-4942-879d-eb284b418fc8", + "eventSourceArn": "arn:aws:mq:us-west-2:111122223333:broker:pizzaBroker:b-9bcfa592-423a-4942-879d-eb284b418fc8", "rmqMessagesByQueue": { "pizzaQueue::/": [ { @@ -112,7 +112,7 @@ You can monitor a given function's concurrency usage using the `ConcurrentExecut ] }, "numberInHeader": 10 - } + }, "deliveryMode": 1, "priority": 34, "correlationId": null, diff --git a/doc_source/with-msk.md b/doc_source/with-msk.md old mode 100755 new mode 100644 index e40d9def..c4f4809a --- a/doc_source/with-msk.md +++ b/doc_source/with-msk.md @@ -22,7 +22,7 @@ Lambda sends the batch of messages in the event parameter when it invokes your f "mytopic-0":[ { "topic":"mytopic", - "partition":"0", + "partition":0, "offset":15, "timestamp":1545084650987, "timestampType":"CREATE_TIME", @@ -50,8 +50,6 @@ Lambda sends the batch of messages in the event parameter when it invokes your f } ``` -For an example of how to use Amazon MSK as an event source, see [Using Amazon MSK as an event source for AWS Lambda](http://aws.amazon.com/blogs/compute/using-amazon-msk-as-an-event-source-for-aws-lambda/) on the AWS Compute Blog\. For a complete tutorial, see [Amazon MSK Lambda Integration](https://amazonmsk-labs.workshop.aws/en/msklambda.html) in the Amazon MSK Labs\. - **Topics** + [MSK cluster authentication](#msk-cluster-permissions) + [Managing API access and permissions](#msk-permissions) @@ -197,7 +195,7 @@ In addition to accessing the Amazon MSK cluster, your function needs permissions ### Required Lambda function execution role permissions Your Lambda function's [execution role](lambda-intro-execution-role.md) must have the following permissions to access the MSK cluster on your behalf\. You can either add the AWS managed policy `AWSLambdaMSKExecutionRole` to your execution role, or create a custom policy with permission to perform the following actions: -+ [kafka:DescribeCluster](https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn.html#clusters-clusterarnget) ++ [kafka:DescribeClusterV2](https://docs.aws.amazon.com/MSK/2.0/APIReference/v2-clusters-clusterarn.html#v2-clusters-clusterarnget) + [kafka:GetBootstrapBrokers](https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-bootstrap-brokers.html#clusters-clusterarn-bootstrap-brokersget) + [ec2:CreateNetworkInterface](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) + [ec2:DescribeNetworkInterfaces](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeNetworkInterfaces.html) diff --git a/doc_source/with-on-demand-custom-android.md b/doc_source/with-on-demand-custom-android.md old mode 100755 new mode 100644 diff --git a/doc_source/with-s3-example-use-app-spec.md b/doc_source/with-s3-example-use-app-spec.md old mode 100755 new mode 100644 diff --git a/doc_source/with-s3-example.md b/doc_source/with-s3-example.md old mode 100755 new mode 100644 index 6eb4fcf1..e8060b21 --- a/doc_source/with-s3-example.md +++ b/doc_source/with-s3-example.md @@ -8,7 +8,7 @@ We recommend that you complete this console\-based tutorial before you try the [ To use Lambda and other AWS services, you need an AWS account\. If you do not have an account, visit [aws\.amazon\.com](https://aws.amazon.com/) and choose **Create an AWS Account**\. For instructions, see [How do I create and activate a new AWS account?](http://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/) -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. ## Create a bucket and upload a sample object diff --git a/doc_source/with-s3-tutorial.md b/doc_source/with-s3-tutorial.md old mode 100755 new mode 100644 diff --git a/doc_source/with-s3.md b/doc_source/with-s3.md old mode 100755 new mode 100644 diff --git a/doc_source/with-secrets-manager.md b/doc_source/with-secrets-manager.md old mode 100755 new mode 100644 diff --git a/doc_source/with-sns-create-package.md b/doc_source/with-sns-create-package.md old mode 100755 new mode 100644 diff --git a/doc_source/with-sns-example.md b/doc_source/with-sns-example.md old mode 100755 new mode 100644 index e5f82e7b..e65d8177 --- a/doc_source/with-sns-example.md +++ b/doc_source/with-sns-example.md @@ -4,7 +4,7 @@ You can use a Lambda function in one AWS account to subscribe to an Amazon SNS t ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/with-sns.md b/doc_source/with-sns.md old mode 100755 new mode 100644 diff --git a/doc_source/with-sqs-create-package.md b/doc_source/with-sqs-create-package.md old mode 100755 new mode 100644 diff --git a/doc_source/with-sqs-cross-account-example.md b/doc_source/with-sqs-cross-account-example.md old mode 100755 new mode 100644 index 758947c6..0f5b2044 --- a/doc_source/with-sqs-cross-account-example.md +++ b/doc_source/with-sqs-cross-account-example.md @@ -4,7 +4,7 @@ In this tutorial, you create a Lambda function that consumes messages from an Am ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/with-sqs-example-use-app-spec.md b/doc_source/with-sqs-example-use-app-spec.md old mode 100755 new mode 100644 diff --git a/doc_source/with-sqs-example.md b/doc_source/with-sqs-example.md old mode 100755 new mode 100644 index e610dccd..3b22cff6 --- a/doc_source/with-sqs-example.md +++ b/doc_source/with-sqs-example.md @@ -4,7 +4,7 @@ In this tutorial, you create a Lambda function that consumes messages from an [A ## Prerequisites -This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Getting started with Lambda](getting-started-create-function.md) to create your first Lambda function\. +This tutorial assumes that you have some knowledge of basic Lambda operations and the Lambda console\. If you haven't already, follow the instructions in [Create a Lambda function with the console](getting-started.md#getting-started-create-function) to create your first Lambda function\. To complete the following steps, you need a command line terminal or shell to run commands\. Commands and the expected output are listed in separate blocks: diff --git a/doc_source/with-sqs.md b/doc_source/with-sqs.md old mode 100755 new mode 100644