README
¶
Cargo Lambda CDK construct
This library provides constructs for Rust Lambda functions built with Cargo Lambda
To use this module you will either need to have Cargo Lambda installed (0.12.0 or later), or Docker installed.
See Local Bundling/Docker Bundling for more information.
Installation
JavaScript / TypeScript
You can add the npm package to your program as follows,
npm i cargo-lambda-cdk
Or using any other compatible package manager
Go
Add the following to your imports,
github.com/cargo-lambda/cargo-lambda-cdk/cargolambdacdk
Python
You can add the Python package using pip, or any other package manager compatible with PyPI,
pip install cargo-lambda-cdk
Rust Function
Define a RustFunction:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(stack, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
});
The layout for this Rust project could look like this:
lambda-project
├── Cargo.toml
└── src
└── main.rs
Runtime
The RustFunction uses the provided.al2023 runtime. If you want to change it, you can use the property runtime. The only other valid option is provided.al2:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(stack, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
runtime: 'provided.al2',
});
Rust Extension
Define a RustExtension that get's deployed as a layer to use it with any other function later.
import { RustExtension, RustFunction } from 'cargo-lambda-cdk';
import { Architecture } from 'aws-cdk-lib/aws-lambda';
const extensionLayer = new RustExtension(this, 'Rust extension', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
architecture: Architecture.ARM_64,
});
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
layers: [
extensionLayer
],
});
Remote Git sources
Both RustFunction and RustExtension support cloning a git repository to get the source code for the function or extension.
To download the source code from a remote git repository, specify the gitRemote. This option can be a valid git remote url, such as https://github.com/your_user/your_repo, or a valid ssh url, such as git@github.com:your_user/your_repo.git.
By default, the latest commit from the HEAD branch will be downloaded. To download a different git reference, specify the gitReference option. This can be a branch name, tag, or commit hash.
If you want to always clone the repository even if it has already been cloned to the temporary directory, set the gitForceClone option to true.
If you specify a manifestPath, it will be relative to the root of the git repository once it has been cloned.
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(stack, 'Rust function', {
gitRemote: 'https://github.com/your_user/your_repo',
gitReference: 'branch',
gitForceClone: true,
});
Bundling
Bundling is the process by which cargo lambda gets called to build, package, and deliver the Rust
binary for CDK. This construct provides two methods of bundling:
- Local bundling where the locally installed cargo lambda tool will run
- Docker bundling where a Dockerfile can be specified to build an image
Local Bundling
If Cargo Lambda is installed locally then it will be used to bundle your code in your environment. Otherwise, bundling will happen in a Lambda compatible Docker container with the Docker platform based on the target architecture of the Lambda function.
Environment
Use the environment prop to define additional environment variables when Cargo Lambda runs:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
environment: {
HELLO: 'WORLD',
},
},
});
Cargo Build profiles
Use the profile option if you want to build with a different Cargo profile that's not release:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
profile: 'dev'
},
});
Cargo Lambda Build flags
Use the cargoLambdaFlags option to add additional flags to the cargo lambda build command that's executed to bundle your function. You don't need to use this flag to set options like the target architecture or the binary to compile, since the construct infers those from other props.
If these flags include a --target flag, it will override the architecture option. If these flags include a --release or --profile flag, it will override the release or any other profile specified.
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
cargoLambdaFlags: [
'--target',
'x86_64-unknown-linux-musl',
'--debug',
'--disable-optimizations',
],
},
});
Docker
To force bundling in a docker container even if Cargo Lambda is available in your environment, set the forcedDockerBundling prop to true. This is useful if you want to make sure that your function is built in a consistent Lambda compatible environment.
By default, these constructs use ghcr.io/cargo-lambda/cargo-lambda as the image to build with. Use the bundling.dockerImage prop to use a custom bundling image:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
dockerImage: DockerImage.fromBuild('/path/to/Dockerfile'),
},
});
Additional docker options such as the user, file access, working directory or volumes can be configured by using the bundling.dockerOptions prop:
import * as cdk from 'aws-cdk-lib';
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
dockerOptions: {
bundlingFileAccess: cdk.BundlingFileAccess.VOLUME_COPY,
},
},
});
This property mirrors values from the cdk.BundlingOptions and is passed into Code.fromAsset.
If you want to use a custom Docker image, you can use the bundling.dockerImage prop:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
dockerImage: DockerImage.fromRegistry('your_docker_image'),
},
});
If you want to mount additional volumes to the Docker container, you can use the dockerOptions.volumes prop. This is useful if you want to mount Cargo's cache directory to speed up the build process. The CARGO_HOME in the default image is /usr/local/cargo.
import { RustFunction } from 'cargo-lambda-cdk';
import { homedir } from 'os';
import { join } from 'path';
const cargoHome = process.env.CARGO_HOME || join(homedir(), '.cargo');
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
dockerOptions: {
volumes: [{
hostPath: join(cargoHome, 'registry'),
containerPath: '/usr/local/cargo/registry',
},
{
hostPath: join(cargoHome, 'git'),
containerPath: '/usr/local/cargo/git',
}],
},
},
});
Command hooks
It is possible to run additional commands by specifying the commandHooks prop:
import { RustFunction } from 'cargo-lambda-cdk';
new RustFunction(this, 'Rust function', {
manifestPath: 'path/to/package/directory/with/Cargo.toml',
bundling: {
commandHooks: {
// run tests
beforeBundling(inputDir: string, _outputDir: string): string[] {
return ['cargo test'];
},
},
},
});
The following hooks are available:
beforeBundling: runs before all bundling commandsafterBundling: runs after all bundling commands
They all receive the directory containing the Cargo.toml file (inputDir) and the
directory where the bundled asset will be output (outputDir). They must return
an array of commands to run. Commands are chained with &&.
The commands will run in the environment in which bundling occurs: inside the container for Docker bundling or on the host OS for local bundling.
Additional considerations
Depending on how you structure your Rust application, you may want to change the assetHashType parameter.
By default this parameter is set to AssetHashType.OUTPUT which means that the CDK will calculate the asset hash
(and determine whether or not your code has changed) based on the Rust executable that is created.
If you specify AssetHashType.SOURCE, the CDK will calculate the asset hash by looking at the folder
that contains your Cargo.toml file. If you are deploying a single Lambda function, or you want to redeploy
all of your functions if anything changes, then AssetHashType.SOURCE will probaby work.
LICENSE
This software is released under MIT license.
Documentation
¶
Overview ¶
CDK Construct to build Rust functions with Cargo Lambda
Index ¶
- func NewRustExtension_Override(r RustExtension, scope constructs.Construct, resourceName *string, ...)
- func NewRustFunction_Override(r RustFunction, scope constructs.Construct, resourceName *string, ...)
- func RustExtension_FromLayerVersionArn(scope constructs.Construct, id *string, layerVersionArn *string) awslambda.ILayerVersion
- func RustExtension_FromLayerVersionAttributes(scope constructs.Construct, id *string, ...) awslambda.ILayerVersion
- func RustExtension_IsConstruct(x interface{}) *bool
- func RustExtension_IsOwnedResource(construct constructs.IConstruct) *bool
- func RustExtension_IsResource(construct constructs.IConstruct) *bool
- func RustFunction_ClassifyVersionProperty(propertyName *string, locked *bool)
- func RustFunction_FromFunctionArn(scope constructs.Construct, id *string, functionArn *string) awslambda.IFunction
- func RustFunction_FromFunctionAttributes(scope constructs.Construct, id *string, attrs *awslambda.FunctionAttributes) awslambda.IFunction
- func RustFunction_FromFunctionName(scope constructs.Construct, id *string, functionName *string) awslambda.IFunction
- func RustFunction_IsConstruct(x interface{}) *bool
- func RustFunction_IsOwnedResource(construct constructs.IConstruct) *bool
- func RustFunction_IsResource(construct constructs.IConstruct) *bool
- func RustFunction_MetricAll(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
- func RustFunction_MetricAllConcurrentExecutions(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
- func RustFunction_MetricAllDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
- func RustFunction_MetricAllErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
- func RustFunction_MetricAllInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
- func RustFunction_MetricAllThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
- func RustFunction_MetricAllUnreservedConcurrentExecutions(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
- type BundlingOptions
- type DockerOptions
- type ICommandHooks
- type RustExtension
- type RustExtensionProps
- type RustFunction
- type RustFunctionProps
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func NewRustExtension_Override ¶
func NewRustExtension_Override(r RustExtension, scope constructs.Construct, resourceName *string, props *RustExtensionProps)
func NewRustFunction_Override ¶
func NewRustFunction_Override(r RustFunction, scope constructs.Construct, resourceName *string, props *RustFunctionProps)
func RustExtension_FromLayerVersionArn ¶
func RustExtension_FromLayerVersionArn(scope constructs.Construct, id *string, layerVersionArn *string) awslambda.ILayerVersion
Imports a layer version by ARN.
Assumes it is compatible with all Lambda runtimes.
func RustExtension_FromLayerVersionAttributes ¶
func RustExtension_FromLayerVersionAttributes(scope constructs.Construct, id *string, attrs *awslambda.LayerVersionAttributes) awslambda.ILayerVersion
Imports a Layer that has been defined externally.
func RustExtension_IsConstruct ¶
func RustExtension_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func RustExtension_IsOwnedResource ¶ added in v0.0.20
func RustExtension_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func RustExtension_IsResource ¶
func RustExtension_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func RustFunction_ClassifyVersionProperty ¶
Record whether specific properties in the `AWS::Lambda::Function` resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
func RustFunction_FromFunctionArn ¶
func RustFunction_FromFunctionArn(scope constructs.Construct, id *string, functionArn *string) awslambda.IFunction
Import a lambda function into the CDK using its ARN.
func RustFunction_FromFunctionAttributes ¶
func RustFunction_FromFunctionAttributes(scope constructs.Construct, id *string, attrs *awslambda.FunctionAttributes) awslambda.IFunction
Creates a Lambda function object which represents a function not defined within this stack.
func RustFunction_FromFunctionName ¶ added in v0.0.20
func RustFunction_FromFunctionName(scope constructs.Construct, id *string, functionName *string) awslambda.IFunction
Import a lambda function into the CDK using its name.
func RustFunction_IsConstruct ¶
func RustFunction_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead.
func RustFunction_IsOwnedResource ¶ added in v0.0.20
func RustFunction_IsOwnedResource(construct constructs.IConstruct) *bool
Returns true if the construct was created by CDK, and false otherwise.
func RustFunction_IsResource ¶
func RustFunction_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func RustFunction_MetricAll ¶
func RustFunction_MetricAll(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
Return the given named metric for this Lambda.
func RustFunction_MetricAllConcurrentExecutions ¶
func RustFunction_MetricAllConcurrentExecutions(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
Metric for the number of concurrent executions across all Lambdas. Default: max over 5 minutes.
func RustFunction_MetricAllDuration ¶
func RustFunction_MetricAllDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
Metric for the Duration executing all Lambdas. Default: average over 5 minutes.
func RustFunction_MetricAllErrors ¶
func RustFunction_MetricAllErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
Metric for the number of Errors executing all Lambdas. Default: sum over 5 minutes.
func RustFunction_MetricAllInvocations ¶
func RustFunction_MetricAllInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
Metric for the number of invocations of all Lambdas. Default: sum over 5 minutes.
func RustFunction_MetricAllThrottles ¶
func RustFunction_MetricAllThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
Metric for the number of throttled invocations of all Lambdas. Default: sum over 5 minutes.
func RustFunction_MetricAllUnreservedConcurrentExecutions ¶
func RustFunction_MetricAllUnreservedConcurrentExecutions(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
Metric for the number of unreserved concurrent executions across all Lambdas. Default: max over 5 minutes.
Types ¶
type BundlingOptions ¶
type BundlingOptions struct {
// The system architecture of the lambda function.
// Default: - X86_64.
//
Architecture awslambda.Architecture `field:"optional" json:"architecture" yaml:"architecture"`
// Specify a custom hash for this asset.
//
// If `assetHashType` is set it must
// be set to `AssetHashType.CUSTOM`. For consistency, this custom hash will
// be SHA256 hashed and encoded as hex. The resulting hash will be the asset
// hash.
//
// NOTE: the hash is used in order to identify a specific revision of the asset, and
// used for optimizing and caching deployment activities related to this asset such as
// packaging, uploading to Amazon S3, etc. If you chose to customize the hash, you will
// need to make sure it is updated every time the asset changes, or otherwise it is
// possible that some deployments will not be invalidated.
// Default: - based on `assetHashType`.
//
AssetHash *string `field:"optional" json:"assetHash" yaml:"assetHash"`
// Determines how the asset hash is calculated.
//
// Assets will
// get rebuilt and uploaded only if their hash has changed.
// Default: - AssetHashType.OUTPUT. If `assetHash` is also specified,
// the default is `CUSTOM`.
//
AssetHashType awscdk.AssetHashType `field:"optional" json:"assetHashType" yaml:"assetHashType"`
// Additional list of flags to pass to `cargo lambda build`.
CargoLambdaFlags *[]*string `field:"optional" json:"cargoLambdaFlags" yaml:"cargoLambdaFlags"`
// Command hooks.
// Default: - do not run additional commands.
//
CommandHooks ICommandHooks `field:"optional" json:"commandHooks" yaml:"commandHooks"`
// A custom bundling Docker image.
// Default: - use the Docker image provided by calavera/cargo-lambda:latest.
//
DockerImage awscdk.DockerImage `field:"optional" json:"dockerImage" yaml:"dockerImage"`
// Additional options when using docker bundling.
// Default: - the same defaults as specified by `cdk.BundlingOptions`
//
DockerOptions *DockerOptions `field:"optional" json:"dockerOptions" yaml:"dockerOptions"`
// Environment variables defined when Cargo runs.
// Default: - no environment variables are defined.
//
Environment *map[string]*string `field:"optional" json:"environment" yaml:"environment"`
// Force bundling in a Docker container even if local bundling is possible.
// Default: - false.
//
ForcedDockerBundling *bool `field:"optional" json:"forcedDockerBundling" yaml:"forcedDockerBundling"`
// Specify the Cargo Build profile to use.
// Default: - `release`.
//
Profile *string `field:"optional" json:"profile" yaml:"profile"`
}
Bundling options.
type DockerOptions ¶ added in v0.0.20
type DockerOptions struct {
// The access mechanism used to make source files available to the bundling container and to return the bundling output back to the host.
// Default: - BundlingFileAccess.BIND_MOUNT
//
BundlingFileAccess awscdk.BundlingFileAccess `field:"optional" json:"bundlingFileAccess" yaml:"bundlingFileAccess"`
// The command to run in the Docker container.
//
// This is normally controlled by the `RustFunction`
// but can be overridden here.
// Default: - a cargo lambda compilation.
//
Command *[]*string `field:"optional" json:"command" yaml:"command"`
// The entrypoint to run in the Docker container.
// See: https://docs.docker.com/engine/reference/builder/#entrypoint
//
// Default: - run the entrypoint defined in the image.
//
Entrypoint *[]*string `field:"optional" json:"entrypoint" yaml:"entrypoint"`
// Local bundling provider.
//
// This is normally controlled by the `RustFunction`
// but can be overridden here.
// Default: - bundling will be performed locally if Rust and cargo-lambda are
// installed and `forcedDockerBundling` is not true, otherwise it will be performed
// in the docker container.
//
Local awscdk.ILocalBundling `field:"optional" json:"local" yaml:"local"`
// Docker [Networking options](https://docs.docker.com/engine/reference/commandline/run/#connect-a-container-to-a-network---network).
// Default: - no networking options.
//
Network *string `field:"optional" json:"network" yaml:"network"`
// The type of output that this bundling operation is producing.
// Default: BundlingOutput.AUTO_DISCOVER
//
OutputType awscdk.BundlingOutput `field:"optional" json:"outputType" yaml:"outputType"`
// [Security configuration](https://docs.docker.com/engine/reference/run/#security-configuration) when running the docker container.
// Default: - no security options.
//
SecurityOpt *string `field:"optional" json:"securityOpt" yaml:"securityOpt"`
// The user to use when running the Docker container.
//
// user | user:group | uid | uid:gid | user:gid | uid:group.
// See: https://docs.docker.com/engine/reference/run/#user
//
// Default: - uid:gid of the current user or 1000:1000 on Windows.
//
User *string `field:"optional" json:"user" yaml:"user"`
// Additional Docker volumes to mount.
// Default: - no additional volumes are mounted.
//
Volumes *[]*awscdk.DockerVolume `field:"optional" json:"volumes" yaml:"volumes"`
// Where to mount the specified volumes from.
// See: https://docs.docker.com/engine/reference/commandline/run/#mount-volumes-from-container---volumes-from
//
// Default: - no containers are specified to mount volumes from.
//
VolumesFrom *[]*string `field:"optional" json:"volumesFrom" yaml:"volumesFrom"`
// Working directory inside the Docker container.
// Default: /asset-input.
//
WorkingDirectory *string `field:"optional" json:"workingDirectory" yaml:"workingDirectory"`
}
Additional docker options when using docker bundling.
Default values here inherit from `cdk.BundlingOptions`.
type ICommandHooks ¶
type ICommandHooks interface {
// Returns commands to run after bundling.
//
// Commands are chained with `&&`.
AfterBundling(inputDir *string, outputDir *string) *[]*string
// Returns commands to run before bundling.
//
// Commands are chained with `&&`.
BeforeBundling(inputDir *string, outputDir *string) *[]*string
}
Command hooks.
These commands will run in the environment in which bundling occurs: inside the container for Docker bundling or on the host OS for local bundling.
Commands are chained with `&&`.
```text
{
// Run tests prior to bundling
beforeBundling(inputDir: string, outputDir: string): string[] {
return [`cargo test`];
}
// ...
}
```.
type RustExtension ¶
type RustExtension interface {
awslambda.LayerVersion
// The runtimes compatible with this Layer.
CompatibleRuntimes() *[]awslambda.Runtime
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// The ARN of the Lambda Layer version that this Layer defines.
LayerVersionArn() *string
// The tree node.
Node() constructs.Node
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
// The stack in which this resource is defined.
Stack() awscdk.Stack
// Add permission for this layer version to specific entities.
//
// Usage within
// the same account where the layer is defined is always allowed and does not
// require calling this method. Note that the principal that creates the
// Lambda function using the layer (for example, a CloudFormation changeset
// execution role) also needs to have the “lambda:GetLayerVersion“
// permission on the layer version.
AddPermission(id *string, permission *awslambda.LayerVersionPermission)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
// Returns a string representation of this construct.
ToString() *string
}
A Lambda extension written in Rust.
func NewRustExtension ¶
func NewRustExtension(scope constructs.Construct, resourceName *string, props *RustExtensionProps) RustExtension
type RustExtensionProps ¶
type RustExtensionProps struct {
// The description the this Lambda Layer.
// Default: - No description.
//
Description *string `field:"optional" json:"description" yaml:"description"`
// The name of the layer.
// Default: - A name will be generated.
//
LayerVersionName *string `field:"optional" json:"layerVersionName" yaml:"layerVersionName"`
// The SPDX licence identifier or URL to the license file for this layer.
// Default: - No license information will be recorded.
//
License *string `field:"optional" json:"license" yaml:"license"`
// Whether to retain this version of the layer when a new version is added or when the stack is deleted.
// Default: RemovalPolicy.DESTROY
//
RemovalPolicy awscdk.RemovalPolicy `field:"optional" json:"removalPolicy" yaml:"removalPolicy"`
// The system architecture of the lambda extension.
// Default: - Architecture.X86_64
//
Architecture awslambda.Architecture `field:"optional" json:"architecture" yaml:"architecture"`
// The name of the binary to build, in case that's different than the package's name.
BinaryName *string `field:"optional" json:"binaryName" yaml:"binaryName"`
// Bundling options.
// Default: - use default bundling options.
//
Bundling *BundlingOptions `field:"optional" json:"bundling" yaml:"bundling"`
// Always clone the repository if using the `gitRemote` option, even if it has already been cloned to the temporary directory.
// Default: - clones only if the repository and reference don't already exist in the
// temporary directory.
//
GitForceClone *bool `field:"optional" json:"gitForceClone" yaml:"gitForceClone"`
// The git reference to checkout. This can be a branch, tag, or commit hash.
//
// If this option is not provided, `git clone` will run with the flag `--depth 1`.
// Default: - the default branch, i.e. HEAD.
//
GitReference *string `field:"optional" json:"gitReference" yaml:"gitReference"`
// The git remote URL to clone (e.g `https://github.com/your_user/your_repo`).
//
// This repository will be cloned to a temporary directory using `git`.
// The `git` command must be available in the PATH.
GitRemote *string `field:"optional" json:"gitRemote" yaml:"gitRemote"`
// Path to a directory containing your Cargo.toml file, or to your Cargo.toml directly.
//
// This will accept a directory path containing a `Cargo.toml` file (i.e. `path/to/package`), or a filepath to your
// `Cargo.toml` file (i.e. `path/to/Cargo.toml`). When the `gitRemote` option is provided,
// the `manifestPath` is relative to the root of the git repository.
// Default: - check the current directory for a `Cargo.toml` file, and throws
// an error if the file doesn't exist.
//
ManifestPath *string `field:"optional" json:"manifestPath" yaml:"manifestPath"`
}
Properties for a RustExtension.
type RustFunction ¶
type RustFunction interface {
awslambda.Function
// The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
Architecture() awslambda.Architecture
// Whether the addPermission() call adds any permissions.
//
// True for new Lambdas, false for version $LATEST and imported Lambdas
// from different accounts.
CanCreatePermissions() *bool
// Access the Connections object.
//
// Will fail if not a VPC-enabled Lambda Function.
Connections() awsec2.Connections
// Returns a `lambda.Version` which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
//
// You can specify options for this version using the `currentVersionOptions`
// prop when initializing the `lambda.Function`.
CurrentVersion() awslambda.Version
// The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
DeadLetterQueue() awssqs.IQueue
// The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
DeadLetterTopic() awssns.ITopic
// The environment this resource belongs to.
//
// For resources that are created and managed by the CDK
// (generally, those created by creating new class instances like Role, Bucket, etc.),
// this is always the same as the environment of the stack they belong to;
// however, for imported resources
// (those obtained from static methods like fromRoleArn, fromBucketName, etc.),
// that might be different than the stack they were imported into.
Env() *awscdk.ResourceEnvironment
// ARN of this function.
FunctionArn() *string
// Name of this function.
FunctionName() *string
// The principal this Lambda Function is running as.
GrantPrincipal() awsiam.IPrincipal
// Whether or not this Lambda function was bound to a VPC.
//
// If this is is `false`, trying to access the `connections` object will fail.
IsBoundToVpc() *bool
// The `$LATEST` version of this function.
//
// Note that this is reference to a non-specific AWS Lambda version, which
// means the function this version refers to can return different results in
// different invocations.
//
// To obtain a reference to an explicit version which references the current
// function configuration, use `lambdaFunction.currentVersion` instead.
LatestVersion() awslambda.IVersion
// The LogGroup where the Lambda function's logs are made available.
//
// If either `logRetention` is set or this property is called, a CloudFormation custom resource is added to the stack that
// pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
// period (never expire, by default).
//
// Further, if the log group already exists and the `logRetention` is not set, the custom resource will reset the log retention
// to never expire even if it was configured with a different value.
LogGroup() awslogs.ILogGroup
// The tree node.
Node() constructs.Node
// The construct node where permissions are attached.
PermissionsNode() constructs.Node
// Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource.
//
// This value will resolve to one of the following:
// - a concrete value (e.g. `"my-awesome-bucket"`)
// - `undefined`, when a name should be generated by CloudFormation
// - a concrete name generated automatically during synthesis, in
// cross-environment scenarios.
PhysicalName() *string
// The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
ResourceArnsForGrantInvoke() *[]*string
// Execution role associated with this function.
Role() awsiam.IRole
// The runtime configured for this lambda.
Runtime() awslambda.Runtime
// The stack in which this resource is defined.
Stack() awscdk.Stack
// The timeout configured for this lambda.
Timeout() awscdk.Duration
// Defines an alias for this function.
//
// The alias will automatically be updated to point to the latest version of
// the function as it is being updated during a deployment.
//
// “`ts
// declare const fn: lambda.Function;
//
// fn.addAlias('Live');
//
// // Is equivalent to
//
// new lambda.Alias(this, 'AliasLive', {
// aliasName: 'Live',
// version: fn.currentVersion,
// });
// “`.
AddAlias(aliasName *string, options *awslambda.AliasOptions) awslambda.Alias
// Adds an environment variable to this Lambda function.
//
// If this is a ref to a Lambda function, this operation results in a no-op.
AddEnvironment(key *string, value *string, options *awslambda.EnvironmentOptions) awslambda.Function
// Adds an event source to this function.
//
// Event sources are implemented in the @aws-cdk/aws-lambda-event-sources module.
//
// The following example adds an SQS Queue as an event source:
// “`
// import { SqsEventSource } from '@aws-cdk/aws-lambda-event-sources';
// myFunction.addEventSource(new SqsEventSource(myQueue));
// “`.
AddEventSource(source awslambda.IEventSource)
// Adds an event source that maps to this AWS Lambda function.
AddEventSourceMapping(id *string, options *awslambda.EventSourceMappingOptions) awslambda.EventSourceMapping
// Adds a url to this lambda function.
AddFunctionUrl(options *awslambda.FunctionUrlOptions) awslambda.FunctionUrl
// Adds one or more Lambda Layers to this Lambda function.
AddLayers(layers ...awslambda.ILayerVersion)
// Adds a permission to the Lambda resource policy.
// See: Permission for details.
//
AddPermission(id *string, permission *awslambda.Permission)
// Adds a statement to the IAM role assumed by the instance.
AddToRolePolicy(statement awsiam.PolicyStatement)
// Apply the given removal policy to this resource.
//
// The Removal Policy controls what happens to this resource when it stops
// being managed by CloudFormation, either because you've removed it from the
// CDK application or because you've made a change that requires the resource
// to be replaced.
//
// The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
// account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).
ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
// Configures options for asynchronous invocation.
ConfigureAsyncInvoke(options *awslambda.EventInvokeConfigOptions)
// A warning will be added to functions under the following conditions: - permissions that include `lambda:InvokeFunction` are added to the unqualified function.
//
// - function.currentVersion is invoked before or after the permission is created.
//
// This applies only to permissions on Lambda functions, not versions or aliases.
// This function is overridden as a noOp for QualifiedFunctionBase.
ConsiderWarningOnInvokeFunctionPermissions(scope constructs.Construct, action *string)
GeneratePhysicalName() *string
// Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`).
//
// Normally, this token will resolve to `arnAttr`, but if the resource is
// referenced across environments, `arnComponents` will be used to synthesize
// a concrete ARN with the resource's physical name. Make sure to reference
// `this.physicalName` in `arnComponents`.
GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
// Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`).
//
// Normally, this token will resolve to `nameAttr`, but if the resource is
// referenced across environments, it will be resolved to `this.physicalName`,
// which will be a concrete name.
GetResourceNameAttribute(nameAttr *string) *string
// Grant the given identity permissions to invoke this Lambda.
GrantInvoke(grantee awsiam.IGrantable) awsiam.Grant
// Grant the given identity permissions to invoke this Lambda Function URL.
GrantInvokeUrl(grantee awsiam.IGrantable) awsiam.Grant
// Mix additional information into the hash of the Version object.
//
// The Lambda Function construct does its best to automatically create a new
// Version when anything about the Function changes (its code, its layers,
// any of the other properties).
//
// However, you can sometimes source information from places that the CDK cannot
// look into, like the deploy-time values of SSM parameters. In those cases,
// the CDK would not force the creation of a new Version object when it actually
// should.
//
// This method can be used to invalidate the current Version object. Pass in
// any string into this method, and make sure the string changes when you know
// a new Version needs to be created.
//
// This method may be called more than once.
InvalidateVersionBasedOn(x *string)
// Return the given named metric for this Function.
Metric(metricName *string, props *awscloudwatch.MetricOptions) awscloudwatch.Metric
// How long execution of this Lambda takes.
//
// Average over 5 minutes.
MetricDuration(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
// How many invocations of this Lambda fail.
//
// Sum over 5 minutes.
MetricErrors(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
// How often this Lambda is invoked.
//
// Sum over 5 minutes.
MetricInvocations(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
// How often this Lambda is throttled.
//
// Sum over 5 minutes.
MetricThrottles(props *awscloudwatch.MetricOptions) awscloudwatch.Metric
// Returns a string representation of this construct.
ToString() *string
WarnInvokeFunctionPermissions(scope constructs.Construct)
}
A Rust Lambda function.
func NewRustFunction ¶
func NewRustFunction(scope constructs.Construct, resourceName *string, props *RustFunctionProps) RustFunction
type RustFunctionProps ¶
type RustFunctionProps struct {
// The maximum age of a request that Lambda sends to a function for processing.
//
// Minimum: 60 seconds
// Maximum: 6 hours.
// Default: Duration.hours(6)
//
MaxEventAge awscdk.Duration `field:"optional" json:"maxEventAge" yaml:"maxEventAge"`
// The destination for failed invocations.
// Default: - no destination.
//
OnFailure awslambda.IDestination `field:"optional" json:"onFailure" yaml:"onFailure"`
// The destination for successful invocations.
// Default: - no destination.
//
OnSuccess awslambda.IDestination `field:"optional" json:"onSuccess" yaml:"onSuccess"`
// The maximum number of times to retry when the function returns an error.
//
// Minimum: 0
// Maximum: 2.
// Default: 2.
//
RetryAttempts *float64 `field:"optional" json:"retryAttempts" yaml:"retryAttempts"`
// Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
// See: https://aws-otel.github.io/docs/getting-started/lambda
//
// Default: - No ADOT instrumentation.
//
AdotInstrumentation *awslambda.AdotInstrumentationConfig `field:"optional" json:"adotInstrumentation" yaml:"adotInstrumentation"`
// Whether to allow the Lambda to send all network traffic.
//
// If set to false, you must individually add traffic rules to allow the
// Lambda to connect to network targets.
// Default: true.
//
AllowAllOutbound *bool `field:"optional" json:"allowAllOutbound" yaml:"allowAllOutbound"`
// Lambda Functions in a public subnet can NOT access the internet.
//
// Use this property to acknowledge this limitation and still place the function in a public subnet.
// See: https://stackoverflow.com/questions/52992085/why-cant-an-aws-lambda-function-inside-a-public-subnet-in-a-vpc-connect-to-the/52994841#52994841
//
// Default: false.
//
AllowPublicSubnet *bool `field:"optional" json:"allowPublicSubnet" yaml:"allowPublicSubnet"`
// The system architectures compatible with this lambda function.
// Default: Architecture.X86_64
//
Architecture awslambda.Architecture `field:"optional" json:"architecture" yaml:"architecture"`
// Code signing config associated with this function.
// Default: - Not Sign the Code.
//
CodeSigningConfig awslambda.ICodeSigningConfig `field:"optional" json:"codeSigningConfig" yaml:"codeSigningConfig"`
// Options for the `lambda.Version` resource automatically created by the `fn.currentVersion` method.
// Default: - default options as described in `VersionOptions`.
//
CurrentVersionOptions *awslambda.VersionOptions `field:"optional" json:"currentVersionOptions" yaml:"currentVersionOptions"`
// The SQS queue to use if DLQ is enabled.
//
// If SNS topic is desired, specify `deadLetterTopic` property instead.
// Default: - SQS queue with 14 day retention period if `deadLetterQueueEnabled` is `true`.
//
DeadLetterQueue awssqs.IQueue `field:"optional" json:"deadLetterQueue" yaml:"deadLetterQueue"`
// Enabled DLQ.
//
// If `deadLetterQueue` is undefined,
// an SQS queue with default options will be defined for your Function.
// Default: - false unless `deadLetterQueue` is set, which implies DLQ is enabled.
//
DeadLetterQueueEnabled *bool `field:"optional" json:"deadLetterQueueEnabled" yaml:"deadLetterQueueEnabled"`
// The SNS topic to use as a DLQ.
//
// Note that if `deadLetterQueueEnabled` is set to `true`, an SQS queue will be created
// rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
// Default: - no SNS topic.
//
DeadLetterTopic awssns.ITopic `field:"optional" json:"deadLetterTopic" yaml:"deadLetterTopic"`
// A description of the function.
// Default: - No description.
//
Description *string `field:"optional" json:"description" yaml:"description"`
// Key-value pairs that Lambda caches and makes available for your Lambda functions.
//
// Use environment variables to apply configuration changes, such
// as test and production environment configurations, without changing your
// Lambda function source code.
// Default: - No environment variables.
//
Environment *map[string]*string `field:"optional" json:"environment" yaml:"environment"`
// The AWS KMS key that's used to encrypt your function's environment variables.
// Default: - AWS Lambda creates and uses an AWS managed customer master key (CMK).
//
EnvironmentEncryption awskms.IKey `field:"optional" json:"environmentEncryption" yaml:"environmentEncryption"`
// The size of the function’s /tmp directory in MiB.
// Default: 512 MiB.
//
EphemeralStorageSize awscdk.Size `field:"optional" json:"ephemeralStorageSize" yaml:"ephemeralStorageSize"`
// Event sources for this function.
//
// You can also add event sources using `addEventSource`.
// Default: - No event sources.
//
Events *[]awslambda.IEventSource `field:"optional" json:"events" yaml:"events"`
// The filesystem configuration for the lambda function.
// Default: - will not mount any filesystem.
//
Filesystem awslambda.FileSystem `field:"optional" json:"filesystem" yaml:"filesystem"`
// A name for the function.
// Default: - AWS CloudFormation generates a unique physical ID and uses that
// ID for the function's name. For more information, see Name Type.
//
FunctionName *string `field:"optional" json:"functionName" yaml:"functionName"`
// Initial policy statements to add to the created Lambda Role.
//
// You can call `addToRolePolicy` to the created lambda to add statements post creation.
// Default: - No policy statements are added to the created Lambda role.
//
InitialPolicy *[]awsiam.PolicyStatement `field:"optional" json:"initialPolicy" yaml:"initialPolicy"`
// Specify the version of CloudWatch Lambda insights to use for monitoring.
// See: https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/Lambda-Insights-Getting-Started-docker.html
//
// Default: - No Lambda Insights.
//
InsightsVersion awslambda.LambdaInsightsVersion `field:"optional" json:"insightsVersion" yaml:"insightsVersion"`
// A list of layers to add to the function's execution environment.
//
// You can configure your Lambda function to pull in
// additional code during initialization in the form of layers. Layers are packages of libraries or other dependencies
// that can be used by multiple functions.
// Default: - No layers.
//
Layers *[]awslambda.ILayerVersion `field:"optional" json:"layers" yaml:"layers"`
// The number of days log events are kept in CloudWatch Logs.
//
// When updating
// this property, unsetting it doesn't remove the log retention policy. To
// remove the retention policy, set the value to `INFINITE`.
// Default: logs.RetentionDays.INFINITE
//
LogRetention awslogs.RetentionDays `field:"optional" json:"logRetention" yaml:"logRetention"`
// When log retention is specified, a custom resource attempts to create the CloudWatch log group.
//
// These options control the retry policy when interacting with CloudWatch APIs.
// Default: - Default AWS SDK retry options.
//
LogRetentionRetryOptions *awslambda.LogRetentionRetryOptions `field:"optional" json:"logRetentionRetryOptions" yaml:"logRetentionRetryOptions"`
// The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
// Default: - A new role is created.
//
LogRetentionRole awsiam.IRole `field:"optional" json:"logRetentionRole" yaml:"logRetentionRole"`
// The amount of memory, in MB, that is allocated to your Lambda function.
//
// Lambda uses this value to proportionally allocate the amount of CPU
// power. For more information, see Resource Model in the AWS Lambda
// Developer Guide.
// Default: 128.
//
MemorySize *float64 `field:"optional" json:"memorySize" yaml:"memorySize"`
// Enable profiling.
// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
//
// Default: - No profiling.
//
Profiling *bool `field:"optional" json:"profiling" yaml:"profiling"`
// Profiling Group.
// See: https://docs.aws.amazon.com/codeguru/latest/profiler-ug/setting-up-lambda.html
//
// Default: - A new profiling group will be created if `profiling` is set.
//
ProfilingGroup awscodeguruprofiler.IProfilingGroup `field:"optional" json:"profilingGroup" yaml:"profilingGroup"`
// The maximum of concurrent executions you want to reserve for the function.
// See: https://docs.aws.amazon.com/lambda/latest/dg/concurrent-executions.html
//
// Default: - No specific limit - account limit.
//
ReservedConcurrentExecutions *float64 `field:"optional" json:"reservedConcurrentExecutions" yaml:"reservedConcurrentExecutions"`
// Lambda execution role.
//
// This is the role that will be assumed by the function upon execution.
// It controls the permissions that the function will have. The Role must
// be assumable by the 'lambda.amazonaws.com' service principal.
//
// The default Role automatically has permissions granted for Lambda execution. If you
// provide a Role, you must add the relevant AWS managed policies yourself.
//
// The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and
// "service-role/AWSLambdaVPCAccessExecutionRole".
// Default: - A unique role will be generated for this lambda function.
// Both supplied and generated roles can always be changed by calling `addToRolePolicy`.
//
Role awsiam.IRole `field:"optional" json:"role" yaml:"role"`
// The list of security groups to associate with the Lambda's network interfaces.
//
// Only used if 'vpc' is supplied.
// Default: - If the function is placed within a VPC and a security group is
// not specified, either by this or securityGroup prop, a dedicated security
// group will be created for this function.
//
SecurityGroups *[]awsec2.ISecurityGroup `field:"optional" json:"securityGroups" yaml:"securityGroups"`
// The function execution time (in seconds) after which Lambda terminates the function.
//
// Because the execution time affects cost, set this value
// based on the function's expected execution time.
// Default: Duration.seconds(3)
//
Timeout awscdk.Duration `field:"optional" json:"timeout" yaml:"timeout"`
// Enable AWS X-Ray Tracing for Lambda Function.
// Default: Tracing.Disabled
//
Tracing awslambda.Tracing `field:"optional" json:"tracing" yaml:"tracing"`
// VPC network to place Lambda network interfaces.
//
// Specify this if the Lambda function needs to access resources in a VPC.
// This is required when `vpcSubnets` is specified.
// Default: - Function is not placed within a VPC.
//
Vpc awsec2.IVpc `field:"optional" json:"vpc" yaml:"vpc"`
// Where to place the network interfaces within the VPC.
//
// This requires `vpc` to be specified in order for interfaces to actually be
// placed in the subnets. If `vpc` is not specify, this will raise an error.
//
// Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
// public subnets is not allowed (unless `allowPublicSubnet` is set to `true`).
// Default: - the Vpc default strategy if not specified.
//
VpcSubnets *awsec2.SubnetSelection `field:"optional" json:"vpcSubnets" yaml:"vpcSubnets"`
// The name of the binary to build, in case that's different than the package's name.
BinaryName *string `field:"optional" json:"binaryName" yaml:"binaryName"`
// Bundling options.
// Default: - use default bundling options.
//
Bundling *BundlingOptions `field:"optional" json:"bundling" yaml:"bundling"`
// Always clone the repository if using the `gitRemote` option, even if it has already been cloned to the temporary directory.
// Default: - clones only if the repository and reference don't already exist in the
// temporary directory.
//
GitForceClone *bool `field:"optional" json:"gitForceClone" yaml:"gitForceClone"`
// The git reference to checkout. This can be a branch, tag, or commit hash.
//
// If this option is not provided, `git clone` will run with the flag `--depth 1`.
// Default: - the default branch, i.e. HEAD.
//
GitReference *string `field:"optional" json:"gitReference" yaml:"gitReference"`
// The git remote URL to clone (e.g `https://github.com/your_user/your_repo`).
//
// This repository will be cloned to a temporary directory using `git`.
// The `git` command must be available in the PATH.
GitRemote *string `field:"optional" json:"gitRemote" yaml:"gitRemote"`
// Path to a directory containing your Cargo.toml file, or to your Cargo.toml directly.
//
// This will accept a directory path containing a `Cargo.toml` file (i.e. `path/to/package`), or a filepath to your
// `Cargo.toml` file (i.e. `path/to/Cargo.toml`). When the `gitRemote` option is provided,
// the `manifestPath` is relative to the root of the git repository.
// Default: - check the current directory for a `Cargo.toml` file, and throws
// an error if the file doesn't exist.
//
ManifestPath *string `field:"optional" json:"manifestPath" yaml:"manifestPath"`
// The Lambda runtime to deploy this function.
//
// `provided.al2023` is the default runtime when this option is not provided.
Runtime *string `field:"optional" json:"runtime" yaml:"runtime"`
}
Properties for a RustFunction.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.