aws_lambda_function

account_id

Type: STRING

architectures

Type: UNORDERED_LIST_STRING
Provider name: Architectures
Description: The instruction set architecture that the function supports. Architecture is a string array with one of the valid values. The default architecture value is x86_64.

code_sha256

Type: STRING
Provider name: CodeSha256
Description: The SHA256 hash of the function’s deployment package.

code_size

Type: INT64
Provider name: CodeSize
Description: The size of the function’s deployment package, in bytes.

dead_letter_config

Type: STRUCT
Provider name: DeadLetterConfig
Description: The function’s dead letter queue.

  • target_arn
    Type: STRING
    Provider name: TargetArn
    Description: The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.

description

Type: STRING
Provider name: Description
Description: The function’s description.

environment

Type: STRUCT
Provider name: Environment
Description: The function’s environment variables. Omitted from CloudTrail logs.

  • error
    Type: STRUCT
    Provider name: Error
    Description: Error messages for environment variables that couldn’t be applied.
    • error_code
      Type: STRING
      Provider name: ErrorCode
      Description: The error code.
    • message
      Type: STRING
      Provider name: Message
      Description: The error message.
  • variables
    Type: MAP_STRING_STRING
    Provider name: Variables
    Description: Environment variable key-value pairs. Omitted from CloudTrail logs.

ephemeral_storage

Type: STRUCT
Provider name: EphemeralStorage
Description: The size of the function’s /tmp directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.

  • size
    Type: INT32
    Provider name: Size
    Description: The size of the function’s /tmp directory.

file_system_configs

Type: UNORDERED_LIST_STRUCT
Provider name: FileSystemConfigs
Description: Connection settings for an Amazon EFS file system.

  • arn
    Type: STRING
    Provider name: Arn
    Description: The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.
  • local_mount_path
    Type: STRING
    Provider name: LocalMountPath
    Description: The path where the function can access the file system, starting with /mnt/.

function_arn

Type: STRING
Provider name: FunctionArn
Description: The function’s Amazon Resource Name (ARN).

function_name

Type: STRING
Provider name: FunctionName
Description: The name of the function.

function_url_configs

Type: UNORDERED_LIST_STRUCT
Provider name: FunctionUrlConfigs
Description: A list of function URL configurations.

  • auth_type
    Type: STRING
    Provider name: AuthType
    Description: The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information, see Security and auth model for Lambda function URLs.
  • cors
    Type: STRUCT
    Provider name: Cors
    Description: The cross-origin resource sharing (CORS) settings for your function URL.
    • allow_credentials
      Type: BOOLEAN
      Provider name: AllowCredentials
      Description: Whether to allow cookies or other credentials in requests to your function URL. The default is false.
    • allow_headers
      Type: UNORDERED_LIST_STRING
      Provider name: AllowHeaders
      Description: The HTTP headers that origins can include in requests to your function URL. For example: Date, Keep-Alive, X-Custom-Header.
    • allow_methods
      Type: UNORDERED_LIST_STRING
      Provider name: AllowMethods
      Description: The HTTP methods that are allowed when calling your function URL. For example: GET, POST, DELETE, or the wildcard character (*).
    • allow_origins
      Type: UNORDERED_LIST_STRING
      Provider name: AllowOrigins
      Description: The origins that can access your function URL. You can list any number of specific origins, separated by a comma. For example: https://www.example.com, http://localhost:60905. Alternatively, you can grant access to all origins using the wildcard character (*).
    • expose_headers
      Type: UNORDERED_LIST_STRING
      Provider name: ExposeHeaders
      Description: The HTTP headers in your function response that you want to expose to origins that call your function URL. For example: Date, Keep-Alive, X-Custom-Header.
    • max_age
      Type: INT32
      Provider name: MaxAge
      Description: The maximum amount of time, in seconds, that web browsers can cache results of a preflight request. By default, this is set to 0, which means that the browser doesn’t cache results.
  • creation_time
    Type: STRING
    Provider name: CreationTime
    Description: When the function URL was created, in ISO-8601 format (YYYY-MM-DDThh:mm:ss.sTZD).
  • function_arn
    Type: STRING
    Provider name: FunctionArn
    Description: The Amazon Resource Name (ARN) of your function.
  • function_url
    Type: STRING
    Provider name: FunctionUrl
    Description: The HTTP URL endpoint for your function.
  • invoke_mode
    Type: STRING
    Provider name: InvokeMode
    Description: Use one of the following options:
    • BUFFERED – This is the default option. Lambda invokes your function using the Invoke API operation. Invocation results are available when the payload is complete. The maximum payload size is 6 MB.
    • RESPONSE_STREAM – Your function streams payload results as they become available. Lambda invokes your function using the InvokeWithResponseStream API operation. The maximum response payload size is 20 MB, however, you can request a quota increase.
  • last_modified_time
    Type: STRING
    Provider name: LastModifiedTime
    Description: When the function URL configuration was last updated, in ISO-8601 format (YYYY-MM-DDThh:mm:ss.sTZD).

handler

Type: STRING
Provider name: Handler
Description: The function that Lambda calls to begin running your function.

image_config_response

Type: STRUCT
Provider name: ImageConfigResponse
Description: The function’s image configuration values.

  • error
    Type: STRUCT
    Provider name: Error
    Description: Error response to GetFunctionConfiguration.
    • error_code
      Type: STRING
      Provider name: ErrorCode
      Description: Error code.
    • message
      Type: STRING
      Provider name: Message
      Description: Error message.
  • image_config
    Type: STRUCT
    Provider name: ImageConfig
    Description: Configuration values that override the container image Dockerfile.
    • command
      Type: UNORDERED_LIST_STRING
      Provider name: Command
      Description: Specifies parameters that you want to pass in with ENTRYPOINT.
    • entry_point
      Type: UNORDERED_LIST_STRING
      Provider name: EntryPoint
      Description: Specifies the entry point to their application, which is typically the location of the runtime executable.
    • working_directory
      Type: STRING
      Provider name: WorkingDirectory
      Description: Specifies the working directory.

kms_key_arn

Type: STRING
Provider name: KMSKeyArn
Description: The KMS key that’s used to encrypt the function’s environment variables. When Lambda SnapStart is activated, this key is also used to encrypt the function’s snapshot. This key is returned only if you’ve configured a customer managed key.

last_modified

Type: STRING
Provider name: LastModified
Description: The date and time that the function was last updated, in ISO-8601 format (YYYY-MM-DDThh:mm:ss.sTZD).

last_update_status

Type: STRING
Provider name: LastUpdateStatus
Description: The status of the last update that was performed on the function. This is first set to Successful after function creation completes.

last_update_status_reason

Type: STRING
Provider name: LastUpdateStatusReason
Description: The reason for the last update that was performed on the function.

last_update_status_reason_code

Type: STRING
Provider name: LastUpdateStatusReasonCode
Description: The reason code for the last update that was performed on the function.

layers

Type: UNORDERED_LIST_STRUCT
Provider name: Layers
Description: The function’s layers.

  • arn
    Type: STRING
    Provider name: Arn
    Description: The Amazon Resource Name (ARN) of the function layer.
  • code_size
    Type: INT64
    Provider name: CodeSize
    Description: The size of the layer archive in bytes.
  • signing_job_arn
    Type: STRING
    Provider name: SigningJobArn
    Description: The Amazon Resource Name (ARN) of a signing job.
  • signing_profile_version_arn
    Type: STRING
    Provider name: SigningProfileVersionArn
    Description: The Amazon Resource Name (ARN) for a signing profile version.

logging_config

Type: STRUCT
Provider name: LoggingConfig
Description: The function’s Amazon CloudWatch Logs configuration settings.

  • application_log_level
    Type: STRING
    Provider name: ApplicationLogLevel
    Description: Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level and lower.
  • log_format
    Type: STRING
    Provider name: LogFormat
    Description: The format in which Lambda sends your function’s application and system logs to CloudWatch. Select between plain text and structured JSON.
  • log_group
    Type: STRING
    Provider name: LogGroup
    Description: The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named /aws/lambda/<function name>. To use a different log group, enter an existing log group or enter a new log group name.
  • system_log_level
    Type: STRING
    Provider name: SystemLogLevel
    Description: Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level and lower.

master_arn

Type: STRING
Provider name: MasterArn
Description: For Lambda@Edge functions, the ARN of the main function.

memory_size

Type: INT32
Provider name: MemorySize
Description: The amount of memory available to the function at runtime.

package_type

Type: STRING
Provider name: PackageType
Description: The type of deployment package. Set to Image for container image and set Zip for .zip file archive.

policies

Type: UNORDERED_LIST_STRUCT

  • account_id
    Type: STRING
  • condition
    Type: MAP_STRING_STRING
  • policy_id
    Type: STRING
  • policy_not_principal
    Type: STRUCT
    • policy_id
      Type: STRING
    • principal
      Type: STRING
    • principal_aws
      Type: UNORDERED_LIST_STRING
    • principal_canonical_user
      Type: UNORDERED_LIST_STRING
    • principal_federated
      Type: UNORDERED_LIST_STRING
    • principal_service
      Type: UNORDERED_LIST_STRING
  • policy_principal
    Type: STRUCT
    • policy_id
      Type: STRING
    • principal
      Type: STRING
    • principal_aws
      Type: UNORDERED_LIST_STRING
    • principal_canonical_user
      Type: UNORDERED_LIST_STRING
    • principal_federated
      Type: UNORDERED_LIST_STRING
    • principal_service
      Type: UNORDERED_LIST_STRING
  • principal_aws
    Type: UNORDERED_LIST_STRING
  • statement_action
    Type: UNORDERED_LIST_STRING
  • statement_effect
    Type: STRING
  • statement_has_condition
    Type: BOOLEAN
  • statement_id
    Type: INT32
  • statement_not_action
    Type: UNORDERED_LIST_STRING
  • statement_not_resource
    Type: UNORDERED_LIST_STRING
  • statement_resource
    Type: UNORDERED_LIST_STRING
  • statement_sid
    Type: STRING
  • version_id
    Type: STRING

policy

Type: STRUCT

  • policy
    Type: STRING
  • revision_id
    Type: STRING

revision_id

Type: STRING
Provider name: RevisionId
Description: A unique identifier for the current revision of the policy.

role

Type: STRING
Provider name: Role
Description: The function’s execution role.

runtime

Type: STRING
Provider name: Runtime
Description: The identifier of the function’s runtime. Runtime is required if the deployment package is a .zip file archive. The following list includes deprecated runtimes. For more information, see Runtime deprecation policy.

runtime_version_config

Type: STRUCT
Provider name: RuntimeVersionConfig
Description: The ARN of the runtime and any errors that occured.

  • error
    Type: STRUCT
    Provider name: Error
    Description: Error response when Lambda is unable to retrieve the runtime version for a function.
    • error_code
      Type: STRING
      Provider name: ErrorCode
      Description: The error code.
    • message
      Type: STRING
      Provider name: Message
      Description: The error message.
  • runtime_version_arn
    Type: STRING
    Provider name: RuntimeVersionArn
    Description: The ARN of the runtime version you want the function to use.

signing_job_arn

Type: STRING
Provider name: SigningJobArn
Description: The ARN of the signing job.

signing_profile_version_arn

Type: STRING
Provider name: SigningProfileVersionArn
Description: The ARN of the signing profile version.

snap_start

Type: STRUCT
Provider name: SnapStart
Description: Set ApplyOn to PublishedVersions to create a snapshot of the initialized execution environment when you publish a function version. For more information, see Improving startup performance with Lambda SnapStart.

  • apply_on
    Type: STRING
    Provider name: ApplyOn
    Description: When set to PublishedVersions, Lambda creates a snapshot of the execution environment when you publish a function version.
  • optimization_status
    Type: STRING
    Provider name: OptimizationStatus
    Description: When you provide a qualified Amazon Resource Name (ARN), this response element indicates whether SnapStart is activated for the specified function version.

state

Type: STRING
Provider name: State
Description: The current state of the function. When the state is Inactive, you can reactivate the function by invoking it.

state_reason

Type: STRING
Provider name: StateReason
Description: The reason for the function’s current state.

state_reason_code

Type: STRING
Provider name: StateReasonCode
Description: The reason code for the function’s current state. When the code is Creating, you can’t invoke or modify the function.

tags

Type: UNORDERED_LIST_STRING

timeout

Type: INT32
Provider name: Timeout
Description: The amount of time in seconds that Lambda allows a function to run before stopping it.

tracing_config

Type: STRUCT
Provider name: TracingConfig
Description: The function’s X-Ray tracing configuration.

  • mode
    Type: STRING
    Provider name: Mode
    Description: The tracing mode.

version

Type: STRING
Provider name: Version
Description: The version of the Lambda function.

vpc_config

Type: STRUCT
Provider name: VpcConfig
Description: The function’s networking configuration.

  • ipv6_allowed_for_dual_stack
    Type: BOOLEAN
    Provider name: Ipv6AllowedForDualStack
    Description: Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
  • security_group_ids
    Type: UNORDERED_LIST_STRING
    Provider name: SecurityGroupIds
    Description: A list of VPC security group IDs.
  • subnet_ids
    Type: UNORDERED_LIST_STRING
    Provider name: SubnetIds
    Description: A list of VPC subnet IDs.
  • vpc_id
    Type: STRING
    Provider name: VpcId
    Description: The ID of the VPC.
PREVIEWING: esther/docs-9518-update-example-control-sensitive-log-data