@cdklabs/genai-idp
Constructs
AgentAnalytics
- Implements: IAgentAnalytics, IApiFeature
Agent Analytics construct for natural language document analytics.
This construct provides AI-powered analytics capabilities that enable natural language querying of processed document data. Key features include:
- Convert natural language questions to SQL queries
- Generate interactive visualizations and tables
- Explore database schema automatically
- Secure code execution in AWS Bedrock AgentCore sandboxes
- Multi-tool agent system for comprehensive analytics
The analytics system uses a multi-tool approach: - Database discovery tool for schema exploration - Athena query tool for SQL execution - Secure code sandbox for data transfer - Python visualization tool for charts and tables
Initializers
import { AgentAnalytics } from '@cdklabs/genai-idp'
new AgentAnalytics(scope: Construct, id: string, props: AgentAnalyticsProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentAnalyticsProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: AgentAnalyticsProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Agent Analytics feature in a ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Agent Analytics feature in a ProcessingEnvironmentApi.
This method integrates the agent analytics functionality with the GraphQL API by: - Creating Lambda data sources for agent request handling and listing agents - Creating DynamoDB data source for agent job tracking - Wiring GraphQL resolvers for agent operations
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { AgentAnalytics } from '@cdklabs/genai-idp'
AgentAnalytics.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
agentProcessor |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that processes agent queries using Bedrock AgentCore. |
agentRequestHandler |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that handles agent query requests from the UI. |
agentTable |
IAgentTable |
The DynamoDB table for tracking agent jobs and analytics queries. |
listAvailableAgents |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that lists available analytics agents. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
agentProcessorRequired
public readonly agentProcessor: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that processes agent queries using Bedrock AgentCore.
agentRequestHandlerRequired
public readonly agentRequestHandler: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that handles agent query requests from the UI.
agentTableRequired
public readonly agentTable: IAgentTable;
- Type: IAgentTable
The DynamoDB table for tracking agent jobs and analytics queries.
listAvailableAgentsRequired
public readonly listAvailableAgents: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that lists available analytics agents.
AgentChatProcessorFunction
Lambda function that processes agent chat messages with streaming support.
This function creates a conversational orchestrator with all registered agents and streams responses in real-time via AppSync subscriptions.
Initializers
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
new AgentChatProcessorFunction(scope: Construct, id: string, props: AgentChatProcessorFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentChatProcessorFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { AgentChatProcessorFunction } from '@cdklabs/genai-idp'
AgentChatProcessorFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
AgentCompanionChat
- Implements: IAgentCompanionChat, IApiFeature
Agent Companion Chat construct for AI assistant capabilities.
Provides comprehensive AI assistant capabilities including: - Multi-agent orchestration (Analytics, Error Analyzer, General) - Session-based conversation management - Real-time streaming through AppSync - Conversation history with sliding window (last 20 turns) - Optional Code Intelligence agent
Agent Companion Chat integrates with the ProcessingEnvironment to provide intelligent assistance for document processing workflows, error diagnosis, and system analytics.
Initializers
import { AgentCompanionChat } from '@cdklabs/genai-idp'
new AgentCompanionChat(scope: Construct, id: string, props: AgentCompanionChatProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentCompanionChatProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: AgentCompanionChatProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Agent Companion Chat feature in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Agent Companion Chat feature in the ProcessingEnvironmentApi.
This method integrates the AI assistant functionality with the GraphQL API by creating the necessary data sources and resolvers. It should be called after both the API and this construct have been created.
Example: const api = new ProcessingEnvironmentApi(this, 'Api', { ... }); const agentCompanionChat = new AgentCompanionChat(this, 'AgentCompanionChat', { ... }); api.enable(agentCompanionChat);
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { AgentCompanionChat } from '@cdklabs/genai-idp'
AgentCompanionChat.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
messagesTable |
IMessagesTable |
DynamoDB table for chat messages storage. |
orchestratorFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for agent orchestration. |
sessionTable |
ISessionTable |
DynamoDB table for chat session storage. |
chatDataSources |
string[] |
Optional data sources for chat context. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
messagesTableRequired
public readonly messagesTable: IMessagesTable;
- Type: IMessagesTable
DynamoDB table for chat messages storage.
orchestratorFunctionRequired
public readonly orchestratorFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for agent orchestration.
sessionTableRequired
public readonly sessionTable: ISessionTable;
- Type: ISessionTable
DynamoDB table for chat session storage.
chatDataSourcesOptional
public readonly chatDataSources: string[];
- Type: string[]
Optional data sources for chat context.
AgentCoreAnalyticsProcessorFunction
Lambda function that provides analytics agent operations for MCP integration.
This function implements the search_genaiidp tool for natural language queries against the document processing system, enabling external applications to interact with the system through the Model Context Protocol.
Initializers
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
new AgentCoreAnalyticsProcessorFunction(scope: Construct, id: string, props: AgentCoreAnalyticsProcessorFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentCoreAnalyticsProcessorFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { AgentCoreAnalyticsProcessorFunction } from '@cdklabs/genai-idp'
AgentCoreAnalyticsProcessorFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
AgentCoreGatewayDeployer
Custom resource construct for deploying AgentCore Gateway.
This construct creates a CloudFormation custom resource that deploys an AWS Bedrock AgentCore Gateway with OAuth 2.0 authentication using the provided Cognito User Pool. The gateway enables external applications to access IDP analytics through the Model Context Protocol (MCP).
Initializers
import { AgentCoreGatewayDeployer } from '@cdklabs/genai-idp'
new AgentCoreGatewayDeployer(scope: Construct, id: string, props: AgentCoreGatewayDeployerProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentCoreGatewayDeployerProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { AgentCoreGatewayDeployer } from '@cdklabs/genai-idp'
AgentCoreGatewayDeployer.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
customResource |
aws-cdk-lib.CustomResource |
The custom resource that triggers the gateway deployment. |
gatewayArn |
string |
Get the gateway ARN. |
gatewayExecutionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM execution role for the gateway. |
gatewayId |
string |
Get the gateway ID. |
gatewayManagerFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that manages the gateway deployment. |
gatewayUrl |
string |
Get the gateway URL endpoint. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
customResourceRequired
public readonly customResource: CustomResource;
- Type: aws-cdk-lib.CustomResource
The custom resource that triggers the gateway deployment.
gatewayArnRequired
public readonly gatewayArn: string;
- Type: string
Get the gateway ARN.
gatewayExecutionRoleRequired
public readonly gatewayExecutionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
The IAM execution role for the gateway.
gatewayIdRequired
public readonly gatewayId: string;
- Type: string
Get the gateway ID.
gatewayManagerFunctionRequired
public readonly gatewayManagerFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that manages the gateway deployment.
gatewayUrlRequired
public readonly gatewayUrl: string;
- Type: string
Get the gateway URL endpoint.
AgentCoreGatewayManagerFunction
Lambda function that manages AgentCore Gateway deployment and configuration.
This function handles gateway creation, OAuth 2.0 setup with Cognito, and target configuration for MCP integration. It's used as a CloudFormation custom resource provider.
Initializers
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
new AgentCoreGatewayManagerFunction(scope: Construct, id: string, props: AgentCoreGatewayManagerFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentCoreGatewayManagerFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { AgentCoreGatewayManagerFunction } from '@cdklabs/genai-idp'
AgentCoreGatewayManagerFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
AgentProcessorFunction
Lambda function for processing agent analytics queries.
This function processes natural language queries using AWS Bedrock AgentCore, converting them to SQL queries and generating visualizations. It uses a multi-tool approach with secure code execution in Bedrock sandboxes.
Initializers
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
new AgentProcessorFunction(scope: Construct, id: string, props: AgentProcessorFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentProcessorFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
AgentRequestHandlerFunction
Lambda function for handling agent query requests.
This function receives agent query requests from the GraphQL API and manages the job lifecycle, including creating job records and invoking the agent processor.
Initializers
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
new AgentRequestHandlerFunction(scope: Construct, id: string, props: AgentRequestHandlerFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentRequestHandlerFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
AgentTable
- Implements: IAgentTable
DynamoDB table for agent job tracking.
Uses fixed keys: PK (partition key) and SK (sort key).
Initializers
import { AgentTable } from '@cdklabs/genai-idp'
new AgentTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
FixedKeyTableProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsOptional
- Type: FixedKeyTableProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.fullAccess() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readWriteData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
The use of this method is discouraged. Please use streamGrants.stream() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use streamGrants.streamRead() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
The use of this method is discouraged. Please use streamGrants.tableListStreams() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.writeData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
CalculateCapacityFunction
Lambda function that performs capacity planning calculations for Pattern 2 workflows.
This function analyzes document processing metrics from the tracking table to provide capacity planning recommendations and resource optimization insights.
Initializers
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
new CalculateCapacityFunction(scope: Construct, id: string, props: CalculateCapacityFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
CalculateCapacityFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { CalculateCapacityFunction } from '@cdklabs/genai-idp'
CalculateCapacityFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
CalculateCapacityResolverFunction
Lambda function that serves as a GraphQL resolver for capacity planning operations.
This function acts as a bridge between the GraphQL API and the capacity calculation function, handling request/response transformation and error handling.
Initializers
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
new CalculateCapacityResolverFunction(scope: Construct, id: string, props: CalculateCapacityResolverFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
CalculateCapacityResolverFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { CalculateCapacityResolverFunction } from '@cdklabs/genai-idp'
CalculateCapacityResolverFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
CapacityPlanning
- Implements: ICapacityPlanning, IApiFeature
Capacity Planning construct for Pattern 2 optimization.
Provides capacity planning and resource optimization capabilities specifically designed for Pattern 2 (Bedrock LLM) workflows. Analyzes document processing metrics from the tracking table to provide insights on:
- Optimal concurrency settings
- Resource allocation recommendations
- Cost optimization opportunities
- Processing throughput analysis
Important: This feature is designed exclusively for Pattern 2 workflows. Pattern 1 and Pattern 3 have different resource characteristics and should use pattern-specific optimization approaches.
Initializers
import { CapacityPlanning } from '@cdklabs/genai-idp'
new CapacityPlanning(scope: Construct, id: string, props: CapacityPlanningProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
CapacityPlanningProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: CapacityPlanningProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Capacity Planning feature in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Capacity Planning feature in the ProcessingEnvironmentApi.
This method integrates the capacity planning functionality with the GraphQL API by creating the necessary data sources and resolvers. It should be called after both the API and this construct have been created.
Example: const api = new ProcessingEnvironmentApi(this, 'Api', { ... }); const capacityPlanning = new CapacityPlanning(this, 'CapacityPlanning', { ... }); api.enable(capacityPlanning);
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { CapacityPlanning } from '@cdklabs/genai-idp'
CapacityPlanning.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
calculationFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that performs capacity planning calculations. |
resolverFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that serves as GraphQL resolver for capacity planning operations. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
calculationFunctionRequired
public readonly calculationFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that performs capacity planning calculations.
resolverFunctionRequired
public readonly resolverFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that serves as GraphQL resolver for capacity planning operations.
ChatSessionResolverFunction
Lambda function that handles GraphQL resolvers for chat session management.
This function provides resolvers for: - createChatSession: Create a new chat session - listChatSessions: List all chat sessions for a user with pagination - deleteChatSession: Delete a chat session and all its messages - updateChatSessionTitle: Update the title of an existing chat session - getChatSessionDetails: Get detailed information about a specific session
Initializers
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
new ChatSessionResolverFunction(scope: Construct, id: string, props: ChatSessionResolverFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ChatSessionResolverFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { ChatSessionResolverFunction } from '@cdklabs/genai-idp'
ChatSessionResolverFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ChatWithDocument
- Implements: IChatWithDocument, IApiFeature
Chat with Document feature for conversational document interaction.
Provides natural language conversation capabilities about a specific processed document. It combines document context from the knowledge base with conversational AI, maintaining conversation history and providing contextual responses about individual documents.
Integrates with the ProcessingEnvironmentApi as a feature using the
api.enable(chatWithDocument) pattern.
Example
const chatWithDocument = new ChatWithDocument(this, 'ChatWithDocument', {
knowledgeBase,
chatModel,
trackingTable,
configurationTable,
outputBucket,
});
api.enable(chatWithDocument);
Initializers
import { ChatWithDocument } from '@cdklabs/genai-idp'
new ChatWithDocument(scope: Construct, id: string, props: ChatWithDocumentProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ChatWithDocumentProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: ChatWithDocumentProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Chat with Document feature in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Chat with Document feature in the ProcessingEnvironmentApi.
Creates the chat with document data source and resolver.
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { ChatWithDocument } from '@cdklabs/genai-idp'
ChatWithDocument.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
CompleteSectionReviewFunction
Lambda function that completes section-level reviews in the HITL workflow.
This function handles the completion of human-in-the-loop section reviews, updating the tracking table with review results and preserving metadata such as estimated costs and page/section alignment.
Key features: - Handles Decimal serialization for DynamoDB - Preserves estimated cost information - Maintains page/section alignment - Updates review status in tracking table
Initializers
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
new CompleteSectionReviewFunction(scope: Construct, id: string, props: CompleteSectionReviewFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
CompleteSectionReviewFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { CompleteSectionReviewFunction } from '@cdklabs/genai-idp'
CompleteSectionReviewFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ConcurrencyTable
- Implements: IConcurrencyTable
A DynamoDB table for managing concurrency limits in document processing.
This construct creates a table with a custom resource that initializes concurrency counters, allowing the system to control how many documents are processed simultaneously to prevent resource exhaustion.
Initializers
import { ConcurrencyTable } from '@cdklabs/genai-idp'
new ConcurrencyTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.fullAccess() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readWriteData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
The use of this method is discouraged. Please use streamGrants.stream() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use streamGrants.streamRead() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
The use of this method is discouraged. Please use streamGrants.tableListStreams() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.writeData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ConfigurationTable
- Implements: IConfigurationTable
A DynamoDB table for storing configuration settings for the document processing solution.
This table uses a fixed partition key "Configuration" to store various configuration items such as extraction schemas, evaluation settings, and system parameters. It provides a centralized location for managing configuration that can be accessed by multiple components of the solution.
Configuration items stored in this table can include: - Document extraction schemas and templates - Model parameters and prompt configurations - Evaluation criteria and thresholds - UI settings and customizations - Processing workflow configurations
Initializers
import { ConfigurationTable } from '@cdklabs/genai-idp'
new ConfigurationTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.fullAccess() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readWriteData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
The use of this method is discouraged. Please use streamGrants.stream() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use streamGrants.streamRead() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
The use of this method is discouraged. Please use streamGrants.tableListStreams() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.writeData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DeleteAgentChatSessionFunction
Lambda function that deletes a chat session and its messages.
This function performs a batch delete operation to remove: 1. The session metadata from ChatSessionsTable 2. All messages associated with the session from ChatMessagesTable
Initializers
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
new DeleteAgentChatSessionFunction(scope: Construct, id: string, props: DeleteAgentChatSessionFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
DeleteAgentChatSessionFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { DeleteAgentChatSessionFunction } from '@cdklabs/genai-idp'
DeleteAgentChatSessionFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DiscoveryProcessorFunction
A Lambda function that processes discovery jobs from SQS queue.
This function analyzes documents to identify structure, field types, and organizational patterns for automated configuration generation.
Initializers
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
new DiscoveryProcessorFunction(scope: Construct, id: string, props: DiscoveryProcessorFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
DiscoveryProcessorFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DiscoveryQueue
- Implements: IDiscoveryQueue
An SQS queue for processing discovery jobs asynchronously.
This construct creates a queue that receives discovery job messages and triggers Lambda processing for document analysis.
Initializers
import { DiscoveryQueue } from '@cdklabs/genai-idp'
new DiscoveryQueue(scope: Construct, id: string, props?: DiscoveryQueueProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
DiscoveryQueueProps |
Configuration properties for the SQS queue. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: DiscoveryQueueProps
Configuration properties for the SQS queue.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the IAM resource policy associated with this queue. |
grant |
Grant the actions defined in queueActions to the identity Principal given on this SQS queue resource. |
grantConsumeMessages |
Grant permissions to consume messages from a queue. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantPurge |
Grant an IAM principal permissions to purge all messages from the queue. |
grantSendMessages |
Grant access to send messages to a queue to the given identity. |
metric |
Return the given named metric for this Queue. |
metricApproximateAgeOfOldestMessage |
The approximate age of the oldest non-deleted message in the queue. |
metricApproximateNumberOfMessagesDelayed |
The number of messages in the queue that are delayed and not available for reading immediately. |
metricApproximateNumberOfMessagesNotVisible |
The number of messages that are in flight. |
metricApproximateNumberOfMessagesVisible |
The number of messages available for retrieval from the queue. |
metricNumberOfEmptyReceives |
The number of ReceiveMessage API calls that did not return a message. |
metricNumberOfMessagesDeleted |
The number of messages deleted from the queue. |
metricNumberOfMessagesReceived |
The number of messages returned by calls to the ReceiveMessage action. |
metricNumberOfMessagesSent |
The number of messages added to a queue. |
metricSentMessageSize |
The size of messages added to a queue. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the IAM resource policy associated with this queue.
If this queue was created in this stack (new Queue), a queue policy
will be automatically created upon the first call to addToPolicy. If
the queue is imported (Queue.import), then this is a no-op.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Grant the actions defined in queueActions to the identity Principal given on this SQS queue resource.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
Principal to grant right to.
actionsRequired
- Type: ...string[]
The actions to grant.
grantConsumeMessages
public grantConsumeMessages(grantee: IGrantable): Grant
Grant permissions to consume messages from a queue.
This will grant the following permissions:
- sqs:ChangeMessageVisibility
- sqs:DeleteMessage
- sqs:ReceiveMessage
- sqs:GetQueueAttributes
- sqs:GetQueueUrl
If encryption is used, permission to use the key to decrypt the contents of the queue will also be granted to the same principal.
This will grant the following KMS permissions:
- kms:Decrypt
The use of this method is discouraged. Please use grants.consumeMessages() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
Principal to grant consume rights to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantPurge
public grantPurge(grantee: IGrantable): Grant
Grant an IAM principal permissions to purge all messages from the queue.
This will grant the following permissions:
- sqs:PurgeQueue
- sqs:GetQueueAttributes
- sqs:GetQueueUrl
The use of this method is discouraged. Please use grants.purge() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
Principal to grant send rights to.
grantSendMessages
public grantSendMessages(grantee: IGrantable): Grant
Grant access to send messages to a queue to the given identity.
This will grant the following permissions:
- sqs:SendMessage
- sqs:GetQueueAttributes
- sqs:GetQueueUrl
If encryption is used, permission to use the key to encrypt/decrypt the contents of the queue will also be granted to the same principal.
This will grant the following KMS permissions:
- kms:Decrypt
- kms:Encrypt
- kms:ReEncrypt*
- kms:GenerateDataKey*
The use of this method is discouraged. Please use grants.sendMessages() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
Principal to grant send rights to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Queue.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricApproximateAgeOfOldestMessage
public metricApproximateAgeOfOldestMessage(props?: MetricOptions): Metric
The approximate age of the oldest non-deleted message in the queue.
Maximum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricApproximateNumberOfMessagesDelayed
public metricApproximateNumberOfMessagesDelayed(props?: MetricOptions): Metric
The number of messages in the queue that are delayed and not available for reading immediately.
Maximum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricApproximateNumberOfMessagesNotVisible
public metricApproximateNumberOfMessagesNotVisible(props?: MetricOptions): Metric
The number of messages that are in flight.
Maximum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricApproximateNumberOfMessagesVisible
public metricApproximateNumberOfMessagesVisible(props?: MetricOptions): Metric
The number of messages available for retrieval from the queue.
Maximum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricNumberOfEmptyReceives
public metricNumberOfEmptyReceives(props?: MetricOptions): Metric
The number of ReceiveMessage API calls that did not return a message.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricNumberOfMessagesDeleted
public metricNumberOfMessagesDeleted(props?: MetricOptions): Metric
The number of messages deleted from the queue.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricNumberOfMessagesReceived
public metricNumberOfMessagesReceived(props?: MetricOptions): Metric
The number of messages returned by calls to the ReceiveMessage action.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricNumberOfMessagesSent
public metricNumberOfMessagesSent(props?: MetricOptions): Metric
The number of messages added to a queue.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSentMessageSize
public metricSentMessageSize(props?: MetricOptions): Metric
The size of messages added to a queue.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromQueueArn |
Import an existing SQS queue provided an ARN. |
fromQueueAttributes |
Import an existing queue. |
isConstruct
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromQueueArn
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.fromQueueArn(scope: Construct, id: string, queueArn: string)
Import an existing SQS queue provided an ARN.
scopeRequired
- Type: constructs.Construct
The parent creating construct.
idRequired
- Type: string
The construct's name.
queueArnRequired
- Type: string
queue ARN (i.e. arn:aws:sqs:us-east-2:444455556666:queue1).
fromQueueAttributes
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.fromQueueAttributes(scope: Construct, id: string, attrs: QueueAttributes)
Import an existing queue.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
attrsRequired
- Type: aws-cdk-lib.aws_sqs.QueueAttributes
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
fifo |
boolean |
Whether this queue is an Amazon SQS FIFO queue. |
grants |
aws-cdk-lib.aws_sqs.QueueGrants |
Collection of grant methods for a Queue. |
queueArn |
string |
The ARN of this queue. |
queueName |
string |
The name of this queue. |
queueRef |
aws-cdk-lib.interfaces.aws_sqs.QueueReference |
A reference to a Queue resource. |
queueUrl |
string |
The URL of this queue. |
encryptionMasterKey |
aws-cdk-lib.aws_kms.IKey |
If this queue is encrypted, this is the KMS key. |
encryptionType |
aws-cdk-lib.aws_sqs.QueueEncryption |
Whether the contents of the queue are encrypted, and by what type of key. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.DeadLetterQueue |
If this queue is configured with a dead-letter queue, this is the dead-letter queue settings. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
fifoRequired
public readonly fifo: boolean;
- Type: boolean
Whether this queue is an Amazon SQS FIFO queue.
If false, this is a standard queue.
grantsRequired
public readonly grants: QueueGrants;
- Type: aws-cdk-lib.aws_sqs.QueueGrants
Collection of grant methods for a Queue.
queueArnRequired
public readonly queueArn: string;
- Type: string
The ARN of this queue.
queueNameRequired
public readonly queueName: string;
- Type: string
The name of this queue.
queueRefRequired
public readonly queueRef: QueueReference;
- Type: aws-cdk-lib.interfaces.aws_sqs.QueueReference
A reference to a Queue resource.
queueUrlRequired
public readonly queueUrl: string;
- Type: string
The URL of this queue.
encryptionMasterKeyOptional
public readonly encryptionMasterKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
If this queue is encrypted, this is the KMS key.
encryptionTypeOptional
public readonly encryptionType: QueueEncryption;
- Type: aws-cdk-lib.aws_sqs.QueueEncryption
Whether the contents of the queue are encrypted, and by what type of key.
deadLetterQueueOptional
public readonly deadLetterQueue: DeadLetterQueue;
- Type: aws-cdk-lib.aws_sqs.DeadLetterQueue
If this queue is configured with a dead-letter queue, this is the dead-letter queue settings.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DiscoveryTable
- Implements: IDiscoveryTable
A DynamoDB table for tracking discovery jobs.
This construct creates a table that stores discovery job information including status, document keys, and processing metadata.
Initializers
import { DiscoveryTable } from '@cdklabs/genai-idp'
new DiscoveryTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.fullAccess() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readWriteData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
The use of this method is discouraged. Please use streamGrants.stream() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use streamGrants.streamRead() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
The use of this method is discouraged. Please use streamGrants.tableListStreams() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.writeData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DiscoveryUploadResolverFunction
A Lambda function that handles discovery document uploads via GraphQL API.
This function generates presigned URLs for document uploads and creates discovery job entries in the tracking table.
Initializers
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
new DiscoveryUploadResolverFunction(scope: Construct, id: string, props: DiscoveryUploadResolverFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
DiscoveryUploadResolverFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DocSplitTestSetDeployerFunction
Lambda function that deploys the DocSplit-Poly-Seq dataset.
This function downloads and deploys the DocSplit-Poly-Seq dataset for evaluating document splitting and segmentation capabilities. The dataset includes various document types with ground truth segmentation annotations for systematic evaluation.
It's designed to be used as a CloudFormation custom resource during stack deployment.
Initializers
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
new DocSplitTestSetDeployerFunction(scope: Construct, id: string, props: DocSplitTestSetDeployerFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
DocSplitTestSetDeployerFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { DocSplitTestSetDeployerFunction } from '@cdklabs/genai-idp'
DocSplitTestSetDeployerFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DocumentDiscovery
- Implements: IDocumentDiscovery, IApiFeature, IWebAppFeature
A construct that provides document discovery capabilities.
This construct creates the infrastructure needed for automated document analysis and configuration generation, including DynamoDB table, SQS queue, and Lambda functions for processing discovery jobs.
Initializers
import { DocumentDiscovery } from '@cdklabs/genai-idp'
new DocumentDiscovery(scope: Construct, id: string, props: DocumentDiscoveryProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
DocumentDiscoveryProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: DocumentDiscoveryProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Document Discovery feature in the ProcessingEnvironmentApi. |
enableInWebApp |
Enable this Document Discovery feature in the WebApplication. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Document Discovery feature in the ProcessingEnvironmentApi.
Creates the discovery upload resolver, discovery table data source, and all associated resolvers for discovery job management.
apiRequired
The ProcessingEnvironmentApi to enable in.
enableInWebApp
public enableInWebApp(webApp: IWebApplication): void
Enable this Document Discovery feature in the WebApplication.
Contributes the DiscoveryBucket setting and configures CORS on the discovery bucket for CloudFront access.
webAppRequired
- Type: IWebApplication
The WebApplication to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { DocumentDiscovery } from '@cdklabs/genai-idp'
DocumentDiscovery.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for document discovery uploads. |
discoveryQueue |
IDiscoveryQueue |
The SQS queue for processing discovery jobs asynchronously. |
discoveryTable |
IDiscoveryTable |
The DynamoDB table that tracks discovery job status and metadata. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for document discovery uploads.
discoveryQueueRequired
public readonly discoveryQueue: IDiscoveryQueue;
- Type: IDiscoveryQueue
The SQS queue for processing discovery jobs asynchronously.
discoveryTableRequired
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
The DynamoDB table that tracks discovery job status and metadata.
DocumentEditing
- Implements: IDocumentEditing, IApiFeature
Document Editing feature for section-level document modifications.
Provides the ability to modify document sections and trigger reprocessing. This enables users to make corrections or adjustments to processed documents and have those changes reflected in the processing results.
Integrates with the ProcessingEnvironmentApi as a feature using the
api.enable(documentEditing) pattern.
Example
const documentEditing = new DocumentEditing(this, 'DocumentEditing', {
trackingTable,
documentQueue,
workingBucket,
inputBucket,
outputBucket,
dataRetentionInDays: 30,
});
api.enable(documentEditing);
Initializers
import { DocumentEditing } from '@cdklabs/genai-idp'
new DocumentEditing(scope: Construct, id: string, props: DocumentEditingProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
DocumentEditingProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: DocumentEditingProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Document Editing feature in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Document Editing feature in the ProcessingEnvironmentApi.
Creates the process changes data source and resolver.
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { DocumentEditing } from '@cdklabs/genai-idp'
DocumentEditing.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
ErrorAnalyzer
- Implements: IErrorAnalyzer, IApiFeature
Error Analyzer construct for AI-powered failure diagnosis.
Provides comprehensive error analysis capabilities including: - AI-powered failure diagnosis using Claude Sonnet 4 - CloudWatch log analysis and correlation - X-Ray trace analysis and debugging - Request ID-based correlation - Configurable model selection and system prompts
Error Analyzer integrates with the ProcessingEnvironment to provide intelligent troubleshooting for document processing workflows, helping users quickly identify and resolve processing failures.
Initializers
import { ErrorAnalyzer } from '@cdklabs/genai-idp'
new ErrorAnalyzer(scope: Construct, id: string, props?: ErrorAnalyzerProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ErrorAnalyzerProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsOptional
- Type: ErrorAnalyzerProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Error Analyzer feature in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Error Analyzer feature in the ProcessingEnvironmentApi.
This method integrates the error analysis functionality with the GraphQL API by creating the necessary data sources and resolvers. It should be called after both the API and this construct have been created.
Example: const api = new ProcessingEnvironmentApi(this, 'Api', { ... }); const errorAnalyzer = new ErrorAnalyzer(this, 'ErrorAnalyzer', { ... }); api.enable(errorAnalyzer);
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { ErrorAnalyzer } from '@cdklabs/genai-idp'
ErrorAnalyzer.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
analyzerFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for AI-powered error analysis. |
traceTable |
aws-cdk-lib.aws_dynamodb.ITable |
Optional DynamoDB table for storing trace IDs and analysis results. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
analyzerFunctionRequired
public readonly analyzerFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for AI-powered error analysis.
traceTableOptional
public readonly traceTable: ITable;
- Type: aws-cdk-lib.aws_dynamodb.ITable
Optional DynamoDB table for storing trace IDs and analysis results.
ErrorAnalyzerFunction
Lambda function that provides AI-powered error analysis and troubleshooting.
This function uses Claude Sonnet 4 to analyze document processing failures, correlate CloudWatch logs, and provide intelligent troubleshooting recommendations.
Initializers
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
new ErrorAnalyzerFunction(scope: Construct, id: string, props: ErrorAnalyzerFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ErrorAnalyzerFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { ErrorAnalyzerFunction } from '@cdklabs/genai-idp'
ErrorAnalyzerFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
Evaluation
- Implements: IEvaluation, IApiFeature, IWebAppFeature
Evaluation feature for document processing accuracy measurement.
Provides the ability to copy processed documents to a baseline bucket for evaluation purposes. This enables comparing extraction results against known correct values to measure accuracy and evaluate model performance.
Integrates with the ProcessingEnvironmentApi as a feature using the
api.enable(evaluation) pattern.
Example
const evaluation = new Evaluation(this, 'Evaluation', {
evaluationBaselineBucket,
outputBucket,
encryptionKey: key,
});
api.enable(evaluation);
Initializers
import { Evaluation } from '@cdklabs/genai-idp'
new Evaluation(scope: Construct, id: string, props: EvaluationProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
EvaluationProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: EvaluationProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Evaluation feature in the ProcessingEnvironmentApi. |
enableInWebApp |
Enable this Evaluation feature in the WebApplication. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Evaluation feature in the ProcessingEnvironmentApi.
Creates the copy-to-baseline data source and resolver for evaluation workflows.
apiRequired
The ProcessingEnvironmentApi to enable in.
enableInWebApp
public enableInWebApp(webApp: IWebApplication): void
Enable this Evaluation feature in the WebApplication.
Contributes the EvaluationBaselineBucket setting and configures CORS on the baseline bucket for CloudFront access.
webAppRequired
- Type: IWebApplication
The WebApplication to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { Evaluation } from '@cdklabs/genai-idp'
Evaluation.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
evaluationBaselineBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing evaluation baseline documents. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
evaluationBaselineBucketRequired
public readonly evaluationBaselineBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing evaluation baseline documents.
FccDatasetDeployer
Custom resource construct for deploying the RealKIE-FCC-Verified dataset.
This construct creates a CloudFormation custom resource that downloads the RealKIE-FCC-Verified dataset from HuggingFace and deploys it to the test bucket with proper baseline files for evaluation purposes.
The deployment is idempotent - it will only download and deploy the dataset if it doesn't already exist with the specified version.
Initializers
import { FccDatasetDeployer } from '@cdklabs/genai-idp'
new FccDatasetDeployer(scope: Construct, id: string, props: FccDatasetDeployerProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
FccDatasetDeployerProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: FccDatasetDeployerProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { FccDatasetDeployer } from '@cdklabs/genai-idp'
FccDatasetDeployer.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
customResource |
aws-cdk-lib.CustomResource |
The custom resource that triggers the deployment. |
datasetVersion |
string |
Get the dataset version that was deployed. |
deployerFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that performs the dataset deployment. |
deploymentMessage |
string |
Get the deployment message. |
fileCount |
number |
Get the number of files that were deployed. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
customResourceRequired
public readonly customResource: CustomResource;
- Type: aws-cdk-lib.CustomResource
The custom resource that triggers the deployment.
datasetVersionRequired
public readonly datasetVersion: string;
- Type: string
Get the dataset version that was deployed.
deployerFunctionRequired
public readonly deployerFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that performs the dataset deployment.
deploymentMessageRequired
public readonly deploymentMessage: string;
- Type: string
Get the deployment message.
fileCountRequired
public readonly fileCount: number;
- Type: number
Get the number of files that were deployed.
FccDatasetDeployerFunction
Lambda function that deploys the RealKIE-FCC-Verified dataset.
This function downloads the RealKIE-FCC-Verified dataset from HuggingFace and deploys it to the test bucket with proper baseline files for evaluation. It's designed to be used as a CloudFormation custom resource during stack deployment.
Initializers
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
new FccDatasetDeployerFunction(scope: Construct, id: string, props: FccDatasetDeployerFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
FccDatasetDeployerFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { FccDatasetDeployerFunction } from '@cdklabs/genai-idp'
FccDatasetDeployerFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
GetAgentChatMessagesFunction
Lambda function that retrieves chat messages for a session.
This function queries the ChatMessagesTable by PK/SK to retrieve the conversation history for a specific chat session.
Initializers
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
new GetAgentChatMessagesFunction(scope: Construct, id: string, props: GetAgentChatMessagesFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
GetAgentChatMessagesFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { GetAgentChatMessagesFunction } from '@cdklabs/genai-idp'
GetAgentChatMessagesFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
HitlEnvironment
- Implements: IHitlEnvironment, IApiFeature
A construct that sets up the Human-in-the-Loop (HITL) environment for document processing.
As of v0.4.16, HITL functionality is built directly into the Web UI and no longer requires SageMaker A2I infrastructure. This construct now only manages the CompleteSectionReviewFunction for completing section reviews.
The HITL environment enables human review of documents through the Web UI, with section review completion handled by the Lambda function.
Initializers
import { HitlEnvironment } from '@cdklabs/genai-idp'
new HitlEnvironment(scope: Construct, id: string, props: HitlEnvironmentProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
HitlEnvironmentProps |
Configuration properties for the HITL environment. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
- Type: HitlEnvironmentProps
Configuration properties for the HITL environment.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this HITL environment in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this HITL environment in the ProcessingEnvironmentApi.
This method integrates the HITL functionality with the GraphQL API by creating the necessary data source and resolver for section review completion.
Example:
const api = new ProcessingEnvironmentApi(this, 'Api', { ... });
const hitl = new HitlEnvironment(this, 'Hitl', {
trackingTable: environment.trackingTable,
});
api.enable(hitl);
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { HitlEnvironment } from '@cdklabs/genai-idp'
HitlEnvironment.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
completeSectionReviewFunction |
CompleteSectionReviewFunction |
The Lambda function for completing section reviews. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
completeSectionReviewFunctionRequired
public readonly completeSectionReviewFunction: CompleteSectionReviewFunction;
The Lambda function for completing section reviews.
KnowledgeBaseQuery
- Implements: IKnowledgeBaseQuery, IApiFeature, IWebAppFeature
Knowledge Base Query feature for natural language document querying.
Provides the ability to query processed documents using natural language through Amazon Bedrock knowledge base. This enables users to search and retrieve information from the entire processed document dataset.
Integrates with the ProcessingEnvironmentApi as a feature using the
api.enable(knowledgeBaseQuery) pattern.
Example
const knowledgeBaseQuery = new KnowledgeBaseQuery(this, 'KnowledgeBaseQuery', {
knowledgeBase,
knowledgeBaseModel: chatModel,
guardrail,
});
api.enable(knowledgeBaseQuery);
Initializers
import { KnowledgeBaseQuery } from '@cdklabs/genai-idp'
new KnowledgeBaseQuery(scope: Construct, id: string, props: KnowledgeBaseQueryProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
KnowledgeBaseQueryProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: KnowledgeBaseQueryProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Knowledge Base Query feature in the ProcessingEnvironmentApi. |
enableInWebApp |
Enable this Knowledge Base Query feature in the WebApplication. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Knowledge Base Query feature in the ProcessingEnvironmentApi.
Creates the query knowledge base data source and resolver.
apiRequired
The ProcessingEnvironmentApi to enable in.
enableInWebApp
public enableInWebApp(webApp: IWebApplication): void
Enable this Knowledge Base Query feature in the WebApplication.
Contributes the ShouldUseDocumentKnowledgeBase setting to the UI.
webAppRequired
- Type: IWebApplication
The WebApplication to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { KnowledgeBaseQuery } from '@cdklabs/genai-idp'
KnowledgeBaseQuery.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
knowledgeBase |
@cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase |
The Amazon Bedrock knowledge base for document querying. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
knowledgeBaseRequired
public readonly knowledgeBase: IKnowledgeBase;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase
The Amazon Bedrock knowledge base for document querying.
ListAgentChatSessionsFunction
Lambda function that lists all chat sessions for a user.
This function queries the ChatSessionsTable by userId to retrieve all active chat sessions with their metadata.
Initializers
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
new ListAgentChatSessionsFunction(scope: Construct, id: string, props: ListAgentChatSessionsFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ListAgentChatSessionsFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { ListAgentChatSessionsFunction } from '@cdklabs/genai-idp'
ListAgentChatSessionsFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ListAvailableAgentsFunction
Lambda function for listing available analytics agents.
This function returns a list of available agents including both built-in analytics agents and any configured external MCP agents.
Initializers
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
new ListAvailableAgentsFunction(scope: Construct, id: string, props: ListAvailableAgentsFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ListAvailableAgentsFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
MCPIntegration
- Implements: IMCPIntegration
MCP Integration construct for external application access.
Provides Model Context Protocol (MCP) integration capabilities including: - AgentCore Gateway deployment with OAuth 2.0 authentication - Analytics agent for natural language queries - Cross-region support for global access - Integration with Cognito for secure authentication
MCP Integration enables external applications (like IDEs, chat clients, etc.) to interact with the document processing system through a standardized protocol.
Initializers
import { MCPIntegration } from '@cdklabs/genai-idp'
new MCPIntegration(scope: Construct, id: string, props: MCPIntegrationProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
MCPIntegrationProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: MCPIntegrationProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { MCPIntegration } from '@cdklabs/genai-idp'
MCPIntegration.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
analyticsAgentFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for analytics agent operations. |
clientId |
string |
Cognito client ID for OAuth 2.0 authentication. |
gatewayDeployer |
AgentCoreGatewayDeployer |
AgentCore Gateway deployer for managing gateway lifecycle. |
gatewayEndpoint |
string |
AgentCore Gateway endpoint for MCP access. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
analyticsAgentFunctionRequired
public readonly analyticsAgentFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for analytics agent operations.
clientIdRequired
public readonly clientId: string;
- Type: string
Cognito client ID for OAuth 2.0 authentication.
gatewayDeployerRequired
public readonly gatewayDeployer: AgentCoreGatewayDeployer;
- Type: AgentCoreGatewayDeployer
AgentCore Gateway deployer for managing gateway lifecycle.
gatewayEndpointRequired
public readonly gatewayEndpoint: string;
- Type: string
AgentCore Gateway endpoint for MCP access.
MessagesTable
- Implements: IMessagesTable
A DynamoDB table for storing chat messages and conversation history.
This table uses a composite key (PK, SK) to efficiently store and query chat message data including message content, metadata, and conversation turns. The table design supports message history management with automatic cleanup through TTL attributes.
Message data stored in this table includes: - Individual message content and metadata - Conversation turn information - Agent responses and tool usage - Message timestamps and processing status
Initializers
import { MessagesTable } from '@cdklabs/genai-idp'
new MessagesTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.fullAccess() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readWriteData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
The use of this method is discouraged. Please use streamGrants.stream() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use streamGrants.streamRead() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
The use of this method is discouraged. Please use streamGrants.tableListStreams() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.writeData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { MessagesTable } from '@cdklabs/genai-idp'
MessagesTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { MessagesTable } from '@cdklabs/genai-idp'
MessagesTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { MessagesTable } from '@cdklabs/genai-idp'
MessagesTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { MessagesTable } from '@cdklabs/genai-idp'
MessagesTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { MessagesTable } from '@cdklabs/genai-idp'
MessagesTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { MessagesTable } from '@cdklabs/genai-idp'
MessagesTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
OcrBenchmarkDeployerFunction
Lambda function that deploys OCR benchmarking datasets.
This function downloads and deploys OCR benchmark datasets for evaluating optical character recognition capabilities. The datasets include various document types with ground truth text annotations for systematic OCR accuracy evaluation.
It's designed to be used as a CloudFormation custom resource during stack deployment.
Initializers
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
new OcrBenchmarkDeployerFunction(scope: Construct, id: string, props: OcrBenchmarkDeployerFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
OcrBenchmarkDeployerFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { OcrBenchmarkDeployerFunction } from '@cdklabs/genai-idp'
OcrBenchmarkDeployerFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ProcessingEnvironment
- Implements: IProcessingEnvironment
Core infrastructure for the Intelligent Document Processing solution.
This construct orchestrates the end-to-end document processing workflow, from document ingestion to structured data extraction and result tracking. It provides the shared infrastructure and services that all document processor patterns use, including:
- S3 buckets for document storage
- DynamoDB tables for tracking and configuration
- SQS queues for document processing
- Lambda functions for workflow orchestration
- CloudWatch metrics and logs for monitoring
- GraphQL API for client interactions
The ProcessingEnvironment is designed to be pattern-agnostic, providing the foundation that specific document processor implementations build upon.
Initializers
import { ProcessingEnvironment } from '@cdklabs/genai-idp'
new ProcessingEnvironment(scope: Construct, id: string, props: ProcessingEnvironmentProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ProcessingEnvironmentProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
attach |
Attaches a document processor to this processing environment. |
metricQueueLatency |
Creates a CloudWatch metric for queue latency. |
metricTotalLatency |
Creates a CloudWatch metric for total processing latency. |
metricWorkflowLatency |
Creates a CloudWatch metric for workflow latency. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
attach
public attach(processor: IDocumentProcessor, options?: DocumentProcessorAttachmentOptions): DocumentProcessorAttachmentResult
Attaches a document processor to this processing environment.
Sets up the necessary event triggers, permissions, and integrations to enable the processor to work with this environment.
processorRequired
- Type: IDocumentProcessor
optionsOptional
metricQueueLatency
public metricQueueLatency(props?: MetricOptions): Metric
Creates a CloudWatch metric for queue latency.
Measures the time from when a document is queued to when workflow processing starts.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Optional metric configuration properties.
metricTotalLatency
public metricTotalLatency(props?: MetricOptions): Metric
Creates a CloudWatch metric for total processing latency.
Measures the end-to-end time from document queuing to completion.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Optional metric configuration properties.
metricWorkflowLatency
public metricWorkflowLatency(props?: MetricOptions): Metric
Creates a CloudWatch metric for workflow latency.
Measures the time from when workflow processing starts to completion.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Optional metric configuration properties.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { ProcessingEnvironment } from '@cdklabs/genai-idp'
ProcessingEnvironment.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
configurationFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that updates configuration settings. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where source documents to be processed are stored. |
logLevel |
LogLevel |
The log level for document processing components. |
lookupFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that looks up document information from the tracking table. |
metricNamespace |
string |
The namespace for CloudWatch metrics emitted by the document processing system. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents and extraction results are stored. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
workingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket used for temporary storage during document processing. |
api |
IProcessingEnvironmentApi |
Optional ProcessingEnvironmentApi for progress notifications. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key used for encrypting sensitive data in the processing environment. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs generated by document processing components. |
reportingEnvironment |
IReportingEnvironment |
Optional reporting environment for analytics and evaluation capabilities. |
saveReportingDataFunction |
aws-cdk-lib.aws_lambda.IFunction |
Optional Lambda function that saves reporting data to the reporting bucket. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray tracing for Lambda functions in the processing environment. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for document processing components. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
configurationFunctionRequired
public readonly configurationFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that updates configuration settings.
Used to initialize and update configuration during deployment and runtime.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Contains document schemas, extraction parameters, and other system-wide settings.
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents to be processed are stored.
This bucket is monitored for new document uploads to trigger processing.
logLevelRequired
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for document processing components.
Controls the verbosity of logs generated during document processing.
lookupFunctionRequired
public readonly lookupFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that looks up document information from the tracking table.
Used to retrieve document metadata and processing status.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics emitted by the document processing system.
Used to organize and identify metrics related to document processing.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents and extraction results are stored.
Contains the structured data output and processing artifacts.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Stores information about documents being processed, including status and results.
workingBucketRequired
public readonly workingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket used for temporary storage during document processing.
Contains intermediate processing artifacts and working files.
apiOptional
public readonly api: IProcessingEnvironmentApi;
Optional ProcessingEnvironmentApi for progress notifications.
When provided, functions will use GraphQL mutations to update document status.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key used for encrypting sensitive data in the processing environment.
When provided, ensures that document content and metadata are encrypted at rest.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
The retention period for CloudWatch logs generated by document processing components.
Controls how long system logs are kept for troubleshooting and auditing.
reportingEnvironmentOptional
public readonly reportingEnvironment: IReportingEnvironment;
- Type: IReportingEnvironment
Optional reporting environment for analytics and evaluation capabilities.
When provided, enables storage and querying of evaluation metrics and processing analytics.
saveReportingDataFunctionOptional
public readonly saveReportingDataFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Optional Lambda function that saves reporting data to the reporting bucket.
Available when a reporting environment is provided.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
Enable AWS X-Ray tracing for Lambda functions in the processing environment.
When enabled, provides distributed tracing capabilities for debugging and performance analysis.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for document processing components.
When provided, deploys processing components within a VPC with specified settings.
ProcessingEnvironmentApi
- Implements: IProcessingEnvironmentApi
A construct that provides a GraphQL API for tracking and managing document processing.
The ProcessingEnvironmentApi creates an AppSync GraphQL API with resolvers for: - Querying document status and metadata - Managing document processing (delete, reprocess) - Accessing document contents and extraction results - Uploading new documents for processing - Copying documents to baseline for evaluation
Additional features can be integrated using the enable() method, which
accepts any construct implementing IApiFeature.
Initializers
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
new ProcessingEnvironmentApi(scope: Construct, id: string, props: ProcessingEnvironmentApiProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
ProcessingEnvironmentApiProps |
Configuration properties for the API. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
Configuration properties for the API.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addDynamoDbDataSource |
add a new DynamoDB data source to this API. |
addElasticsearchDataSource |
add a new elasticsearch data source to this API. |
addEventBridgeDataSource |
Add an EventBridge data source to this api. |
addHttpDataSource |
add a new http data source to this API. |
addLambdaDataSource |
Add a Lambda data source to the GraphQL API. |
addNoneDataSource |
Add a None data source to the GraphQL API. |
addOpenSearchDataSource |
add a new OpenSearch data source to this API. |
addRdsDataSource |
add a new Rds data source to this API. |
addRdsDataSourceV2 |
add a new Rds data source to this API. |
addSchemaDependency |
Add schema dependency to a given construct. |
createResolver |
creates a new resolver for this datasource and API using the given properties. |
grant |
Adds an IAM policy statement associated with this GraphQLApi to an IAM principal's policy. |
grantMutation |
Adds an IAM policy statement for Mutation access to this GraphQLApi to an IAM principal's policy. |
grantQuery |
Adds an IAM policy statement for Query access to this GraphQLApi to an IAM principal's policy. |
grantSubscription |
Adds an IAM policy statement for Subscription access to this GraphQLApi to an IAM principal's policy. |
addEnvironmentVariable |
Add an environment variable to the construct. |
addConfigurationTable |
Add configuration table data sources and resolvers to the GraphQL API. |
addTrackingTable |
Add tracking table data sources and resolvers to the GraphQL API. |
enable |
Enable a feature in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addDynamoDbDataSource
public addDynamoDbDataSource(id: string, table: ITable, options?: DataSourceOptions): DynamoDbDataSource
add a new DynamoDB data source to this API.
idRequired
- Type: string
The data source's id.
tableRequired
- Type: aws-cdk-lib.aws_dynamodb.ITable
The DynamoDB table backing this data source.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
~~addElasticsearchDataSource~~
public addElasticsearchDataSource(id: string, domain: IDomain, options?: DataSourceOptions): ElasticsearchDataSource
add a new elasticsearch data source to this API.
idRequired
- Type: string
The data source's id.
domainRequired
- Type: aws-cdk-lib.aws_elasticsearch.IDomain
The elasticsearch domain for this data source.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addEventBridgeDataSource
public addEventBridgeDataSource(id: string, eventBus: IEventBus, options?: DataSourceOptions): EventBridgeDataSource
Add an EventBridge data source to this api.
idRequired
- Type: string
The data source's id.
eventBusRequired
- Type: aws-cdk-lib.aws_events.IEventBus
The EventBridge EventBus on which to put events.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addHttpDataSource
public addHttpDataSource(id: string, endpoint: string, options?: HttpDataSourceOptions): HttpDataSource
add a new http data source to this API.
idRequired
- Type: string
The data source's id.
endpointRequired
- Type: string
The http endpoint.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.HttpDataSourceOptions
The optional configuration for this data source.
addLambdaDataSource
public addLambdaDataSource(id: string, fn: IFunction, options?: DataSourceOptions): LambdaDataSource
Add a Lambda data source to the GraphQL API.
This helper method allows features to register their Lambda functions as data sources for GraphQL resolvers. Features implementing IApiAttachable can use this method during their attachTo() implementation to create data sources.
idRequired
- Type: string
The unique identifier for the data source.
fnRequired
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function to use as the data source.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
Optional configuration for the data source.
addNoneDataSource
public addNoneDataSource(id: string, options?: DataSourceOptions): NoneDataSource
Add a None data source to the GraphQL API.
This helper method allows features to create None data sources for resolvers that don't require a backend (e.g., for local resolvers or pass-through operations). Features implementing IApiFeature can use this method during their enableInApi() implementation.
idRequired
- Type: string
The unique identifier for the data source.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
Optional configuration for the data source.
addOpenSearchDataSource
public addOpenSearchDataSource(id: string, domain: IDomain, options?: DataSourceOptions): OpenSearchDataSource
add a new OpenSearch data source to this API.
idRequired
- Type: string
The data source's id.
domainRequired
- Type: aws-cdk-lib.aws_opensearchservice.IDomain
The OpenSearch domain for this data source.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addRdsDataSource
public addRdsDataSource(id: string, serverlessCluster: IServerlessCluster, secretStore: ISecret, databaseName?: string, options?: DataSourceOptions): RdsDataSource
add a new Rds data source to this API.
idRequired
- Type: string
The data source's id.
serverlessClusterRequired
- Type: aws-cdk-lib.aws_rds.IServerlessCluster
The serverless cluster to interact with this data source.
secretStoreRequired
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
The secret store that contains the username and password for the serverless cluster.
databaseNameOptional
- Type: string
The optional name of the database to use within the cluster.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addRdsDataSourceV2
public addRdsDataSourceV2(id: string, serverlessCluster: IDatabaseCluster, secretStore: ISecret, databaseName?: string, options?: DataSourceOptions): RdsDataSource
add a new Rds data source to this API.
idRequired
- Type: string
The data source's id.
serverlessClusterRequired
- Type: aws-cdk-lib.aws_rds.IDatabaseCluster
The serverless V2 cluster to interact with this data source.
secretStoreRequired
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
The secret store that contains the username and password for the serverless cluster.
databaseNameOptional
- Type: string
The optional name of the database to use within the cluster.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addSchemaDependency
public addSchemaDependency(construct: CfnResource): boolean
Add schema dependency to a given construct.
constructRequired
- Type: aws-cdk-lib.CfnResource
the dependee.
createResolver
public createResolver(id: string, props: ExtendedResolverProps): Resolver
creates a new resolver for this datasource and API using the given properties.
idRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_appsync.ExtendedResolverProps
grant
public grant(grantee: IGrantable, resources: IamResource, actions: ...string[]): Grant
Adds an IAM policy statement associated with this GraphQLApi to an IAM principal's policy.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal.
resourcesRequired
- Type: aws-cdk-lib.aws_appsync.IamResource
The set of resources to allow (i.e. ...:[region]:[accountId]:apis/GraphQLId/...).
actionsRequired
- Type: ...string[]
The actions that should be granted to the principal (i.e. appsync:graphql ).
grantMutation
public grantMutation(grantee: IGrantable, fields: ...string[]): Grant
Adds an IAM policy statement for Mutation access to this GraphQLApi to an IAM principal's policy.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal.
fieldsRequired
- Type: ...string[]
The fields to grant access to that are Mutations (leave blank for all).
grantQuery
public grantQuery(grantee: IGrantable, fields: ...string[]): Grant
Adds an IAM policy statement for Query access to this GraphQLApi to an IAM principal's policy.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal.
fieldsRequired
- Type: ...string[]
The fields to grant access to that are Queries (leave blank for all).
grantSubscription
public grantSubscription(grantee: IGrantable, fields: ...string[]): Grant
Adds an IAM policy statement for Subscription access to this GraphQLApi to an IAM principal's policy.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal.
fieldsRequired
- Type: ...string[]
The fields to grant access to that are Subscriptions (leave blank for all).
addEnvironmentVariable
public addEnvironmentVariable(key: string, value: string): void
Add an environment variable to the construct.
keyRequired
- Type: string
valueRequired
- Type: string
addConfigurationTable
public addConfigurationTable(configurationTable: IConfigurationTable): void
Add configuration table data sources and resolvers to the GraphQL API.
This method adds configuration management functionality including: - Querying configuration settings - Updating configuration parameters - Managing document schemas and extraction parameters
Example
// Add configuration table functionality after API creation
api.addConfigurationTable(myConfigurationTable);
configurationTableRequired
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
addTrackingTable
public addTrackingTable(trackingTable: ITrackingTable, inputBucket: IBucket, outputBucket: IBucket): void
Add tracking table data sources and resolvers to the GraphQL API.
This method adds all tracking table related functionality including: - Document creation and management - Document status tracking - Document listing and querying - Document metadata management - Document deletion (from tracking table and S3 buckets)
Example
// Add tracking table functionality after API creation
api.addTrackingTable(myTrackingTable, inputBucket, outputBucket);
trackingTableRequired
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
inputBucketRequired
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents are stored.
outputBucketRequired
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents are stored.
enable
public enable(feature: IApiFeature): void
Enable a feature in the ProcessingEnvironmentApi.
This is the recommended way to integrate features with the API. The feature will enable itself in the API by creating data sources and resolvers.
Example
const agentAnalytics = new AgentAnalytics(this, 'AgentAnalytics', { ... });
api.enable(agentAnalytics);
featureRequired
- Type: IApiFeature
The feature to enable in the API.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromGraphqlApiAttributes |
Import a GraphQL API through this function. |
isConstruct
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
ProcessingEnvironmentApi.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
ProcessingEnvironmentApi.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
ProcessingEnvironmentApi.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromGraphqlApiAttributes
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
ProcessingEnvironmentApi.fromGraphqlApiAttributes(scope: Construct, id: string, attrs: GraphqlApiAttributes)
Import a GraphQL API through this function.
scopeRequired
- Type: constructs.Construct
scope.
idRequired
- Type: string
id.
attrsRequired
- Type: aws-cdk-lib.aws_appsync.GraphqlApiAttributes
GraphQL API Attributes of an API.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
apiId |
string |
an unique AWS AppSync GraphQL API identifier i.e. 'lxz775lwdrgcndgz3nurvac7oa'. |
arn |
string |
the ARN of the API. |
graphQlApiRef |
aws-cdk-lib.interfaces.aws_appsync.GraphQLApiReference |
A reference to a GraphQLApi resource. |
graphQLEndpointArn |
string |
The GraphQL endpoint ARN. |
modes |
aws-cdk-lib.aws_appsync.AuthorizationType[] |
The Authorization Types for this GraphQL Api. |
visibility |
aws-cdk-lib.aws_appsync.Visibility |
the visibility of the API. |
appSyncDomainName |
string |
The AppSyncDomainName of the associated custom domain. |
graphqlUrl |
string |
the URL of the endpoint created by AppSync. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
the CloudWatch Log Group for this API. |
name |
string |
the name of the API. |
schema |
aws-cdk-lib.aws_appsync.ISchema |
the schema attached to this api (only available for GraphQL APIs, not available for merged APIs). |
apiKey |
string |
the configured API key, if present. |
uploadResolverFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that generates presigned URLs for document uploads. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
apiIdRequired
public readonly apiId: string;
- Type: string
an unique AWS AppSync GraphQL API identifier i.e. 'lxz775lwdrgcndgz3nurvac7oa'.
arnRequired
public readonly arn: string;
- Type: string
the ARN of the API.
graphQlApiRefRequired
public readonly graphQlApiRef: GraphQLApiReference;
- Type: aws-cdk-lib.interfaces.aws_appsync.GraphQLApiReference
A reference to a GraphQLApi resource.
graphQLEndpointArnRequired
public readonly graphQLEndpointArn: string;
- Type: string
The GraphQL endpoint ARN.
modesRequired
public readonly modes: AuthorizationType[];
- Type: aws-cdk-lib.aws_appsync.AuthorizationType[]
The Authorization Types for this GraphQL Api.
visibilityRequired
public readonly visibility: Visibility;
- Type: aws-cdk-lib.aws_appsync.Visibility
the visibility of the API.
appSyncDomainNameRequired
public readonly appSyncDomainName: string;
- Type: string
The AppSyncDomainName of the associated custom domain.
graphqlUrlRequired
public readonly graphqlUrl: string;
- Type: string
the URL of the endpoint created by AppSync.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
the CloudWatch Log Group for this API.
nameRequired
public readonly name: string;
- Type: string
the name of the API.
schemaRequired
public readonly schema: ISchema;
- Type: aws-cdk-lib.aws_appsync.ISchema
the schema attached to this api (only available for GraphQL APIs, not available for merged APIs).
apiKeyOptional
public readonly apiKey: string;
- Type: string
- Default: no api key
the configured API key, if present.
uploadResolverFunctionRequired
public readonly uploadResolverFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that generates presigned URLs for document uploads.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ProcessingProgressMonitor
- Implements: IProcessingProgressMonitor, IApiFeature
Processing Progress Monitor construct for Step Functions execution tracking.
Provides comprehensive execution monitoring capabilities including: - Real-time execution status tracking - Step-by-step execution history - Error details and failure diagnosis - Execution timeline visualization
This feature integrates with the ProcessingEnvironmentApi to expose Step Functions execution details through GraphQL queries, enabling the UI to display processing progress and workflow status.
Initializers
import { ProcessingProgressMonitor } from '@cdklabs/genai-idp'
new ProcessingProgressMonitor(scope: Construct, id: string, props: ProcessingProgressMonitorProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ProcessingProgressMonitorProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Processing Progress Monitor feature in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Processing Progress Monitor feature in the ProcessingEnvironmentApi.
This method integrates the execution monitoring functionality with the GraphQL API by creating the necessary data sources and resolvers. It should be called after both the API and this construct have been created.
Example: const api = new ProcessingEnvironmentApi(this, 'Api', { ... }); const progressMonitor = new ProcessingProgressMonitor(this, 'ProgressMonitor', { stateMachine: processor.stateMachine, }); api.enable(progressMonitor);
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { ProcessingProgressMonitor } from '@cdklabs/genai-idp'
ProcessingProgressMonitor.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
stateMachine |
aws-cdk-lib.aws_stepfunctions.IStateMachine |
The Step Functions state machine being monitored. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
stateMachineRequired
public readonly stateMachine: IStateMachine;
- Type: aws-cdk-lib.aws_stepfunctions.IStateMachine
The Step Functions state machine being monitored.
ReportingEnvironment
- Implements: IReportingEnvironment
A construct that creates the reporting table structure for document processing analytics.
This construct focuses on creating the Glue table schema for evaluation metrics, using provided S3 bucket and Glue database resources. It creates: - Document-level evaluation metrics table - Section-level evaluation metrics table - Attribute-level evaluation metrics table - Metering data table
All tables are properly partitioned for efficient querying with Amazon Athena.
Initializers
import { ReportingEnvironment } from '@cdklabs/genai-idp'
new ReportingEnvironment(scope: Construct, id: string, props: ReportingEnvironmentProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ReportingEnvironmentProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { ReportingEnvironment } from '@cdklabs/genai-idp'
ReportingEnvironment.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
attributeEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for attribute-level evaluation metrics. |
documentEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for document-level evaluation metrics. |
meteringTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for metering data. |
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where evaluation metrics and reporting data are stored in Parquet format. |
reportingDatabase |
@aws-cdk/aws-glue-alpha.Database |
The AWS Glue database containing tables for evaluation metrics. |
sectionEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for section-level evaluation metrics. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
attributeEvaluationsTableRequired
public readonly attributeEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for attribute-level evaluation metrics.
documentEvaluationsTableRequired
public readonly documentEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for document-level evaluation metrics.
meteringTableRequired
public readonly meteringTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for metering data.
reportingBucketRequired
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where evaluation metrics and reporting data are stored in Parquet format.
reportingDatabaseRequired
public readonly reportingDatabase: Database;
- Type: @aws-cdk/aws-glue-alpha.Database
The AWS Glue database containing tables for evaluation metrics.
sectionEvaluationsTableRequired
public readonly sectionEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for section-level evaluation metrics.
SaveReportingDataFunction
- Implements: aws-cdk-lib.aws_lambda.IFunction
A Lambda function that saves document evaluation data to the reporting bucket in Parquet format.
This function is responsible for: - Converting document processing metrics to Parquet format - Saving evaluation data to the reporting bucket with proper partitioning - Supporting document-level, section-level, and attribute-level metrics - Enabling analytics and business intelligence through structured data storage
The function is typically invoked by other Lambda functions (evaluation_function, workflow_tracker) to persist processing metrics and evaluation results for later analysis with Amazon Athena.
Initializers
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
new SaveReportingDataFunction(scope: Construct, id: string, props: SaveReportingDataFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
SaveReportingDataFunctionProps |
Configuration properties for the function. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
Configuration properties for the function.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
SessionTable
- Implements: ISessionTable
A DynamoDB table for storing chat sessions and metadata.
This table uses a composite key (userId, sessionId) to efficiently store and query chat session metadata including session configuration, titles, and timestamps. The table design supports session management with automatic cleanup through TTL attributes.
Session data stored in this table includes: - Chat session metadata and configuration - Session titles and descriptions - User associations and permissions - Session creation and update timestamps
Initializers
import { SessionTable } from '@cdklabs/genai-idp'
new SessionTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.fullAccess() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readWriteData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
The use of this method is discouraged. Please use streamGrants.stream() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use streamGrants.streamRead() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
The use of this method is discouraged. Please use streamGrants.tableListStreams() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.writeData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { SessionTable } from '@cdklabs/genai-idp'
SessionTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { SessionTable } from '@cdklabs/genai-idp'
SessionTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { SessionTable } from '@cdklabs/genai-idp'
SessionTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { SessionTable } from '@cdklabs/genai-idp'
SessionTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { SessionTable } from '@cdklabs/genai-idp'
SessionTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { SessionTable } from '@cdklabs/genai-idp'
SessionTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
TestResultsResolverFunction
Lambda function that manages test result operations.
This function handles test result retrieval, comparison, and analysis for systematic evaluation of document processing workflows. It provides both real-time status updates and detailed result analysis with metrics aggregation and caching for performance optimization.
Initializers
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
new TestResultsResolverFunction(scope: Construct, id: string, props: TestResultsResolverFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
TestResultsResolverFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { TestResultsResolverFunction } from '@cdklabs/genai-idp'
TestResultsResolverFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
TestRunnerFunction
Lambda function that executes test sets and manages test execution lifecycle.
This function handles test set creation, execution tracking, and results management for systematic testing and evaluation of document processing workflows.
Initializers
import { TestRunnerFunction } from '@cdklabs/genai-idp'
new TestRunnerFunction(scope: Construct, id: string, props: TestRunnerFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
TestRunnerFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: TestRunnerFunctionProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { TestRunnerFunction } from '@cdklabs/genai-idp'
TestRunnerFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
TestSetResolverFunction
Lambda function that manages test set operations.
This function handles test set creation, deletion, and listing operations for systematic testing and evaluation of document processing workflows. It supports both pattern-based test set creation from existing files and direct upload of test set archives.
Initializers
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
new TestSetResolverFunction(scope: Construct, id: string, props: TestSetResolverFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
TestSetResolverFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { TestSetResolverFunction } from '@cdklabs/genai-idp'
TestSetResolverFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
TestStudio
- Implements: ITestStudio, IApiFeature
Test Studio construct for test management and analysis.
Provides comprehensive test management capabilities including: - Test set creation and management - Test execution and tracking - Results comparison and analysis - RealKIE-FCC dataset deployment (optional)
Test Studio integrates with the ProcessingEnvironment to enable systematic testing and evaluation of document processing workflows.
Initializers
import { TestStudio } from '@cdklabs/genai-idp'
new TestStudio(scope: Construct, id: string, props: TestStudioProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
TestStudioProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: TestStudioProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this Test Studio feature in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Test Studio feature in the ProcessingEnvironmentApi.
This method integrates the test management functionality with the GraphQL API by creating the necessary data sources and resolvers. It should be called after both the API and this construct have been created.
Example:
const api = new ProcessingEnvironmentApi(this, 'Api', { ... });
const testStudio = new TestStudio(this, 'TestStudio', {
trackingTable: environment.trackingTable,
...
});
api.enable(testStudio);
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { TestStudio } from '@cdklabs/genai-idp'
TestStudio.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
testResultCacheUpdateQueue |
aws-cdk-lib.aws_sqs.IQueue |
SQS queue for test result cache updates. |
testResultsResolverFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for test results retrieval and analysis. |
testRunnerFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for test execution. |
testSetCopyQueue |
aws-cdk-lib.aws_sqs.IQueue |
SQS queue for test set file copying operations. |
testSetResolverFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for test set management operations. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
docSplitTestSetDeployer |
aws-cdk-lib.aws_lambda.IFunction |
Optional DocSplit test set deployer for document splitting evaluation. |
fccDatasetDeployer |
FccDatasetDeployer |
Optional FCC dataset deployer for RealKIE-FCC dataset deployment. |
ocrBenchmarkDeployer |
aws-cdk-lib.aws_lambda.IFunction |
Optional OCR benchmark deployer for OCR quality evaluation. |
testBucket |
aws-cdk-lib.aws_s3.IBucket |
S3 bucket for storing test documents and baselines. |
testTable |
ITestTable |
DynamoDB table for storing test sets and execution results. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
testResultCacheUpdateQueueRequired
public readonly testResultCacheUpdateQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
SQS queue for test result cache updates.
testResultsResolverFunctionRequired
public readonly testResultsResolverFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for test results retrieval and analysis.
testRunnerFunctionRequired
public readonly testRunnerFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for test execution.
testSetCopyQueueRequired
public readonly testSetCopyQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
SQS queue for test set file copying operations.
testSetResolverFunctionRequired
public readonly testSetResolverFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for test set management operations.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Used for test execution and results tracking.
docSplitTestSetDeployerOptional
public readonly docSplitTestSetDeployer: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Optional DocSplit test set deployer for document splitting evaluation.
fccDatasetDeployerOptional
public readonly fccDatasetDeployer: FccDatasetDeployer;
- Type: FccDatasetDeployer
Optional FCC dataset deployer for RealKIE-FCC dataset deployment.
ocrBenchmarkDeployerOptional
public readonly ocrBenchmarkDeployer: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Optional OCR benchmark deployer for OCR quality evaluation.
testBucketOptional
public readonly testBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
S3 bucket for storing test documents and baselines.
testTableOptional
public readonly testTable: ITestTable;
- Type: ITestTable
DynamoDB table for storing test sets and execution results.
TestTable
- Implements: ITestTable
A DynamoDB table for storing test sets, executions, and results.
This table uses a composite key (PK, SK) to efficiently store and query different types of test-related data including test set metadata, execution records, and result comparisons. The table design supports various access patterns needed for test management and analysis.
Test data stored in this table includes: - Test set definitions and metadata - Test execution tracking and status - Test result comparisons and analytics - Document processing evaluation metrics
Initializers
import { TestTable } from '@cdklabs/genai-idp'
new TestTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.fullAccess() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readWriteData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
The use of this method is discouraged. Please use streamGrants.stream() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use streamGrants.streamRead() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
The use of this method is discouraged. Please use streamGrants.tableListStreams() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.writeData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { TestTable } from '@cdklabs/genai-idp'
TestTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { TestTable } from '@cdklabs/genai-idp'
TestTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { TestTable } from '@cdklabs/genai-idp'
TestTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { TestTable } from '@cdklabs/genai-idp'
TestTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { TestTable } from '@cdklabs/genai-idp'
TestTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { TestTable } from '@cdklabs/genai-idp'
TestTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
TrackingTable
- Implements: ITrackingTable
A DynamoDB table for tracking document processing status and results.
This table uses a composite key (PK, SK) to efficiently store and query information about documents being processed, including their current status, processing history, and extraction results. The table design supports various access patterns needed for monitoring and reporting on document processing activities.
Initializers
import { TrackingTable } from '@cdklabs/genai-idp'
new TrackingTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.fullAccess() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readWriteData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
The use of this method is discouraged. Please use streamGrants.stream() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use streamGrants.streamRead() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
The use of this method is discouraged. Please use streamGrants.tableListStreams() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.writeData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
UserIdentity
- Implements: IUserIdentity
A construct that manages user authentication and authorization. Provides Cognito resources for user management and secure access to AWS resources.
This construct creates and configures: - A Cognito User Pool for user registration and authentication - A User Pool Client for the web application to interact with Cognito - An Identity Pool that provides temporary AWS credentials to authenticated users
The UserIdentity construct enables secure access to the document processing solution, ensuring that only authorized users can upload documents, view results, and perform administrative actions.
Initializers
import { UserIdentity } from '@cdklabs/genai-idp'
new UserIdentity(scope: Construct, id: string, props?: UserIdentityProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
UserIdentityProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsOptional
- Type: UserIdentityProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { UserIdentity } from '@cdklabs/genai-idp'
UserIdentity.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
identityPool |
aws-cdk-lib.aws_cognito_identitypool.IdentityPool |
The Cognito Identity Pool that provides temporary AWS credentials. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
The Cognito UserPool that stores user identities and credentials. |
userPoolClient |
aws-cdk-lib.aws_cognito.IUserPoolClient |
The Cognito UserPool Client used by the web application for OAuth flows. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
identityPoolRequired
public readonly identityPool: IdentityPool;
- Type: aws-cdk-lib.aws_cognito_identitypool.IdentityPool
The Cognito Identity Pool that provides temporary AWS credentials.
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
The Cognito UserPool that stores user identities and credentials.
userPoolClientRequired
public readonly userPoolClient: IUserPoolClient;
- Type: aws-cdk-lib.aws_cognito.IUserPoolClient
The Cognito UserPool Client used by the web application for OAuth flows.
UserManagement
- Implements: IUserManagement, IApiFeature
User Management construct for user administration.
Provides comprehensive user management capabilities for Cognito-enabled deployments, including:
- User account creation and deletion
- User attribute updates
- Role and permission management
- Password reset operations
- User synchronization between UserPool and IdentityPool
Important: This construct should only be used when UserIdentity is configured for the deployment. It requires both Cognito UserPool and IdentityPool to function properly. For deployments without Cognito authentication, this construct is not needed.
The UserManagement construct integrates with ProcessingEnvironmentApi to expose user management operations through GraphQL mutations and queries, enabling administrative users to manage accounts through the web interface.
Initializers
import { UserManagement } from '@cdklabs/genai-idp'
new UserManagement(scope: Construct, id: string, props: UserManagementProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
UserManagementProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: UserManagementProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
enableInApi |
Enable this User Management feature in the ProcessingEnvironmentApi. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this User Management feature in the ProcessingEnvironmentApi.
This method integrates the user management functionality with the GraphQL API by creating the necessary data sources and resolvers. It should be called after both the API and this construct have been created.
Example: const api = new ProcessingEnvironmentApi(this, 'Api', { ... }); const userManagement = new UserManagement(this, 'UserManagement', { ... }); api.enable(userManagement);
apiRequired
The ProcessingEnvironmentApi to enable in.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { UserManagement } from '@cdklabs/genai-idp'
UserManagement.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
managementFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that handles user administration operations. |
syncFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that handles user synchronization operations. |
usersTable |
IUsersTable |
DynamoDB table that stores user metadata and profile information. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
managementFunctionRequired
public readonly managementFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that handles user administration operations.
syncFunctionRequired
public readonly syncFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that handles user synchronization operations.
usersTableRequired
public readonly usersTable: IUsersTable;
- Type: IUsersTable
DynamoDB table that stores user metadata and profile information.
UserManagementFunction
Lambda function that handles user administration operations.
This function provides user management capabilities including: - Creating new user accounts - Updating user attributes - Deleting user accounts - Managing user roles and permissions - Resetting passwords
Important: This function requires a UserIdentity construct with both UserPool and IdentityPool for complete user management functionality.
Initializers
import { UserManagementFunction } from '@cdklabs/genai-idp'
new UserManagementFunction(scope: Construct, id: string, props: UserManagementFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
UserManagementFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { UserManagementFunction } from '@cdklabs/genai-idp'
UserManagementFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
UsersTable
- Implements: IUsersTable
A DynamoDB table for storing user metadata and profile information.
This table uses a single-table design pattern with: - PK: USER#{userId} - Partition key for user records - SK: USER#{userId} - Sort key (same as PK for user records) - EmailIndex: GSI on email attribute for email-based lookups
The table stores user information including: - User ID and email - Persona (Admin, Reviewer) - Status and timestamps
Initializers
import { UsersTable } from '@cdklabs/genai-idp'
new UsersTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
FixedKeyTableProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsOptional
- Type: FixedKeyTableProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.fullAccess() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.readWriteData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
The use of this method is discouraged. Please use streamGrants.stream() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use streamGrants.streamRead() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
The use of this method is discouraged. Please use streamGrants.tableListStreams() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
The use of this method is discouraged. Please use grants.writeData() instead.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { UsersTable } from '@cdklabs/genai-idp'
UsersTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { UsersTable } from '@cdklabs/genai-idp'
UsersTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { UsersTable } from '@cdklabs/genai-idp'
UsersTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { UsersTable } from '@cdklabs/genai-idp'
UsersTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { UsersTable } from '@cdklabs/genai-idp'
UsersTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { UsersTable } from '@cdklabs/genai-idp'
UsersTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
UserSyncFunction
Lambda function that handles user synchronization operations.
This function ensures consistency between Cognito UserPool and IdentityPool by synchronizing user data, roles, and permissions. It handles: - User attribute synchronization - Role and permission updates - Identity mapping between UserPool and IdentityPool - Cleanup of orphaned identities
Important: This function requires a UserIdentity construct with both UserPool and IdentityPool for complete synchronization functionality.
Initializers
import { UserSyncFunction } from '@cdklabs/genai-idp'
new UserSyncFunction(scope: Construct, id: string, props: UserSyncFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
UserSyncFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: UserSyncFunctionProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
[disable-awslint:no-grants]
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
[disable-awslint:no-grants]
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { UserSyncFunction } from '@cdklabs/genai-idp'
UserSyncFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
WebApplication
- Implements: IWebApplication
A construct that deploys and manages the web application for the document processing solution.
Creates an S3-hosted React application served through CloudFront, with CodeBuild
for automated builds and SSM parameters for runtime configuration. Features can
contribute settings and CORS rules via the enable() method.
Initializers
import { WebApplication } from '@cdklabs/genai-idp'
new WebApplication(scope: Construct, id: string, props: WebApplicationProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
WebApplicationProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: WebApplicationProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
with |
Applies one or more mixins to this construct. |
addCorsBucket |
Add a CORS rule to an S3 bucket for CloudFront access. |
addSetting |
Add a setting to the web application's SSM parameter. |
enable |
Enable a feature in the WebApplication. |
toString
public toString(): string
Returns a string representation of this construct.
with
public with(mixins: ...IMixin[]): IConstruct
Applies one or more mixins to this construct.
Mixins are applied in order. The list of constructs is captured at the
start of the call, so constructs added by a mixin will not be visited.
Use multiple with() calls if subsequent mixins should apply to added
constructs.
mixinsRequired
- Type: ...constructs.IMixin[]
The mixins to apply.
addCorsBucket
public addCorsBucket(bucket: IBucket): void
Add a CORS rule to an S3 bucket for CloudFront access.
bucketRequired
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket to configure CORS on.
addSetting
public addSetting(key: string, value: string): void
Add a setting to the web application's SSM parameter.
keyRequired
- Type: string
The setting key.
valueRequired
- Type: string
The setting value.
enable
public enable(feature: IWebAppFeature): void
Enable a feature in the WebApplication.
featureRequired
- Type: IWebAppFeature
The feature to enable.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { WebApplication } from '@cdklabs/genai-idp'
WebApplication.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
bucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where the web application assets are deployed. |
distribution |
aws-cdk-lib.aws_cloudfront.IDistribution |
The CloudFront distribution that serves the web application. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
bucketRequired
public readonly bucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where the web application assets are deployed.
distributionRequired
public readonly distribution: IDistribution;
- Type: aws-cdk-lib.aws_cloudfront.IDistribution
The CloudFront distribution that serves the web application.
Structs
AgentAnalyticsProps
Properties for configuring Agent Analytics.
Initializer
import { AgentAnalyticsProps } from '@cdklabs/genai-idp'
const agentAnalyticsProps: AgentAnalyticsProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
agentTable |
IAgentTable |
The DynamoDB table for tracking agent jobs and analytics queries. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
metricNamespace |
string |
The namespace for CloudWatch metrics. |
model |
@aws-cdk/aws-bedrock-alpha.IBedrockInvokable |
The foundation model or inference profile to use for document analysis agent. |
reportingEnvironment |
IReportingEnvironment |
Athena database for analytics queries. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
dataRetentionDays |
number |
Data retention period in days. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key for encryption. |
externalMcpAgentsSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Optional Secrets Manager secret for external MCP agents. |
guardrail |
@aws-cdk/aws-bedrock-alpha.IGuardrail |
Optional Bedrock guardrail for content filtering. |
logLevel |
LogLevel |
Log level for agent analytics functions. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
Log retention period. |
agentTableRequired
public readonly agentTable: IAgentTable;
- Type: IAgentTable
The DynamoDB table for tracking agent jobs and analytics queries.
Consumers are responsible for configuring billing mode, encryption, point-in-time recovery, and removal policy.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Used by analytics agents to access document schemas and processing parameters.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics.
modelRequired
public readonly model: IBedrockInvokable;
- Type: @aws-cdk/aws-bedrock-alpha.IBedrockInvokable
- Default: No model specified, must be provided
The foundation model or inference profile to use for document analysis agent.
reportingEnvironmentRequired
public readonly reportingEnvironment: IReportingEnvironment;
- Type: IReportingEnvironment
Athena database for analytics queries.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Used by analytics agents to query processed document data.
dataRetentionDaysOptional
public readonly dataRetentionDays: number;
- Type: number
- Default: 365
Data retention period in days.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key for encryption.
externalMcpAgentsSecretOptional
public readonly externalMcpAgentsSecret: ISecret;
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
- Default: No external MCP agents configured
Optional Secrets Manager secret for external MCP agents.
guardrailOptional
public readonly guardrail: IGuardrail;
- Type: @aws-cdk/aws-bedrock-alpha.IGuardrail
Optional Bedrock guardrail for content filtering.
When provided, enables guardrail permissions for analytics agents.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
Log level for agent analytics functions.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.ONE_WEEK
Log retention period.
AgentChatProcessorFunctionProps
Properties for the Agent Chat Processor function.
This function processes agent chat messages with streaming support, creating a conversational orchestrator with all registered agents and streaming responses in real-time via AppSync subscriptions.
Initializer
import { AgentChatProcessorFunctionProps } from '@cdklabs/genai-idp'
const agentChatProcessorFunctionProps: AgentChatProcessorFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
appsyncApiUrl |
string |
The AppSync GraphQL API URL for streaming responses. |
cloudWatchLogGroupPrefix |
string |
CloudWatch log group prefix for the stack. |
configurationTable |
IConfigurationTable |
The DynamoDB table for configuration settings. |
lookupFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function for looking up document information. |
messagesTable |
IMessagesTable |
The DynamoDB table for chat messages storage. |
sessionTable |
ISessionTable |
The DynamoDB table for chat session storage. |
stackName |
string |
The AWS Stack name for resource identification. |
trackingTable |
ITrackingTable |
The DynamoDB table for tracking document processing status. |
athenaDatabase |
string |
The Athena database for analytics queries. |
athenaOutputLocation |
string |
The S3 location for Athena query results. |
bedrockRegion |
string |
The AWS region for Bedrock API calls. |
cloudWatchLogGroups |
string |
Comma-separated list of CloudWatch log group names. |
dataRetention |
aws-cdk-lib.Duration |
Data retention period for chat messages and sessions. |
enableCodeIntelligence |
boolean |
Enable Code Intelligence agent for code-related queries. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
guardrailIdAndVersion |
string |
Optional Bedrock Guardrail ID and version. |
maxConversationTurns |
number |
Maximum number of conversation turns to keep in memory. |
maxMessageSizeKb |
number |
Maximum message size in kilobytes. |
memoryMethod |
string |
Memory method for conversation history. |
strandsLogLevel |
string |
The log level for Strands agent framework. |
streamingEnabled |
boolean |
Enable streaming responses. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
appsyncApiUrlRequired
public readonly appsyncApiUrl: string;
- Type: string
The AppSync GraphQL API URL for streaming responses.
Used to publish incremental responses via subscriptions.
cloudWatchLogGroupPrefixRequired
public readonly cloudWatchLogGroupPrefix: string;
- Type: string
CloudWatch log group prefix for the stack.
Used to identify log groups for error analysis.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table for configuration settings.
Used to retrieve document schemas and processing configurations.
lookupFunctionRequired
public readonly lookupFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function for looking up document information.
Used to retrieve document metadata and processing status.
messagesTableRequired
public readonly messagesTable: IMessagesTable;
- Type: IMessagesTable
The DynamoDB table for chat messages storage.
The function uses this table to store individual messages and conversation turns.
sessionTableRequired
public readonly sessionTable: ISessionTable;
- Type: ISessionTable
The DynamoDB table for chat session storage.
The function uses this table to manage conversation sessions.
stackNameRequired
public readonly stackName: string;
- Type: string
The AWS Stack name for resource identification.
Used to identify CloudWatch log groups and other stack resources.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table for tracking document processing status.
Used by analytics agent to query processing history and status.
athenaDatabaseOptional
public readonly athenaDatabase: string;
- Type: string
The Athena database for analytics queries.
Used by analytics agent to query processing metrics.
athenaOutputLocationOptional
public readonly athenaOutputLocation: string;
- Type: string
The S3 location for Athena query results.
Used to store intermediate query results.
bedrockRegionOptional
public readonly bedrockRegion: string;
- Type: string
- Default: Current stack region
The AWS region for Bedrock API calls.
Used to invoke Bedrock models for agent responses.
cloudWatchLogGroupsOptional
public readonly cloudWatchLogGroups: string;
- Type: string
- Default: Empty string (agent will discover log groups dynamically)
Comma-separated list of CloudWatch log group names.
Used by error analyzer agent to search logs.
dataRetentionOptional
public readonly dataRetention: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.days(30)
Data retention period for chat messages and sessions.
Controls TTL for chat messages and sessions.
enableCodeIntelligenceOptional
public readonly enableCodeIntelligence: boolean;
- Type: boolean
- Default: false
Enable Code Intelligence agent for code-related queries.
When enabled, adds specialized agent for code analysis and generation.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
guardrailIdAndVersionOptional
public readonly guardrailIdAndVersion: string;
- Type: string
Optional Bedrock Guardrail ID and version.
Format: "guardrailId:version" Used to apply content filtering to agent responses.
maxConversationTurnsOptional
public readonly maxConversationTurns: number;
- Type: number
- Default: 20
Maximum number of conversation turns to keep in memory.
Controls the sliding window for conversation history.
maxMessageSizeKbOptional
public readonly maxMessageSizeKb: number;
- Type: number
- Default: 8.5
Maximum message size in kilobytes.
Controls the size limit for individual messages.
memoryMethodOptional
public readonly memoryMethod: string;
- Type: string
- Default: "dynamodb"
Memory method for conversation history.
Determines how conversation history is stored and retrieved.
strandsLogLevelOptional
public readonly strandsLogLevel: string;
- Type: string
- Default: Same as function log level
The log level for Strands agent framework.
Controls verbosity of agent orchestration logs.
streamingEnabledOptional
public readonly streamingEnabled: boolean;
- Type: boolean
- Default: true
Enable streaming responses.
When enabled, responses are streamed incrementally via AppSync.
AgentCompanionChatProps
Properties for AgentCompanionChat construct.
Initializer
import { AgentCompanionChatProps } from '@cdklabs/genai-idp'
const agentCompanionChatProps: AgentCompanionChatProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
cloudWatchLogGroupPrefix |
string |
CloudWatch log group prefix for the stack. |
configurationTable |
IConfigurationTable |
The DynamoDB table for configuration settings. |
lookupFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function for looking up document information. |
messagesTable |
IMessagesTable |
DynamoDB table for chat messages storage. |
sessionTable |
ISessionTable |
DynamoDB table for chat session storage. |
trackingTable |
ITrackingTable |
The DynamoDB table for tracking document processing status. |
athenaDatabase |
@aws-cdk/aws-glue-alpha.IDatabase |
Optional Athena database for analytics queries. |
athenaOutputLocation |
string |
Optional S3 location for Athena query results. |
bedrockRegion |
string |
The AWS region for Bedrock API calls. |
chatDataSources |
string[] |
Optional data sources for chat context. |
cloudWatchLogGroups |
string |
Comma-separated list of CloudWatch log group names. |
dataRetention |
aws-cdk-lib.Duration |
Data retention period for chat messages and sessions. |
enableCodeIntelligence |
boolean |
Enable Code Intelligence agent for code-related queries. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting chat data. |
guardrail |
@aws-cdk/aws-bedrock-alpha.IGuardrail |
Optional Bedrock Guardrail for agent responses. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray tracing for Lambda functions. |
cloudWatchLogGroupPrefixRequired
public readonly cloudWatchLogGroupPrefix: string;
- Type: string
CloudWatch log group prefix for the stack.
Required for identifying log groups for error analysis.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table for configuration settings.
Required for agent access to document schemas and processing configurations.
lookupFunctionRequired
public readonly lookupFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function for looking up document information.
Required for retrieving document metadata and processing status.
messagesTableRequired
public readonly messagesTable: IMessagesTable;
- Type: IMessagesTable
DynamoDB table for chat messages storage.
Consumers are responsible for configuring billing mode, encryption, point-in-time recovery, and removal policy.
sessionTableRequired
public readonly sessionTable: ISessionTable;
- Type: ISessionTable
DynamoDB table for chat session storage.
Consumers are responsible for configuring billing mode, encryption, point-in-time recovery, and removal policy.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table for tracking document processing status.
Required for analytics agent to query processing history.
athenaDatabaseOptional
public readonly athenaDatabase: IDatabase;
- Type: @aws-cdk/aws-glue-alpha.IDatabase
Optional Athena database for analytics queries.
Used by analytics agent to query processing metrics.
athenaOutputLocationOptional
public readonly athenaOutputLocation: string;
- Type: string
Optional S3 location for Athena query results.
Used to store intermediate query results.
bedrockRegionOptional
public readonly bedrockRegion: string;
- Type: string
- Default: Current stack region
The AWS region for Bedrock API calls.
Used to invoke Bedrock models for agent responses.
chatDataSourcesOptional
public readonly chatDataSources: string[];
- Type: string[]
- Default: No additional data sources
Optional data sources for chat context.
Provides additional context for agent responses.
cloudWatchLogGroupsOptional
public readonly cloudWatchLogGroups: string;
- Type: string
- Default: Agent will discover log groups dynamically using the prefix
Comma-separated list of CloudWatch log group names.
Used by error analyzer agent to search logs.
dataRetentionOptional
public readonly dataRetention: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.days(30)
Data retention period for chat messages and sessions.
Controls TTL for chat messages and sessions.
enableCodeIntelligenceOptional
public readonly enableCodeIntelligence: boolean;
- Type: boolean
- Default: false
Enable Code Intelligence agent for code-related queries.
When enabled, adds specialized agent for code analysis and generation.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: AWS managed encryption
Optional KMS key for encrypting chat data.
When provided, ensures chat sessions and messages are encrypted at rest.
guardrailOptional
public readonly guardrail: IGuardrail;
- Type: @aws-cdk/aws-bedrock-alpha.IGuardrail
Optional Bedrock Guardrail for agent responses.
Used to apply content filtering to agent responses.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: lambda.Tracing.DISABLED
Enable AWS X-Ray tracing for Lambda functions.
When enabled, provides distributed tracing capabilities for debugging and performance analysis.
AgentCoreAnalyticsProcessorFunctionProps
Properties for the AgentCore Analytics Processor function.
This function provides analytics agent operations for MCP integration, implementing the search_genaiidp tool for natural language queries against the document processing system.
Initializer
import { AgentCoreAnalyticsProcessorFunctionProps } from '@cdklabs/genai-idp'
const agentCoreAnalyticsProcessorFunctionProps: AgentCoreAnalyticsProcessorFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
clientId |
string |
The Cognito client ID for OAuth 2.0 authentication. Used for MCP client authentication validation. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
The Cognito User Pool for authentication. |
athenaBucket |
aws-cdk-lib.aws_s3.IBucket |
Optional S3 bucket for Athena query results. |
athenaDatabase |
string |
Optional Athena database name for analytics queries. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
trackingTable |
ITrackingTable |
Optional DynamoDB tracking table for analytics queries. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
clientIdRequired
public readonly clientId: string;
- Type: string
The Cognito client ID for OAuth 2.0 authentication. Used for MCP client authentication validation.
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
The Cognito User Pool for authentication.
Used for validating MCP client authentication.
athenaBucketOptional
public readonly athenaBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
Optional S3 bucket for Athena query results.
When provided, enables Athena-based analytics queries.
athenaDatabaseOptional
public readonly athenaDatabase: string;
- Type: string
Optional Athena database name for analytics queries.
Used for querying processed document data through Athena.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
trackingTableOptional
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
Optional DynamoDB tracking table for analytics queries.
When provided, enables analytics queries against document processing data.
AgentCoreGatewayDeployerProps
Properties for the AgentCore Gateway Deployer construct.
Initializer
import { AgentCoreGatewayDeployerProps } from '@cdklabs/genai-idp'
const agentCoreGatewayDeployerProps: AgentCoreGatewayDeployerProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
analyticsAgentFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for analytics agent operations. |
clientId |
string |
Cognito client ID for OAuth 2.0 authentication. Used to configure the gateway's JWT authorizer. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
Cognito User Pool for OAuth 2.0 authentication. Required for authenticating MCP client applications. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the deployment function. |
supportedRegions |
string[] |
Supported AWS regions for cross-region deployment. |
analyticsAgentFunctionRequired
public readonly analyticsAgentFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for analytics agent operations.
This function will be registered as a target in the gateway.
clientIdRequired
public readonly clientId: string;
- Type: string
Cognito client ID for OAuth 2.0 authentication. Used to configure the gateway's JWT authorizer.
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
Cognito User Pool for OAuth 2.0 authentication. Required for authenticating MCP client applications.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the deployment function.
Used to encrypt/decrypt data during deployment.
supportedRegionsOptional
public readonly supportedRegions: string[];
- Type: string[]
- Default: Current region only
Supported AWS regions for cross-region deployment.
The gateway will be deployed in the current region.
AgentCoreGatewayManagerFunctionProps
Properties for the AgentCore Gateway Manager function.
This function manages AgentCore Gateway deployment and configuration, handling gateway creation, OAuth 2.0 setup, and target configuration.
Initializer
import { AgentCoreGatewayManagerFunctionProps } from '@cdklabs/genai-idp'
const agentCoreGatewayManagerFunctionProps: AgentCoreGatewayManagerFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
analyticsLambdaArn |
string |
The Lambda function ARN for analytics agent operations. |
clientId |
string |
The Cognito client ID for OAuth 2.0 authentication. Used for gateway authentication configuration. |
executionRoleArn |
string |
The execution role ARN for the gateway. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
The Cognito User Pool for authentication. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
analyticsLambdaArnRequired
public readonly analyticsLambdaArn: string;
- Type: string
The Lambda function ARN for analytics agent operations.
Used as a target for the MCP gateway.
clientIdRequired
public readonly clientId: string;
- Type: string
The Cognito client ID for OAuth 2.0 authentication. Used for gateway authentication configuration.
executionRoleArnRequired
public readonly executionRoleArn: string;
- Type: string
The execution role ARN for the gateway.
Used for gateway permissions and operations.
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
The Cognito User Pool for authentication.
Used for configuring OAuth 2.0 authentication for the gateway.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
AgentProcessorFunctionProps
Properties for the Agent Processor function.
Initializer
import { AgentProcessorFunctionProps } from '@cdklabs/genai-idp'
const agentProcessorFunctionProps: AgentProcessorFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
agentTable |
aws-cdk-lib.aws_dynamodb.ITable |
The DynamoDB table for agent job tracking. |
appSyncApiUrl |
string |
AppSync GraphQL API URL for publishing updates. |
athenaBucket |
aws-cdk-lib.aws_s3.IBucket |
S3 bucket for Athena query results. |
athenaDatabase |
@aws-cdk/aws-glue-alpha.IDatabase |
Athena database for analytics queries. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
metricNamespace |
string |
The namespace for CloudWatch metrics. |
model |
@aws-cdk/aws-bedrock-alpha.IBedrockInvokable |
The foundation model or inference profile to use for document analysis agent. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encryption. |
externalMcpAgentsSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Optional Secrets Manager secret for external MCP agents. |
guardrail |
@aws-cdk/aws-bedrock-alpha.IGuardrail |
Optional Bedrock guardrail for content filtering. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
agentTableRequired
public readonly agentTable: ITable;
- Type: aws-cdk-lib.aws_dynamodb.ITable
The DynamoDB table for agent job tracking.
appSyncApiUrlRequired
public readonly appSyncApiUrl: string;
- Type: string
AppSync GraphQL API URL for publishing updates.
athenaBucketRequired
public readonly athenaBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
S3 bucket for Athena query results.
athenaDatabaseRequired
public readonly athenaDatabase: IDatabase;
- Type: @aws-cdk/aws-glue-alpha.IDatabase
Athena database for analytics queries.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Used to access document schemas and processing parameters.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics.
modelRequired
public readonly model: IBedrockInvokable;
- Type: @aws-cdk/aws-bedrock-alpha.IBedrockInvokable
The foundation model or inference profile to use for document analysis agent.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key used for encryption.
externalMcpAgentsSecretOptional
public readonly externalMcpAgentsSecret: ISecret;
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
Optional Secrets Manager secret for external MCP agents.
guardrailOptional
public readonly guardrail: IGuardrail;
- Type: @aws-cdk/aws-bedrock-alpha.IGuardrail
Optional Bedrock guardrail for content filtering.
When provided, enables guardrail permissions for the agent processor.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
AgentRequestHandlerFunctionProps
Properties for the Agent Request Handler function.
Initializer
import { AgentRequestHandlerFunctionProps } from '@cdklabs/genai-idp'
const agentRequestHandlerFunctionProps: AgentRequestHandlerFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
agentProcessorFunction |
aws-cdk-lib.aws_lambda.IFunction |
The agent processor function to invoke for processing queries. |
agentTable |
aws-cdk-lib.aws_dynamodb.ITable |
The DynamoDB table for agent job tracking. |
metricNamespace |
string |
The namespace for CloudWatch metrics. |
dataRetentionDays |
number |
Data retention period in days. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encryption. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
agentProcessorFunctionRequired
public readonly agentProcessorFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The agent processor function to invoke for processing queries.
agentTableRequired
public readonly agentTable: ITable;
- Type: aws-cdk-lib.aws_dynamodb.ITable
The DynamoDB table for agent job tracking.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics.
dataRetentionDaysOptional
public readonly dataRetentionDays: number;
- Type: number
- Default: 30
Data retention period in days.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key used for encryption.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
CalculateCapacityFunctionProps
Properties for the Calculate Capacity function.
This function performs capacity planning calculations for Pattern 2 workflows, analyzing document processing metrics to optimize resource allocation.
Initializer
import { CalculateCapacityFunctionProps } from '@cdklabs/genai-idp'
const calculateCapacityFunctionProps: CalculateCapacityFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
configurationTable |
IConfigurationTable |
The DynamoDB table for configuration storage. |
trackingTable |
ITrackingTable |
The DynamoDB table for tracking document processing. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table for configuration storage.
The function uses this table to access configuration settings for capacity calculations.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table for tracking document processing.
The function uses this table to analyze processing metrics and patterns.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
CalculateCapacityResolverFunctionProps
Properties for the Calculate Capacity Resolver function.
This function serves as a GraphQL resolver for capacity planning operations, invoking the calculation function and returning results to the API.
Initializer
import { CalculateCapacityResolverFunctionProps } from '@cdklabs/genai-idp'
const calculateCapacityResolverFunctionProps: CalculateCapacityResolverFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
calculationFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that performs capacity calculations. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
calculationFunctionRequired
public readonly calculationFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that performs capacity calculations.
The resolver invokes this function to execute capacity planning logic.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
CapacityPlanningProps
Properties for CapacityPlanning construct.
Initializer
import { CapacityPlanningProps } from '@cdklabs/genai-idp'
const capacityPlanningProps: CapacityPlanningProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
environment |
IProcessingEnvironment |
The ProcessingEnvironment that this capacity planning construct will analyze. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for encrypting capacity planning data. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for Lambda functions. |
environmentRequired
public readonly environment: IProcessingEnvironment;
- Type: IProcessingEnvironment
The ProcessingEnvironment that this capacity planning construct will analyze.
Provides access to tracking and configuration tables for metrics analysis.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: Uses environment's encryption key if available
Optional encryption key for encrypting capacity planning data.
When provided, ensures that capacity metrics and calculations are encrypted at rest.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
- Default: No VPC configuration
Optional VPC configuration for Lambda functions.
When provided, deploys capacity planning functions within a VPC.
ChatSessionResolverFunctionProps
Properties for the Chat Session Resolver function.
This function handles GraphQL resolvers for chat session management including creating, listing, updating, and deleting chat sessions.
Initializer
import { ChatSessionResolverFunctionProps } from '@cdklabs/genai-idp'
const chatSessionResolverFunctionProps: ChatSessionResolverFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
messagesTable |
aws-cdk-lib.aws_dynamodb.ITable |
The DynamoDB table for chat messages storage. |
sessionTable |
ISessionTable |
The DynamoDB table for chat session storage. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
messagesTableRequired
public readonly messagesTable: ITable;
- Type: aws-cdk-lib.aws_dynamodb.ITable
The DynamoDB table for chat messages storage.
The function uses this table to manage conversation messages.
sessionTableRequired
public readonly sessionTable: ISessionTable;
- Type: ISessionTable
The DynamoDB table for chat session storage.
The function uses this table to manage conversation sessions and metadata.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
ChatWithDocumentProps
Properties for configuring the ChatWithDocument feature.
Initializer
import { ChatWithDocumentProps } from '@cdklabs/genai-idp'
const chatWithDocumentProps: ChatWithDocumentProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
chatModel |
@aws-cdk/aws-bedrock-alpha.IBedrockInvokable |
The invokable model for chat functionality. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
knowledgeBase |
@cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase |
The Bedrock knowledge base for document context retrieval. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents and extraction results are stored. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
guardrail |
@aws-cdk/aws-bedrock-alpha.IGuardrail |
Optional Bedrock guardrail for content filtering. |
logLevel |
LogLevel |
The log level for the chat function. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for Lambda functions. |
chatModelRequired
public readonly chatModel: IBedrockInvokable;
- Type: @aws-cdk/aws-bedrock-alpha.IBedrockInvokable
The invokable model for chat functionality.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
knowledgeBaseRequired
public readonly knowledgeBase: IKnowledgeBase;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase
The Bedrock knowledge base for document context retrieval.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents and extraction results are stored.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: AWS managed encryption
Optional KMS key for encrypting function resources.
guardrailOptional
public readonly guardrail: IGuardrail;
- Type: @aws-cdk/aws-bedrock-alpha.IGuardrail
Optional Bedrock guardrail for content filtering.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the chat function.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.ONE_WEEK
The retention period for CloudWatch logs.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for Lambda functions.
CompleteSectionReviewFunctionProps
Properties for the Complete Section Review function.
This function handles the completion of section-level reviews in the HITL workflow. It updates the tracking table with review results and triggers downstream processing.
Initializer
import { CompleteSectionReviewFunctionProps } from '@cdklabs/genai-idp'
const completeSectionReviewFunctionProps: CompleteSectionReviewFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
trackingTable |
ITrackingTable |
The DynamoDB table for tracking document processing. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table for tracking document processing.
The function uses this table to update section review status and results.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
ConfigurationDefinitionProps
Properties for creating a configuration definition.
Initializer
import { ConfigurationDefinitionProps } from '@cdklabs/genai-idp'
const configurationDefinitionProps: ConfigurationDefinitionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
configurationObject |
{[ key: string ]: any} |
The configuration object to use. |
transforms |
IConfigurationDefinitionPropertyTransform[] |
Optional transformations to apply to specific properties. |
configurationObjectRequired
public readonly configurationObject: {[ key: string ]: any};
- Type: {[ key: string ]: any}
The configuration object to use.
Contains all settings for the document processing pipeline.
transformsOptional
public readonly transforms: IConfigurationDefinitionPropertyTransform[];
Optional transformations to apply to specific properties.
Used to modify configuration values during initialization.
DeleteAgentChatSessionFunctionProps
Properties for the Delete Agent Chat Session function.
This function deletes a chat session and all its associated messages.
Initializer
import { DeleteAgentChatSessionFunctionProps } from '@cdklabs/genai-idp'
const deleteAgentChatSessionFunctionProps: DeleteAgentChatSessionFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
messagesTable |
IMessagesTable |
The DynamoDB table for chat messages storage. |
sessionTable |
ISessionTable |
The DynamoDB table for chat session storage. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
messagesTableRequired
public readonly messagesTable: IMessagesTable;
- Type: IMessagesTable
The DynamoDB table for chat messages storage.
The function deletes all messages for the session from this table.
sessionTableRequired
public readonly sessionTable: ISessionTable;
- Type: ISessionTable
The DynamoDB table for chat session storage.
The function deletes session metadata from this table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
DiscoveryProcessorFunctionProps
Properties for configuring the DiscoveryProcessorFunction.
Initializer
import { DiscoveryProcessorFunctionProps } from '@cdklabs/genai-idp'
const discoveryProcessorFunctionProps: DiscoveryProcessorFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
configurationTable |
IConfigurationTable |
The configuration table for storing discovery results. |
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for discovery document uploads. |
discoveryQueue |
aws-cdk-lib.aws_sqs.IQueue |
The discovery processing queue. |
discoveryTable |
IDiscoveryTable |
The discovery tracking table. |
api |
IProcessingEnvironmentApi |
Optional ProcessingEnvironmentApi for progress notifications. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The configuration table for storing discovery results.
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for discovery document uploads.
discoveryQueueRequired
public readonly discoveryQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The discovery processing queue.
discoveryTableRequired
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
The discovery tracking table.
apiOptional
public readonly api: IProcessingEnvironmentApi;
Optional ProcessingEnvironmentApi for progress notifications.
When provided, the function will use GraphQL mutations to update document status.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting function resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for the function.
DiscoveryQueueProps
Properties for configuring the DiscoveryQueue construct.
Initializer
import { DiscoveryQueueProps } from '@cdklabs/genai-idp'
const discoveryQueueProps: DiscoveryQueueProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
contentBasedDeduplication |
boolean |
Specifies whether to enable content-based deduplication. |
dataKeyReuse |
aws-cdk-lib.Duration |
The length of time that Amazon SQS reuses a data key before calling KMS again. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.DeadLetterQueue |
Send messages to this queue if they were unsuccessfully dequeued a number of times. |
deduplicationScope |
aws-cdk-lib.aws_sqs.DeduplicationScope |
For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. |
deliveryDelay |
aws-cdk-lib.Duration |
The time in seconds that the delivery of all messages in the queue is delayed. |
encryption |
aws-cdk-lib.aws_sqs.QueueEncryption |
Whether the contents of the queue are encrypted, and by what type of key. |
encryptionMasterKey |
aws-cdk-lib.aws_kms.IKey |
External KMS key to use for queue encryption. |
enforceSSL |
boolean |
Enforce encryption of data in transit. |
fifo |
boolean |
Whether this a first-in-first-out (FIFO) queue. |
fifoThroughputLimit |
aws-cdk-lib.aws_sqs.FifoThroughputLimit |
For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. |
maxMessageSizeBytes |
number |
The limit of how many bytes that a message can contain before Amazon SQS rejects it. |
queueName |
string |
A name for the queue. |
receiveMessageWaitTime |
aws-cdk-lib.Duration |
Default wait time for ReceiveMessage calls. |
redriveAllowPolicy |
aws-cdk-lib.aws_sqs.RedriveAllowPolicy |
The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues. |
removalPolicy |
aws-cdk-lib.RemovalPolicy |
Policy to apply when the queue is removed from the stack. |
retentionPeriod |
aws-cdk-lib.Duration |
The number of seconds that Amazon SQS retains a message. |
visibilityTimeout |
aws-cdk-lib.Duration |
Timeout of processing a single message. |
contentBasedDeduplicationOptional
public readonly contentBasedDeduplication: boolean;
- Type: boolean
- Default: false
Specifies whether to enable content-based deduplication.
During the deduplication interval (5 minutes), Amazon SQS treats messages that are sent with identical content (excluding attributes) as duplicates and delivers only one copy of the message.
If you don't enable content-based deduplication and you want to deduplicate messages, provide an explicit deduplication ID in your SendMessage() call.
(Only applies to FIFO queues.)
dataKeyReuseOptional
public readonly dataKeyReuse: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.minutes(5)
The length of time that Amazon SQS reuses a data key before calling KMS again.
The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).
deadLetterQueueOptional
public readonly deadLetterQueue: DeadLetterQueue;
- Type: aws-cdk-lib.aws_sqs.DeadLetterQueue
- Default: no dead-letter queue
Send messages to this queue if they were unsuccessfully dequeued a number of times.
deduplicationScopeOptional
public readonly deduplicationScope: DeduplicationScope;
- Type: aws-cdk-lib.aws_sqs.DeduplicationScope
- Default: DeduplicationScope.QUEUE
For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level.
(Only applies to FIFO queues.)
deliveryDelayOptional
public readonly deliveryDelay: Duration;
- Type: aws-cdk-lib.Duration
- Default: 0
The time in seconds that the delivery of all messages in the queue is delayed.
You can specify an integer value of 0 to 900 (15 minutes). The default value is 0.
encryptionOptional
public readonly encryption: QueueEncryption;
- Type: aws-cdk-lib.aws_sqs.QueueEncryption
- Default: SQS_MANAGED (SSE-SQS) for newly created queues
Whether the contents of the queue are encrypted, and by what type of key.
Be aware that encryption is not available in all regions, please see the docs for current availability details.
encryptionMasterKeyOptional
public readonly encryptionMasterKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: If encryption is set to KMS and not specified, a key will be created.
External KMS key to use for queue encryption.
Individual messages will be encrypted using data keys. The data keys in
turn will be encrypted using this key, and reused for a maximum of
dataKeyReuseSecs seconds.
If the 'encryptionMasterKey' property is set, 'encryption' type will be implicitly set to "KMS".
enforceSSLOptional
public readonly enforceSSL: boolean;
- Type: boolean
- Default: false
Enforce encryption of data in transit.
fifoOptional
public readonly fifo: boolean;
- Type: boolean
- Default: false, unless queueName ends in '.fifo' or 'contentBasedDeduplication' is true.
Whether this a first-in-first-out (FIFO) queue.
fifoThroughputLimitOptional
public readonly fifoThroughputLimit: FifoThroughputLimit;
- Type: aws-cdk-lib.aws_sqs.FifoThroughputLimit
- Default: FifoThroughputLimit.PER_QUEUE
For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group.
(Only applies to FIFO queues.)
maxMessageSizeBytesOptional
public readonly maxMessageSizeBytes: number;
- Type: number
- Default: 1MiB
The limit of how many bytes that a message can contain before Amazon SQS rejects it.
You can specify an integer value from 1024 bytes (1 KiB) to 1048576 bytes (1 MiB). The default value is 1048576 (1 MiB).
queueNameOptional
public readonly queueName: string;
- Type: string
- Default: CloudFormation-generated name
A name for the queue.
If specified and this is a FIFO queue, must end in the string '.fifo'.
receiveMessageWaitTimeOptional
public readonly receiveMessageWaitTime: Duration;
- Type: aws-cdk-lib.Duration
- Default: 0
Default wait time for ReceiveMessage calls.
Does not wait if set to 0, otherwise waits this amount of seconds by default for messages to arrive.
For more information, see Amazon SQS Long Poll.
redriveAllowPolicyOptional
public readonly redriveAllowPolicy: RedriveAllowPolicy;
- Type: aws-cdk-lib.aws_sqs.RedriveAllowPolicy
- Default: All source queues can designate this queue as their dead-letter queue.
The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues.
removalPolicyOptional
public readonly removalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.DESTROY
Policy to apply when the queue is removed from the stack.
Even though queues are technically stateful, their contents are transient and it
is common to add and remove Queues while rearchitecting your application. The
default is therefore DESTROY. Change it to RETAIN if the messages are so
valuable that accidentally losing them would be unacceptable.
retentionPeriodOptional
public readonly retentionPeriod: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.days(4)
The number of seconds that Amazon SQS retains a message.
You can specify an integer value from 60 seconds (1 minute) to 1209600 seconds (14 days). The default value is 345600 seconds (4 days).
visibilityTimeoutOptional
public readonly visibilityTimeout: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.seconds(30)
Timeout of processing a single message.
After dequeuing, the processor has this much time to handle the message and delete it from the queue before it becomes visible again for dequeueing by another processor.
Values must be from 0 to 43200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.
DiscoveryUploadResolverFunctionProps
Properties for configuring the DiscoveryUploadResolverFunction.
Initializer
import { DiscoveryUploadResolverFunctionProps } from '@cdklabs/genai-idp'
const discoveryUploadResolverFunctionProps: DiscoveryUploadResolverFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for discovery document uploads. |
discoveryQueue |
aws-cdk-lib.aws_sqs.IQueue |
The discovery processing queue. |
discoveryTable |
IDiscoveryTable |
The discovery tracking table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for discovery document uploads.
discoveryQueueRequired
public readonly discoveryQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The discovery processing queue.
discoveryTableRequired
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
The discovery tracking table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting function resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for the function.
DocSplitTestSetDeployerFunctionProps
Properties for the DocSplit Test Set Deployer function.
This function deploys the DocSplit-Poly-Seq dataset for document splitting and segmentation evaluation.
Initializer
import { DocSplitTestSetDeployerFunctionProps } from '@cdklabs/genai-idp'
const docSplitTestSetDeployerFunctionProps: DocSplitTestSetDeployerFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
testBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing test documents and baselines. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
testBucketRequired
public readonly testBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing test documents and baselines.
The function will deploy the DocSplit dataset to this bucket.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
DocumentDiscoveryFunctions
Result of initializing DocumentDiscovery functions.
Initializer
import { DocumentDiscoveryFunctions } from '@cdklabs/genai-idp'
const documentDiscoveryFunctions: DocumentDiscoveryFunctions = { ... }
Properties
| Name | Type | Description |
|---|---|---|
processorFunction |
DiscoveryProcessorFunction |
The Lambda function that processes discovery jobs. |
uploadResolverFunction |
DiscoveryUploadResolverFunction |
The Lambda function that handles discovery document uploads. |
processorFunctionRequired
public readonly processorFunction: DiscoveryProcessorFunction;
The Lambda function that processes discovery jobs.
uploadResolverFunctionRequired
public readonly uploadResolverFunction: DiscoveryUploadResolverFunction;
The Lambda function that handles discovery document uploads.
DocumentDiscoveryProps
Properties for configuring the DocumentDiscovery construct.
Initializer
import { DocumentDiscoveryProps } from '@cdklabs/genai-idp'
const documentDiscoveryProps: DocumentDiscoveryProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
configurationTable |
IConfigurationTable |
The configuration table for storing discovery results. |
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for document discovery uploads. |
discoveryTable |
IDiscoveryTable |
Optional properties for the discovery table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting resources. |
logLevel |
LogLevel |
The log level for Lambda functions. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for Lambda functions. |
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The configuration table for storing discovery results.
Used by the discovery processor to write generated configurations.
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for document discovery uploads.
discoveryTableOptional
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
Optional properties for the discovery table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for Lambda functions.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
The retention period for CloudWatch logs.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for Lambda functions.
DocumentEditingProps
Properties for configuring the DocumentEditing feature.
Initializer
import { DocumentEditingProps } from '@cdklabs/genai-idp'
const documentEditingProps: DocumentEditingProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
dataRetentionInDays |
number |
Data retention period in days for processed documents. |
documentQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue for document processing requests. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where source documents are stored. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents are stored. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status. |
workingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for working files during document processing. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for Lambda functions. |
dataRetentionInDaysRequired
public readonly dataRetentionInDays: number;
- Type: number
Data retention period in days for processed documents.
documentQueueRequired
public readonly documentQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The SQS queue for document processing requests.
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents are stored.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents are stored.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status.
workingBucketRequired
public readonly workingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for working files during document processing.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: AWS managed encryption
Optional KMS key for encrypting function resources.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.ONE_WEEK
The retention period for CloudWatch logs.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for Lambda functions.
DocumentProcessorAttachmentOptions
Options for attaching a document processor to a processing environment.
Initializer
import { DocumentProcessorAttachmentOptions } from '@cdklabs/genai-idp'
const documentProcessorAttachmentOptions: DocumentProcessorAttachmentOptions = { ... }
Properties
| Name | Type | Description |
|---|---|---|
prefix |
string |
Optional S3 key prefix to filter which uploaded documents trigger this processor. |
prefixOptional
public readonly prefix: string;
- Type: string
Optional S3 key prefix to filter which uploaded documents trigger this processor.
When specified, only objects with keys matching this prefix will be processed.
DocumentProcessorAttachmentResult
Result returned after attaching a document processor to a processing environment.
Initializer
import { DocumentProcessorAttachmentResult } from '@cdklabs/genai-idp'
const documentProcessorAttachmentResult: DocumentProcessorAttachmentResult = { ... }
DocumentProcessorProps
Properties required to configure a document processor implementation.
Document processors are responsible for extracting structured data from unstructured documents using various AI/ML services and processing patterns.
The GenAI IDP Accelerator provides multiple processor implementations to handle different document processing scenarios, from standard forms to complex specialized documents.
Initializer
import { DocumentProcessorProps } from '@cdklabs/genai-idp'
const documentProcessorProps: DocumentProcessorProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
environment |
IProcessingEnvironment |
The processing environment that provides shared infrastructure and services. |
maxProcessingConcurrency |
number |
The maximum number of documents that can be processed concurrently. |
environmentRequired
public readonly environment: IProcessingEnvironment;
- Type: IProcessingEnvironment
The processing environment that provides shared infrastructure and services.
Contains input/output buckets, tracking tables, API endpoints, and other resources needed for document processing operations.
maxProcessingConcurrencyOptional
public readonly maxProcessingConcurrency: number;
- Type: number
- Default: 100 concurrent workflows
The maximum number of documents that can be processed concurrently.
Controls the throughput and resource utilization of the document processing system.
ErrorAnalyzerFunctionProps
Properties for the Error Analyzer function.
This function provides AI-powered failure diagnosis using Claude Sonnet 4 with CloudWatch log analysis and X-Ray trace correlation capabilities.
Initializer
import { ErrorAnalyzerFunctionProps } from '@cdklabs/genai-idp'
const errorAnalyzerFunctionProps: ErrorAnalyzerFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
traceTable |
aws-cdk-lib.aws_dynamodb.ITable |
The DynamoDB table for storing trace IDs and analysis results. |
enableLogAnalysis |
boolean |
Enable CloudWatch log analysis capabilities. |
enableTraceAnalysis |
boolean |
Enable X-Ray trace analysis capabilities. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
model |
string |
Model selection for AI-powered failure diagnosis. |
systemPrompt |
string |
System prompt for error analysis. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
traceTableRequired
public readonly traceTable: ITable;
- Type: aws-cdk-lib.aws_dynamodb.ITable
The DynamoDB table for storing trace IDs and analysis results.
The function uses this table to persist trace data and correlation information.
enableLogAnalysisOptional
public readonly enableLogAnalysis: boolean;
- Type: boolean
- Default: true
Enable CloudWatch log analysis capabilities.
When enabled, provides tools for log search, filtering, and correlation.
enableTraceAnalysisOptional
public readonly enableTraceAnalysis: boolean;
- Type: boolean
- Default: true
Enable X-Ray trace analysis capabilities.
When enabled, provides tools for distributed tracing and debugging.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
modelOptional
public readonly model: string;
- Type: string
- Default: "anthropic.claude-3-5-sonnet-20241022-v2:0"
Model selection for AI-powered failure diagnosis.
Configures which foundation model to use for error analysis.
systemPromptOptional
public readonly systemPrompt: string;
- Type: string
System prompt for error analysis.
Configures the AI model's behavior and analysis approach.
ErrorAnalyzerProps
Properties for ErrorAnalyzer construct.
Initializer
import { ErrorAnalyzerProps } from '@cdklabs/genai-idp'
const errorAnalyzerProps: ErrorAnalyzerProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
enableLogAnalysis |
boolean |
Enable CloudWatch log analysis capabilities. |
enableTraceAnalysis |
boolean |
Enable X-Ray trace analysis capabilities. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting analysis data. |
model |
string |
Model selection for AI-powered failure diagnosis. |
systemPrompt |
string |
System prompt for error analysis. |
traceTable |
aws-cdk-lib.aws_dynamodb.ITable |
Optional DynamoDB table for storing trace IDs and analysis results. |
enableLogAnalysisOptional
public readonly enableLogAnalysis: boolean;
- Type: boolean
- Default: true
Enable CloudWatch log analysis capabilities.
When enabled, provides tools for log search, filtering, and correlation.
enableTraceAnalysisOptional
public readonly enableTraceAnalysis: boolean;
- Type: boolean
- Default: true
Enable X-Ray trace analysis capabilities.
When enabled, provides tools for distributed tracing and debugging.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: AWS managed encryption
Optional KMS key for encrypting analysis data.
When provided, ensures trace data and analysis results are encrypted at rest.
modelOptional
public readonly model: string;
- Type: string
- Default: "anthropic.claude-3-5-sonnet-20241022-v2:0"
Model selection for AI-powered failure diagnosis.
Configures which foundation model to use for error analysis.
systemPromptOptional
public readonly systemPrompt: string;
- Type: string
- Default: Default error analysis prompt
System prompt for error analysis.
Configures the AI model's behavior and analysis approach.
traceTableOptional
public readonly traceTable: ITable;
- Type: aws-cdk-lib.aws_dynamodb.ITable
- Default: A new table is created
Optional DynamoDB table for storing trace IDs and analysis results.
When not provided, a new table will be created.
EvaluationProps
Properties for configuring the Evaluation feature.
Initializer
import { EvaluationProps } from '@cdklabs/genai-idp'
const evaluationProps: EvaluationProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
evaluationBaselineBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing evaluation baseline documents. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents and extraction results are stored. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting evaluation data. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for Lambda functions. |
evaluationBaselineBucketRequired
public readonly evaluationBaselineBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing evaluation baseline documents.
Used for comparing extraction results against known correct values to measure accuracy and evaluate model performance.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents and extraction results are stored.
The evaluation feature reads from this bucket to copy documents to baseline.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: AWS managed encryption
Optional KMS key for encrypting evaluation data.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.ONE_WEEK
The retention period for CloudWatch logs.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for Lambda functions.
FccDatasetDeployerFunctionProps
Properties for the FCC Dataset Deployer function.
This function deploys the RealKIE-FCC-Verified dataset from HuggingFace to the test bucket during stack deployment as a custom resource.
Initializer
import { FccDatasetDeployerFunctionProps } from '@cdklabs/genai-idp'
const fccDatasetDeployerFunctionProps: FccDatasetDeployerFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
testSetBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing test documents and baselines. |
trackingTable |
ITrackingTable |
The DynamoDB table for tracking test sets. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
testSetBucketRequired
public readonly testSetBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing test documents and baselines.
The function will deploy the FCC dataset to this bucket.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table for tracking test sets.
The function will create a test set record for the deployed dataset.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
FccDatasetDeployerProps
Properties for the FCC Dataset Deployer construct.
Initializer
import { FccDatasetDeployerProps } from '@cdklabs/genai-idp'
const fccDatasetDeployerProps: FccDatasetDeployerProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
testSetBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing test documents and baselines. |
trackingTable |
ITrackingTable |
The DynamoDB table for tracking test sets. |
datasetDescription |
string |
Description of the dataset deployment. |
datasetVersion |
string |
Version of the dataset to deploy. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the deployment function. |
testSetBucketRequired
public readonly testSetBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing test documents and baselines.
The dataset will be deployed to this bucket.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table for tracking test sets.
A test set record will be created for the deployed dataset.
datasetDescriptionOptional
public readonly datasetDescription: string;
- Type: string
- Default: "RealKIE-FCC-Verified dataset from HuggingFace"
Description of the dataset deployment.
Stored in the test set metadata for reference.
datasetVersionOptional
public readonly datasetVersion: string;
- Type: string
- Default: "1.0"
Version of the dataset to deploy.
Used to track dataset versions and avoid re-deployment.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the deployment function.
Used to encrypt/decrypt data during deployment.
FixedKeyTableProps
Properties for a DynamoDB Table that has a predefined, fixed partitionKey, sortKey, and timeToLiveAttribute.
Initializer
import { FixedKeyTableProps } from '@cdklabs/genai-idp'
const fixedKeyTableProps: FixedKeyTableProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
billingMode |
aws-cdk-lib.aws_dynamodb.BillingMode |
Specify how you are charged for read and write throughput and how you manage capacity. |
contributorInsightsEnabled |
boolean |
Whether CloudWatch contributor insights is enabled. |
contributorInsightsSpecification |
aws-cdk-lib.aws_dynamodb.ContributorInsightsSpecification |
Whether CloudWatch contributor insights is enabled and what mode is selected. |
deletionProtection |
boolean |
Enables deletion protection for the table. |
encryption |
aws-cdk-lib.aws_dynamodb.TableEncryption |
Whether server-side encryption with an AWS managed customer master key is enabled. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
External KMS key to use for table encryption. |
importSource |
aws-cdk-lib.aws_dynamodb.ImportSourceSpecification |
The properties of data being imported from the S3 bucket source to the table. |
kinesisPrecisionTimestamp |
aws-cdk-lib.aws_dynamodb.ApproximateCreationDateTimePrecision |
Kinesis Data Stream approximate creation timestamp precision. |
kinesisStream |
aws-cdk-lib.aws_kinesis.IStream |
Kinesis Data Stream to capture item-level changes for the table. |
maxReadRequestUnits |
number |
The maximum read request units for the table. |
maxWriteRequestUnits |
number |
The write request units for the table. |
pointInTimeRecovery |
boolean |
Whether point-in-time recovery is enabled. |
pointInTimeRecoverySpecification |
aws-cdk-lib.aws_dynamodb.PointInTimeRecoverySpecification |
Whether point-in-time recovery is enabled and recoveryPeriodInDays is set. |
readCapacity |
number |
The read capacity for the table. Careful if you add Global Secondary Indexes, as those will share the table's provisioned throughput. |
removalPolicy |
aws-cdk-lib.RemovalPolicy |
The removal policy to apply to the DynamoDB Table. |
replicaRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
The removal policy to apply to the DynamoDB replica tables. |
replicationRegions |
string[] |
Regions where replica tables will be created. |
replicationTimeout |
aws-cdk-lib.Duration |
The timeout for a table replication operation in a single region. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to table. |
stream |
aws-cdk-lib.aws_dynamodb.StreamViewType |
When an item in the table is modified, StreamViewType determines what information is written to the stream for this table. |
tableClass |
aws-cdk-lib.aws_dynamodb.TableClass |
Specify the table class. |
tableName |
string |
Enforces a particular physical table name. |
waitForReplicationToFinish |
boolean |
[WARNING: Use this flag with caution, misusing this flag may cause deleting existing replicas, refer to the detailed documentation for more information] Indicates whether CloudFormation stack waits for replication to finish. |
warmThroughput |
aws-cdk-lib.aws_dynamodb.WarmThroughput |
Specify values to pre-warm you DynamoDB Table Warm Throughput feature is not available for Global Table replicas using the Table construct. |
writeCapacity |
number |
The write capacity for the table. Careful if you add Global Secondary Indexes, as those will share the table's provisioned throughput. |
billingModeOptional
public readonly billingMode: BillingMode;
- Type: aws-cdk-lib.aws_dynamodb.BillingMode
- Default: PROVISIONED if
replicationRegionsis not specified, PAY_PER_REQUEST otherwise
Specify how you are charged for read and write throughput and how you manage capacity.
~~contributorInsightsEnabled~~Optional
- Deprecated: use `contributorInsightsSpecification instead
public readonly contributorInsightsEnabled: boolean;
- Type: boolean
- Default: false
Whether CloudWatch contributor insights is enabled.
contributorInsightsSpecificationOptional
public readonly contributorInsightsSpecification: ContributorInsightsSpecification;
- Type: aws-cdk-lib.aws_dynamodb.ContributorInsightsSpecification
- Default: contributor insights is not enabled
Whether CloudWatch contributor insights is enabled and what mode is selected.
deletionProtectionOptional
public readonly deletionProtection: boolean;
- Type: boolean
- Default: false
Enables deletion protection for the table.
encryptionOptional
public readonly encryption: TableEncryption;
- Type: aws-cdk-lib.aws_dynamodb.TableEncryption
- Default: The table is encrypted with an encryption key managed by DynamoDB, and you are not charged any fee for using it.
Whether server-side encryption with an AWS managed customer master key is enabled.
This property cannot be set if serverSideEncryption is set.
NOTE: if you set this to
CUSTOMER_MANAGEDandencryptionKeyis not specified, the key that the Tablet generates for you will be created with default permissions. If you are using CDKv2, these permissions will be sufficient to enable the key for use with DynamoDB tables. If you are using CDKv1, make sure the feature flag@aws-cdk/aws-kms:defaultKeyPoliciesis set totruein yourcdk.json.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: If
encryptionis set toTableEncryption.CUSTOMER_MANAGEDand this property is undefined, a new KMS key will be created and associated with this table. Ifencryptionand this property are both undefined, then the table is encrypted with an encryption key managed by DynamoDB, and you are not charged any fee for using it.
External KMS key to use for table encryption.
This property can only be set if encryption is set to TableEncryption.CUSTOMER_MANAGED.
importSourceOptional
public readonly importSource: ImportSourceSpecification;
- Type: aws-cdk-lib.aws_dynamodb.ImportSourceSpecification
- Default: no data import from the S3 bucket
The properties of data being imported from the S3 bucket source to the table.
kinesisPrecisionTimestampOptional
public readonly kinesisPrecisionTimestamp: ApproximateCreationDateTimePrecision;
- Type: aws-cdk-lib.aws_dynamodb.ApproximateCreationDateTimePrecision
- Default: ApproximateCreationDateTimePrecision.MICROSECOND
Kinesis Data Stream approximate creation timestamp precision.
kinesisStreamOptional
public readonly kinesisStream: IStream;
- Type: aws-cdk-lib.aws_kinesis.IStream
- Default: no Kinesis Data Stream
Kinesis Data Stream to capture item-level changes for the table.
maxReadRequestUnitsOptional
public readonly maxReadRequestUnits: number;
- Type: number
- Default: on-demand throughput is disabled
The maximum read request units for the table.
Careful if you add Global Secondary Indexes, as those will share the table's maximum on-demand throughput.
Can only be provided if billingMode is PAY_PER_REQUEST.
maxWriteRequestUnitsOptional
public readonly maxWriteRequestUnits: number;
- Type: number
- Default: on-demand throughput is disabled
The write request units for the table.
Careful if you add Global Secondary Indexes, as those will share the table's maximum on-demand throughput.
Can only be provided if billingMode is PAY_PER_REQUEST.
~~pointInTimeRecovery~~Optional
- Deprecated: use
pointInTimeRecoverySpecificationinstead
public readonly pointInTimeRecovery: boolean;
- Type: boolean
- Default: false - point in time recovery is not enabled.
Whether point-in-time recovery is enabled.
pointInTimeRecoverySpecificationOptional
public readonly pointInTimeRecoverySpecification: PointInTimeRecoverySpecification;
- Type: aws-cdk-lib.aws_dynamodb.PointInTimeRecoverySpecification
- Default: point in time recovery is not enabled.
Whether point-in-time recovery is enabled and recoveryPeriodInDays is set.
readCapacityOptional
public readonly readCapacity: number;
- Type: number
- Default: 5
The read capacity for the table. Careful if you add Global Secondary Indexes, as those will share the table's provisioned throughput.
Can only be provided if billingMode is Provisioned.
removalPolicyOptional
public readonly removalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.RETAIN
The removal policy to apply to the DynamoDB Table.
replicaRemovalPolicyOptional
public readonly replicaRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: undefined - use DynamoDB Table's removal policy
The removal policy to apply to the DynamoDB replica tables.
replicationRegionsOptional
public readonly replicationRegions: string[];
- Type: string[]
- Default: no replica tables are created
Regions where replica tables will be created.
replicationTimeoutOptional
public readonly replicationTimeout: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.minutes(30)
The timeout for a table replication operation in a single region.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statement
Resource policy to assign to table.
streamOptional
public readonly stream: StreamViewType;
- Type: aws-cdk-lib.aws_dynamodb.StreamViewType
- Default: streams are disabled unless
replicationRegionsis specified
When an item in the table is modified, StreamViewType determines what information is written to the stream for this table.
tableClassOptional
public readonly tableClass: TableClass;
- Type: aws-cdk-lib.aws_dynamodb.TableClass
- Default: STANDARD
Specify the table class.
tableNameOptional
public readonly tableName: string;
- Type: string
- Default:
Enforces a particular physical table name.
waitForReplicationToFinishOptional
public readonly waitForReplicationToFinish: boolean;
- Type: boolean
- Default: true
[WARNING: Use this flag with caution, misusing this flag may cause deleting existing replicas, refer to the detailed documentation for more information] Indicates whether CloudFormation stack waits for replication to finish.
If set to false, the CloudFormation resource will mark the resource as created and replication will be completed asynchronously. This property is ignored if replicationRegions property is not set.
WARNING: DO NOT UNSET this property if adding/removing multiple replicationRegions in one deployment, as CloudFormation only supports one region replication at a time. CDK overcomes this limitation by waiting for replication to finish before starting new replicationRegion.
If the custom resource which handles replication has a physical resource
ID with the format region instead of tablename-region (this would happen
if the custom resource hasn't received an event since v1.91.0), DO NOT SET
this property to false without making a change to the table name.
This will cause the existing replicas to be deleted.
warmThroughputOptional
public readonly warmThroughput: WarmThroughput;
- Type: aws-cdk-lib.aws_dynamodb.WarmThroughput
- Default: warm throughput is not configured
Specify values to pre-warm you DynamoDB Table Warm Throughput feature is not available for Global Table replicas using the Table construct.
To enable Warm Throughput, use the TableV2 construct instead.
writeCapacityOptional
public readonly writeCapacity: number;
- Type: number
- Default: 5
The write capacity for the table. Careful if you add Global Secondary Indexes, as those will share the table's provisioned throughput.
Can only be provided if billingMode is Provisioned.
GetAgentChatMessagesFunctionProps
Properties for the Get Agent Chat Messages function.
This function retrieves chat messages for a given session.
Initializer
import { GetAgentChatMessagesFunctionProps } from '@cdklabs/genai-idp'
const getAgentChatMessagesFunctionProps: GetAgentChatMessagesFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
messagesTable |
IMessagesTable |
The DynamoDB table for chat messages storage. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
messagesTableRequired
public readonly messagesTable: IMessagesTable;
- Type: IMessagesTable
The DynamoDB table for chat messages storage.
The function queries this table to retrieve conversation history.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
HitlEnvironmentProps
Properties for configuring the HITL environment.
As of v0.4.16, HITL functionality is built directly into the Web UI and no longer requires SageMaker A2I infrastructure. This construct now only manages the CompleteSectionReviewFunction for completing section reviews.
Initializer
import { HitlEnvironmentProps } from '@cdklabs/genai-idp'
const hitlEnvironmentProps: HitlEnvironmentProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting HITL resources. |
logLevel |
LogLevel |
The log level for HITL functions. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for HITL functions. |
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Required for section review completion.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting HITL resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for HITL functions.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.ONE_WEEK
The retention period for CloudWatch logs.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for HITL functions.
IdpPythonFunctionOptions
Options for a Python Lambda function.
Initializer
import { IdpPythonFunctionOptions } from '@cdklabs/genai-idp'
const idpPythonFunctionOptions: IdpPythonFunctionOptions = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
KnowledgeBaseQueryProps
Properties for configuring the KnowledgeBaseQuery feature.
Initializer
import { KnowledgeBaseQueryProps } from '@cdklabs/genai-idp'
const knowledgeBaseQueryProps: KnowledgeBaseQueryProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
knowledgeBase |
@cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase |
The Amazon Bedrock knowledge base for document querying. |
knowledgeBaseModel |
@aws-cdk/aws-bedrock-alpha.IBedrockInvokable |
The invokable model to use for knowledge base queries. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
guardrail |
@aws-cdk/aws-bedrock-alpha.IGuardrail |
Optional Bedrock guardrail to apply to model interactions. |
logLevel |
LogLevel |
The log level for the query function. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for Lambda functions. |
knowledgeBaseRequired
public readonly knowledgeBase: IKnowledgeBase;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase
The Amazon Bedrock knowledge base for document querying.
Enables natural language querying of processed documents.
knowledgeBaseModelRequired
public readonly knowledgeBaseModel: IBedrockInvokable;
- Type: @aws-cdk/aws-bedrock-alpha.IBedrockInvokable
The invokable model to use for knowledge base queries.
Can be a Bedrock foundation model, inference profile, or custom model.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: AWS managed encryption
Optional KMS key for encrypting function resources.
guardrailOptional
public readonly guardrail: IGuardrail;
- Type: @aws-cdk/aws-bedrock-alpha.IGuardrail
Optional Bedrock guardrail to apply to model interactions.
Helps ensure model outputs adhere to content policies and guidelines.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the query function.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.ONE_WEEK
The retention period for CloudWatch logs.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for Lambda functions.
ListAgentChatSessionsFunctionProps
Properties for the List Agent Chat Sessions function.
This function lists all chat sessions for a given user.
Initializer
import { ListAgentChatSessionsFunctionProps } from '@cdklabs/genai-idp'
const listAgentChatSessionsFunctionProps: ListAgentChatSessionsFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
sessionTable |
ISessionTable |
The DynamoDB table for chat session storage. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
sessionTableRequired
public readonly sessionTable: ISessionTable;
- Type: ISessionTable
The DynamoDB table for chat session storage.
The function queries this table to retrieve all sessions for a user.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
ListAvailableAgentsFunctionProps
Properties for the List Available Agents function.
Initializer
import { ListAvailableAgentsFunctionProps } from '@cdklabs/genai-idp'
const listAvailableAgentsFunctionProps: ListAvailableAgentsFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
metricNamespace |
string |
The namespace for CloudWatch metrics. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encryption. |
externalMcpAgentsSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Optional Secrets Manager secret for external MCP agents. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key used for encryption.
externalMcpAgentsSecretOptional
public readonly externalMcpAgentsSecret: ISecret;
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
Optional Secrets Manager secret for external MCP agents.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
MCPIntegrationProps
Properties for MCPIntegration construct.
Initializer
import { MCPIntegrationProps } from '@cdklabs/genai-idp'
const mCPIntegrationProps: MCPIntegrationProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
Cognito User Pool for OAuth 2.0 authentication. Required for authenticating MCP client applications. |
athenaBucket |
aws-cdk-lib.aws_s3.IBucket |
Optional S3 bucket for Athena query results. |
athenaDatabase |
string |
Optional Athena database name for analytics queries. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting MCP data. |
supportedRegions |
string[] |
Supported AWS regions for cross-region MCP access. |
trackingTable |
ITrackingTable |
Optional DynamoDB tracking table for analytics queries. |
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
Cognito User Pool for OAuth 2.0 authentication. Required for authenticating MCP client applications.
athenaBucketOptional
public readonly athenaBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
Optional S3 bucket for Athena query results.
When provided, enables Athena-based analytics queries.
athenaDatabaseOptional
public readonly athenaDatabase: string;
- Type: string
Optional Athena database name for analytics queries.
Used for querying processed document data through Athena.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: No encryption key is used
Optional KMS key for encrypting MCP data.
When provided, ensures MCP communications and data are encrypted.
supportedRegionsOptional
public readonly supportedRegions: string[];
- Type: string[]
- Default: Current region only
Supported AWS regions for cross-region MCP access.
Enables MCP gateway deployment in multiple regions for global access.
trackingTableOptional
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
Optional DynamoDB tracking table for analytics queries.
When provided, enables analytics queries against document processing data.
OcrBenchmarkDeployerFunctionProps
Properties for the OCR Benchmark Deployer function.
This function deploys OCR benchmarking datasets for evaluating optical character recognition accuracy and performance.
Initializer
import { OcrBenchmarkDeployerFunctionProps } from '@cdklabs/genai-idp'
const ocrBenchmarkDeployerFunctionProps: OcrBenchmarkDeployerFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
testBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing test documents and baselines. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
testBucketRequired
public readonly testBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing test documents and baselines.
The function will deploy the OCR benchmark dataset to this bucket.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
ProcessingEnvironmentApiBaseProps
Properties for a GraphQL API that has a predefined schema.
Initializer
import { ProcessingEnvironmentApiBaseProps } from '@cdklabs/genai-idp'
const processingEnvironmentApiBaseProps: ProcessingEnvironmentApiBaseProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
authorizationConfig |
aws-cdk-lib.aws_appsync.AuthorizationConfig |
Optional authorization configuration. |
domainName |
aws-cdk-lib.aws_appsync.DomainOptions |
The domain name configuration for the GraphQL API. |
environmentVariables |
{[ key: string ]: string} |
A map containing the list of resources with their properties and environment variables. |
introspectionConfig |
aws-cdk-lib.aws_appsync.IntrospectionConfig |
A value indicating whether the API to enable (ENABLED) or disable (DISABLED) introspection. |
logConfig |
aws-cdk-lib.aws_appsync.LogConfig |
Logging configuration for this api. |
name |
string |
the name of the GraphQL API. |
ownerContact |
string |
The owner contact information for an API resource. |
queryDepthLimit |
number |
A number indicating the maximum depth resolvers should be accepted when handling queries. |
resolverCountLimit |
number |
A number indicating the maximum number of resolvers that should be accepted when handling queries. |
visibility |
aws-cdk-lib.aws_appsync.Visibility |
A value indicating whether the API is accessible from anywhere (GLOBAL) or can only be access from a VPC (PRIVATE). |
xrayEnabled |
boolean |
A flag indicating whether or not X-Ray tracing is enabled for the GraphQL API. |
authorizationConfigOptional
public readonly authorizationConfig: AuthorizationConfig;
- Type: aws-cdk-lib.aws_appsync.AuthorizationConfig
- Default: API Key authorization
Optional authorization configuration.
domainNameOptional
public readonly domainName: DomainOptions;
- Type: aws-cdk-lib.aws_appsync.DomainOptions
- Default: no domain name
The domain name configuration for the GraphQL API.
The Route 53 hosted zone and CName DNS record must be configured in addition to this setting to enable custom domain URL
environmentVariablesOptional
public readonly environmentVariables: {[ key: string ]: string};
- Type: {[ key: string ]: string}
- Default: No environment variables.
A map containing the list of resources with their properties and environment variables.
There are a few rules you must follow when creating keys and values: - Keys must begin with a letter. - Keys must be between 2 and 64 characters long. - Keys can only contain letters, numbers, and the underscore character (_). - Values can be up to 512 characters long. - You can configure up to 50 key-value pairs in a GraphQL API.
introspectionConfigOptional
public readonly introspectionConfig: IntrospectionConfig;
- Type: aws-cdk-lib.aws_appsync.IntrospectionConfig
- Default: IntrospectionConfig.ENABLED
A value indicating whether the API to enable (ENABLED) or disable (DISABLED) introspection.
logConfigOptional
public readonly logConfig: LogConfig;
- Type: aws-cdk-lib.aws_appsync.LogConfig
- Default: None
Logging configuration for this api.
nameOptional
public readonly name: string;
- Type: string
the name of the GraphQL API.
ownerContactOptional
public readonly ownerContact: string;
- Type: string
- Default: No owner contact.
The owner contact information for an API resource.
This field accepts any string input with a length of 0 - 256 characters.
queryDepthLimitOptional
public readonly queryDepthLimit: number;
- Type: number
- Default: The default value is 0 (or unspecified) which indicates no maximum depth.
A number indicating the maximum depth resolvers should be accepted when handling queries.
Value must be withing range of 0 to 75
resolverCountLimitOptional
public readonly resolverCountLimit: number;
- Type: number
- Default: The default value is 0 (or unspecified), which will set the limit to 10000
A number indicating the maximum number of resolvers that should be accepted when handling queries.
Value must be withing range of 0 to 10000
visibilityOptional
public readonly visibility: Visibility;
- Type: aws-cdk-lib.aws_appsync.Visibility
- Default: GLOBAL
A value indicating whether the API is accessible from anywhere (GLOBAL) or can only be access from a VPC (PRIVATE).
xrayEnabledOptional
public readonly xrayEnabled: boolean;
- Type: boolean
- Default: false
A flag indicating whether or not X-Ray tracing is enabled for the GraphQL API.
ProcessingEnvironmentApiProps
Properties for configuring the ProcessingEnvironmentApi construct.
Extends the base properties with additional settings specific to document processing.
Initializer
import { ProcessingEnvironmentApiProps } from '@cdklabs/genai-idp'
const processingEnvironmentApiProps: ProcessingEnvironmentApiProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
authorizationConfig |
aws-cdk-lib.aws_appsync.AuthorizationConfig |
Optional authorization configuration. |
domainName |
aws-cdk-lib.aws_appsync.DomainOptions |
The domain name configuration for the GraphQL API. |
environmentVariables |
{[ key: string ]: string} |
A map containing the list of resources with their properties and environment variables. |
introspectionConfig |
aws-cdk-lib.aws_appsync.IntrospectionConfig |
A value indicating whether the API to enable (ENABLED) or disable (DISABLED) introspection. |
logConfig |
aws-cdk-lib.aws_appsync.LogConfig |
Logging configuration for this api. |
name |
string |
the name of the GraphQL API. |
ownerContact |
string |
The owner contact information for an API resource. |
queryDepthLimit |
number |
A number indicating the maximum depth resolvers should be accepted when handling queries. |
resolverCountLimit |
number |
A number indicating the maximum number of resolvers that should be accepted when handling queries. |
visibility |
aws-cdk-lib.aws_appsync.Visibility |
A value indicating whether the API is accessible from anywhere (GLOBAL) or can only be access from a VPC (PRIVATE). |
xrayEnabled |
boolean |
A flag indicating whether or not X-Ray tracing is enabled for the GraphQL API. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where source documents to be processed are stored. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents and extraction results are stored. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key used for encrypting sensitive data in the processing environment. |
logLevel |
LogLevel |
The log level for document processing components. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs generated by document processing components. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for document processing components. |
authorizationConfigOptional
public readonly authorizationConfig: AuthorizationConfig;
- Type: aws-cdk-lib.aws_appsync.AuthorizationConfig
- Default: API Key authorization
Optional authorization configuration.
domainNameOptional
public readonly domainName: DomainOptions;
- Type: aws-cdk-lib.aws_appsync.DomainOptions
- Default: no domain name
The domain name configuration for the GraphQL API.
The Route 53 hosted zone and CName DNS record must be configured in addition to this setting to enable custom domain URL
environmentVariablesOptional
public readonly environmentVariables: {[ key: string ]: string};
- Type: {[ key: string ]: string}
- Default: No environment variables.
A map containing the list of resources with their properties and environment variables.
There are a few rules you must follow when creating keys and values: - Keys must begin with a letter. - Keys must be between 2 and 64 characters long. - Keys can only contain letters, numbers, and the underscore character (_). - Values can be up to 512 characters long. - You can configure up to 50 key-value pairs in a GraphQL API.
introspectionConfigOptional
public readonly introspectionConfig: IntrospectionConfig;
- Type: aws-cdk-lib.aws_appsync.IntrospectionConfig
- Default: IntrospectionConfig.ENABLED
A value indicating whether the API to enable (ENABLED) or disable (DISABLED) introspection.
logConfigOptional
public readonly logConfig: LogConfig;
- Type: aws-cdk-lib.aws_appsync.LogConfig
- Default: None
Logging configuration for this api.
nameOptional
public readonly name: string;
- Type: string
the name of the GraphQL API.
ownerContactOptional
public readonly ownerContact: string;
- Type: string
- Default: No owner contact.
The owner contact information for an API resource.
This field accepts any string input with a length of 0 - 256 characters.
queryDepthLimitOptional
public readonly queryDepthLimit: number;
- Type: number
- Default: The default value is 0 (or unspecified) which indicates no maximum depth.
A number indicating the maximum depth resolvers should be accepted when handling queries.
Value must be withing range of 0 to 75
resolverCountLimitOptional
public readonly resolverCountLimit: number;
- Type: number
- Default: The default value is 0 (or unspecified), which will set the limit to 10000
A number indicating the maximum number of resolvers that should be accepted when handling queries.
Value must be withing range of 0 to 10000
visibilityOptional
public readonly visibility: Visibility;
- Type: aws-cdk-lib.aws_appsync.Visibility
- Default: GLOBAL
A value indicating whether the API is accessible from anywhere (GLOBAL) or can only be access from a VPC (PRIVATE).
xrayEnabledOptional
public readonly xrayEnabled: boolean;
- Type: boolean
- Default: false
A flag indicating whether or not X-Ray tracing is enabled for the GraphQL API.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Contains document schemas, extraction parameters, and other system-wide settings.
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents to be processed are stored.
This bucket is monitored for new document uploads to trigger processing.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents and extraction results are stored.
Contains the structured data output and processing artifacts.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Stores information about documents being processed, including status and results.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key used for encrypting sensitive data in the processing environment.
When provided, ensures that document content and metadata are encrypted at rest.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for document processing components.
Controls the verbosity of logs generated during document processing.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
The retention period for CloudWatch logs generated by document processing components.
Controls how long system logs are kept for troubleshooting and auditing.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for document processing components.
When provided, deploys processing components within a VPC with specified settings.
ProcessingEnvironmentProps
Configuration properties for the Intelligent Document Processing environment.
This construct orchestrates the end-to-end document processing workflow, from document ingestion to structured data extraction and result tracking.
The processing environment provides the shared infrastructure and services that all document processor patterns use, including storage, tracking, API access, and monitoring capabilities.
Initializer
import { ProcessingEnvironmentProps } from '@cdklabs/genai-idp'
const processingEnvironmentProps: ProcessingEnvironmentProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 location where source documents to be processed are stored. |
metricNamespace |
string |
The namespace for CloudWatch metrics emitted by the document processing system. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 location where processed documents and extraction results will be stored. |
workingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket used for temporary storage during document processing. |
api |
IProcessingEnvironmentApi |
Optional ProcessingEnvironmentApi for progress notifications. |
concurrencyTable |
IConcurrencyTable |
The store that manages concurrency limits for document processing. |
configurationTable |
IConfigurationTable |
Optional DynamoDB table for storing configuration settings. |
dataTrackingRetention |
aws-cdk-lib.Duration |
The retention period for document tracking data. |
key |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encrypting resources in the document processing workflow. |
logLevel |
LogLevel |
The log level for the document processing components. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs generated by the document processing components. |
reportingEnvironment |
IReportingEnvironment |
Optional reporting environment for analytics and evaluation capabilities. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray tracing for Lambda functions in the processing environment. |
trackingTable |
ITrackingTable |
Optional document tracking table. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for document processing components. |
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 location where source documents to be processed are stored.
This bucket will be monitored for new document uploads to trigger processing.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics emitted by the document processing system.
Used to organize and identify metrics related to document processing.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 location where processed documents and extraction results will be stored.
Contains the structured data output and processing artifacts.
workingBucketRequired
public readonly workingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket used for temporary storage during document processing.
Contains intermediate processing artifacts and working files.
apiOptional
public readonly api: IProcessingEnvironmentApi;
Optional ProcessingEnvironmentApi for progress notifications.
When provided, functions will use GraphQL mutations to update document status and notify clients about processing progress.
concurrencyTableOptional
public readonly concurrencyTable: IConcurrencyTable;
- Type: IConcurrencyTable
- Default: A new ConcurrencyTable is created
The store that manages concurrency limits for document processing.
Helps prevent overloading the system with too many concurrent document processing tasks.
configurationTableOptional
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
Optional DynamoDB table for storing configuration settings.
When not provided, a new table will be created. Contains document schemas, extraction parameters, and other system-wide settings.
dataTrackingRetentionOptional
public readonly dataTrackingRetention: Duration;
- Type: aws-cdk-lib.Duration
- Default: 365 days
The retention period for document tracking data.
Controls how long document metadata and processing results are kept in the system.
keyOptional
public readonly key: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key used for encrypting resources in the document processing workflow.
Provides encryption for queues, logs, and other sensitive components.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the document processing components.
Controls the verbosity of logs generated during document processing.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: RetentionDays.ONE_WEEK
The retention period for CloudWatch logs generated by the document processing components.
Controls how long system logs are kept for troubleshooting and auditing.
reportingEnvironmentOptional
public readonly reportingEnvironment: IReportingEnvironment;
- Type: IReportingEnvironment
Optional reporting environment for analytics and evaluation capabilities.
When provided, enables storage and querying of evaluation metrics and processing analytics.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: lambda.Tracing.DISABLED
Enable AWS X-Ray tracing for Lambda functions in the processing environment.
When enabled, provides distributed tracing capabilities for debugging and performance analysis.
trackingTableOptional
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
Optional document tracking table.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for document processing components.
When provided, deploys processing components within a VPC with specified settings.
ProcessingProgressMonitorProps
Properties for ProcessingProgressMonitor construct.
Initializer
import { ProcessingProgressMonitorProps } from '@cdklabs/genai-idp'
const processingProgressMonitorProps: ProcessingProgressMonitorProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
stateMachine |
aws-cdk-lib.aws_stepfunctions.IStateMachine |
The Step Functions state machine to monitor for processing progress. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting monitoring data. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for Lambda functions. |
stateMachineRequired
public readonly stateMachine: IStateMachine;
- Type: aws-cdk-lib.aws_stepfunctions.IStateMachine
The Step Functions state machine to monitor for processing progress.
This state machine orchestrates the document processing workflow.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: AWS managed encryption
Optional KMS key for encrypting monitoring data.
When provided, ensures execution details are encrypted at rest.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.ONE_WEEK
The retention period for CloudWatch logs.
Controls how long monitoring logs are kept.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for Lambda functions.
When provided, deploys monitoring functions within a VPC.
ReportingEnvironmentProps
Initializer
import { ReportingEnvironmentProps } from '@cdklabs/genai-idp'
const reportingEnvironmentProps: ReportingEnvironmentProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where evaluation metrics and reporting data will be stored. |
reportingDatabase |
@aws-cdk/aws-glue-alpha.Database |
The AWS Glue database where reporting tables will be created. |
crawlerSchedule |
CrawlerSchedule |
The frequency for the document sections crawler to run. |
enableSplitClassificationMetrics |
boolean |
Enable document split classification metrics for page-level accuracy tracking. |
enableSticklerEvaluation |
boolean |
Enable Stickler-based evaluation for enhanced accuracy metrics. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting Glue crawler resources. |
reportingBucketRequired
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where evaluation metrics and reporting data will be stored.
The construct will create Glue tables that reference this bucket location.
reportingDatabaseRequired
public readonly reportingDatabase: Database;
- Type: @aws-cdk/aws-glue-alpha.Database
The AWS Glue database where reporting tables will be created.
The construct will create tables for document, section, attribute, and metering data.
crawlerScheduleOptional
public readonly crawlerSchedule: CrawlerSchedule;
- Type: CrawlerSchedule
- Default: CrawlerSchedule.DAILY
The frequency for the document sections crawler to run.
enableSplitClassificationMetricsOptional
public readonly enableSplitClassificationMetrics: boolean;
- Type: boolean
- Default: false
Enable document split classification metrics for page-level accuracy tracking.
When enabled, tracks classification accuracy at the page level and provides split accuracy metrics for multi-page documents. This helps identify classification issues in specific sections of documents.
enableSticklerEvaluationOptional
public readonly enableSticklerEvaluation: boolean;
- Type: boolean
- Default: true
Enable Stickler-based evaluation for enhanced accuracy metrics.
When enabled, uses the AWS Labs Stickler library for advanced evaluation with field importance weights and enhanced comparators (Levenshtein, Hungarian, etc.). This provides more sophisticated evaluation metrics beyond simple string matching.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: Uses AWS managed encryption
Optional KMS key for encrypting Glue crawler resources.
SaveReportingDataFunctionProps
Properties for configuring the SaveReportingDataFunction.
Initializer
import { SaveReportingDataFunctionProps } from '@cdklabs/genai-idp'
const saveReportingDataFunctionProps: SaveReportingDataFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
metricNamespace |
string |
The metric namespace for CloudWatch metrics. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket containing processed document outputs for reading. |
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where reporting data will be saved in Parquet format. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The metric namespace for CloudWatch metrics.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket containing processed document outputs for reading.
reportingBucketRequired
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where reporting data will be saved in Parquet format.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting function resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
TestResultsResolverFunctionProps
Properties for the Test Results Resolver function.
This function manages test result operations including retrieval, comparison, and analysis of test execution results.
Initializer
import { TestResultsResolverFunctionProps } from '@cdklabs/genai-idp'
const testResultsResolverFunctionProps: TestResultsResolverFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
trackingTable |
ITrackingTable |
The DynamoDB table for tracking test execution and results. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing evaluation reports and results. |
testResultCacheUpdateQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue for test result cache updates. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table for tracking test execution and results.
The function uses this table to retrieve test run metadata and results.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
reportingBucketOptional
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing evaluation reports and results.
Used to access detailed test result data and metrics.
testResultCacheUpdateQueueOptional
public readonly testResultCacheUpdateQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The SQS queue for test result cache updates.
Used to queue metric calculation jobs for completed test runs.
TestRunnerFunctionProps
Properties for the Test Runner function.
This function executes test sets and manages test execution lifecycle, including test set creation, execution tracking, and results management.
Initializer
import { TestRunnerFunctionProps } from '@cdklabs/genai-idp'
const testRunnerFunctionProps: TestRunnerFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
configurationTable |
IConfigurationTable |
The DynamoDB table for configuration storage. |
testBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing test documents and baselines. |
testTable |
ITestTable |
The DynamoDB table for storing test sets and execution results. |
trackingTable |
ITrackingTable |
The DynamoDB table for tracking document processing. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table for configuration storage.
Used to capture current configuration during test execution.
testBucketRequired
public readonly testBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing test documents and baselines.
The function uses this bucket to access test files and store results.
testTableRequired
public readonly testTable: ITestTable;
- Type: ITestTable
The DynamoDB table for storing test sets and execution results.
The function uses this table to manage test metadata and results.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table for tracking document processing.
Used for test execution tracking and configuration capture.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
TestSetResolverFunctionProps
Properties for the Test Set Resolver function.
This function manages test set operations including creation, deletion, and listing of test sets for systematic testing workflows.
Initializer
import { TestSetResolverFunctionProps } from '@cdklabs/genai-idp'
const testSetResolverFunctionProps: TestSetResolverFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for input documents. |
testSetBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing test documents and baselines. |
testSetCopyQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue for test set file copying operations. |
trackingTable |
ITrackingTable |
The DynamoDB table for tracking test sets and execution results. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for input documents.
Used when creating test sets from existing input files.
testSetBucketRequired
public readonly testSetBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing test documents and baselines.
The function uses this bucket to manage test set files.
testSetCopyQueueRequired
public readonly testSetCopyQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The SQS queue for test set file copying operations.
Used to queue file copying jobs for test set creation.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table for tracking test sets and execution results.
The function uses this table to manage test set metadata.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
TestStudioProps
Properties for TestStudio construct.
Initializer
import { TestStudioProps } from '@cdklabs/genai-idp'
const testStudioProps: TestStudioProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
enableDocSplitDataset |
boolean |
Enable DocSplit test set deployment. |
enableOcrBenchmark |
boolean |
Enable OCR benchmark dataset deployment. |
enableRealKieDataset |
boolean |
Enable RealKIE-FCC dataset deployment. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting test data. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
Optional S3 bucket for input documents. |
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
Optional S3 bucket for reporting data. |
testBucket |
aws-cdk-lib.aws_s3.IBucket |
Optional S3 bucket for storing test documents and baselines. |
testTable |
ITestTable |
Optional DynamoDB table for storing test sets and execution results. |
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Required for test execution and results tracking.
enableDocSplitDatasetOptional
public readonly enableDocSplitDataset: boolean;
- Type: boolean
- Default: false
Enable DocSplit test set deployment.
When enabled, automatically deploys the DocSplit dataset to the test bucket for document splitting evaluation.
enableOcrBenchmarkOptional
public readonly enableOcrBenchmark: boolean;
- Type: boolean
- Default: false
Enable OCR benchmark dataset deployment.
When enabled, automatically deploys the OCR benchmark dataset to the test bucket for OCR quality evaluation.
enableRealKieDatasetOptional
public readonly enableRealKieDataset: boolean;
- Type: boolean
- Default: false
Enable RealKIE-FCC dataset deployment.
When enabled, automatically downloads and extracts the RealKIE-FCC dataset to the test bucket for evaluation purposes.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: Server-side encryption with Amazon S3 managed keys (SSE-S3)
Optional KMS key for encrypting test data.
When provided, ensures test documents and metadata are encrypted at rest.
inputBucketOptional
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
- Default: No input bucket integration
Optional S3 bucket for input documents.
Used when creating test sets from existing input files. When not provided, test sets can only be created via direct upload.
reportingBucketOptional
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
- Default: No reporting integration
Optional S3 bucket for reporting data.
Used for detailed cost analysis and metrics aggregation.
testBucketOptional
public readonly testBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
- Default: A new bucket is created
Optional S3 bucket for storing test documents and baselines.
When not provided, a new bucket will be created.
testTableOptional
public readonly testTable: ITestTable;
- Type: ITestTable
- Default: A new table is created
Optional DynamoDB table for storing test sets and execution results.
When not provided, a new table will be created.
UserIdentityProps
Properties for configuring the UserIdentity construct.
Initializer
import { UserIdentityProps } from '@cdklabs/genai-idp'
const userIdentityProps: UserIdentityProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
identityPoolOptions |
aws-cdk-lib.aws_cognito_identitypool.IdentityPoolProps |
Configuration for the Identity Pool. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
Optional pre-existing Cognito User Pool to use for authentication. |
identityPoolOptionsOptional
public readonly identityPoolOptions: IdentityPoolProps;
- Type: aws-cdk-lib.aws_cognito_identitypool.IdentityPoolProps
Configuration for the Identity Pool.
Allows customization of the Cognito Identity Pool that provides temporary AWS credentials to authenticated users.
userPoolOptional
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
Optional pre-existing Cognito User Pool to use for authentication.
When not provided, a new User Pool will be created with standard settings.
UserManagementFunctionProps
Properties for the User Management function.
This function handles user administration operations including user creation, updates, deletion, and role management.
Initializer
import { UserManagementFunctionProps } from '@cdklabs/genai-idp'
const userManagementFunctionProps: UserManagementFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
userIdentity |
IUserIdentity |
The UserIdentity construct that provides Cognito UserPool and IdentityPool. |
usersTable |
IUsersTable |
The DynamoDB table for storing user metadata. |
adminGroup |
string |
Optional name of the admin group in Cognito UserPool. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
reviewerGroup |
string |
Optional name of the reviewer group in Cognito UserPool. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
userIdentityRequired
public readonly userIdentity: IUserIdentity;
- Type: IUserIdentity
The UserIdentity construct that provides Cognito UserPool and IdentityPool.
The function uses these resources to manage user accounts and permissions.
usersTableRequired
public readonly usersTable: IUsersTable;
- Type: IUsersTable
The DynamoDB table for storing user metadata.
This table stores additional user information beyond what's in Cognito.
adminGroupOptional
public readonly adminGroup: string;
- Type: string
- Default: "Admin"
Optional name of the admin group in Cognito UserPool.
Users in this group have administrative privileges.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
reviewerGroupOptional
public readonly reviewerGroup: string;
- Type: string
- Default: "Reviewer"
Optional name of the reviewer group in Cognito UserPool.
Users in this group have review privileges.
UserManagementProps
Properties for UserManagement construct.
Initializer
import { UserManagementProps } from '@cdklabs/genai-idp'
const userManagementProps: UserManagementProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
userIdentity |
IUserIdentity |
The UserIdentity construct that provides Cognito UserPool and IdentityPool. |
adminGroup |
string |
Optional name of the admin group in Cognito UserPool. Users in this group have administrative privileges. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for encrypting user management data. |
reviewerGroup |
string |
Optional name of the reviewer group in Cognito UserPool. Users in this group have review privileges. |
usersTable |
IUsersTable |
Optional DynamoDB table for storing user metadata. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for Lambda functions. |
userIdentityRequired
public readonly userIdentity: IUserIdentity;
- Type: IUserIdentity
The UserIdentity construct that provides Cognito UserPool and IdentityPool.
This is required as UserManagement only makes sense when Cognito authentication is enabled.
The UserIdentity provides access to both the UserPool (for user authentication) and IdentityPool (for AWS resource access), which are both needed for complete user management functionality.
adminGroupOptional
public readonly adminGroup: string;
- Type: string
- Default: "Admin"
Optional name of the admin group in Cognito UserPool. Users in this group have administrative privileges.
Note: The group must already exist in the UserPool.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: No encryption key
Optional encryption key for encrypting user management data.
When provided, ensures that user data processed by management functions is encrypted.
reviewerGroupOptional
public readonly reviewerGroup: string;
- Type: string
- Default: "Reviewer"
Optional name of the reviewer group in Cognito UserPool. Users in this group have review privileges.
Note: The group must already exist in the UserPool.
usersTableOptional
public readonly usersTable: IUsersTable;
- Type: IUsersTable
- Default: A new UsersTable is created
Optional DynamoDB table for storing user metadata.
If not provided, a new table will be created automatically.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
- Default: No VPC configuration
Optional VPC configuration for Lambda functions.
When provided, deploys user management functions within a VPC.
UserSyncFunctionProps
Properties for the User Sync function.
This function handles user synchronization operations between Cognito UserPool and IdentityPool, ensuring consistent user state.
Initializer
import { UserSyncFunctionProps } from '@cdklabs/genai-idp'
const userSyncFunctionProps: UserSyncFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.interfaces.aws_logs.ILogGroupRef |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
userIdentity |
IUserIdentity |
The UserIdentity construct that provides Cognito UserPool and IdentityPool. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional encryption key for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroupRef;
- Type: aws-cdk-lib.interfaces.aws_logs.ILogGroupRef
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
userIdentityRequired
public readonly userIdentity: IUserIdentity;
- Type: IUserIdentity
The UserIdentity construct that provides Cognito UserPool and IdentityPool.
The function uses these resources to synchronize user data and permissions.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional encryption key for the function.
Used to encrypt/decrypt data processed by the function.
ValidationResult
Result of JSON Schema validation.
Initializer
import { ValidationResult } from '@cdklabs/genai-idp'
const validationResult: ValidationResult = { ... }
Properties
| Name | Type | Description |
|---|---|---|
errors |
string[] |
Validation errors (if any). |
valid |
boolean |
Whether the configuration is valid. |
warnings |
string[] |
Validation warnings (if any). |
errorsRequired
public readonly errors: string[];
- Type: string[]
Validation errors (if any).
validRequired
public readonly valid: boolean;
- Type: boolean
Whether the configuration is valid.
warningsRequired
public readonly warnings: string[];
- Type: string[]
Validation warnings (if any).
VpcConfiguration
Configuration for VPC settings of document processing components.
Controls VPC placement, subnet selection, and security group assignments for Lambda functions and other resources in the processing environment.
Initializer
import { VpcConfiguration } from '@cdklabs/genai-idp'
const vpcConfiguration: VpcConfiguration = { ... }
Properties
| Name | Type | Description |
|---|---|---|
allowAllIpv6Outbound |
boolean |
Controls whether IPv6 outbound traffic is allowed to all destinations. |
allowAllOutbound |
boolean |
Controls whether outbound traffic is allowed to all destinations. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
Optional security groups to apply to document processing components. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
Optional VPC where document processing components will be deployed. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Optional subnet selection for VPC-deployed resources. |
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
Controls whether IPv6 outbound traffic is allowed to all destinations.
When true, allows document processing components to access external resources via IPv6.
allowAllOutboundOptional
public readonly allowAllOutbound: boolean;
- Type: boolean
Controls whether outbound traffic is allowed to all destinations.
When true, allows document processing components to access external resources.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
Optional security groups to apply to document processing components.
Controls network access and security rules for VPC-deployed resources.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
Optional VPC where document processing components will be deployed.
When provided, Lambda functions and other resources will be deployed within this VPC.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
Optional subnet selection for VPC-deployed resources.
Determines which subnets within the VPC will host document processing components.
WebApplicationProps
Properties for configuring the WebApplication construct.
Defines the infrastructure and integrations needed to build and deploy the web UI for the document processing solution.
Initializer
import { WebApplicationProps } from '@cdklabs/genai-idp'
const webApplicationProps: WebApplicationProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
apiUrl |
string |
The GraphQL API URL for the processing environment. |
environment |
IProcessingEnvironment |
The processing environment that provides shared infrastructure and services. |
userIdentity |
IUserIdentity |
The user identity management system that handles authentication and authorization for the web application. |
autoConfigure |
boolean |
Whether to automatically configure CORS rules on S3 buckets for CloudFront access. |
distribution |
aws-cdk-lib.aws_cloudfront.IDistribution |
Optional pre-existing CloudFront distribution to use for the web application. |
loggingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 Bucket used for storing CloudFront and S3 access logs. |
shouldAllowSignUpEmailDomain |
boolean |
Controls whether the UI allows users to sign up with any email domain. |
webAppBucket |
aws-cdk-lib.aws_s3.IBucket |
Optional pre-existing S3 bucket to use for the web application. |
apiUrlRequired
public readonly apiUrl: string;
- Type: string
The GraphQL API URL for the processing environment.
This allows for flexible URL configuration including custom domains, cross-stack references, or external API endpoints.
Example
// Using a CDK-generated API URL
apiUrl: myApi.graphqlUrl
// Using a custom domain
apiUrl: 'https://api.mydomain.com/graphql'
// Using a cross-stack reference
apiUrl: 'https://abc123.appsync-api.us-east-1.amazonaws.com/graphql'
environmentRequired
public readonly environment: IProcessingEnvironment;
- Type: IProcessingEnvironment
The processing environment that provides shared infrastructure and services.
Contains input/output buckets, tracking tables, API endpoints, and other resources needed for document processing operations.
userIdentityRequired
public readonly userIdentity: IUserIdentity;
- Type: IUserIdentity
The user identity management system that handles authentication and authorization for the web application.
Provides Cognito resources for user management and secure access to AWS resources.
autoConfigureOptional
public readonly autoConfigure: boolean;
- Type: boolean
- Default: true
Whether to automatically configure CORS rules on S3 buckets for CloudFront access.
When true, the library will configure CORS rules on the input, output, and discovery buckets to allow access from the CloudFront distribution domain.
When false, users are responsible for configuring CORS rules themselves. This is useful when users have existing CORS policies or need custom CORS configurations.
distributionOptional
public readonly distribution: IDistribution;
- Type: aws-cdk-lib.aws_cloudfront.IDistribution
- Default: A new distribution is created with best-practice defaults
Optional pre-existing CloudFront distribution to use for the web application.
When not provided, a default distribution will be created with sensible defaults that work well for most use cases.
loggingBucketOptional
public readonly loggingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 Bucket used for storing CloudFront and S3 access logs.
Helps with security auditing and troubleshooting.
shouldAllowSignUpEmailDomainOptional
public readonly shouldAllowSignUpEmailDomain: boolean;
- Type: boolean
- Default: false
Controls whether the UI allows users to sign up with any email domain.
When true, enables self-service registration for all users. When false, sign-up functionality is restricted and must be managed by administrators.
webAppBucketOptional
public readonly webAppBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
Optional pre-existing S3 bucket to use for the web application.
When not provided, a new bucket will be created.
Classes
ConfigurationDefinition
- Implements: IConfigurationDefinition
A configuration definition for document processing. Manages configuration data and provides methods to access it.
Supports both legacy format and JSON Schema format with automatic validation. The configuration format is automatically detected and validated during construction.
Initializers
import { ConfigurationDefinition } from '@cdklabs/genai-idp'
new ConfigurationDefinition(props: ConfigurationDefinitionProps)
| Name | Type | Description |
|---|---|---|
props |
ConfigurationDefinitionProps |
Properties for the configuration definition. |
propsRequired
Properties for the configuration definition.
Methods
| Name | Description |
|---|---|
isJsonSchemaFormat |
Checks if the configuration is in JSON Schema format. |
isLegacyFormat |
Checks if the configuration is in legacy format. |
raw |
Gets the raw configuration object. |
validate |
Validates the configuration. |
isJsonSchemaFormat
public isJsonSchemaFormat(): boolean
Checks if the configuration is in JSON Schema format.
isLegacyFormat
public isLegacyFormat(): boolean
Checks if the configuration is in legacy format.
raw
public raw(): {[ key: string ]: any}
Gets the raw configuration object.
validate
public validate(): ValidationResult
Validates the configuration.
Automatically detects format (legacy or JSON Schema) and validates accordingly. Supports both legacy format and JSON Schema format with x-aws-idp-* extensions.
ConfigurationDefinitionLoader
Utility class for loading configuration definitions from files.
Provides methods to parse YAML configuration files into JavaScript objects.
Initializers
import { ConfigurationDefinitionLoader } from '@cdklabs/genai-idp'
new ConfigurationDefinitionLoader()
| Name | Type | Description |
|---|---|---|
Static Functions
| Name | Description |
|---|---|
fromFile |
Loads and parses a YAML configuration file. |
fromFile
import { ConfigurationDefinitionLoader } from '@cdklabs/genai-idp'
ConfigurationDefinitionLoader.fromFile(filePath: string)
Loads and parses a YAML configuration file.
filePathRequired
- Type: string
Path to the YAML configuration file.
IdpPythonLayerVersion
A singleton class that provides a Python Lambda Layer with the idp_common package.
Initializers
import { IdpPythonLayerVersion } from '@cdklabs/genai-idp'
new IdpPythonLayerVersion()
| Name | Type | Description |
|---|---|---|
Static Functions
| Name | Description |
|---|---|
getOrCreate |
Gets or creates a singleton instance of the IdpPythonLayerVersion. |
getOrCreate
import { IdpPythonLayerVersion } from '@cdklabs/genai-idp'
IdpPythonLayerVersion.getOrCreate(scope: Construct, modules: ...string[])
Gets or creates a singleton instance of the IdpPythonLayerVersion.
scopeRequired
- Type: constructs.Construct
The construct scope where the layer should be created if it doesn't exist.
modulesRequired
- Type: ...string[]
The modules to install (using TypeScript spread operator).
Protocols
IAgentAnalytics
-
Extends: constructs.IConstruct
-
Implemented By: AgentAnalytics, IAgentAnalytics
Interface for Agent Analytics implementations.
Provides AI-powered analytics capabilities for natural language querying of processed document data.
Methods
| Name | Description |
|---|---|
enableInApi |
Enable this Agent Analytics feature in a ProcessingEnvironmentApi. |
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this Agent Analytics feature in a ProcessingEnvironmentApi.
apiRequired
The ProcessingEnvironmentApi to enable in.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
agentProcessor |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that processes agent queries using Bedrock AgentCore. |
agentRequestHandler |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that handles agent query requests from the UI. |
agentTable |
IAgentTable |
The DynamoDB table for tracking agent jobs and analytics queries. |
listAvailableAgents |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that lists available analytics agents. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
agentProcessorRequired
public readonly agentProcessor: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that processes agent queries using Bedrock AgentCore.
agentRequestHandlerRequired
public readonly agentRequestHandler: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that handles agent query requests from the UI.
agentTableRequired
public readonly agentTable: IAgentTable;
- Type: IAgentTable
The DynamoDB table for tracking agent jobs and analytics queries.
listAvailableAgentsRequired
public readonly listAvailableAgents: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that lists available analytics agents.
IAgentCompanionChat
-
Extends: constructs.IConstruct
-
Implemented By: AgentCompanionChat, IAgentCompanionChat
Interface for Agent Companion Chat construct.
Provides interactive AI assistant with multi-agent orchestration. Enables session-based chat with real-time streaming through AppSync.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
messagesTable |
IMessagesTable |
DynamoDB table for chat messages storage. |
orchestratorFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for agent orchestration. |
sessionTable |
ISessionTable |
DynamoDB table for chat session storage. |
chatDataSources |
string[] |
Optional data sources for chat context. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
messagesTableRequired
public readonly messagesTable: IMessagesTable;
- Type: IMessagesTable
DynamoDB table for chat messages storage.
orchestratorFunctionRequired
public readonly orchestratorFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for agent orchestration.
sessionTableRequired
public readonly sessionTable: ISessionTable;
- Type: ISessionTable
DynamoDB table for chat session storage.
chatDataSourcesOptional
public readonly chatDataSources: string[];
- Type: string[]
Optional data sources for chat context.
IAgentTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: AgentTable, IAgentTable
Interface for Agent Table implementations.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IApiFeature
- Implemented By: AgentAnalytics, AgentCompanionChat, CapacityPlanning, ChatWithDocument, DocumentDiscovery, DocumentEditing, ErrorAnalyzer, Evaluation, HitlEnvironment, KnowledgeBaseQuery, ProcessingProgressMonitor, TestStudio, UserManagement, IApiFeature
Interface for features that can be enabled in the ProcessingEnvironmentApi.
This interface enables a plugin architecture where features encapsulate their own integration logic rather than having the API manage all feature integrations. Features implementing this interface can create their own data sources and resolvers by calling helper methods on the API.
Example: class MyFeature extends Construct implements IApiFeature { public enableInApi(api: IProcessingEnvironmentApi): void { const dataSource = api.addLambdaDataSource('MyFeatureDataSource', this.myFunction); dataSource.createResolver('MyFeatureResolver', { typeName: 'Query', fieldName: 'myFeature', }); } }
Methods
| Name | Description |
|---|---|
enableInApi |
Enable this feature in the ProcessingEnvironmentApi. |
enableInApi
public enableInApi(api: IProcessingEnvironmentApi): void
Enable this feature in the ProcessingEnvironmentApi.
Typically adds GraphQL resolvers, data sources, and Lambda functions. This method is called by the feature to integrate itself with the API.
apiRequired
The ProcessingEnvironmentApi to enable in.
ICapacityPlanning
-
Extends: constructs.IConstruct
-
Implemented By: CapacityPlanning, ICapacityPlanning
Interface for Capacity Planning construct.
Provides capacity planning and optimization capabilities for Pattern 2 workflows. Analyzes document processing metrics to provide resource allocation recommendations.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
calculationFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that performs capacity planning calculations. |
resolverFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that serves as GraphQL resolver for capacity planning operations. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
calculationFunctionRequired
public readonly calculationFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that performs capacity planning calculations.
Analyzes processing metrics to optimize resource allocation.
resolverFunctionRequired
public readonly resolverFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that serves as GraphQL resolver for capacity planning operations.
Handles API requests and invokes the calculation function.
IChatWithDocument
-
Extends: constructs.IConstruct
-
Implemented By: ChatWithDocument, IChatWithDocument
Interface for the Chat with Document feature.
Provides natural language conversation capabilities about a specific processed document by combining document context from the knowledge base with conversational AI.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
IConcurrencyTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: ConcurrencyTable, IConcurrencyTable
Interface for the concurrency management table.
This table is used to track and limit concurrent document processing tasks, preventing resource exhaustion and ensuring system stability under load.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IConfigurationDefinition
- Implemented By: ConfigurationDefinition, IConfigurationDefinition
Interface for configuration definitions.
Provides methods to access configuration data.
Methods
| Name | Description |
|---|---|
isJsonSchemaFormat |
Checks if the configuration is in JSON Schema format. |
isLegacyFormat |
Checks if the configuration is in legacy format. |
raw |
Gets the raw configuration object. |
validate |
Validates the configuration. |
isJsonSchemaFormat
public isJsonSchemaFormat(): boolean
Checks if the configuration is in JSON Schema format.
isLegacyFormat
public isLegacyFormat(): boolean
Checks if the configuration is in legacy format.
raw
public raw(): {[ key: string ]: any}
Gets the raw configuration object.
validate
public validate(): ValidationResult
Validates the configuration.
Automatically detects format (legacy or JSON Schema) and validates accordingly. Supports both legacy format and JSON Schema format with x-aws-idp-* extensions.
IConfigurationDefinitionPropertyTransform
- Implemented By: IConfigurationDefinitionPropertyTransform
Defines a transformation to apply to a specific property in the configuration.
Used to modify configuration values during initialization.
Methods
| Name | Description |
|---|---|
transform |
Function to transform the property value. |
transform
public transform(value: any): any
Function to transform the property value.
valueRequired
- Type: any
The original property value.
Properties
| Name | Type | Description |
|---|---|---|
flatPath |
string |
Dot-notation path to the property to transform (e.g., "extraction.model"). |
flatPathRequired
public readonly flatPath: string;
- Type: string
Dot-notation path to the property to transform (e.g., "extraction.model").
IConfigurationTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: ConfigurationTable, IConfigurationTable
Interface for the configuration management table.
This table stores system-wide configuration settings for the document processing solution, including extraction schemas, model parameters, evaluation criteria, and UI settings.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IDiscoveryQueue
-
Extends: aws-cdk-lib.aws_sqs.IQueue
-
Implemented By: DiscoveryQueue, IDiscoveryQueue
Interface for the discovery processing queue.
This queue handles async processing of discovery jobs.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
queueRef |
aws-cdk-lib.interfaces.aws_sqs.QueueReference |
A reference to a Queue resource. |
fifo |
boolean |
Whether this queue is an Amazon SQS FIFO queue. |
queueArn |
string |
The ARN of this queue. |
queueName |
string |
The name of this queue. |
queueUrl |
string |
The URL of this queue. |
encryptionMasterKey |
aws-cdk-lib.aws_kms.IKey |
If this queue is server-side encrypted, this is the KMS encryption key. |
encryptionType |
aws-cdk-lib.aws_sqs.QueueEncryption |
Whether the contents of the queue are encrypted, and by what type of key. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
queueRefRequired
public readonly queueRef: QueueReference;
- Type: aws-cdk-lib.interfaces.aws_sqs.QueueReference
A reference to a Queue resource.
fifoRequired
public readonly fifo: boolean;
- Type: boolean
Whether this queue is an Amazon SQS FIFO queue.
If false, this is a standard queue.
queueArnRequired
public readonly queueArn: string;
- Type: string
The ARN of this queue.
queueNameRequired
public readonly queueName: string;
- Type: string
The name of this queue.
queueUrlRequired
public readonly queueUrl: string;
- Type: string
The URL of this queue.
encryptionMasterKeyOptional
public readonly encryptionMasterKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
If this queue is server-side encrypted, this is the KMS encryption key.
encryptionTypeOptional
public readonly encryptionType: QueueEncryption;
- Type: aws-cdk-lib.aws_sqs.QueueEncryption
Whether the contents of the queue are encrypted, and by what type of key.
IDiscoveryTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: DiscoveryTable, IDiscoveryTable
Interface for the discovery tracking table.
This table tracks discovery job status and metadata.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IDocumentDiscovery
- Implemented By: DocumentDiscovery, IDocumentDiscovery
Interface for the document discovery system.
Provides document analysis capabilities for automated configuration generation.
Properties
| Name | Type | Description |
|---|---|---|
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for document discovery uploads. |
discoveryQueue |
IDiscoveryQueue |
The SQS queue for processing discovery jobs asynchronously. |
discoveryTable |
IDiscoveryTable |
The DynamoDB table that tracks discovery job status and metadata. |
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for document discovery uploads.
discoveryQueueRequired
public readonly discoveryQueue: IDiscoveryQueue;
- Type: IDiscoveryQueue
The SQS queue for processing discovery jobs asynchronously.
discoveryTableRequired
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
The DynamoDB table that tracks discovery job status and metadata.
IDocumentEditing
-
Extends: constructs.IConstruct
-
Implemented By: DocumentEditing, IDocumentEditing
Interface for the Document Editing feature.
Provides document section editing and change processing capabilities, allowing users to modify document sections and trigger reprocessing.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
IDocumentProcessor
-
Extends: constructs.IConstruct
-
Implemented By: IDocumentProcessor
Interface for document processor implementations.
Document processors handle the extraction of structured data from documents using different processing patterns and AI/ML services.
The GenAI IDP Accelerator includes multiple processor implementations: - Pattern 1: Uses Amazon Bedrock Data Automation for document processing with minimal custom code - Pattern 2: Implements custom extraction using Amazon Bedrock foundation models for flexible processing - Pattern 3: Provides specialized document processing using SageMaker endpoints for custom classification models
Each pattern is optimized for different document types, complexity levels, and customization needs.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
environment |
IProcessingEnvironment |
The processing environment that provides shared infrastructure and services. |
maxProcessingConcurrency |
number |
The maximum number of documents that can be processed concurrently. |
stateMachine |
aws-cdk-lib.aws_stepfunctions.IStateMachine |
The Step Functions state machine that orchestrates the document processing workflow. |
evaluationFunction |
any |
The evaluation function if evaluation is enabled for this processor. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
environmentRequired
public readonly environment: IProcessingEnvironment;
- Type: IProcessingEnvironment
The processing environment that provides shared infrastructure and services.
Contains input/output buckets, tracking tables, API endpoints, and other resources needed for document processing operations.
maxProcessingConcurrencyRequired
public readonly maxProcessingConcurrency: number;
- Type: number
The maximum number of documents that can be processed concurrently.
Controls the throughput and resource utilization of the document processing system.
stateMachineRequired
public readonly stateMachine: IStateMachine;
- Type: aws-cdk-lib.aws_stepfunctions.IStateMachine
The Step Functions state machine that orchestrates the document processing workflow.
Manages the sequence of processing steps and handles error conditions. This state machine is triggered for each document that needs processing and coordinates the entire extraction pipeline.
evaluationFunctionOptional
public readonly evaluationFunction: any;
- Type: any
The evaluation function if evaluation is enabled for this processor.
The evaluation function is created by the ProcessingEnvironment when evaluation baseline bucket and model are provided.
IErrorAnalyzer
-
Extends: constructs.IConstruct
-
Implemented By: ErrorAnalyzer, IErrorAnalyzer
Interface for Error Analyzer construct.
Provides AI-powered failure diagnosis capabilities for document processing workflows. Enables intelligent troubleshooting using Claude Sonnet 4 with CloudWatch log analysis and X-Ray trace correlation.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
analyzerFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for AI-powered error analysis. |
traceTable |
aws-cdk-lib.aws_dynamodb.ITable |
Optional DynamoDB table for storing trace IDs and analysis results. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
analyzerFunctionRequired
public readonly analyzerFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for AI-powered error analysis.
traceTableOptional
public readonly traceTable: ITable;
- Type: aws-cdk-lib.aws_dynamodb.ITable
Optional DynamoDB table for storing trace IDs and analysis results.
IEvaluation
-
Extends: constructs.IConstruct
-
Implemented By: Evaluation, IEvaluation
Interface for the Evaluation feature.
Provides evaluation and baseline management capabilities for document processing. Enables copying processed documents to a baseline bucket for accuracy evaluation and model performance measurement.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
evaluationBaselineBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for storing evaluation baseline documents. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
evaluationBaselineBucketRequired
public readonly evaluationBaselineBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing evaluation baseline documents.
IHitlEnvironment
-
Extends: constructs.IConstruct
-
Implemented By: HitlEnvironment, IHitlEnvironment
Interface for the HITL environment.
As of v0.4.16, HITL functionality is built directly into the Web UI and no longer requires SageMaker A2I infrastructure.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
completeSectionReviewFunction |
CompleteSectionReviewFunction |
The Lambda function for completing section reviews. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
completeSectionReviewFunctionRequired
public readonly completeSectionReviewFunction: CompleteSectionReviewFunction;
The Lambda function for completing section reviews.
IKnowledgeBaseQuery
-
Extends: constructs.IConstruct
-
Implemented By: KnowledgeBaseQuery, IKnowledgeBaseQuery
Interface for the Knowledge Base Query feature.
Provides natural language querying capabilities for processed documents using Amazon Bedrock knowledge base.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
knowledgeBase |
@cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase |
The Amazon Bedrock knowledge base for document querying. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
knowledgeBaseRequired
public readonly knowledgeBase: IKnowledgeBase;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase
The Amazon Bedrock knowledge base for document querying.
IMCPIntegration
-
Extends: constructs.IConstruct
-
Implemented By: MCPIntegration, IMCPIntegration
Interface for MCP Integration construct.
Enables external application access through Model Context Protocol. Provides AgentCore Gateway deployment with OAuth 2.0 authentication.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
analyticsAgentFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for analytics agent operations. |
clientId |
string |
Cognito client ID for OAuth 2.0 authentication. |
gatewayEndpoint |
string |
AgentCore Gateway endpoint for MCP access. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
analyticsAgentFunctionRequired
public readonly analyticsAgentFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for analytics agent operations.
clientIdRequired
public readonly clientId: string;
- Type: string
Cognito client ID for OAuth 2.0 authentication.
gatewayEndpointRequired
public readonly gatewayEndpoint: string;
- Type: string
AgentCore Gateway endpoint for MCP access.
IMessagesTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: MessagesTable, IMessagesTable
Interface for the chat messages table.
This table stores individual chat messages and conversation history for Agent Companion Chat.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IProcessingEnvironment
- Implemented By: ProcessingEnvironment, IProcessingEnvironment
Interface for the core document processing environment.
Provides shared infrastructure for document ingestion, processing, and result tracking.
Methods
| Name | Description |
|---|---|
attach |
Attaches a document processor to this processing environment. |
attach
public attach(processor: IDocumentProcessor, options?: DocumentProcessorAttachmentOptions): DocumentProcessorAttachmentResult
Attaches a document processor to this processing environment.
Sets up the necessary event triggers, permissions, and integrations to enable the processor to work with this environment.
processorRequired
- Type: IDocumentProcessor
The document processor to attach to this environment.
optionsOptional
Optional configuration for the attachment.
Properties
| Name | Type | Description |
|---|---|---|
configurationFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that updates configuration settings. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where source documents to be processed are stored. |
logLevel |
LogLevel |
The log level for document processing components. |
lookupFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that looks up document information from the tracking table. |
metricNamespace |
string |
The namespace for CloudWatch metrics emitted by the document processing system. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents and extraction results are stored. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
workingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket used for temporary storage during document processing. |
api |
IProcessingEnvironmentApi |
Optional ProcessingEnvironmentApi for progress notifications. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key used for encrypting sensitive data in the processing environment. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs generated by document processing components. |
reportingEnvironment |
IReportingEnvironment |
Optional reporting environment for analytics and evaluation capabilities. |
saveReportingDataFunction |
aws-cdk-lib.aws_lambda.IFunction |
Optional Lambda function that saves reporting data to the reporting bucket. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray tracing for Lambda functions in the processing environment. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for document processing components. |
configurationFunctionRequired
public readonly configurationFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that updates configuration settings.
Used to initialize and update configuration during deployment and runtime.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Contains document schemas, extraction parameters, and other system-wide settings.
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents to be processed are stored.
This bucket is monitored for new document uploads to trigger processing.
logLevelRequired
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for document processing components.
Controls the verbosity of logs generated during document processing.
lookupFunctionRequired
public readonly lookupFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that looks up document information from the tracking table.
Used to retrieve document metadata and processing status.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics emitted by the document processing system.
Used to organize and identify metrics related to document processing.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents and extraction results are stored.
Contains the structured data output and processing artifacts.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Stores information about documents being processed, including status and results.
workingBucketRequired
public readonly workingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket used for temporary storage during document processing.
Contains intermediate processing artifacts and working files.
apiOptional
public readonly api: IProcessingEnvironmentApi;
Optional ProcessingEnvironmentApi for progress notifications.
When provided, functions will use GraphQL mutations to update document status and notify clients about processing progress.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key used for encrypting sensitive data in the processing environment.
When provided, ensures that document content and metadata are encrypted at rest.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
The retention period for CloudWatch logs generated by document processing components.
Controls how long system logs are kept for troubleshooting and auditing.
reportingEnvironmentOptional
public readonly reportingEnvironment: IReportingEnvironment;
- Type: IReportingEnvironment
Optional reporting environment for analytics and evaluation capabilities.
When provided, enables storage and querying of evaluation metrics and processing analytics.
saveReportingDataFunctionOptional
public readonly saveReportingDataFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Optional Lambda function that saves reporting data to the reporting bucket.
Available when a reporting environment is provided.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
Enable AWS X-Ray tracing for Lambda functions in the processing environment.
When enabled, provides distributed tracing capabilities for debugging and performance analysis.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for document processing components.
When provided, deploys processing components within a VPC with specified settings.
IProcessingEnvironmentApi
-
Extends: aws-cdk-lib.aws_appsync.IGraphqlApi
-
Implemented By: ProcessingEnvironmentApi, IProcessingEnvironmentApi
Interface for the document processing environment API.
Provides GraphQL API capabilities for monitoring and managing document processing.
Methods
| Name | Description |
|---|---|
enable |
Enable a feature in the ProcessingEnvironmentApi. |
enable
public enable(feature: IApiFeature): void
Enable a feature in the ProcessingEnvironmentApi.
This is the recommended way to integrate features with the API. Features implementing IApiFeature will enable themselves in the API by creating data sources and resolvers.
Example
const agentAnalytics = new AgentAnalytics(this, 'AgentAnalytics', { ... });
api.enable(agentAnalytics);
featureRequired
- Type: IApiFeature
The feature to enable in the API.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
graphQlApiRef |
aws-cdk-lib.interfaces.aws_appsync.GraphQLApiReference |
A reference to a GraphQLApi resource. |
apiId |
string |
an unique AWS AppSync GraphQL API identifier i.e. 'lxz775lwdrgcndgz3nurvac7oa'. |
arn |
string |
the ARN of the API. |
graphQLEndpointArn |
string |
The GraphQL endpoint ARN. |
modes |
aws-cdk-lib.aws_appsync.AuthorizationType[] |
The Authorization Types for this GraphQL Api. |
visibility |
aws-cdk-lib.aws_appsync.Visibility |
the visibility of the API. |
graphqlUrl |
string |
The URL endpoint for the GraphQL API. |
uploadResolverFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that generates presigned URLs for document uploads. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
graphQlApiRefRequired
public readonly graphQlApiRef: GraphQLApiReference;
- Type: aws-cdk-lib.interfaces.aws_appsync.GraphQLApiReference
A reference to a GraphQLApi resource.
apiIdRequired
public readonly apiId: string;
- Type: string
an unique AWS AppSync GraphQL API identifier i.e. 'lxz775lwdrgcndgz3nurvac7oa'.
arnRequired
public readonly arn: string;
- Type: string
the ARN of the API.
graphQLEndpointArnRequired
public readonly graphQLEndpointArn: string;
- Type: string
The GraphQL endpoint ARN.
modesRequired
public readonly modes: AuthorizationType[];
- Type: aws-cdk-lib.aws_appsync.AuthorizationType[]
The Authorization Types for this GraphQL Api.
visibilityRequired
public readonly visibility: Visibility;
- Type: aws-cdk-lib.aws_appsync.Visibility
the visibility of the API.
graphqlUrlRequired
public readonly graphqlUrl: string;
- Type: string
The URL endpoint for the GraphQL API.
Used by client applications to interact with the document processing system.
uploadResolverFunctionRequired
public readonly uploadResolverFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that generates presigned URLs for document uploads.
Features that need to support uploads to additional buckets can grant this function write access and add environment variables.
IProcessingProgressMonitor
-
Extends: constructs.IConstruct
-
Implemented By: ProcessingProgressMonitor, IProcessingProgressMonitor
Interface for Processing Progress Monitor construct.
Provides Step Functions execution monitoring capabilities for tracking document processing workflow progress through the GraphQL API.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
stateMachine |
aws-cdk-lib.aws_stepfunctions.IStateMachine |
The Step Functions state machine being monitored. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
stateMachineRequired
public readonly stateMachine: IStateMachine;
- Type: aws-cdk-lib.aws_stepfunctions.IStateMachine
The Step Functions state machine being monitored.
IReportingEnvironment
- Implemented By: ReportingEnvironment, IReportingEnvironment
Interface for the reporting environment that provides analytics and evaluation capabilities.
This environment stores evaluation metrics, document processing analytics, and metering data in a structured format suitable for querying with Amazon Athena.
Properties
| Name | Type | Description |
|---|---|---|
attributeEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for attribute-level evaluation metrics. |
documentEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for document-level evaluation metrics. |
meteringTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for metering data. |
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where evaluation metrics and reporting data are stored in Parquet format. |
reportingDatabase |
@aws-cdk/aws-glue-alpha.Database |
The AWS Glue database containing tables for evaluation metrics. |
sectionEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for section-level evaluation metrics. |
attributeEvaluationsTableRequired
public readonly attributeEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for attribute-level evaluation metrics.
Contains detailed evaluation metrics for individual extracted attributes.
documentEvaluationsTableRequired
public readonly documentEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for document-level evaluation metrics.
Contains accuracy, precision, recall, F1 score, and other document-level metrics.
meteringTableRequired
public readonly meteringTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for metering data.
Contains cost and usage metrics for document processing operations.
reportingBucketRequired
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where evaluation metrics and reporting data are stored in Parquet format.
Contains document-level, section-level, and attribute-level evaluation metrics.
reportingDatabaseRequired
public readonly reportingDatabase: Database;
- Type: @aws-cdk/aws-glue-alpha.Database
The AWS Glue database containing tables for evaluation metrics.
Provides a structured catalog for querying evaluation data with Amazon Athena.
sectionEvaluationsTableRequired
public readonly sectionEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for section-level evaluation metrics.
Contains evaluation metrics for individual sections within documents.
ISessionTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: SessionTable, ISessionTable
Interface for the chat session table.
This table stores chat sessions and conversation history for Agent Companion Chat, enabling persistent conversation management and context retention across interactions.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
ITestStudio
-
Extends: constructs.IConstruct
-
Implemented By: TestStudio, ITestStudio
Interface for Test Studio construct.
Provides test management and analysis capabilities for document processing. Enables test set creation, execution, and results comparison.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
testResultCacheUpdateQueue |
aws-cdk-lib.aws_sqs.IQueue |
SQS queue for test result cache updates. |
testResultsResolverFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for test results retrieval and analysis. |
testRunnerFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for test execution. |
testSetCopyQueue |
aws-cdk-lib.aws_sqs.IQueue |
SQS queue for test set file copying operations. |
testSetResolverFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function for test set management operations. |
testBucket |
aws-cdk-lib.aws_s3.IBucket |
S3 bucket for storing test documents and baselines. |
testTable |
ITestTable |
DynamoDB table for storing test sets and execution results. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
testResultCacheUpdateQueueRequired
public readonly testResultCacheUpdateQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
SQS queue for test result cache updates.
testResultsResolverFunctionRequired
public readonly testResultsResolverFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for test results retrieval and analysis.
testRunnerFunctionRequired
public readonly testRunnerFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for test execution.
testSetCopyQueueRequired
public readonly testSetCopyQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
SQS queue for test set file copying operations.
testSetResolverFunctionRequired
public readonly testSetResolverFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function for test set management operations.
testBucketOptional
public readonly testBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
S3 bucket for storing test documents and baselines.
Optional - can be provided by user or created by construct.
testTableOptional
public readonly testTable: ITestTable;
- Type: ITestTable
DynamoDB table for storing test sets and execution results.
Optional - can be provided by user or created by construct.
ITestTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: TestTable, ITestTable
Interface for the test management table.
This table stores test sets, executions, and results for document processing evaluation, enabling comprehensive testing and analysis of document processing workflows.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
ITrackingTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: TrackingTable, ITrackingTable
Interface for the document tracking table.
This table stores information about document processing status, metadata, and results, enabling tracking of documents throughout their processing lifecycle from upload to completion.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IUserIdentity
- Implemented By: UserIdentity, IUserIdentity
Interface for user identity management components.
Provides authentication and authorization for the web application.
Properties
| Name | Type | Description |
|---|---|---|
identityPool |
aws-cdk-lib.aws_cognito_identitypool.IdentityPool |
The Cognito Identity Pool that provides temporary AWS credentials. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
The Cognito UserPool that stores user identities and credentials. |
userPoolClient |
aws-cdk-lib.aws_cognito.IUserPoolClient |
The Cognito UserPool Client used by the web application for OAuth flows. |
identityPoolRequired
public readonly identityPool: IdentityPool;
- Type: aws-cdk-lib.aws_cognito_identitypool.IdentityPool
The Cognito Identity Pool that provides temporary AWS credentials.
Allows authenticated users to access AWS services with appropriate permissions.
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
The Cognito UserPool that stores user identities and credentials.
Handles user registration, authentication, and account management.
userPoolClientRequired
public readonly userPoolClient: IUserPoolClient;
- Type: aws-cdk-lib.aws_cognito.IUserPoolClient
The Cognito UserPool Client used by the web application for OAuth flows.
Enables the web UI to authenticate users against the UserPool.
IUserManagement
-
Extends: constructs.IConstruct
-
Implemented By: UserManagement, IUserManagement
Interface for User Management construct.
Provides user administration and synchronization capabilities for Cognito-enabled deployments. Enables management of user accounts, roles, and permissions through the GraphQL API.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
managementFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that handles user administration operations. |
syncFunction |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that handles user synchronization operations. |
usersTable |
IUsersTable |
DynamoDB table that stores user metadata and profile information. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
managementFunctionRequired
public readonly managementFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that handles user administration operations.
Manages user creation, updates, deletion, and role assignments.
syncFunctionRequired
public readonly syncFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that handles user synchronization operations.
Ensures consistency between UserPool and IdentityPool.
usersTableRequired
public readonly usersTable: IUsersTable;
- Type: IUsersTable
DynamoDB table that stores user metadata and profile information.
IUsersTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: UsersTable, IUsersTable
Interface for the Users table.
This table stores user metadata and profile information for the application.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IWebAppFeature
- Implemented By: DocumentDiscovery, Evaluation, KnowledgeBaseQuery, IWebAppFeature
Interface for features that can be enabled in the WebApplication.
Features implementing this interface contribute UI settings (e.g., bucket names, feature flags) and optionally configure CORS rules for CloudFront access.
Methods
| Name | Description |
|---|---|
enableInWebApp |
Enable this feature in the WebApplication. |
enableInWebApp
public enableInWebApp(webApp: IWebApplication): void
Enable this feature in the WebApplication.
Typically contributes settings to the SSM parameter and configures bucket CORS rules for CloudFront access.
webAppRequired
- Type: IWebApplication
The WebApplication to enable in.
IWebApplication
- Implemented By: WebApplication, IWebApplication
Interface for the web application that provides a user interface for the document processing solution.
Enables users to upload documents, monitor processing status, and access extraction results.
Methods
| Name | Description |
|---|---|
addCorsBucket |
Add a CORS rule to an S3 bucket for CloudFront access. |
addSetting |
Add a setting to the web application's SSM parameter. |
enable |
Enable a feature in the WebApplication. |
addCorsBucket
public addCorsBucket(bucket: IBucket): void
Add a CORS rule to an S3 bucket for CloudFront access.
Configures the bucket to allow PUT/POST requests from the CloudFront distribution domain. Only applies when the bucket is a concrete s3.Bucket (not an imported IBucket).
bucketRequired
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket to configure CORS on.
addSetting
public addSetting(key: string, value: string): void
Add a setting to the web application's SSM parameter.
Settings are lazily resolved at synth time and included in the JSON settings parameter that the UI reads at runtime.
keyRequired
- Type: string
The setting key.
valueRequired
- Type: string
The setting value.
enable
public enable(feature: IWebAppFeature): void
Enable a feature in the WebApplication.
Features implementing IWebAppFeature will enable themselves in the web app by contributing settings and configuring CORS.
featureRequired
- Type: IWebAppFeature
The feature to enable.
Properties
| Name | Type | Description |
|---|---|---|
bucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where the web application assets are deployed. |
distribution |
aws-cdk-lib.aws_cloudfront.IDistribution |
The CloudFront distribution that serves the web application. |
bucketRequired
public readonly bucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where the web application assets are deployed.
Contains the static files for the web UI including HTML, CSS, and JavaScript.
distributionRequired
public readonly distribution: IDistribution;
- Type: aws-cdk-lib.aws_cloudfront.IDistribution
The CloudFront distribution that serves the web application.
Provides global content delivery with low latency and high performance.
Enums
CrawlerSchedule
Enumeration of supported crawler schedules.
Members
| Name | Description |
|---|---|
MANUAL |
Manual execution only - no automatic schedule. |
EVERY_15_MINUTES |
Run every 15 minutes. |
HOURLY |
Run every hour. |
DAILY |
Run daily. |
MANUAL
Manual execution only - no automatic schedule.
EVERY_15_MINUTES
Run every 15 minutes.
HOURLY
Run every hour.
DAILY
Run daily.
LogLevel
Defines the logging verbosity levels for the document processing components.
Controls the amount of detail included in logs for troubleshooting and monitoring.
The log level affects all Lambda functions and other components in the IDP solution, allowing administrators to adjust logging detail based on operational needs.
Members
| Name | Description |
|---|---|
DEBUG |
Most verbose logging level, includes detailed debugging information. Useful during development and troubleshooting but generates large log volumes. |
INFO |
Standard logging level for operational information. Provides general information about the system's operation without excessive detail. |
WARN |
Logs potentially harmful situations that don't prevent the system from working. |
ERROR |
Logs error events that might still allow the application to continue running. Indicates failures that should be investigated. |
DEBUG
Most verbose logging level, includes detailed debugging information. Useful during development and troubleshooting but generates large log volumes.
Includes detailed information about internal operations, variable values, and processing steps that are useful for diagnosing issues.
INFO
Standard logging level for operational information. Provides general information about the system's operation without excessive detail.
Includes information about document processing events, workflow transitions, and important operational milestones.
WARN
Logs potentially harmful situations that don't prevent the system from working.
Indicates issues that should be addressed but aren't critical failures.
Includes warnings about potential problems, performance issues, or situations that might lead to errors if not addressed.
ERROR
Logs error events that might still allow the application to continue running. Indicates failures that should be investigated.
Includes information about processing failures, service errors, and other issues that affect system functionality.
MaxPagesForClassification
Maximum pages for classification configuration.
Controls how many pages are sent to the classification model. This can be used to optimize costs and performance for large documents.
Members
| Name | Description |
|---|---|
ALL |
Use all pages for classification. |
ALL
Use all pages for classification.
Every page in the document will be sent to the classification model. This provides the most accurate classification but may increase costs and processing time for large documents.
SectionSplittingStrategy
Section splitting strategy for document processing.
Controls how multi-page documents are divided into sections during classification. This affects how documents of the same type are grouped together and processed.
Members
| Name | Description |
|---|---|
DISABLED |
Entire document treated as single section with first detected class. |
PAGE |
One section per page preventing automatic joining of same-type documents. |
LLM_DETERMINED |
Uses LLM boundary detection with "Start"/"Continue" indicators. |
DISABLED
Entire document treated as single section with first detected class.
All pages in the document will be assigned the same classification as the first page, regardless of content differences.
Use this when: - Documents are homogeneous (all pages same type) - Classification accuracy is less critical - Processing speed is prioritized
PAGE
One section per page preventing automatic joining of same-type documents.
Each page is treated as a separate section, even if consecutive pages have the same classification. This prevents automatic merging.
Use this when: - Each page represents a distinct document - Page boundaries are important - Documents should not be merged
LLM_DETERMINED
Uses LLM boundary detection with "Start"/"Continue" indicators.
The LLM analyzes each page to determine if it starts a new document or continues the previous one. Pages with the same classification are automatically grouped into sections.
Use this when: - Documents may span multiple pages - Accurate document boundaries are critical - Mixed document types in single files
VectorStoreType
Vector store type for Bedrock Knowledge Base.
Determines the backend storage and retrieval mechanism for document embeddings. Each option provides different performance and cost characteristics.
Members
| Name | Description |
|---|---|
S3_VECTORS |
S3 Vectors for cost-effective storage with sub-second latency. |
OPENSEARCH_SERVERLESS |
OpenSearch Serverless for sub-millisecond queries. |
S3_VECTORS
S3 Vectors for cost-effective storage with sub-second latency.
Stores vector embeddings in Amazon S3 with optimized retrieval. Provides a balance of cost-effectiveness and performance.
Characteristics: - Lower cost compared to OpenSearch Serverless - Sub-second query latency - Automatic scaling - No infrastructure management
Use this when: - Cost optimization is important - Sub-second latency is acceptable - Workload is variable or unpredictable
OPENSEARCH_SERVERLESS
OpenSearch Serverless for sub-millisecond queries.
Uses Amazon OpenSearch Serverless for vector storage and retrieval. Provides the fastest query performance but at higher cost.
Characteristics: - Sub-millisecond query latency - Higher cost than S3 Vectors - Automatic scaling - Advanced search capabilities
Use this when: - Ultra-low latency is critical - High query throughput is needed - Advanced search features are required