@cdklabs/genai-idp
Constructs
AgentAnalytics
- Implements: IAgentAnalytics
Agent Analytics construct for natural language document analytics.
This construct provides AI-powered analytics capabilities that enable natural language querying of processed document data. Key features include:
- Convert natural language questions to SQL queries
- Generate interactive visualizations and tables
- Explore database schema automatically
- Secure code execution in AWS Bedrock AgentCore sandboxes
- Multi-tool agent system for comprehensive analytics
The analytics system uses a multi-tool approach: - Database discovery tool for schema exploration - Athena query tool for SQL execution - Secure code sandbox for data transfer - Python visualization tool for charts and tables
Initializers
import { AgentAnalytics } from '@cdklabs/genai-idp'
new AgentAnalytics(scope: Construct, id: string, props: AgentAnalyticsProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentAnalyticsProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: AgentAnalyticsProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString
public toString(): string
Returns a string representation of this construct.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { AgentAnalytics } from '@cdklabs/genai-idp'
AgentAnalytics.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
agentProcessor |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that processes agent queries using Bedrock AgentCore. |
agentRequestHandler |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that handles agent query requests from the UI. |
agentTable |
IAgentTable |
The DynamoDB table for tracking agent jobs and analytics queries. |
listAvailableAgents |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that lists available analytics agents. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
agentProcessorRequired
public readonly agentProcessor: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that processes agent queries using Bedrock AgentCore.
agentRequestHandlerRequired
public readonly agentRequestHandler: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that handles agent query requests from the UI.
agentTableRequired
public readonly agentTable: IAgentTable;
- Type: IAgentTable
The DynamoDB table for tracking agent jobs and analytics queries.
listAvailableAgentsRequired
public readonly listAvailableAgents: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that lists available analytics agents.
AgentProcessorFunction
Lambda function for processing agent analytics queries.
This function processes natural language queries using AWS Bedrock AgentCore, converting them to SQL queries and generating visualizations. It uses a multi-tool approach with secure code execution in Bedrock sandboxes.
Initializers
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
new AgentProcessorFunction(scope: Construct, id: string, props: AgentProcessorFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentProcessorFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { AgentProcessorFunction } from '@cdklabs/genai-idp'
AgentProcessorFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
AgentRequestHandlerFunction
Lambda function for handling agent query requests.
This function receives agent query requests from the GraphQL API and manages the job lifecycle, including creating job records and invoking the agent processor.
Initializers
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
new AgentRequestHandlerFunction(scope: Construct, id: string, props: AgentRequestHandlerFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
AgentRequestHandlerFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { AgentRequestHandlerFunction } from '@cdklabs/genai-idp'
AgentRequestHandlerFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
AgentTable
- Implements: IAgentTable
DynamoDB table for agent job tracking.
Uses fixed keys: PK (partition key) and SK (sort key).
Initializers
import { AgentTable } from '@cdklabs/genai-idp'
new AgentTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
FixedKeyTableProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsOptional
- Type: FixedKeyTableProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { AgentTable } from '@cdklabs/genai-idp'
AgentTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
CognitoUpdaterHitlFunction
- Implements: aws-cdk-lib.aws_lambda.IFunction
A Lambda function that updates Cognito configuration for HITL workflows.
This function resolves circular dependency issues between SageMaker A2I resources and Cognito configuration by updating the Cognito User Pool Client with the necessary settings for A2I integration after the workteam has been created.
Initializers
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
new CognitoUpdaterHitlFunction(scope: Construct, id: string, props: CognitoUpdaterHitlFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
CognitoUpdaterHitlFunctionProps |
Configuration properties for the function. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
Configuration properties for the function.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { CognitoUpdaterHitlFunction } from '@cdklabs/genai-idp'
CognitoUpdaterHitlFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ConcurrencyTable
- Implements: IConcurrencyTable
A DynamoDB table for managing concurrency limits in document processing.
This construct creates a table with a custom resource that initializes concurrency counters, allowing the system to control how many documents are processed simultaneously to prevent resource exhaustion.
Initializers
import { ConcurrencyTable } from '@cdklabs/genai-idp'
new ConcurrencyTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { ConcurrencyTable } from '@cdklabs/genai-idp'
ConcurrencyTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ConfigurationTable
- Implements: IConfigurationTable
A DynamoDB table for storing configuration settings for the document processing solution.
This table uses a fixed partition key "Configuration" to store various configuration items such as extraction schemas, evaluation settings, and system parameters. It provides a centralized location for managing configuration that can be accessed by multiple components of the solution.
Configuration items stored in this table can include: - Document extraction schemas and templates - Model parameters and prompt configurations - Evaluation criteria and thresholds - UI settings and customizations - Processing workflow configurations
Initializers
import { ConfigurationTable } from '@cdklabs/genai-idp'
new ConfigurationTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { ConfigurationTable } from '@cdklabs/genai-idp'
ConfigurationTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
CreateA2IResourcesFunction
- Implements: aws-cdk-lib.aws_lambda.IFunction
A Lambda function that creates and manages Amazon A2I (Augmented AI) resources.
This function handles the complete A2I lifecycle including: - Create: Flow Definition and Human Task UI - Update: Flow Definition and Human Task UI (delete old, create new) - Delete: Comprehensive cleanup with verification and wait logic
The function is designed as a CloudFormation custom resource handler and manages SageMaker A2I resources for human-in-the-loop workflows.
Initializers
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
new CreateA2IResourcesFunction(scope: Construct, id: string, props: CreateA2IResourcesFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
CreateA2IResourcesFunctionProps |
Configuration properties for the function. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
Configuration properties for the function.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { CreateA2IResourcesFunction } from '@cdklabs/genai-idp'
CreateA2IResourcesFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
CustomPromptGenerator
- Implements: ICustomPromptGenerator
Custom prompt generator construct for injecting business logic into document processing.
This construct creates a Lambda function that can be used by Pattern 2 and Pattern 3 processors to customize prompts based on document content, business rules, or external system integrations.
The Lambda function receives template placeholders including: - DOCUMENT_TEXT: Extracted text from the document - DOCUMENT_CLASS: Classification result - ATTRIBUTE_NAMES_AND_DESCRIPTIONS: Schema information - DOCUMENT_IMAGE: URI-based image reference for JSON serialization
Key features: - Scoped IAM permissions requiring GENAIIDP-* function naming convention - Comprehensive error handling with fail-fast behavior - JSON serialization support for all object types - Complete observability with detailed logging
Initializers
import { CustomPromptGenerator } from '@cdklabs/genai-idp'
new CustomPromptGenerator(scope: Construct, id: string, props: CustomPromptGeneratorProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
CustomPromptGeneratorProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString
public toString(): string
Returns a string representation of this construct.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { CustomPromptGenerator } from '@cdklabs/genai-idp'
CustomPromptGenerator.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
generatorFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that implements the custom prompt generation logic. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
generatorFunctionRequired
public readonly generatorFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that implements the custom prompt generation logic.
This function receives template placeholders and returns customized prompts.
CustomPromptGeneratorFunction
Lambda function for custom prompt generation.
This function implements custom business logic for prompt generation in document processing workflows. It receives template placeholders and returns customized prompts based on document content, business rules, or external integrations.
Key features: - Template placeholder support (DOCUMENT_TEXT, DOCUMENT_CLASS, etc.) - Business rule integration - External system connectivity - Fail-fast error handling - Comprehensive logging and observability
Initializers
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
new CustomPromptGeneratorFunction(scope: Construct, id: string, props: CustomPromptGeneratorFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
CustomPromptGeneratorFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { CustomPromptGeneratorFunction } from '@cdklabs/genai-idp'
CustomPromptGeneratorFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DiscoveryProcessorFunction
A Lambda function that processes discovery jobs from SQS queue.
This function analyzes documents to identify structure, field types, and organizational patterns for automated configuration generation.
Initializers
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
new DiscoveryProcessorFunction(scope: Construct, id: string, props: DiscoveryProcessorFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
DiscoveryProcessorFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { DiscoveryProcessorFunction } from '@cdklabs/genai-idp'
DiscoveryProcessorFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DiscoveryQueue
- Implements: IDiscoveryQueue
An SQS queue for processing discovery jobs asynchronously.
This construct creates a queue that receives discovery job messages and triggers Lambda processing for document analysis.
Initializers
import { DiscoveryQueue } from '@cdklabs/genai-idp'
new DiscoveryQueue(scope: Construct, id: string, props?: DiscoveryQueueProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
DiscoveryQueueProps |
Configuration properties for the SQS queue. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: DiscoveryQueueProps
Configuration properties for the SQS queue.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the IAM resource policy associated with this queue. |
grant |
Grant the actions defined in queueActions to the identity Principal given on this SQS queue resource. |
grantConsumeMessages |
Grant permissions to consume messages from a queue. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantPurge |
Grant an IAM principal permissions to purge all messages from the queue. |
grantSendMessages |
Grant access to send messages to a queue to the given identity. |
metric |
Return the given named metric for this Queue. |
metricApproximateAgeOfOldestMessage |
The approximate age of the oldest non-deleted message in the queue. |
metricApproximateNumberOfMessagesDelayed |
The number of messages in the queue that are delayed and not available for reading immediately. |
metricApproximateNumberOfMessagesNotVisible |
The number of messages that are in flight. |
metricApproximateNumberOfMessagesVisible |
The number of messages available for retrieval from the queue. |
metricNumberOfEmptyReceives |
The number of ReceiveMessage API calls that did not return a message. |
metricNumberOfMessagesDeleted |
The number of messages deleted from the queue. |
metricNumberOfMessagesReceived |
The number of messages returned by calls to the ReceiveMessage action. |
metricNumberOfMessagesSent |
The number of messages added to a queue. |
metricSentMessageSize |
The size of messages added to a queue. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the IAM resource policy associated with this queue.
If this queue was created in this stack (new Queue), a queue policy
will be automatically created upon the first call to addToPolicy. If
the queue is imported (Queue.import), then this is a no-op.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Grant the actions defined in queueActions to the identity Principal given on this SQS queue resource.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
Principal to grant right to.
actionsRequired
- Type: ...string[]
The actions to grant.
grantConsumeMessages
public grantConsumeMessages(grantee: IGrantable): Grant
Grant permissions to consume messages from a queue.
This will grant the following permissions:
- sqs:ChangeMessageVisibility
- sqs:DeleteMessage
- sqs:ReceiveMessage
- sqs:GetQueueAttributes
- sqs:GetQueueUrl
If encryption is used, permission to use the key to decrypt the contents of the queue will also be granted to the same principal.
This will grant the following KMS permissions:
- kms:Decrypt
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
Principal to grant consume rights to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantPurge
public grantPurge(grantee: IGrantable): Grant
Grant an IAM principal permissions to purge all messages from the queue.
This will grant the following permissions:
- sqs:PurgeQueue
- sqs:GetQueueAttributes
- sqs:GetQueueUrl
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
Principal to grant send rights to.
grantSendMessages
public grantSendMessages(grantee: IGrantable): Grant
Grant access to send messages to a queue to the given identity.
This will grant the following permissions:
- sqs:SendMessage
- sqs:GetQueueAttributes
- sqs:GetQueueUrl
If encryption is used, permission to use the key to encrypt/decrypt the contents of the queue will also be granted to the same principal.
This will grant the following KMS permissions:
- kms:Decrypt
- kms:Encrypt
- kms:ReEncrypt*
- kms:GenerateDataKey*
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
Principal to grant send rights to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Queue.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricApproximateAgeOfOldestMessage
public metricApproximateAgeOfOldestMessage(props?: MetricOptions): Metric
The approximate age of the oldest non-deleted message in the queue.
Maximum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricApproximateNumberOfMessagesDelayed
public metricApproximateNumberOfMessagesDelayed(props?: MetricOptions): Metric
The number of messages in the queue that are delayed and not available for reading immediately.
Maximum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricApproximateNumberOfMessagesNotVisible
public metricApproximateNumberOfMessagesNotVisible(props?: MetricOptions): Metric
The number of messages that are in flight.
Maximum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricApproximateNumberOfMessagesVisible
public metricApproximateNumberOfMessagesVisible(props?: MetricOptions): Metric
The number of messages available for retrieval from the queue.
Maximum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricNumberOfEmptyReceives
public metricNumberOfEmptyReceives(props?: MetricOptions): Metric
The number of ReceiveMessage API calls that did not return a message.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricNumberOfMessagesDeleted
public metricNumberOfMessagesDeleted(props?: MetricOptions): Metric
The number of messages deleted from the queue.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricNumberOfMessagesReceived
public metricNumberOfMessagesReceived(props?: MetricOptions): Metric
The number of messages returned by calls to the ReceiveMessage action.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricNumberOfMessagesSent
public metricNumberOfMessagesSent(props?: MetricOptions): Metric
The number of messages added to a queue.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSentMessageSize
public metricSentMessageSize(props?: MetricOptions): Metric
The size of messages added to a queue.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromQueueArn |
Import an existing SQS queue provided an ARN. |
fromQueueAttributes |
Import an existing queue. |
isConstruct
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromQueueArn
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.fromQueueArn(scope: Construct, id: string, queueArn: string)
Import an existing SQS queue provided an ARN.
scopeRequired
- Type: constructs.Construct
The parent creating construct.
idRequired
- Type: string
The construct's name.
queueArnRequired
- Type: string
queue ARN (i.e. arn:aws:sqs:us-east-2:444455556666:queue1).
fromQueueAttributes
import { DiscoveryQueue } from '@cdklabs/genai-idp'
DiscoveryQueue.fromQueueAttributes(scope: Construct, id: string, attrs: QueueAttributes)
Import an existing queue.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
attrsRequired
- Type: aws-cdk-lib.aws_sqs.QueueAttributes
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
fifo |
boolean |
Whether this queue is an Amazon SQS FIFO queue. |
grants |
aws-cdk-lib.aws_sqs.QueueGrants |
Collection of grant methods for a Queue. |
queueArn |
string |
The ARN of this queue. |
queueName |
string |
The name of this queue. |
queueRef |
aws-cdk-lib.interfaces.aws_sqs.QueueReference |
A reference to a Queue resource. |
queueUrl |
string |
The URL of this queue. |
encryptionMasterKey |
aws-cdk-lib.aws_kms.IKey |
If this queue is encrypted, this is the KMS key. |
encryptionType |
aws-cdk-lib.aws_sqs.QueueEncryption |
Whether the contents of the queue are encrypted, and by what type of key. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.DeadLetterQueue |
If this queue is configured with a dead-letter queue, this is the dead-letter queue settings. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
fifoRequired
public readonly fifo: boolean;
- Type: boolean
Whether this queue is an Amazon SQS FIFO queue.
If false, this is a standard queue.
grantsRequired
public readonly grants: QueueGrants;
- Type: aws-cdk-lib.aws_sqs.QueueGrants
Collection of grant methods for a Queue.
queueArnRequired
public readonly queueArn: string;
- Type: string
The ARN of this queue.
queueNameRequired
public readonly queueName: string;
- Type: string
The name of this queue.
queueRefRequired
public readonly queueRef: QueueReference;
- Type: aws-cdk-lib.interfaces.aws_sqs.QueueReference
A reference to a Queue resource.
queueUrlRequired
public readonly queueUrl: string;
- Type: string
The URL of this queue.
encryptionMasterKeyOptional
public readonly encryptionMasterKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
If this queue is encrypted, this is the KMS key.
encryptionTypeOptional
public readonly encryptionType: QueueEncryption;
- Type: aws-cdk-lib.aws_sqs.QueueEncryption
Whether the contents of the queue are encrypted, and by what type of key.
deadLetterQueueOptional
public readonly deadLetterQueue: DeadLetterQueue;
- Type: aws-cdk-lib.aws_sqs.DeadLetterQueue
If this queue is configured with a dead-letter queue, this is the dead-letter queue settings.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DiscoveryTable
- Implements: IDiscoveryTable
A DynamoDB table for tracking discovery jobs.
This construct creates a table that stores discovery job information including status, document keys, and processing metadata.
Initializers
import { DiscoveryTable } from '@cdklabs/genai-idp'
new DiscoveryTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { DiscoveryTable } from '@cdklabs/genai-idp'
DiscoveryTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DiscoveryUploadResolverFunction
A Lambda function that handles discovery document uploads via GraphQL API.
This function generates presigned URLs for document uploads and creates discovery job entries in the tracking table.
Initializers
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
new DiscoveryUploadResolverFunction(scope: Construct, id: string, props: DiscoveryUploadResolverFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
DiscoveryUploadResolverFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { DiscoveryUploadResolverFunction } from '@cdklabs/genai-idp'
DiscoveryUploadResolverFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
DocumentDiscovery
- Implements: IDocumentDiscovery
A construct that provides document discovery capabilities.
This construct creates the infrastructure needed for automated document analysis and configuration generation, including DynamoDB table, SQS queue, and Lambda functions for processing discovery jobs.
Initializers
import { DocumentDiscovery } from '@cdklabs/genai-idp'
new DocumentDiscovery(scope: Construct, id: string, props: DocumentDiscoveryProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
DocumentDiscoveryProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: DocumentDiscoveryProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
initializeFunctions |
Initialize the Lambda functions with API URL. |
toString
public toString(): string
Returns a string representation of this construct.
initializeFunctions
public initializeFunctions(api: IProcessingEnvironmentApi, configurationTable: IConfigurationTable, encryptionKey?: IKey, logLevel?: LogLevel, logRetention?: RetentionDays, vpcConfiguration?: VpcConfiguration): DocumentDiscoveryFunctions
Initialize the Lambda functions with API URL.
Called by ProcessingEnvironmentApi when adding document discovery.
apiRequired
configurationTableRequired
- Type: IConfigurationTable
encryptionKeyOptional
- Type: aws-cdk-lib.aws_kms.IKey
logLevelOptional
- Type: LogLevel
logRetentionOptional
- Type: aws-cdk-lib.aws_logs.RetentionDays
vpcConfigurationOptional
- Type: VpcConfiguration
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { DocumentDiscovery } from '@cdklabs/genai-idp'
DocumentDiscovery.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for document discovery uploads. |
discoveryQueue |
IDiscoveryQueue |
The SQS queue for processing discovery jobs asynchronously. |
discoveryTable |
IDiscoveryTable |
The DynamoDB table that tracks discovery job status and metadata. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for document discovery uploads.
discoveryQueueRequired
public readonly discoveryQueue: IDiscoveryQueue;
- Type: IDiscoveryQueue
The SQS queue for processing discovery jobs asynchronously.
discoveryTableRequired
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
The DynamoDB table that tracks discovery job status and metadata.
GetWorkforceUrlFunction
- Implements: aws-cdk-lib.aws_lambda.IFunction
A Lambda function that retrieves workforce portal URLs for HITL workflows.
This function is designed as a CloudFormation custom resource handler that retrieves the SageMaker workforce portal URL for human reviewers to access documents that require manual review and correction.
Initializers
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
new GetWorkforceUrlFunction(scope: Construct, id: string, props: GetWorkforceUrlFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
GetWorkforceUrlFunctionProps |
Configuration properties for the function. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
Configuration properties for the function.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { GetWorkforceUrlFunction } from '@cdklabs/genai-idp'
GetWorkforceUrlFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
HitlEnvironment
- Implements: IHitlEnvironment
A construct that sets up the Human-in-the-Loop (HITL) environment for document processing.
This construct creates and manages all the necessary components for HITL workflows: - SageMaker workteam for human reviewers - Cognito User Pool Client for A2I integration - A2I Flow Definition and Human Task UI management - Workforce portal URL retrieval
The HITL environment enables human review of documents that fall below confidence thresholds or require manual verification.
Initializers
import { HitlEnvironment } from '@cdklabs/genai-idp'
new HitlEnvironment(scope: Construct, id: string, props: HitlEnvironmentProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
HitlEnvironmentProps |
Configuration properties for the HITL environment. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
- Type: HitlEnvironmentProps
Configuration properties for the HITL environment.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString
public toString(): string
Returns a string representation of this construct.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { HitlEnvironment } from '@cdklabs/genai-idp'
HitlEnvironment.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
flowDefinitionRole |
aws-cdk-lib.aws_iam.Role |
The IAM role for A2I Flow Definition. |
labelingConsoleUrl |
string |
The labeling console URL for SageMaker Ground Truth. |
userPoolClient |
aws-cdk-lib.aws_cognito.IUserPoolClient |
The Cognito User Pool Client for A2I integration. |
workforcePortalUrl |
string |
The workforce portal URL for human reviewers. |
workteam |
IWorkteam |
The SageMaker workteam for HITL tasks. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
flowDefinitionRoleRequired
public readonly flowDefinitionRole: Role;
- Type: aws-cdk-lib.aws_iam.Role
The IAM role for A2I Flow Definition.
labelingConsoleUrlRequired
public readonly labelingConsoleUrl: string;
- Type: string
The labeling console URL for SageMaker Ground Truth.
userPoolClientRequired
public readonly userPoolClient: IUserPoolClient;
- Type: aws-cdk-lib.aws_cognito.IUserPoolClient
The Cognito User Pool Client for A2I integration.
workforcePortalUrlRequired
public readonly workforcePortalUrl: string;
- Type: string
The workforce portal URL for human reviewers.
workteamRequired
public readonly workteam: IWorkteam;
- Type: IWorkteam
The SageMaker workteam for HITL tasks.
ListAvailableAgentsFunction
Lambda function for listing available analytics agents.
This function returns a list of available agents including both built-in analytics agents and any configured external MCP agents.
Initializers
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
new ListAvailableAgentsFunction(scope: Construct, id: string, props: ListAvailableAgentsFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ListAvailableAgentsFunctionProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { ListAvailableAgentsFunction } from '@cdklabs/genai-idp'
ListAvailableAgentsFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ProcessingEnvironment
- Implements: IProcessingEnvironment
Core infrastructure for the Intelligent Document Processing solution.
This construct orchestrates the end-to-end document processing workflow, from document ingestion to structured data extraction and result tracking. It provides the shared infrastructure and services that all document processor patterns use, including:
- S3 buckets for document storage
- DynamoDB tables for tracking and configuration
- SQS queues for document processing
- Lambda functions for workflow orchestration
- CloudWatch metrics and logs for monitoring
- GraphQL API for client interactions
The ProcessingEnvironment is designed to be pattern-agnostic, providing the foundation that specific document processor implementations build upon.
Initializers
import { ProcessingEnvironment } from '@cdklabs/genai-idp'
new ProcessingEnvironment(scope: Construct, id: string, props: ProcessingEnvironmentProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ProcessingEnvironmentProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
attach |
Attaches a document processor to this processing environment. |
metricQueueLatency |
Creates a CloudWatch metric for queue latency. |
metricTotalLatency |
Creates a CloudWatch metric for total processing latency. |
metricWorkflowLatency |
Creates a CloudWatch metric for workflow latency. |
toString
public toString(): string
Returns a string representation of this construct.
attach
public attach(processor: IDocumentProcessor, options?: DocumentProcessorAttachmentOptions): void
Attaches a document processor to this processing environment.
Sets up the necessary event triggers, permissions, and integrations to enable the processor to work with this environment.
processorRequired
- Type: IDocumentProcessor
optionsOptional
metricQueueLatency
public metricQueueLatency(props?: MetricOptions): Metric
Creates a CloudWatch metric for queue latency.
Measures the time from when a document is queued to when workflow processing starts.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Optional metric configuration properties.
metricTotalLatency
public metricTotalLatency(props?: MetricOptions): Metric
Creates a CloudWatch metric for total processing latency.
Measures the end-to-end time from document queuing to completion.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Optional metric configuration properties.
metricWorkflowLatency
public metricWorkflowLatency(props?: MetricOptions): Metric
Creates a CloudWatch metric for workflow latency.
Measures the time from when workflow processing starts to completion.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Optional metric configuration properties.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { ProcessingEnvironment } from '@cdklabs/genai-idp'
ProcessingEnvironment.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
configurationFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that updates configuration settings. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where source documents to be processed are stored. |
logLevel |
LogLevel |
The log level for document processing components. |
metricNamespace |
string |
The namespace for CloudWatch metrics emitted by the document processing system. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents and extraction results are stored. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
workingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket used for temporary storage during document processing. |
api |
IProcessingEnvironmentApi |
Optional ProcessingEnvironmentApi for progress notifications. |
documentDiscovery |
IDocumentDiscovery |
Optional document discovery system for automated configuration generation. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key used for encrypting sensitive data in the processing environment. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs generated by document processing components. |
reportingEnvironment |
IReportingEnvironment |
Optional reporting environment for analytics and evaluation capabilities. |
saveReportingDataFunction |
aws-cdk-lib.aws_lambda.IFunction |
Optional Lambda function that saves reporting data to the reporting bucket. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for document processing components. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
configurationFunctionRequired
public readonly configurationFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that updates configuration settings.
Used to initialize and update configuration during deployment and runtime.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Contains document schemas, extraction parameters, and other system-wide settings.
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents to be processed are stored.
This bucket is monitored for new document uploads to trigger processing.
logLevelRequired
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for document processing components.
Controls the verbosity of logs generated during document processing.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics emitted by the document processing system.
Used to organize and identify metrics related to document processing.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents and extraction results are stored.
Contains the structured data output and processing artifacts.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Stores information about documents being processed, including status and results.
workingBucketRequired
public readonly workingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket used for temporary storage during document processing.
Contains intermediate processing artifacts and working files.
apiOptional
public readonly api: IProcessingEnvironmentApi;
Optional ProcessingEnvironmentApi for progress notifications.
When provided, functions will use GraphQL mutations to update document status.
documentDiscoveryOptional
public readonly documentDiscovery: IDocumentDiscovery;
- Type: IDocumentDiscovery
Optional document discovery system for automated configuration generation.
When provided, enables discovery job processing, status tracking, and UI upload functionality.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key used for encrypting sensitive data in the processing environment.
When provided, ensures that document content and metadata are encrypted at rest.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
The retention period for CloudWatch logs generated by document processing components.
Controls how long system logs are kept for troubleshooting and auditing.
reportingEnvironmentOptional
public readonly reportingEnvironment: IReportingEnvironment;
- Type: IReportingEnvironment
Optional reporting environment for analytics and evaluation capabilities.
When provided, enables storage and querying of evaluation metrics and processing analytics.
saveReportingDataFunctionOptional
public readonly saveReportingDataFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Optional Lambda function that saves reporting data to the reporting bucket.
Available when a reporting environment is provided.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for document processing components.
When provided, deploys processing components within a VPC with specified settings.
ProcessingEnvironmentApi
- Implements: IProcessingEnvironmentApi
A construct that provides a GraphQL API for tracking and managing document processing.
The ProcessingEnvironmentApi creates an AppSync GraphQL API with resolvers for: - Querying document status and metadata - Managing document processing (delete, reprocess) - Accessing document contents and extraction results - Uploading new documents for processing - Copying documents to baseline for evaluation - Querying document knowledge base (if configured)
It integrates with the processing environment's resources including DynamoDB tables, S3 buckets, and optional knowledge base to provide a comprehensive interface for monitoring and managing the document processing workflow.
Initializers
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
new ProcessingEnvironmentApi(scope: Construct, id: string, props: ProcessingEnvironmentApiProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
ProcessingEnvironmentApiProps |
Configuration properties for the API. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
Configuration properties for the API.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addDynamoDbDataSource |
add a new DynamoDB data source to this API. |
addElasticsearchDataSource |
add a new elasticsearch data source to this API. |
addEventBridgeDataSource |
Add an EventBridge data source to this api. |
addHttpDataSource |
add a new http data source to this API. |
addLambdaDataSource |
add a new Lambda data source to this API. |
addNoneDataSource |
add a new dummy data source to this API. |
addOpenSearchDataSource |
add a new OpenSearch data source to this API. |
addRdsDataSource |
add a new Rds data source to this API. |
addRdsDataSourceV2 |
add a new Rds data source to this API. |
addSchemaDependency |
Add schema dependency to a given construct. |
createResolver |
creates a new resolver for this datasource and API using the given properties. |
grant |
Adds an IAM policy statement associated with this GraphQLApi to an IAM principal's policy. |
grantMutation |
Adds an IAM policy statement for Mutation access to this GraphQLApi to an IAM principal's policy. |
grantQuery |
Adds an IAM policy statement for Query access to this GraphQLApi to an IAM principal's policy. |
grantSubscription |
Adds an IAM policy statement for Subscription access to this GraphQLApi to an IAM principal's policy. |
addEnvironmentVariable |
Add an environment variable to the construct. |
addAgentAnalytics |
Add Agent Analytics capabilities to the GraphQL API. |
addChatWithDocument |
Add Chat with Document capabilities to the GraphQL API. |
addConfigurationTable |
Add configuration table data sources and resolvers to the GraphQL API. |
addDocumentDiscovery |
Add Document Discovery capabilities to the GraphQL API. |
addEvaluation |
Add evaluation capabilities to the GraphQL API. |
addKnowledgeBase |
Add knowledge base querying capabilities to the GraphQL API. |
addStateMachine |
Add Step Functions resolvers and monitoring for the GraphQL API. |
addTrackingTable |
Add tracking table data sources and resolvers to the GraphQL API. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addDynamoDbDataSource
public addDynamoDbDataSource(id: string, table: ITable, options?: DataSourceOptions): DynamoDbDataSource
add a new DynamoDB data source to this API.
idRequired
- Type: string
The data source's id.
tableRequired
- Type: aws-cdk-lib.aws_dynamodb.ITable
The DynamoDB table backing this data source.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
~~addElasticsearchDataSource~~
public addElasticsearchDataSource(id: string, domain: IDomain, options?: DataSourceOptions): ElasticsearchDataSource
add a new elasticsearch data source to this API.
idRequired
- Type: string
The data source's id.
domainRequired
- Type: aws-cdk-lib.aws_elasticsearch.IDomain
The elasticsearch domain for this data source.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addEventBridgeDataSource
public addEventBridgeDataSource(id: string, eventBus: IEventBus, options?: DataSourceOptions): EventBridgeDataSource
Add an EventBridge data source to this api.
idRequired
- Type: string
The data source's id.
eventBusRequired
- Type: aws-cdk-lib.aws_events.IEventBus
The EventBridge EventBus on which to put events.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addHttpDataSource
public addHttpDataSource(id: string, endpoint: string, options?: HttpDataSourceOptions): HttpDataSource
add a new http data source to this API.
idRequired
- Type: string
The data source's id.
endpointRequired
- Type: string
The http endpoint.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.HttpDataSourceOptions
The optional configuration for this data source.
addLambdaDataSource
public addLambdaDataSource(id: string, lambdaFunction: IFunction, options?: DataSourceOptions): LambdaDataSource
add a new Lambda data source to this API.
idRequired
- Type: string
The data source's id.
lambdaFunctionRequired
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function to call to interact with this data source.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addNoneDataSource
public addNoneDataSource(id: string, options?: DataSourceOptions): NoneDataSource
add a new dummy data source to this API.
Useful for pipeline resolvers and for backend changes that don't require a data source.
idRequired
- Type: string
The data source's id.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addOpenSearchDataSource
public addOpenSearchDataSource(id: string, domain: IDomain, options?: DataSourceOptions): OpenSearchDataSource
add a new OpenSearch data source to this API.
idRequired
- Type: string
The data source's id.
domainRequired
- Type: aws-cdk-lib.aws_opensearchservice.IDomain
The OpenSearch domain for this data source.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addRdsDataSource
public addRdsDataSource(id: string, serverlessCluster: IServerlessCluster, secretStore: ISecret, databaseName?: string, options?: DataSourceOptions): RdsDataSource
add a new Rds data source to this API.
idRequired
- Type: string
The data source's id.
serverlessClusterRequired
- Type: aws-cdk-lib.aws_rds.IServerlessCluster
The serverless cluster to interact with this data source.
secretStoreRequired
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
The secret store that contains the username and password for the serverless cluster.
databaseNameOptional
- Type: string
The optional name of the database to use within the cluster.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addRdsDataSourceV2
public addRdsDataSourceV2(id: string, serverlessCluster: IDatabaseCluster, secretStore: ISecret, databaseName?: string, options?: DataSourceOptions): RdsDataSource
add a new Rds data source to this API.
idRequired
- Type: string
The data source's id.
serverlessClusterRequired
- Type: aws-cdk-lib.aws_rds.IDatabaseCluster
The serverless V2 cluster to interact with this data source.
secretStoreRequired
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
The secret store that contains the username and password for the serverless cluster.
databaseNameOptional
- Type: string
The optional name of the database to use within the cluster.
optionsOptional
- Type: aws-cdk-lib.aws_appsync.DataSourceOptions
The optional configuration for this data source.
addSchemaDependency
public addSchemaDependency(construct: CfnResource): boolean
Add schema dependency to a given construct.
constructRequired
- Type: aws-cdk-lib.CfnResource
the dependee.
createResolver
public createResolver(id: string, props: ExtendedResolverProps): Resolver
creates a new resolver for this datasource and API using the given properties.
idRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_appsync.ExtendedResolverProps
grant
public grant(grantee: IGrantable, resources: IamResource, actions: ...string[]): Grant
Adds an IAM policy statement associated with this GraphQLApi to an IAM principal's policy.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal.
resourcesRequired
- Type: aws-cdk-lib.aws_appsync.IamResource
The set of resources to allow (i.e. ...:[region]:[accountId]:apis/GraphQLId/...).
actionsRequired
- Type: ...string[]
The actions that should be granted to the principal (i.e. appsync:graphql ).
grantMutation
public grantMutation(grantee: IGrantable, fields: ...string[]): Grant
Adds an IAM policy statement for Mutation access to this GraphQLApi to an IAM principal's policy.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal.
fieldsRequired
- Type: ...string[]
The fields to grant access to that are Mutations (leave blank for all).
grantQuery
public grantQuery(grantee: IGrantable, fields: ...string[]): Grant
Adds an IAM policy statement for Query access to this GraphQLApi to an IAM principal's policy.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal.
fieldsRequired
- Type: ...string[]
The fields to grant access to that are Queries (leave blank for all).
grantSubscription
public grantSubscription(grantee: IGrantable, fields: ...string[]): Grant
Adds an IAM policy statement for Subscription access to this GraphQLApi to an IAM principal's policy.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal.
fieldsRequired
- Type: ...string[]
The fields to grant access to that are Subscriptions (leave blank for all).
addEnvironmentVariable
public addEnvironmentVariable(key: string, value: string): void
Add an environment variable to the construct.
keyRequired
- Type: string
valueRequired
- Type: string
addAgentAnalytics
public addAgentAnalytics(trackingTable: ITrackingTable, model: IInvokable, reportingEnvironment: IReportingEnvironment, externalMcpAgentsSecret?: ISecret, guardrail?: IGuardrail): void
Add Agent Analytics capabilities to the GraphQL API.
This method adds AI-powered analytics functionality that enables natural language querying of processed document data. It creates the necessary resolvers and data sources for agent analytics workflows including database discovery, SQL query generation, and interactive visualizations.
Example
// Add agent analytics after API creation
api.addAgentAnalytics(
trackingTable,
myAnalyticsModel,
reportingDatabase,
athenaBucket
);
trackingTableRequired
- Type: ITrackingTable
The DynamoDB table that tracks document processing status.
modelRequired
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable
The foundation model or inference profile for analytics queries.
reportingEnvironmentRequired
- Type: IReportingEnvironment
The reporting environment that the analytics will be run for.
externalMcpAgentsSecretOptional
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
Optional Secrets Manager secret for external MCP agents.
guardrailOptional
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IGuardrail
Optional Bedrock guardrail for content filtering.
addChatWithDocument
public addChatWithDocument(knowledgeBase: IKnowledgeBase, chatModel: IInvokable, guardrail?: IGuardrail): void
Add Chat with Document capabilities to the GraphQL API.
This method adds natural language conversation functionality about processed documents by combining document context from the knowledge base with conversational AI. It maintains conversation history and provides contextual responses.
Example
// Add chat with document after API creation
api.addChatWithDocument(
knowledgeBase,
chatModel,
myGuardrail
);
knowledgeBaseRequired
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase
The Bedrock knowledge base for document context.
chatModelRequired
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable
The invokable model for chat functionality.
guardrailOptional
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IGuardrail
Optional Bedrock guardrail for content filtering.
addConfigurationTable
public addConfigurationTable(configurationTable: IConfigurationTable): void
Add configuration table data sources and resolvers to the GraphQL API.
This method adds configuration management functionality including: - Querying configuration settings - Updating configuration parameters - Managing document schemas and extraction parameters
Example
// Add configuration table functionality after API creation
api.addConfigurationTable(myConfigurationTable);
configurationTableRequired
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
addDocumentDiscovery
public addDocumentDiscovery(documentDiscovery: IDocumentDiscovery): void
Add Document Discovery capabilities to the GraphQL API.
This method adds document discovery functionality including automated document analysis and configuration generation capabilities.
documentDiscoveryRequired
- Type: IDocumentDiscovery
The document discovery construct with table, queue, and functions.
addEvaluation
public addEvaluation(evaluationBaselineBucket: IBucket): void
Add evaluation capabilities to the GraphQL API.
This method adds document evaluation functionality, including the ability to copy documents to a baseline bucket for evaluation purposes. It creates the necessary resolvers and data sources for evaluation workflows.
Example
// Add evaluation functionality after API creation
api.addEvaluation(myEvaluationBaselineBucket);
evaluationBaselineBucketRequired
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for storing evaluation baseline documents.
addKnowledgeBase
public addKnowledgeBase(knowledgeBase: IKnowledgeBase, knowledgeBaseModel: IInvokable, knowledgeBaseGuardrail?: IGuardrail): void
Add knowledge base querying capabilities to the GraphQL API.
This method adds natural language querying functionality for processed documents using Amazon Bedrock knowledge base. It creates the necessary resolvers and data sources to enable document querying through the GraphQL API.
Example
// Add knowledge base functionality after API creation
api.addKnowledgeBase(
myKnowledgeBase,
bedrock.BedrockFoundationModel.AMAZON_NOVA_PRO_V1_0,
myGuardrail
);
knowledgeBaseRequired
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase
The Amazon Bedrock knowledge base for document querying.
knowledgeBaseModelRequired
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable
The invokable model to use for knowledge base queries.
knowledgeBaseGuardrailOptional
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IGuardrail
Optional Bedrock guardrail to apply to model interactions.
addStateMachine
public addStateMachine(stateMachine: IStateMachine): void
Add Step Functions resolvers and monitoring for the GraphQL API.
This method adds Step Functions execution monitoring capabilities to the API, including query resolvers, mutation resolvers, and automatic subscription publishing. It can be called after the API has been created to add Step Functions functionality for the specified state machine.
Example
// Add state machine monitoring after API creation
api.addStateMachine(myStateMachine);
stateMachineRequired
- Type: aws-cdk-lib.aws_stepfunctions.IStateMachine
The Step Functions state machine to monitor.
addTrackingTable
public addTrackingTable(trackingTable: ITrackingTable, inputBucket: IBucket, outputBucket: IBucket): void
Add tracking table data sources and resolvers to the GraphQL API.
This method adds all tracking table related functionality including: - Document creation and management - Document status tracking - Document listing and querying - Document metadata management - Document deletion (from tracking table and S3 buckets)
Example
// Add tracking table functionality after API creation
api.addTrackingTable(myTrackingTable, inputBucket, outputBucket);
trackingTableRequired
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
inputBucketRequired
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents are stored.
outputBucketRequired
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents are stored.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromGraphqlApiAttributes |
Import a GraphQL API through this function. |
isConstruct
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
ProcessingEnvironmentApi.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
ProcessingEnvironmentApi.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
ProcessingEnvironmentApi.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromGraphqlApiAttributes
import { ProcessingEnvironmentApi } from '@cdklabs/genai-idp'
ProcessingEnvironmentApi.fromGraphqlApiAttributes(scope: Construct, id: string, attrs: GraphqlApiAttributes)
Import a GraphQL API through this function.
scopeRequired
- Type: constructs.Construct
scope.
idRequired
- Type: string
id.
attrsRequired
- Type: aws-cdk-lib.aws_appsync.GraphqlApiAttributes
GraphQL API Attributes of an API.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
apiId |
string |
an unique AWS AppSync GraphQL API identifier i.e. 'lxz775lwdrgcndgz3nurvac7oa'. |
arn |
string |
the ARN of the API. |
graphQLEndpointArn |
string |
The GraphQL endpoint ARN. |
modes |
aws-cdk-lib.aws_appsync.AuthorizationType[] |
The Authorization Types for this GraphQL Api. |
visibility |
aws-cdk-lib.aws_appsync.Visibility |
the visibility of the API. |
appSyncDomainName |
string |
The AppSyncDomainName of the associated custom domain. |
graphqlUrl |
string |
the URL of the endpoint created by AppSync. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
the CloudWatch Log Group for this API. |
name |
string |
the name of the API. |
schema |
aws-cdk-lib.aws_appsync.ISchema |
the schema attached to this api (only available for GraphQL APIs, not available for merged APIs). |
apiKey |
string |
the configured API key, if present. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
apiIdRequired
public readonly apiId: string;
- Type: string
an unique AWS AppSync GraphQL API identifier i.e. 'lxz775lwdrgcndgz3nurvac7oa'.
arnRequired
public readonly arn: string;
- Type: string
the ARN of the API.
graphQLEndpointArnRequired
public readonly graphQLEndpointArn: string;
- Type: string
The GraphQL endpoint ARN.
modesRequired
public readonly modes: AuthorizationType[];
- Type: aws-cdk-lib.aws_appsync.AuthorizationType[]
The Authorization Types for this GraphQL Api.
visibilityRequired
public readonly visibility: Visibility;
- Type: aws-cdk-lib.aws_appsync.Visibility
the visibility of the API.
appSyncDomainNameRequired
public readonly appSyncDomainName: string;
- Type: string
The AppSyncDomainName of the associated custom domain.
graphqlUrlRequired
public readonly graphqlUrl: string;
- Type: string
the URL of the endpoint created by AppSync.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
the CloudWatch Log Group for this API.
nameRequired
public readonly name: string;
- Type: string
the name of the API.
schemaRequired
public readonly schema: ISchema;
- Type: aws-cdk-lib.aws_appsync.ISchema
the schema attached to this api (only available for GraphQL APIs, not available for merged APIs).
apiKeyOptional
public readonly apiKey: string;
- Type: string
- Default: no api key
the configured API key, if present.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
ReportingEnvironment
- Implements: IReportingEnvironment
A construct that creates the reporting table structure for document processing analytics.
This construct focuses on creating the Glue table schema for evaluation metrics, using provided S3 bucket and Glue database resources. It creates: - Document-level evaluation metrics table - Section-level evaluation metrics table - Attribute-level evaluation metrics table - Metering data table
All tables are properly partitioned for efficient querying with Amazon Athena.
Initializers
import { ReportingEnvironment } from '@cdklabs/genai-idp'
new ReportingEnvironment(scope: Construct, id: string, props: ReportingEnvironmentProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
ReportingEnvironmentProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString
public toString(): string
Returns a string representation of this construct.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { ReportingEnvironment } from '@cdklabs/genai-idp'
ReportingEnvironment.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
attributeEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for attribute-level evaluation metrics. |
documentEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for document-level evaluation metrics. |
meteringTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for metering data. |
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where evaluation metrics and reporting data are stored in Parquet format. |
reportingDatabase |
@aws-cdk/aws-glue-alpha.Database |
The AWS Glue database containing tables for evaluation metrics. |
sectionEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for section-level evaluation metrics. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
attributeEvaluationsTableRequired
public readonly attributeEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for attribute-level evaluation metrics.
Contains detailed evaluation metrics for individual extracted attributes.
documentEvaluationsTableRequired
public readonly documentEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for document-level evaluation metrics.
Contains accuracy, precision, recall, F1 score, and other document-level metrics.
meteringTableRequired
public readonly meteringTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for metering data.
Contains cost and usage metrics for document processing operations.
reportingBucketRequired
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where evaluation metrics and reporting data are stored in Parquet format.
Contains document-level, section-level, and attribute-level evaluation metrics.
reportingDatabaseRequired
public readonly reportingDatabase: Database;
- Type: @aws-cdk/aws-glue-alpha.Database
The AWS Glue database containing tables for evaluation metrics.
Provides a structured catalog for querying evaluation data with Amazon Athena.
sectionEvaluationsTableRequired
public readonly sectionEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for section-level evaluation metrics.
Contains evaluation metrics for individual sections within documents.
SaveReportingDataFunction
- Implements: aws-cdk-lib.aws_lambda.IFunction
A Lambda function that saves document evaluation data to the reporting bucket in Parquet format.
This function is responsible for: - Converting document processing metrics to Parquet format - Saving evaluation data to the reporting bucket with proper partitioning - Supporting document-level, section-level, and attribute-level metrics - Enabling analytics and business intelligence through structured data storage
The function is typically invoked by other Lambda functions (evaluation_function, workflow_tracker) to persist processing metrics and evaluation results for later analysis with Amazon Athena.
Initializers
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
new SaveReportingDataFunction(scope: Construct, id: string, props: SaveReportingDataFunctionProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
SaveReportingDataFunctionProps |
Configuration properties for the function. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
Configuration properties for the function.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addEventSource |
Adds an event source to this function. |
addEventSourceMapping |
Adds an event source that maps to this AWS Lambda function. |
addFunctionUrl |
Adds a url to this lambda function. |
addPermission |
Adds a permission to the Lambda resource policy. |
addToRolePolicy |
Adds a statement to the IAM role assumed by the instance. |
configureAsyncInvoke |
Configures options for asynchronous invocation. |
considerWarningOnInvokeFunctionPermissions |
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function. |
grantInvoke |
Grant the given identity permissions to invoke this Lambda. |
grantInvokeCompositePrincipal |
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal. |
grantInvokeLatestVersion |
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda. |
grantInvokeUrl |
Grant the given identity permissions to invoke this Lambda Function URL. |
grantInvokeVersion |
Grant the given identity permissions to invoke the given version of this Lambda. |
metric |
Return the given named metric for this Function. |
metricDuration |
How long execution of this Lambda takes. |
metricErrors |
How many invocations of this Lambda fail. |
metricInvocations |
How often this Lambda is invoked. |
metricThrottles |
How often this Lambda is throttled. |
addAlias |
Defines an alias for this function. |
addEnvironment |
Adds an environment variable to this Lambda function. |
addLayers |
Adds one or more Lambda Layers to this Lambda function. |
invalidateVersionBasedOn |
Mix additional information into the hash of the Version object. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addEventSource
public addEventSource(source: IEventSource): void
Adds an event source to this function.
Event sources are implemented in the aws-cdk-lib/aws-lambda-event-sources module.
The following example adds an SQS Queue as an event source:
import { SqsEventSource } from 'aws-cdk-lib/aws-lambda-event-sources';
myFunction.addEventSource(new SqsEventSource(myQueue));
sourceRequired
- Type: aws-cdk-lib.aws_lambda.IEventSource
addEventSourceMapping
public addEventSourceMapping(id: string, options: EventSourceMappingOptions): EventSourceMapping
Adds an event source that maps to this AWS Lambda function.
idRequired
- Type: string
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventSourceMappingOptions
addFunctionUrl
public addFunctionUrl(options?: FunctionUrlOptions): FunctionUrl
Adds a url to this lambda function.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.FunctionUrlOptions
addPermission
public addPermission(id: string, permission: Permission): void
Adds a permission to the Lambda resource policy.
idRequired
- Type: string
The id for the permission construct.
permissionRequired
- Type: aws-cdk-lib.aws_lambda.Permission
The permission to grant to this Lambda function.
addToRolePolicy
public addToRolePolicy(statement: PolicyStatement): void
Adds a statement to the IAM role assumed by the instance.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
configureAsyncInvoke
public configureAsyncInvoke(options: EventInvokeConfigOptions): void
Configures options for asynchronous invocation.
optionsRequired
- Type: aws-cdk-lib.aws_lambda.EventInvokeConfigOptions
considerWarningOnInvokeFunctionPermissions
public considerWarningOnInvokeFunctionPermissions(scope: Construct, action: string): void
A warning will be added to functions under the following conditions: - permissions that include lambda:InvokeFunction are added to the unqualified function.
function.currentVersion is invoked before or after the permission is created.
This applies only to permissions on Lambda functions, not versions or aliases. This function is overridden as a noOp for QualifiedFunctionBase.
scopeRequired
- Type: constructs.Construct
actionRequired
- Type: string
grantInvoke
public grantInvoke(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeCompositePrincipal
public grantInvokeCompositePrincipal(compositePrincipal: CompositePrincipal): Grant[]
Grant multiple principals the ability to invoke this Lambda via CompositePrincipal.
compositePrincipalRequired
- Type: aws-cdk-lib.aws_iam.CompositePrincipal
grantInvokeLatestVersion
public grantInvokeLatestVersion(grantee: IGrantable): Grant
Grant the given identity permissions to invoke the $LATEST version or unqualified version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeUrl
public grantInvokeUrl(grantee: IGrantable): Grant
Grant the given identity permissions to invoke this Lambda Function URL.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
grantInvokeVersion
public grantInvokeVersion(grantee: IGrantable, version: IVersion): Grant
Grant the given identity permissions to invoke the given version of this Lambda.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
versionRequired
- Type: aws-cdk-lib.aws_lambda.IVersion
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Function.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricDuration
public metricDuration(props?: MetricOptions): Metric
How long execution of this Lambda takes.
Average over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricErrors
public metricErrors(props?: MetricOptions): Metric
How many invocations of this Lambda fail.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricInvocations
public metricInvocations(props?: MetricOptions): Metric
How often this Lambda is invoked.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottles
public metricThrottles(props?: MetricOptions): Metric
How often this Lambda is throttled.
Sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addAlias
public addAlias(aliasName: string, options?: AliasOptions): Alias
Defines an alias for this function.
The alias will automatically be updated to point to the latest version of the function as it is being updated during a deployment.
declare const fn: lambda.Function;
fn.addAlias('Live');
// Is equivalent to
new lambda.Alias(this, 'AliasLive', {
aliasName: 'Live',
version: fn.currentVersion,
});
aliasNameRequired
- Type: string
The name of the alias.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.AliasOptions
Alias options.
addEnvironment
public addEnvironment(key: string, value: string, options?: EnvironmentOptions): Function
Adds an environment variable to this Lambda function.
If this is a ref to a Lambda function, this operation results in a no-op.
keyRequired
- Type: string
The environment variable key.
valueRequired
- Type: string
The environment variable's value.
optionsOptional
- Type: aws-cdk-lib.aws_lambda.EnvironmentOptions
Environment variable options.
addLayers
public addLayers(layers: ...ILayerVersion[]): void
Adds one or more Lambda Layers to this Lambda function.
layersRequired
- Type: ...aws-cdk-lib.aws_lambda.ILayerVersion[]
the layers to be added.
invalidateVersionBasedOn
public invalidateVersionBasedOn(x: string): void
Mix additional information into the hash of the Version object.
The Lambda Function construct does its best to automatically create a new Version when anything about the Function changes (its code, its layers, any of the other properties).
However, you can sometimes source information from places that the CDK cannot look into, like the deploy-time values of SSM parameters. In those cases, the CDK would not force the creation of a new Version object when it actually should.
This method can be used to invalidate the current Version object. Pass in any string into this method, and make sure the string changes when you know a new Version needs to be created.
This method may be called more than once.
xRequired
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
classifyVersionProperty |
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource. |
fromFunctionArn |
Import a lambda function into the CDK using its ARN. |
fromFunctionAttributes |
Creates a Lambda function object which represents a function not defined within this stack. |
fromFunctionName |
Import a lambda function into the CDK using its name. |
metricAll |
Return the given named metric for this Lambda. |
metricAllConcurrentExecutions |
Metric for the number of concurrent executions across all Lambdas. |
metricAllDuration |
Metric for the Duration executing all Lambdas. |
metricAllErrors |
Metric for the number of Errors executing all Lambdas. |
metricAllInvocations |
Metric for the number of invocations of all Lambdas. |
metricAllThrottles |
Metric for the number of throttled invocations of all Lambdas. |
metricAllUnreservedConcurrentExecutions |
Metric for the number of unreserved concurrent executions across all Lambdas. |
isConstruct
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
classifyVersionProperty
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.classifyVersionProperty(propertyName: string, locked: boolean)
Record whether specific properties in the AWS::Lambda::Function resource should also be associated to the Version resource.
See 'currentVersion' section in the module README for more details.
propertyNameRequired
- Type: string
The property to classify.
lockedRequired
- Type: boolean
whether the property should be associated to the version or not.
fromFunctionArn
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.fromFunctionArn(scope: Construct, id: string, functionArn: string)
Import a lambda function into the CDK using its ARN.
For Function.addPermissions() to work on this imported lambda, make sure that is
in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionArnRequired
- Type: string
fromFunctionAttributes
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.fromFunctionAttributes(scope: Construct, id: string, attrs: FunctionAttributes)
Creates a Lambda function object which represents a function not defined within this stack.
For Function.addPermissions() to work on this imported lambda, set the sameEnvironment property to true
if this imported lambda is in the same account and region as the stack you are importing it into.
scopeRequired
- Type: constructs.Construct
The parent construct.
idRequired
- Type: string
The name of the lambda construct.
attrsRequired
- Type: aws-cdk-lib.aws_lambda.FunctionAttributes
the attributes of the function to import.
fromFunctionName
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.fromFunctionName(scope: Construct, id: string, functionName: string)
Import a lambda function into the CDK using its name.
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
functionNameRequired
- Type: string
metricAll
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAll(metricName: string, props?: MetricOptions)
Return the given named metric for this Lambda.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllConcurrentExecutions
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllConcurrentExecutions(props?: MetricOptions)
Metric for the number of concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllDuration
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllDuration(props?: MetricOptions)
Metric for the Duration executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllErrors
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllErrors(props?: MetricOptions)
Metric for the number of Errors executing all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllInvocations
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllInvocations(props?: MetricOptions)
Metric for the number of invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllThrottles
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllThrottles(props?: MetricOptions)
Metric for the number of throttled invocations of all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricAllUnreservedConcurrentExecutions
import { SaveReportingDataFunction } from '@cdklabs/genai-idp'
SaveReportingDataFunction.metricAllUnreservedConcurrentExecutions(props?: MetricOptions)
Metric for the number of unreserved concurrent executions across all Lambdas.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64). |
connections |
aws-cdk-lib.aws_ec2.Connections |
Access the Connections object. |
functionArn |
string |
ARN of this function. |
functionName |
string |
Name of this function. |
functionRef |
aws-cdk-lib.interfaces.aws_lambda.FunctionReference |
A reference to a Function resource. |
grantPrincipal |
aws-cdk-lib.aws_iam.IPrincipal |
The principal this Lambda Function is running as. |
isBoundToVpc |
boolean |
Whether or not this Lambda function was bound to a VPC. |
latestVersion |
aws-cdk-lib.aws_lambda.IVersion |
The $LATEST version of this function. |
permissionsNode |
constructs.Node |
The construct node where permissions are attached. |
resourceArnsForGrantInvoke |
string[] |
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke(). |
role |
aws-cdk-lib.aws_iam.IRole |
Execution role associated with this function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for this function. |
currentVersion |
aws-cdk-lib.aws_lambda.Version |
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The LogGroup where the Lambda function's logs are made available. |
runtime |
aws-cdk-lib.aws_lambda.Runtime |
The runtime configured for this lambda. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute). |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute). |
timeout |
aws-cdk-lib.Duration |
The timeout configured for this lambda. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
architectureRequired
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
The architecture of this Lambda Function (this is an optional attribute and defaults to X86_64).
connectionsRequired
public readonly connections: Connections;
- Type: aws-cdk-lib.aws_ec2.Connections
Access the Connections object.
Will fail if not a VPC-enabled Lambda Function
functionArnRequired
public readonly functionArn: string;
- Type: string
ARN of this function.
functionNameRequired
public readonly functionName: string;
- Type: string
Name of this function.
functionRefRequired
public readonly functionRef: FunctionReference;
- Type: aws-cdk-lib.interfaces.aws_lambda.FunctionReference
A reference to a Function resource.
grantPrincipalRequired
public readonly grantPrincipal: IPrincipal;
- Type: aws-cdk-lib.aws_iam.IPrincipal
The principal this Lambda Function is running as.
isBoundToVpcRequired
public readonly isBoundToVpc: boolean;
- Type: boolean
Whether or not this Lambda function was bound to a VPC.
If this is is false, trying to access the connections object will fail.
latestVersionRequired
public readonly latestVersion: IVersion;
- Type: aws-cdk-lib.aws_lambda.IVersion
The $LATEST version of this function.
Note that this is reference to a non-specific AWS Lambda version, which means the function this version refers to can return different results in different invocations.
To obtain a reference to an explicit version which references the current
function configuration, use lambdaFunction.currentVersion instead.
permissionsNodeRequired
public readonly permissionsNode: Node;
- Type: constructs.Node
The construct node where permissions are attached.
resourceArnsForGrantInvokeRequired
public readonly resourceArnsForGrantInvoke: string[];
- Type: string[]
The ARN(s) to put into the resource field of the generated IAM policy for grantInvoke().
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
Execution role associated with this function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
The tenancy configuration for this function.
currentVersionRequired
public readonly currentVersion: Version;
- Type: aws-cdk-lib.aws_lambda.Version
Returns a lambda.Version which represents the current version of this Lambda function. A new version will be created every time the function's configuration changes.
You can specify options for this version using the currentVersionOptions
prop when initializing the lambda.Function.
logGroupRequired
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
The LogGroup where the Lambda function's logs are made available.
If either logRetention is set or this property is called, a CloudFormation custom resource is added to the stack that
pre-creates the log group as part of the stack deployment, if it already doesn't exist, and sets the correct log retention
period (never expire, by default).
Further, if the log group already exists and the logRetention is not set, the custom resource will reset the log retention
to never expire even if it was configured with a different value.
runtimeRequired
public readonly runtime: Runtime;
- Type: aws-cdk-lib.aws_lambda.Runtime
The runtime configured for this lambda.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The DLQ (as queue) associated with this Lambda Function (this is an optional attribute).
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
The DLQ (as topic) associated with this Lambda Function (this is an optional attribute).
timeoutOptional
public readonly timeout: Duration;
- Type: aws-cdk-lib.Duration
The timeout configured for this lambda.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
TrackingTable
- Implements: ITrackingTable
A DynamoDB table for tracking document processing status and results.
This table uses a composite key (PK, SK) to efficiently store and query information about documents being processed, including their current status, processing history, and extraction results. The table design supports various access patterns needed for monitoring and reporting on document processing activities.
Initializers
import { TrackingTable } from '@cdklabs/genai-idp'
new TrackingTable(scope: Construct, id: string, props?: FixedKeyTableProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
FixedKeyTableProps |
Configuration properties for the DynamoDB table. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsOptional
- Type: FixedKeyTableProps
Configuration properties for the DynamoDB table.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
addToResourcePolicy |
Adds a statement to the resource policy associated with this table. |
grant |
Adds an IAM policy statement associated with this table to an IAM principal's policy. |
grantFullAccess |
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal. |
grantOnKey |
Gives permissions to a grantable entity to perform actions on the encryption key. |
grantReadData |
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable. |
grantReadWriteData |
Permits an IAM principal to all data read/write operations to this table. |
grantStream |
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy. |
grantStreamRead |
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams. |
grantTableListStreams |
Permits an IAM Principal to list streams attached to current dynamodb table. |
grantWriteData |
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable. |
metric |
Return the given named metric for this Table. |
metricConditionalCheckFailedRequests |
Metric for the conditional check failed requests this table. |
metricConsumedReadCapacityUnits |
Metric for the consumed read capacity units this table. |
metricConsumedWriteCapacityUnits |
Metric for the consumed write capacity units this table. |
metricSuccessfulRequestLatency |
Metric for the successful request latency this table. |
metricSystemErrors |
Metric for the system errors this table. |
metricSystemErrorsForOperations |
Metric for the system errors this table. |
metricThrottledRequests |
How many requests are throttled on this table. |
metricThrottledRequestsForOperation |
How many requests are throttled on this table, for the given operation. |
metricThrottledRequestsForOperations |
How many requests are throttled on this table. |
metricUserErrors |
Metric for the user errors. |
addGlobalSecondaryIndex |
Add a global secondary index of table. |
addLocalSecondaryIndex |
Add a local secondary index of table. |
autoScaleGlobalSecondaryIndexReadCapacity |
Enable read capacity scaling for the given GSI. |
autoScaleGlobalSecondaryIndexWriteCapacity |
Enable write capacity scaling for the given GSI. |
autoScaleReadCapacity |
Enable read capacity scaling for this table. |
autoScaleWriteCapacity |
Enable write capacity scaling for this table. |
schema |
Get schema attributes of table or index. |
schemaV2 |
Get schema attributes of table or index. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
addToResourcePolicy
public addToResourcePolicy(statement: PolicyStatement): AddToResourcePolicyResult
Adds a statement to the resource policy associated with this table.
A resource policy will be automatically created upon the first call to addToResourcePolicy.
Note that this does not work with imported tables.
statementRequired
- Type: aws-cdk-lib.aws_iam.PolicyStatement
The policy statement to add.
grant
public grant(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:PutItem", "dynamodb:GetItem", ...).
grantFullAccess
public grantFullAccess(grantee: IGrantable): Grant
Permits all DynamoDB operations ("dynamodb:*") to an IAM principal.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantOnKey
public grantOnKey(grantee: IGrantable, actions: ...string[]): GrantOnKeyResult
Gives permissions to a grantable entity to perform actions on the encryption key.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
actionsRequired
- Type: ...string[]
grantReadData
public grantReadData(grantee: IGrantable): Grant
Permits an IAM principal all data read operations from this table: BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantReadWriteData
public grantReadWriteData(grantee: IGrantable): Grant
Permits an IAM principal to all data read/write operations to this table.
BatchGetItem, GetRecords, GetShardIterator, Query, GetItem, Scan, BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantStream
public grantStream(grantee: IGrantable, actions: ...string[]): Grant
Adds an IAM policy statement associated with this table's stream to an IAM principal's policy.
If encryptionKey is present, appropriate grants to the key needs to be added
separately using the table.encryptionKey.grant* methods.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
actionsRequired
- Type: ...string[]
The set of actions to allow (i.e. "dynamodb:DescribeStream", "dynamodb:GetRecords", ...).
grantStreamRead
public grantStreamRead(grantee: IGrantable): Grant
Permits an IAM principal all stream data read operations for this table's stream: DescribeStream, GetRecords, GetShardIterator, ListStreams.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
grantTableListStreams
public grantTableListStreams(grantee: IGrantable): Grant
Permits an IAM Principal to list streams attached to current dynamodb table.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal (no-op if undefined).
grantWriteData
public grantWriteData(grantee: IGrantable): Grant
Permits an IAM principal all data write operations to this table: BatchWriteItem, PutItem, UpdateItem, DeleteItem, DescribeTable.
Appropriate grants will also be added to the customer-managed KMS key if one was configured.
granteeRequired
- Type: aws-cdk-lib.aws_iam.IGrantable
The principal to grant access to.
metric
public metric(metricName: string, props?: MetricOptions): Metric
Return the given named metric for this Table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
metricNameRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConditionalCheckFailedRequests
public metricConditionalCheckFailedRequests(props?: MetricOptions): Metric
Metric for the conditional check failed requests this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedReadCapacityUnits
public metricConsumedReadCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed read capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricConsumedWriteCapacityUnits
public metricConsumedWriteCapacityUnits(props?: MetricOptions): Metric
Metric for the consumed write capacity units this table.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSuccessfulRequestLatency
public metricSuccessfulRequestLatency(props?: MetricOptions): Metric
Metric for the successful request latency this table.
By default, the metric will be calculated as an average over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
~~metricSystemErrors~~
public metricSystemErrors(props?: MetricOptions): Metric
Metric for the system errors this table.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricSystemErrorsForOperations
public metricSystemErrorsForOperations(props?: SystemErrorsForOperationsMetricOptions): IMetric
Metric for the system errors this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.SystemErrorsForOperationsMetricOptions
~~metricThrottledRequests~~
public metricThrottledRequests(props?: MetricOptions): Metric
How many requests are throttled on this table.
Default: sum over 5 minutes
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperation
public metricThrottledRequestsForOperation(operation: string, props?: MetricOptions): Metric
How many requests are throttled on this table, for the given operation.
Default: sum over 5 minutes
operationRequired
- Type: string
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
metricThrottledRequestsForOperations
public metricThrottledRequestsForOperations(props?: OperationsMetricOptions): IMetric
How many requests are throttled on this table.
This will sum errors across all possible operations.
Note that by default, each individual metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_dynamodb.OperationsMetricOptions
metricUserErrors
public metricUserErrors(props?: MetricOptions): Metric
Metric for the user errors.
Note that this metric reports user errors across all the tables in the account and region the table resides in.
By default, the metric will be calculated as a sum over a period of 5 minutes.
You can customize this by using the statistic and period properties.
propsOptional
- Type: aws-cdk-lib.aws_cloudwatch.MetricOptions
addGlobalSecondaryIndex
public addGlobalSecondaryIndex(props: GlobalSecondaryIndexProps): void
Add a global secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.GlobalSecondaryIndexProps
the property of global secondary index.
addLocalSecondaryIndex
public addLocalSecondaryIndex(props: LocalSecondaryIndexProps): void
Add a local secondary index of table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.LocalSecondaryIndexProps
the property of local secondary index.
autoScaleGlobalSecondaryIndexReadCapacity
public autoScaleGlobalSecondaryIndexReadCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleGlobalSecondaryIndexWriteCapacity
public autoScaleGlobalSecondaryIndexWriteCapacity(indexName: string, props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for the given GSI.
indexNameRequired
- Type: string
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleReadCapacity
public autoScaleReadCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable read capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
autoScaleWriteCapacity
public autoScaleWriteCapacity(props: EnableScalingProps): IScalableTableAttribute
Enable write capacity scaling for this table.
propsRequired
- Type: aws-cdk-lib.aws_dynamodb.EnableScalingProps
~~schema~~
public schema(indexName?: string): SchemaOptions
Get schema attributes of table or index.
indexNameOptional
- Type: string
schemaV2
public schemaV2(indexName?: string): KeySchema
Get schema attributes of table or index.
indexNameOptional
- Type: string
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
fromTableArn |
Creates a Table construct that represents an external table via table arn. |
fromTableAttributes |
Creates a Table construct that represents an external table. |
fromTableName |
Creates a Table construct that represents an external table via table name. |
isConstruct
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
fromTableArn
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.fromTableArn(scope: Construct, id: string, tableArn: string)
Creates a Table construct that represents an external table via table arn.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableArnRequired
- Type: string
The table's ARN.
fromTableAttributes
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.fromTableAttributes(scope: Construct, id: string, attrs: TableAttributes)
Creates a Table construct that represents an external table.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
attrsRequired
- Type: aws-cdk-lib.aws_dynamodb.TableAttributes
A TableAttributes object.
fromTableName
import { TrackingTable } from '@cdklabs/genai-idp'
TrackingTable.fromTableName(scope: Construct, id: string, tableName: string)
Creates a Table construct that represents an external table via table name.
scopeRequired
- Type: constructs.Construct
The parent creating construct (usually this).
idRequired
- Type: string
The construct's name.
tableNameRequired
- Type: string
The table's name.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
grants |
aws-cdk-lib.aws_dynamodb.TableGrants |
Grant a predefined set of permissions on this Table. |
streamGrants |
aws-cdk-lib.aws_dynamodb.StreamGrants |
Grant a predefined set of permissions on this Table's Stream, if present. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
tableRef |
aws-cdk-lib.interfaces.aws_dynamodb.TableReference |
A reference to a Table resource. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
KMS encryption key, if this table uses a customer-managed encryption key. |
regions |
string[] |
Additional regions other than the main one that this table is replicated to. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to DynamoDB Table. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
grantsRequired
public readonly grants: TableGrants;
- Type: aws-cdk-lib.aws_dynamodb.TableGrants
Grant a predefined set of permissions on this Table.
streamGrantsRequired
public readonly streamGrants: StreamGrants;
- Type: aws-cdk-lib.aws_dynamodb.StreamGrants
Grant a predefined set of permissions on this Table's Stream, if present.
Will throw if the Table has not been configured for streaming.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
tableRefRequired
public readonly tableRef: TableReference;
- Type: aws-cdk-lib.interfaces.aws_dynamodb.TableReference
A reference to a Table resource.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
KMS encryption key, if this table uses a customer-managed encryption key.
regionsOptional
public readonly regions: string[];
- Type: string[]
Additional regions other than the main one that this table is replicated to.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statements are added to the created table.
Resource policy to assign to DynamoDB Table.
Constants
| Name | Type | Description |
|---|---|---|
PROPERTY_INJECTION_ID |
string |
Uniquely identifies this class. |
PROPERTY_INJECTION_IDRequired
public readonly PROPERTY_INJECTION_ID: string;
- Type: string
Uniquely identifies this class.
UserIdentity
- Implements: IUserIdentity
A construct that manages user authentication and authorization. Provides Cognito resources for user management and secure access to AWS resources.
This construct creates and configures: - A Cognito User Pool for user registration and authentication - A User Pool Client for the web application to interact with Cognito - An Identity Pool that provides temporary AWS credentials to authenticated users
The UserIdentity construct enables secure access to the document processing solution, ensuring that only authorized users can upload documents, view results, and perform administrative actions.
Initializers
import { UserIdentity } from '@cdklabs/genai-idp'
new UserIdentity(scope: Construct, id: string, props?: UserIdentityProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
UserIdentityProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsOptional
- Type: UserIdentityProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString
public toString(): string
Returns a string representation of this construct.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { UserIdentity } from '@cdklabs/genai-idp'
UserIdentity.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
identityPool |
aws-cdk-lib.aws_cognito_identitypool.IdentityPool |
The Cognito Identity Pool that provides temporary AWS credentials. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
The Cognito UserPool that stores user identities and credentials. |
userPoolClient |
aws-cdk-lib.aws_cognito.IUserPoolClient |
The Cognito UserPool Client used by the web application for OAuth flows. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
identityPoolRequired
public readonly identityPool: IdentityPool;
- Type: aws-cdk-lib.aws_cognito_identitypool.IdentityPool
The Cognito Identity Pool that provides temporary AWS credentials.
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
The Cognito UserPool that stores user identities and credentials.
userPoolClientRequired
public readonly userPoolClient: IUserPoolClient;
- Type: aws-cdk-lib.aws_cognito.IUserPoolClient
The Cognito UserPool Client used by the web application for OAuth flows.
WebApplication
- Implements: IWebApplication
Initializers
import { WebApplication } from '@cdklabs/genai-idp'
new WebApplication(scope: Construct, id: string, props: WebApplicationProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
No description. |
id |
string |
No description. |
props |
WebApplicationProps |
No description. |
scopeRequired
- Type: constructs.Construct
idRequired
- Type: string
propsRequired
- Type: WebApplicationProps
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
toString
public toString(): string
Returns a string representation of this construct.
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isConstruct
import { WebApplication } from '@cdklabs/genai-idp'
WebApplication.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
bucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where the web application assets are deployed. |
distribution |
aws-cdk-lib.aws_cloudfront.IDistribution |
The CloudFront distribution that serves the web application. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
bucketRequired
public readonly bucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where the web application assets are deployed.
Contains the static files for the web UI including HTML, CSS, and JavaScript.
distributionRequired
public readonly distribution: IDistribution;
- Type: aws-cdk-lib.aws_cloudfront.IDistribution
The CloudFront distribution that serves the web application.
Provides global content delivery with low latency and high performance.
Workteam
- Implements: IWorkteam
A construct that creates a SageMaker workteam for Human-in-the-Loop (HITL) workflows.
This construct sets up a private workteam that can be used with Amazon A2I (Augmented AI) for human review tasks. The workteam is integrated with Cognito for authentication and user management.
Initializers
import { Workteam } from '@cdklabs/genai-idp'
new Workteam(scope: Construct, id: string, props: WorkteamProps)
| Name | Type | Description |
|---|---|---|
scope |
constructs.Construct |
The construct scope. |
id |
string |
The construct ID. |
props |
WorkteamProps |
Configuration properties for the workteam. |
scopeRequired
- Type: constructs.Construct
The construct scope.
idRequired
- Type: string
The construct ID.
propsRequired
- Type: WorkteamProps
Configuration properties for the workteam.
Methods
| Name | Description |
|---|---|
toString |
Returns a string representation of this construct. |
applyRemovalPolicy |
Apply the given removal policy to this resource. |
toString
public toString(): string
Returns a string representation of this construct.
applyRemovalPolicy
public applyRemovalPolicy(policy: RemovalPolicy): void
Apply the given removal policy to this resource.
The Removal Policy controls what happens to this resource when it stops being managed by CloudFormation, either because you've removed it from the CDK application or because you've made a change that requires the resource to be replaced.
The resource can be deleted (RemovalPolicy.DESTROY), or left in your AWS
account for data recovery and cleanup later (RemovalPolicy.RETAIN).
policyRequired
- Type: aws-cdk-lib.RemovalPolicy
Static Functions
| Name | Description |
|---|---|
isConstruct |
Checks if x is a construct. |
isOwnedResource |
Returns true if the construct was created by CDK, and false otherwise. |
isResource |
Check whether the given construct is a Resource. |
isConstruct
import { Workteam } from '@cdklabs/genai-idp'
Workteam.isConstruct(x: any)
Checks if x is a construct.
Use this method instead of instanceof to properly detect Construct
instances, even when the construct library is symlinked.
Explanation: in JavaScript, multiple copies of the constructs library on
disk are seen as independent, completely different libraries. As a
consequence, the class Construct in each copy of the constructs library
is seen as a different class, and an instance of one class will not test as
instanceof the other class. npm install will not create installations
like this, but users may manually symlink construct libraries together or
use a monorepo tool: in those cases, multiple copies of the constructs
library can be accidentally installed, and instanceof will behave
unpredictably. It is safest to avoid using instanceof, and using
this type-testing method instead.
xRequired
- Type: any
Any object.
isOwnedResource
import { Workteam } from '@cdklabs/genai-idp'
Workteam.isOwnedResource(construct: IConstruct)
Returns true if the construct was created by CDK, and false otherwise.
constructRequired
- Type: constructs.IConstruct
isResource
import { Workteam } from '@cdklabs/genai-idp'
Workteam.isResource(construct: IConstruct)
Check whether the given construct is a Resource.
constructRequired
- Type: constructs.IConstruct
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
workteamArn |
string |
The ARN of the SageMaker workteam. |
workteamName |
string |
The name of the SageMaker workteam. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
workteamArnRequired
public readonly workteamArn: string;
- Type: string
The ARN of the SageMaker workteam.
workteamNameRequired
public readonly workteamName: string;
- Type: string
The name of the SageMaker workteam.
Structs
AgentAnalyticsProps
Properties for configuring Agent Analytics.
Initializer
import { AgentAnalyticsProps } from '@cdklabs/genai-idp'
const agentAnalyticsProps: AgentAnalyticsProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
appSyncApiUrl |
string |
AppSync GraphQL API URL for publishing updates. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
metricNamespace |
string |
The namespace for CloudWatch metrics. |
model |
@cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable |
The foundation model or inference profile to use for document analysis agent. |
reportingEnvironment |
IReportingEnvironment |
Athena database for analytics queries. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
dataRetentionDays |
number |
Data retention period in days. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key for encryption. |
externalMcpAgentsSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Optional Secrets Manager secret for external MCP agents. |
guardrail |
@cdklabs/generative-ai-cdk-constructs.bedrock.IGuardrail |
Optional Bedrock guardrail for content filtering. |
logLevel |
LogLevel |
Log level for agent analytics functions. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
Log retention period. |
appSyncApiUrlRequired
public readonly appSyncApiUrl: string;
- Type: string
AppSync GraphQL API URL for publishing updates.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Used by analytics agents to access document schemas and processing parameters.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics.
modelRequired
public readonly model: IInvokable;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable
- Default: No model specified, must be provided
The foundation model or inference profile to use for document analysis agent.
reportingEnvironmentRequired
public readonly reportingEnvironment: IReportingEnvironment;
- Type: IReportingEnvironment
Athena database for analytics queries.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Used by analytics agents to query processed document data.
dataRetentionDaysOptional
public readonly dataRetentionDays: number;
- Type: number
- Default: 365
Data retention period in days.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key for encryption.
externalMcpAgentsSecretOptional
public readonly externalMcpAgentsSecret: ISecret;
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
- Default: No external MCP agents configured
Optional Secrets Manager secret for external MCP agents.
guardrailOptional
public readonly guardrail: IGuardrail;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IGuardrail
Optional Bedrock guardrail for content filtering.
When provided, enables guardrail permissions for analytics agents.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
Log level for agent analytics functions.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.ONE_WEEK
Log retention period.
AgentProcessorFunctionProps
Properties for the Agent Processor function.
Initializer
import { AgentProcessorFunctionProps } from '@cdklabs/genai-idp'
const agentProcessorFunctionProps: AgentProcessorFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
agentTable |
aws-cdk-lib.aws_dynamodb.ITable |
The DynamoDB table for agent job tracking. |
appSyncApiUrl |
string |
AppSync GraphQL API URL for publishing updates. |
athenaBucket |
aws-cdk-lib.aws_s3.IBucket |
S3 bucket for Athena query results. |
athenaDatabase |
@aws-cdk/aws-glue-alpha.IDatabase |
Athena database for analytics queries. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
metricNamespace |
string |
The namespace for CloudWatch metrics. |
model |
@cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable |
The foundation model or inference profile to use for document analysis agent. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encryption. |
externalMcpAgentsSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Optional Secrets Manager secret for external MCP agents. |
guardrail |
@cdklabs/generative-ai-cdk-constructs.bedrock.IGuardrail |
Optional Bedrock guardrail for content filtering. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
agentTableRequired
public readonly agentTable: ITable;
- Type: aws-cdk-lib.aws_dynamodb.ITable
The DynamoDB table for agent job tracking.
appSyncApiUrlRequired
public readonly appSyncApiUrl: string;
- Type: string
AppSync GraphQL API URL for publishing updates.
athenaBucketRequired
public readonly athenaBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
S3 bucket for Athena query results.
athenaDatabaseRequired
public readonly athenaDatabase: IDatabase;
- Type: @aws-cdk/aws-glue-alpha.IDatabase
Athena database for analytics queries.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Used to access document schemas and processing parameters.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics.
modelRequired
public readonly model: IInvokable;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable
The foundation model or inference profile to use for document analysis agent.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key used for encryption.
externalMcpAgentsSecretOptional
public readonly externalMcpAgentsSecret: ISecret;
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
Optional Secrets Manager secret for external MCP agents.
guardrailOptional
public readonly guardrail: IGuardrail;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IGuardrail
Optional Bedrock guardrail for content filtering.
When provided, enables guardrail permissions for the agent processor.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
AgentRequestHandlerFunctionProps
Properties for the Agent Request Handler function.
Initializer
import { AgentRequestHandlerFunctionProps } from '@cdklabs/genai-idp'
const agentRequestHandlerFunctionProps: AgentRequestHandlerFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
agentProcessorFunction |
aws-cdk-lib.aws_lambda.IFunction |
The agent processor function to invoke for processing queries. |
agentTable |
aws-cdk-lib.aws_dynamodb.ITable |
The DynamoDB table for agent job tracking. |
metricNamespace |
string |
The namespace for CloudWatch metrics. |
dataRetentionDays |
number |
Data retention period in days. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encryption. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
agentProcessorFunctionRequired
public readonly agentProcessorFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The agent processor function to invoke for processing queries.
agentTableRequired
public readonly agentTable: ITable;
- Type: aws-cdk-lib.aws_dynamodb.ITable
The DynamoDB table for agent job tracking.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics.
dataRetentionDaysOptional
public readonly dataRetentionDays: number;
- Type: number
- Default: 30
Data retention period in days.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key used for encryption.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
CognitoUpdaterHitlFunctionProps
Properties for configuring the CognitoUpdaterHitlFunction.
Initializer
import { CognitoUpdaterHitlFunctionProps } from '@cdklabs/genai-idp'
const cognitoUpdaterHitlFunctionProps: CognitoUpdaterHitlFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
The Cognito User Pool to update. |
userPoolClient |
aws-cdk-lib.aws_cognito.IUserPoolClient |
The Cognito User Pool Client for A2I integration. |
workteamName |
string |
The name of the SageMaker workteam. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
The Cognito User Pool to update.
userPoolClientRequired
public readonly userPoolClient: IUserPoolClient;
- Type: aws-cdk-lib.aws_cognito.IUserPoolClient
The Cognito User Pool Client for A2I integration.
workteamNameRequired
public readonly workteamName: string;
- Type: string
The name of the SageMaker workteam.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting function resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
ConfigurationDefinitionProps
Properties for creating a configuration definition.
Initializer
import { ConfigurationDefinitionProps } from '@cdklabs/genai-idp'
const configurationDefinitionProps: ConfigurationDefinitionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
configurationObject |
{[ key: string ]: any} |
The configuration object to use. |
transforms |
IConfigurationDefinitionPropertyTransform[] |
Optional transformations to apply to specific properties. |
configurationObjectRequired
public readonly configurationObject: {[ key: string ]: any};
- Type: {[ key: string ]: any}
The configuration object to use.
Contains all settings for the document processing pipeline.
transformsOptional
public readonly transforms: IConfigurationDefinitionPropertyTransform[];
Optional transformations to apply to specific properties.
Used to modify configuration values during initialization.
CreateA2IResourcesFunctionProps
Properties for configuring the CreateA2IResourcesFunction.
Initializer
import { CreateA2IResourcesFunctionProps } from '@cdklabs/genai-idp'
const createA2IResourcesFunctionProps: CreateA2IResourcesFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
flowDefinitionRoleArn |
string |
The ARN of the IAM role for A2I Flow Definition. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for BDA output storage. |
workteamArn |
string |
The ARN of the SageMaker workteam for A2I tasks. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
flowDefinitionRoleArnRequired
public readonly flowDefinitionRoleArn: string;
- Type: string
The ARN of the IAM role for A2I Flow Definition.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for BDA output storage.
workteamArnRequired
public readonly workteamArn: string;
- Type: string
The ARN of the SageMaker workteam for A2I tasks.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting function resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
CustomPromptGeneratorFunctionProps
Properties for the Custom Prompt Generator function.
This function provides custom business logic injection for document processing workflows in Patterns 2 and 3, enabling dynamic prompt customization based on document content, business rules, or external system integrations.
Initializer
import { CustomPromptGeneratorFunctionProps } from '@cdklabs/genai-idp'
const customPromptGeneratorFunctionProps: CustomPromptGeneratorFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
configurationTable |
IConfigurationTable |
The DynamoDB table containing configuration data. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where source documents are stored. |
metricNamespace |
string |
The namespace for CloudWatch metrics emitted by the function. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents are stored. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
workingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for temporary working files during processing. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encryption. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table containing configuration data.
Used to load customer-specific configurations and business rules.
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents are stored.
Used to access document content for prompt customization.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics emitted by the function.
Used to organize and identify metrics related to custom prompt generation.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents are stored.
Used to store customized prompts and processing artifacts.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Used to access document context and processing history.
workingBucketRequired
public readonly workingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for temporary working files during processing.
Used for intermediate prompt generation artifacts.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key used for encryption.
Applied to all encrypted resources and operations.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
Controls the verbosity of logs generated during prompt customization.
CustomPromptGeneratorProps
Properties for configuring a custom prompt generator.
Initializer
import { CustomPromptGeneratorProps } from '@cdklabs/genai-idp'
const customPromptGeneratorProps: CustomPromptGeneratorProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
environment |
IProcessingEnvironment |
The processing environment that provides shared infrastructure and services. |
environmentRequired
public readonly environment: IProcessingEnvironment;
- Type: IProcessingEnvironment
The processing environment that provides shared infrastructure and services.
DiscoveryProcessorFunctionProps
Properties for configuring the DiscoveryProcessorFunction.
Initializer
import { DiscoveryProcessorFunctionProps } from '@cdklabs/genai-idp'
const discoveryProcessorFunctionProps: DiscoveryProcessorFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
configurationTable |
IConfigurationTable |
The configuration table for storing discovery results. |
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for discovery document uploads. |
discoveryQueue |
aws-cdk-lib.aws_sqs.IQueue |
The discovery processing queue. |
discoveryTable |
IDiscoveryTable |
The discovery tracking table. |
api |
IProcessingEnvironmentApi |
Optional ProcessingEnvironmentApi for progress notifications. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The configuration table for storing discovery results.
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for discovery document uploads.
discoveryQueueRequired
public readonly discoveryQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The discovery processing queue.
discoveryTableRequired
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
The discovery tracking table.
apiOptional
public readonly api: IProcessingEnvironmentApi;
Optional ProcessingEnvironmentApi for progress notifications.
When provided, the function will use GraphQL mutations to update document status.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting function resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for the function.
DiscoveryQueueProps
Properties for configuring the DiscoveryQueue construct.
Initializer
import { DiscoveryQueueProps } from '@cdklabs/genai-idp'
const discoveryQueueProps: DiscoveryQueueProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
contentBasedDeduplication |
boolean |
Specifies whether to enable content-based deduplication. |
dataKeyReuse |
aws-cdk-lib.Duration |
The length of time that Amazon SQS reuses a data key before calling KMS again. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.DeadLetterQueue |
Send messages to this queue if they were unsuccessfully dequeued a number of times. |
deduplicationScope |
aws-cdk-lib.aws_sqs.DeduplicationScope |
For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level. |
deliveryDelay |
aws-cdk-lib.Duration |
The time in seconds that the delivery of all messages in the queue is delayed. |
encryption |
aws-cdk-lib.aws_sqs.QueueEncryption |
Whether the contents of the queue are encrypted, and by what type of key. |
encryptionMasterKey |
aws-cdk-lib.aws_kms.IKey |
External KMS key to use for queue encryption. |
enforceSSL |
boolean |
Enforce encryption of data in transit. |
fifo |
boolean |
Whether this a first-in-first-out (FIFO) queue. |
fifoThroughputLimit |
aws-cdk-lib.aws_sqs.FifoThroughputLimit |
For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group. |
maxMessageSizeBytes |
number |
The limit of how many bytes that a message can contain before Amazon SQS rejects it. |
queueName |
string |
A name for the queue. |
receiveMessageWaitTime |
aws-cdk-lib.Duration |
Default wait time for ReceiveMessage calls. |
redriveAllowPolicy |
aws-cdk-lib.aws_sqs.RedriveAllowPolicy |
The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues. |
removalPolicy |
aws-cdk-lib.RemovalPolicy |
Policy to apply when the queue is removed from the stack. |
retentionPeriod |
aws-cdk-lib.Duration |
The number of seconds that Amazon SQS retains a message. |
visibilityTimeout |
aws-cdk-lib.Duration |
Timeout of processing a single message. |
contentBasedDeduplicationOptional
public readonly contentBasedDeduplication: boolean;
- Type: boolean
- Default: false
Specifies whether to enable content-based deduplication.
During the deduplication interval (5 minutes), Amazon SQS treats messages that are sent with identical content (excluding attributes) as duplicates and delivers only one copy of the message.
If you don't enable content-based deduplication and you want to deduplicate messages, provide an explicit deduplication ID in your SendMessage() call.
(Only applies to FIFO queues.)
dataKeyReuseOptional
public readonly dataKeyReuse: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.minutes(5)
The length of time that Amazon SQS reuses a data key before calling KMS again.
The value must be an integer between 60 (1 minute) and 86,400 (24 hours). The default is 300 (5 minutes).
deadLetterQueueOptional
public readonly deadLetterQueue: DeadLetterQueue;
- Type: aws-cdk-lib.aws_sqs.DeadLetterQueue
- Default: no dead-letter queue
Send messages to this queue if they were unsuccessfully dequeued a number of times.
deduplicationScopeOptional
public readonly deduplicationScope: DeduplicationScope;
- Type: aws-cdk-lib.aws_sqs.DeduplicationScope
- Default: DeduplicationScope.QUEUE
For high throughput for FIFO queues, specifies whether message deduplication occurs at the message group or queue level.
(Only applies to FIFO queues.)
deliveryDelayOptional
public readonly deliveryDelay: Duration;
- Type: aws-cdk-lib.Duration
- Default: 0
The time in seconds that the delivery of all messages in the queue is delayed.
You can specify an integer value of 0 to 900 (15 minutes). The default value is 0.
encryptionOptional
public readonly encryption: QueueEncryption;
- Type: aws-cdk-lib.aws_sqs.QueueEncryption
- Default: SQS_MANAGED (SSE-SQS) for newly created queues
Whether the contents of the queue are encrypted, and by what type of key.
Be aware that encryption is not available in all regions, please see the docs for current availability details.
encryptionMasterKeyOptional
public readonly encryptionMasterKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: If encryption is set to KMS and not specified, a key will be created.
External KMS key to use for queue encryption.
Individual messages will be encrypted using data keys. The data keys in
turn will be encrypted using this key, and reused for a maximum of
dataKeyReuseSecs seconds.
If the 'encryptionMasterKey' property is set, 'encryption' type will be implicitly set to "KMS".
enforceSSLOptional
public readonly enforceSSL: boolean;
- Type: boolean
- Default: false
Enforce encryption of data in transit.
fifoOptional
public readonly fifo: boolean;
- Type: boolean
- Default: false, unless queueName ends in '.fifo' or 'contentBasedDeduplication' is true.
Whether this a first-in-first-out (FIFO) queue.
fifoThroughputLimitOptional
public readonly fifoThroughputLimit: FifoThroughputLimit;
- Type: aws-cdk-lib.aws_sqs.FifoThroughputLimit
- Default: FifoThroughputLimit.PER_QUEUE
For high throughput for FIFO queues, specifies whether the FIFO queue throughput quota applies to the entire queue or per message group.
(Only applies to FIFO queues.)
maxMessageSizeBytesOptional
public readonly maxMessageSizeBytes: number;
- Type: number
- Default: 1MiB
The limit of how many bytes that a message can contain before Amazon SQS rejects it.
You can specify an integer value from 1024 bytes (1 KiB) to 1048576 bytes (1 MiB). The default value is 1048576 (1 MiB).
queueNameOptional
public readonly queueName: string;
- Type: string
- Default: CloudFormation-generated name
A name for the queue.
If specified and this is a FIFO queue, must end in the string '.fifo'.
receiveMessageWaitTimeOptional
public readonly receiveMessageWaitTime: Duration;
- Type: aws-cdk-lib.Duration
- Default: 0
Default wait time for ReceiveMessage calls.
Does not wait if set to 0, otherwise waits this amount of seconds by default for messages to arrive.
For more information, see Amazon SQS Long Poll.
redriveAllowPolicyOptional
public readonly redriveAllowPolicy: RedriveAllowPolicy;
- Type: aws-cdk-lib.aws_sqs.RedriveAllowPolicy
- Default: All source queues can designate this queue as their dead-letter queue.
The string that includes the parameters for the permissions for the dead-letter queue redrive permission and which source queues can specify dead-letter queues.
removalPolicyOptional
public readonly removalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.DESTROY
Policy to apply when the queue is removed from the stack.
Even though queues are technically stateful, their contents are transient and it
is common to add and remove Queues while rearchitecting your application. The
default is therefore DESTROY. Change it to RETAIN if the messages are so
valuable that accidentally losing them would be unacceptable.
retentionPeriodOptional
public readonly retentionPeriod: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.days(4)
The number of seconds that Amazon SQS retains a message.
You can specify an integer value from 60 seconds (1 minute) to 1209600 seconds (14 days). The default value is 345600 seconds (4 days).
visibilityTimeoutOptional
public readonly visibilityTimeout: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.seconds(30)
Timeout of processing a single message.
After dequeuing, the processor has this much time to handle the message and delete it from the queue before it becomes visible again for dequeueing by another processor.
Values must be from 0 to 43200 seconds (12 hours). If you don't specify a value, AWS CloudFormation uses the default value of 30 seconds.
DiscoveryUploadResolverFunctionProps
Properties for configuring the DiscoveryUploadResolverFunction.
Initializer
import { DiscoveryUploadResolverFunctionProps } from '@cdklabs/genai-idp'
const discoveryUploadResolverFunctionProps: DiscoveryUploadResolverFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for discovery document uploads. |
discoveryQueue |
aws-cdk-lib.aws_sqs.IQueue |
The discovery processing queue. |
discoveryTable |
IDiscoveryTable |
The discovery tracking table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for discovery document uploads.
discoveryQueueRequired
public readonly discoveryQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The discovery processing queue.
discoveryTableRequired
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
The discovery tracking table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting function resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for the function.
DocumentDiscoveryFunctions
Result of initializing DocumentDiscovery functions.
Initializer
import { DocumentDiscoveryFunctions } from '@cdklabs/genai-idp'
const documentDiscoveryFunctions: DocumentDiscoveryFunctions = { ... }
Properties
| Name | Type | Description |
|---|---|---|
processorFunction |
DiscoveryProcessorFunction |
The Lambda function that processes discovery jobs. |
uploadResolverFunction |
DiscoveryUploadResolverFunction |
The Lambda function that handles discovery document uploads. |
processorFunctionRequired
public readonly processorFunction: DiscoveryProcessorFunction;
The Lambda function that processes discovery jobs.
uploadResolverFunctionRequired
public readonly uploadResolverFunction: DiscoveryUploadResolverFunction;
The Lambda function that handles discovery document uploads.
DocumentDiscoveryProps
Properties for configuring the DocumentDiscovery construct.
Initializer
import { DocumentDiscoveryProps } from '@cdklabs/genai-idp'
const documentDiscoveryProps: DocumentDiscoveryProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for document discovery uploads. |
discoveryTable |
IDiscoveryTable |
Optional properties for the discovery table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting resources. |
logLevel |
LogLevel |
The log level for Lambda functions. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for Lambda functions. |
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for document discovery uploads.
discoveryTableOptional
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
Optional properties for the discovery table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for Lambda functions.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
The retention period for CloudWatch logs.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for Lambda functions.
DocumentProcessorAttachmentOptions
Initializer
import { DocumentProcessorAttachmentOptions } from '@cdklabs/genai-idp'
const documentProcessorAttachmentOptions: DocumentProcessorAttachmentOptions = { ... }
Properties
| Name | Type | Description |
|---|---|---|
evaluationBucket |
aws-cdk-lib.aws_s3.IBucket |
No description. |
evaluationModel |
@cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable |
No description. |
prefix |
string |
No description. |
evaluationBucketOptional
public readonly evaluationBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
evaluationModelOptional
public readonly evaluationModel: IInvokable;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable
prefixOptional
public readonly prefix: string;
- Type: string
DocumentProcessorProps
Properties required to configure a document processor implementation.
Document processors are responsible for extracting structured data from unstructured documents using various AI/ML services and processing patterns.
The GenAI IDP Accelerator provides multiple processor implementations to handle different document processing scenarios, from standard forms to complex specialized documents.
Initializer
import { DocumentProcessorProps } from '@cdklabs/genai-idp'
const documentProcessorProps: DocumentProcessorProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
environment |
IProcessingEnvironment |
The processing environment that provides shared infrastructure and services. |
maxProcessingConcurrency |
number |
The maximum number of documents that can be processed concurrently. |
environmentRequired
public readonly environment: IProcessingEnvironment;
- Type: IProcessingEnvironment
The processing environment that provides shared infrastructure and services.
Contains input/output buckets, tracking tables, API endpoints, and other resources needed for document processing operations.
maxProcessingConcurrencyOptional
public readonly maxProcessingConcurrency: number;
- Type: number
- Default: 100 concurrent workflows
The maximum number of documents that can be processed concurrently.
Controls the throughput and resource utilization of the document processing system.
FixedKeyTableProps
Properties for a DynamoDB Table that has a predefined, fixed partitionKey, sortKey, and timeToLiveAttribute.
Initializer
import { FixedKeyTableProps } from '@cdklabs/genai-idp'
const fixedKeyTableProps: FixedKeyTableProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
billingMode |
aws-cdk-lib.aws_dynamodb.BillingMode |
Specify how you are charged for read and write throughput and how you manage capacity. |
contributorInsightsEnabled |
boolean |
Whether CloudWatch contributor insights is enabled. |
contributorInsightsSpecification |
aws-cdk-lib.aws_dynamodb.ContributorInsightsSpecification |
Whether CloudWatch contributor insights is enabled and what mode is selected. |
deletionProtection |
boolean |
Enables deletion protection for the table. |
encryption |
aws-cdk-lib.aws_dynamodb.TableEncryption |
Whether server-side encryption with an AWS managed customer master key is enabled. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
External KMS key to use for table encryption. |
importSource |
aws-cdk-lib.aws_dynamodb.ImportSourceSpecification |
The properties of data being imported from the S3 bucket source to the table. |
kinesisPrecisionTimestamp |
aws-cdk-lib.aws_dynamodb.ApproximateCreationDateTimePrecision |
Kinesis Data Stream approximate creation timestamp precision. |
kinesisStream |
aws-cdk-lib.aws_kinesis.IStream |
Kinesis Data Stream to capture item-level changes for the table. |
maxReadRequestUnits |
number |
The maximum read request units for the table. |
maxWriteRequestUnits |
number |
The write request units for the table. |
pointInTimeRecovery |
boolean |
Whether point-in-time recovery is enabled. |
pointInTimeRecoverySpecification |
aws-cdk-lib.aws_dynamodb.PointInTimeRecoverySpecification |
Whether point-in-time recovery is enabled and recoveryPeriodInDays is set. |
readCapacity |
number |
The read capacity for the table. Careful if you add Global Secondary Indexes, as those will share the table's provisioned throughput. |
removalPolicy |
aws-cdk-lib.RemovalPolicy |
The removal policy to apply to the DynamoDB Table. |
replicaRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
The removal policy to apply to the DynamoDB replica tables. |
replicationRegions |
string[] |
Regions where replica tables will be created. |
replicationTimeout |
aws-cdk-lib.Duration |
The timeout for a table replication operation in a single region. |
resourcePolicy |
aws-cdk-lib.aws_iam.PolicyDocument |
Resource policy to assign to table. |
stream |
aws-cdk-lib.aws_dynamodb.StreamViewType |
When an item in the table is modified, StreamViewType determines what information is written to the stream for this table. |
tableClass |
aws-cdk-lib.aws_dynamodb.TableClass |
Specify the table class. |
tableName |
string |
Enforces a particular physical table name. |
waitForReplicationToFinish |
boolean |
[WARNING: Use this flag with caution, misusing this flag may cause deleting existing replicas, refer to the detailed documentation for more information] Indicates whether CloudFormation stack waits for replication to finish. |
warmThroughput |
aws-cdk-lib.aws_dynamodb.WarmThroughput |
Specify values to pre-warm you DynamoDB Table Warm Throughput feature is not available for Global Table replicas using the Table construct. |
writeCapacity |
number |
The write capacity for the table. Careful if you add Global Secondary Indexes, as those will share the table's provisioned throughput. |
billingModeOptional
public readonly billingMode: BillingMode;
- Type: aws-cdk-lib.aws_dynamodb.BillingMode
- Default: PROVISIONED if
replicationRegionsis not specified, PAY_PER_REQUEST otherwise
Specify how you are charged for read and write throughput and how you manage capacity.
~~contributorInsightsEnabled~~Optional
- Deprecated: use `contributorInsightsSpecification instead
public readonly contributorInsightsEnabled: boolean;
- Type: boolean
- Default: false
Whether CloudWatch contributor insights is enabled.
contributorInsightsSpecificationOptional
public readonly contributorInsightsSpecification: ContributorInsightsSpecification;
- Type: aws-cdk-lib.aws_dynamodb.ContributorInsightsSpecification
- Default: contributor insights is not enabled
Whether CloudWatch contributor insights is enabled and what mode is selected.
deletionProtectionOptional
public readonly deletionProtection: boolean;
- Type: boolean
- Default: false
Enables deletion protection for the table.
encryptionOptional
public readonly encryption: TableEncryption;
- Type: aws-cdk-lib.aws_dynamodb.TableEncryption
- Default: The table is encrypted with an encryption key managed by DynamoDB, and you are not charged any fee for using it.
Whether server-side encryption with an AWS managed customer master key is enabled.
This property cannot be set if serverSideEncryption is set.
NOTE: if you set this to
CUSTOMER_MANAGEDandencryptionKeyis not specified, the key that the Tablet generates for you will be created with default permissions. If you are using CDKv2, these permissions will be sufficient to enable the key for use with DynamoDB tables. If you are using CDKv1, make sure the feature flag@aws-cdk/aws-kms:defaultKeyPoliciesis set totruein yourcdk.json.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: If
encryptionis set toTableEncryption.CUSTOMER_MANAGEDand this property is undefined, a new KMS key will be created and associated with this table. Ifencryptionand this property are both undefined, then the table is encrypted with an encryption key managed by DynamoDB, and you are not charged any fee for using it.
External KMS key to use for table encryption.
This property can only be set if encryption is set to TableEncryption.CUSTOMER_MANAGED.
importSourceOptional
public readonly importSource: ImportSourceSpecification;
- Type: aws-cdk-lib.aws_dynamodb.ImportSourceSpecification
- Default: no data import from the S3 bucket
The properties of data being imported from the S3 bucket source to the table.
kinesisPrecisionTimestampOptional
public readonly kinesisPrecisionTimestamp: ApproximateCreationDateTimePrecision;
- Type: aws-cdk-lib.aws_dynamodb.ApproximateCreationDateTimePrecision
- Default: ApproximateCreationDateTimePrecision.MICROSECOND
Kinesis Data Stream approximate creation timestamp precision.
kinesisStreamOptional
public readonly kinesisStream: IStream;
- Type: aws-cdk-lib.aws_kinesis.IStream
- Default: no Kinesis Data Stream
Kinesis Data Stream to capture item-level changes for the table.
maxReadRequestUnitsOptional
public readonly maxReadRequestUnits: number;
- Type: number
- Default: on-demand throughput is disabled
The maximum read request units for the table.
Careful if you add Global Secondary Indexes, as those will share the table's maximum on-demand throughput.
Can only be provided if billingMode is PAY_PER_REQUEST.
maxWriteRequestUnitsOptional
public readonly maxWriteRequestUnits: number;
- Type: number
- Default: on-demand throughput is disabled
The write request units for the table.
Careful if you add Global Secondary Indexes, as those will share the table's maximum on-demand throughput.
Can only be provided if billingMode is PAY_PER_REQUEST.
~~pointInTimeRecovery~~Optional
- Deprecated: use
pointInTimeRecoverySpecificationinstead
public readonly pointInTimeRecovery: boolean;
- Type: boolean
- Default: false - point in time recovery is not enabled.
Whether point-in-time recovery is enabled.
pointInTimeRecoverySpecificationOptional
public readonly pointInTimeRecoverySpecification: PointInTimeRecoverySpecification;
- Type: aws-cdk-lib.aws_dynamodb.PointInTimeRecoverySpecification
- Default: point in time recovery is not enabled.
Whether point-in-time recovery is enabled and recoveryPeriodInDays is set.
readCapacityOptional
public readonly readCapacity: number;
- Type: number
- Default: 5
The read capacity for the table. Careful if you add Global Secondary Indexes, as those will share the table's provisioned throughput.
Can only be provided if billingMode is Provisioned.
removalPolicyOptional
public readonly removalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.RETAIN
The removal policy to apply to the DynamoDB Table.
replicaRemovalPolicyOptional
public readonly replicaRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: undefined - use DynamoDB Table's removal policy
The removal policy to apply to the DynamoDB replica tables.
replicationRegionsOptional
public readonly replicationRegions: string[];
- Type: string[]
- Default: no replica tables are created
Regions where replica tables will be created.
replicationTimeoutOptional
public readonly replicationTimeout: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.minutes(30)
The timeout for a table replication operation in a single region.
resourcePolicyOptional
public readonly resourcePolicy: PolicyDocument;
- Type: aws-cdk-lib.aws_iam.PolicyDocument
- Default: No resource policy statement
Resource policy to assign to table.
streamOptional
public readonly stream: StreamViewType;
- Type: aws-cdk-lib.aws_dynamodb.StreamViewType
- Default: streams are disabled unless
replicationRegionsis specified
When an item in the table is modified, StreamViewType determines what information is written to the stream for this table.
tableClassOptional
public readonly tableClass: TableClass;
- Type: aws-cdk-lib.aws_dynamodb.TableClass
- Default: STANDARD
Specify the table class.
tableNameOptional
public readonly tableName: string;
- Type: string
- Default:
Enforces a particular physical table name.
waitForReplicationToFinishOptional
public readonly waitForReplicationToFinish: boolean;
- Type: boolean
- Default: true
[WARNING: Use this flag with caution, misusing this flag may cause deleting existing replicas, refer to the detailed documentation for more information] Indicates whether CloudFormation stack waits for replication to finish.
If set to false, the CloudFormation resource will mark the resource as created and replication will be completed asynchronously. This property is ignored if replicationRegions property is not set.
WARNING: DO NOT UNSET this property if adding/removing multiple replicationRegions in one deployment, as CloudFormation only supports one region replication at a time. CDK overcomes this limitation by waiting for replication to finish before starting new replicationRegion.
If the custom resource which handles replication has a physical resource
ID with the format region instead of tablename-region (this would happen
if the custom resource hasn't received an event since v1.91.0), DO NOT SET
this property to false without making a change to the table name.
This will cause the existing replicas to be deleted.
warmThroughputOptional
public readonly warmThroughput: WarmThroughput;
- Type: aws-cdk-lib.aws_dynamodb.WarmThroughput
- Default: warm throughput is not configured
Specify values to pre-warm you DynamoDB Table Warm Throughput feature is not available for Global Table replicas using the Table construct.
To enable Warm Throughput, use the TableV2 construct instead.
writeCapacityOptional
public readonly writeCapacity: number;
- Type: number
- Default: 5
The write capacity for the table. Careful if you add Global Secondary Indexes, as those will share the table's provisioned throughput.
Can only be provided if billingMode is Provisioned.
GetWorkforceUrlFunctionProps
Properties for configuring the GetWorkforceUrlFunction.
Initializer
import { GetWorkforceUrlFunctionProps } from '@cdklabs/genai-idp'
const getWorkforceUrlFunctionProps: GetWorkforceUrlFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
workteamName |
string |
The name of the SageMaker workteam. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
existingPrivateWorkforceArn |
string |
Optional existing private workforce ARN. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
workteamNameRequired
public readonly workteamName: string;
- Type: string
The name of the SageMaker workteam.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting function resources.
existingPrivateWorkforceArnOptional
public readonly existingPrivateWorkforceArn: string;
- Type: string
Optional existing private workforce ARN.
When provided, the function will use this workforce instead of the workteam name.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
HitlEnvironmentProps
Properties for configuring the HITL environment.
Initializer
import { HitlEnvironmentProps } from '@cdklabs/genai-idp'
const hitlEnvironmentProps: HitlEnvironmentProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for BDA output storage. |
userGroup |
aws-cdk-lib.aws_cognito.CfnUserPoolGroup |
The Cognito User Group that contains the human reviewers. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
The Cognito User Pool for authentication. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting HITL resources. |
existingPrivateWorkforceArn |
string |
Optional existing private workforce ARN to use instead of creating a new workteam. |
logLevel |
LogLevel |
The log level for HITL functions. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for HITL functions. |
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for BDA output storage.
userGroupRequired
public readonly userGroup: CfnUserPoolGroup;
- Type: aws-cdk-lib.aws_cognito.CfnUserPoolGroup
The Cognito User Group that contains the human reviewers.
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
The Cognito User Pool for authentication.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting HITL resources.
existingPrivateWorkforceArnOptional
public readonly existingPrivateWorkforceArn: string;
- Type: string
Optional existing private workforce ARN to use instead of creating a new workteam.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for HITL functions.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.ONE_WEEK
The retention period for CloudWatch logs.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for HITL functions.
IdpPythonFunctionOptions
Options for a Python Lambda function.
Initializer
import { IdpPythonFunctionOptions } from '@cdklabs/genai-idp'
const idpPythonFunctionOptions: IdpPythonFunctionOptions = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
ListAvailableAgentsFunctionProps
Properties for the List Available Agents function.
Initializer
import { ListAvailableAgentsFunctionProps } from '@cdklabs/genai-idp'
const listAvailableAgentsFunctionProps: ListAvailableAgentsFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
metricNamespace |
string |
The namespace for CloudWatch metrics. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encryption. |
externalMcpAgentsSecret |
aws-cdk-lib.aws_secretsmanager.ISecret |
Optional Secrets Manager secret for external MCP agents. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key used for encryption.
externalMcpAgentsSecretOptional
public readonly externalMcpAgentsSecret: ISecret;
- Type: aws-cdk-lib.aws_secretsmanager.ISecret
Optional Secrets Manager secret for external MCP agents.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
ProcessingEnvironmentApiBaseProps
Properties for a GraphQL API that has a predefined schema.
Initializer
import { ProcessingEnvironmentApiBaseProps } from '@cdklabs/genai-idp'
const processingEnvironmentApiBaseProps: ProcessingEnvironmentApiBaseProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
authorizationConfig |
aws-cdk-lib.aws_appsync.AuthorizationConfig |
Optional authorization configuration. |
domainName |
aws-cdk-lib.aws_appsync.DomainOptions |
The domain name configuration for the GraphQL API. |
environmentVariables |
{[ key: string ]: string} |
A map containing the list of resources with their properties and environment variables. |
introspectionConfig |
aws-cdk-lib.aws_appsync.IntrospectionConfig |
A value indicating whether the API to enable (ENABLED) or disable (DISABLED) introspection. |
logConfig |
aws-cdk-lib.aws_appsync.LogConfig |
Logging configuration for this api. |
name |
string |
the name of the GraphQL API. |
ownerContact |
string |
The owner contact information for an API resource. |
queryDepthLimit |
number |
A number indicating the maximum depth resolvers should be accepted when handling queries. |
resolverCountLimit |
number |
A number indicating the maximum number of resolvers that should be accepted when handling queries. |
visibility |
aws-cdk-lib.aws_appsync.Visibility |
A value indicating whether the API is accessible from anywhere (GLOBAL) or can only be access from a VPC (PRIVATE). |
xrayEnabled |
boolean |
A flag indicating whether or not X-Ray tracing is enabled for the GraphQL API. |
authorizationConfigOptional
public readonly authorizationConfig: AuthorizationConfig;
- Type: aws-cdk-lib.aws_appsync.AuthorizationConfig
- Default: API Key authorization
Optional authorization configuration.
domainNameOptional
public readonly domainName: DomainOptions;
- Type: aws-cdk-lib.aws_appsync.DomainOptions
- Default: no domain name
The domain name configuration for the GraphQL API.
The Route 53 hosted zone and CName DNS record must be configured in addition to this setting to enable custom domain URL
environmentVariablesOptional
public readonly environmentVariables: {[ key: string ]: string};
- Type: {[ key: string ]: string}
- Default: No environment variables.
A map containing the list of resources with their properties and environment variables.
There are a few rules you must follow when creating keys and values: - Keys must begin with a letter. - Keys must be between 2 and 64 characters long. - Keys can only contain letters, numbers, and the underscore character (_). - Values can be up to 512 characters long. - You can configure up to 50 key-value pairs in a GraphQL API.
introspectionConfigOptional
public readonly introspectionConfig: IntrospectionConfig;
- Type: aws-cdk-lib.aws_appsync.IntrospectionConfig
- Default: IntrospectionConfig.ENABLED
A value indicating whether the API to enable (ENABLED) or disable (DISABLED) introspection.
logConfigOptional
public readonly logConfig: LogConfig;
- Type: aws-cdk-lib.aws_appsync.LogConfig
- Default: None
Logging configuration for this api.
nameOptional
public readonly name: string;
- Type: string
the name of the GraphQL API.
ownerContactOptional
public readonly ownerContact: string;
- Type: string
- Default: No owner contact.
The owner contact information for an API resource.
This field accepts any string input with a length of 0 - 256 characters.
queryDepthLimitOptional
public readonly queryDepthLimit: number;
- Type: number
- Default: The default value is 0 (or unspecified) which indicates no maximum depth.
A number indicating the maximum depth resolvers should be accepted when handling queries.
Value must be withing range of 0 to 75
resolverCountLimitOptional
public readonly resolverCountLimit: number;
- Type: number
- Default: The default value is 0 (or unspecified), which will set the limit to 10000
A number indicating the maximum number of resolvers that should be accepted when handling queries.
Value must be withing range of 0 to 10000
visibilityOptional
public readonly visibility: Visibility;
- Type: aws-cdk-lib.aws_appsync.Visibility
- Default: GLOBAL
A value indicating whether the API is accessible from anywhere (GLOBAL) or can only be access from a VPC (PRIVATE).
xrayEnabledOptional
public readonly xrayEnabled: boolean;
- Type: boolean
- Default: false
A flag indicating whether or not X-Ray tracing is enabled for the GraphQL API.
ProcessingEnvironmentApiProps
Properties for configuring the ProcessingEnvironmentApi construct.
Extends the base properties with additional settings specific to document processing.
Initializer
import { ProcessingEnvironmentApiProps } from '@cdklabs/genai-idp'
const processingEnvironmentApiProps: ProcessingEnvironmentApiProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
authorizationConfig |
aws-cdk-lib.aws_appsync.AuthorizationConfig |
Optional authorization configuration. |
domainName |
aws-cdk-lib.aws_appsync.DomainOptions |
The domain name configuration for the GraphQL API. |
environmentVariables |
{[ key: string ]: string} |
A map containing the list of resources with their properties and environment variables. |
introspectionConfig |
aws-cdk-lib.aws_appsync.IntrospectionConfig |
A value indicating whether the API to enable (ENABLED) or disable (DISABLED) introspection. |
logConfig |
aws-cdk-lib.aws_appsync.LogConfig |
Logging configuration for this api. |
name |
string |
the name of the GraphQL API. |
ownerContact |
string |
The owner contact information for an API resource. |
queryDepthLimit |
number |
A number indicating the maximum depth resolvers should be accepted when handling queries. |
resolverCountLimit |
number |
A number indicating the maximum number of resolvers that should be accepted when handling queries. |
visibility |
aws-cdk-lib.aws_appsync.Visibility |
A value indicating whether the API is accessible from anywhere (GLOBAL) or can only be access from a VPC (PRIVATE). |
xrayEnabled |
boolean |
A flag indicating whether or not X-Ray tracing is enabled for the GraphQL API. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where source documents to be processed are stored. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents and extraction results are stored. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
dataRetentionInDays |
number |
Data retention period in days for processed documents. |
documentDiscovery |
IDocumentDiscovery |
Optional document discovery for automated document analysis. |
documentQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue for document processing requests. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key used for encrypting sensitive data in the processing environment. |
evaluationBaselineBucket |
aws-cdk-lib.aws_s3.IBucket |
Optional S3 bucket name for storing evaluation baseline documents. |
knowledgeBase |
@cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase |
Optional knowledge base identifier for document querying capabilities. |
knowledgeBaseGuardrail |
@cdklabs/generative-ai-cdk-constructs.bedrock.IGuardrail |
Optional Bedrock guardrail to apply to model interactions. |
knowledgeBaseModel |
@cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable |
Optional invokable model to use for knowledge base queries. |
logLevel |
LogLevel |
The log level for document processing components. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs generated by document processing components. |
stateMachine |
aws-cdk-lib.aws_stepfunctions.IStateMachine |
Optional Step Functions state machine for document processing workflow. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for document processing components. |
workingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for working files during document processing. |
authorizationConfigOptional
public readonly authorizationConfig: AuthorizationConfig;
- Type: aws-cdk-lib.aws_appsync.AuthorizationConfig
- Default: API Key authorization
Optional authorization configuration.
domainNameOptional
public readonly domainName: DomainOptions;
- Type: aws-cdk-lib.aws_appsync.DomainOptions
- Default: no domain name
The domain name configuration for the GraphQL API.
The Route 53 hosted zone and CName DNS record must be configured in addition to this setting to enable custom domain URL
environmentVariablesOptional
public readonly environmentVariables: {[ key: string ]: string};
- Type: {[ key: string ]: string}
- Default: No environment variables.
A map containing the list of resources with their properties and environment variables.
There are a few rules you must follow when creating keys and values: - Keys must begin with a letter. - Keys must be between 2 and 64 characters long. - Keys can only contain letters, numbers, and the underscore character (_). - Values can be up to 512 characters long. - You can configure up to 50 key-value pairs in a GraphQL API.
introspectionConfigOptional
public readonly introspectionConfig: IntrospectionConfig;
- Type: aws-cdk-lib.aws_appsync.IntrospectionConfig
- Default: IntrospectionConfig.ENABLED
A value indicating whether the API to enable (ENABLED) or disable (DISABLED) introspection.
logConfigOptional
public readonly logConfig: LogConfig;
- Type: aws-cdk-lib.aws_appsync.LogConfig
- Default: None
Logging configuration for this api.
nameOptional
public readonly name: string;
- Type: string
the name of the GraphQL API.
ownerContactOptional
public readonly ownerContact: string;
- Type: string
- Default: No owner contact.
The owner contact information for an API resource.
This field accepts any string input with a length of 0 - 256 characters.
queryDepthLimitOptional
public readonly queryDepthLimit: number;
- Type: number
- Default: The default value is 0 (or unspecified) which indicates no maximum depth.
A number indicating the maximum depth resolvers should be accepted when handling queries.
Value must be withing range of 0 to 75
resolverCountLimitOptional
public readonly resolverCountLimit: number;
- Type: number
- Default: The default value is 0 (or unspecified), which will set the limit to 10000
A number indicating the maximum number of resolvers that should be accepted when handling queries.
Value must be withing range of 0 to 10000
visibilityOptional
public readonly visibility: Visibility;
- Type: aws-cdk-lib.aws_appsync.Visibility
- Default: GLOBAL
A value indicating whether the API is accessible from anywhere (GLOBAL) or can only be access from a VPC (PRIVATE).
xrayEnabledOptional
public readonly xrayEnabled: boolean;
- Type: boolean
- Default: false
A flag indicating whether or not X-Ray tracing is enabled for the GraphQL API.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Contains document schemas, extraction parameters, and other system-wide settings.
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents to be processed are stored.
This bucket is monitored for new document uploads to trigger processing.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents and extraction results are stored.
Contains the structured data output and processing artifacts.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Stores information about documents being processed, including status and results.
dataRetentionInDaysOptional
public readonly dataRetentionInDays: number;
- Type: number
Data retention period in days for processed documents.
Controls how long document data is kept in the system.
documentDiscoveryOptional
public readonly documentDiscovery: IDocumentDiscovery;
- Type: IDocumentDiscovery
Optional document discovery for automated document analysis.
When provided, enables document discovery capabilities including automated configuration generation and document structure analysis.
documentQueueOptional
public readonly documentQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
The SQS queue for document processing requests.
Used to queue documents for processing and manage workflow execution.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key used for encrypting sensitive data in the processing environment.
When provided, ensures that document content and metadata are encrypted at rest.
evaluationBaselineBucketOptional
public readonly evaluationBaselineBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
Optional S3 bucket name for storing evaluation baseline documents.
Used for comparing extraction results against known correct values to measure accuracy and evaluate model performance.
knowledgeBaseOptional
public readonly knowledgeBase: IKnowledgeBase;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IKnowledgeBase
Optional knowledge base identifier for document querying capabilities.
When provided, enables natural language querying of processed documents using the specified Amazon Bedrock knowledge base.
knowledgeBaseGuardrailOptional
public readonly knowledgeBaseGuardrail: IGuardrail;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IGuardrail
Optional Bedrock guardrail to apply to model interactions.
Helps ensure model outputs adhere to content policies and guidelines by filtering inappropriate content and enforcing usage policies.
knowledgeBaseModelOptional
public readonly knowledgeBaseModel: IInvokable;
- Type: @cdklabs/generative-ai-cdk-constructs.bedrock.IInvokable
- Default: bedrock.BedrockFoundationModel.AMAZON_NOVA_PRO_V1_0
Optional invokable model to use for knowledge base queries.
Can be a Bedrock foundation model, Bedrock inference profile, or custom model. Enables natural language querying of processed documents when a knowledge base is configured.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for document processing components.
Controls the verbosity of logs generated during document processing.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
The retention period for CloudWatch logs generated by document processing components.
Controls how long system logs are kept for troubleshooting and auditing.
stateMachineOptional
public readonly stateMachine: IStateMachine;
- Type: aws-cdk-lib.aws_stepfunctions.IStateMachine
Optional Step Functions state machine for document processing workflow.
When provided, enables querying of execution details and step-by-step processing status through the GraphQL API.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for document processing components.
When provided, deploys processing components within a VPC with specified settings.
workingBucketOptional
public readonly workingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for working files during document processing.
Used for temporary storage of intermediate processing results.
ProcessingEnvironmentProps
Configuration properties for the Intelligent Document Processing environment.
This construct orchestrates the end-to-end document processing workflow, from document ingestion to structured data extraction and result tracking.
The processing environment provides the shared infrastructure and services that all document processor patterns use, including storage, tracking, API access, and monitoring capabilities.
Initializer
import { ProcessingEnvironmentProps } from '@cdklabs/genai-idp'
const processingEnvironmentProps: ProcessingEnvironmentProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 location where source documents to be processed are stored. |
metricNamespace |
string |
The namespace for CloudWatch metrics emitted by the document processing system. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 location where processed documents and extraction results will be stored. |
workingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket used for temporary storage during document processing. |
api |
IProcessingEnvironmentApi |
Optional ProcessingEnvironmentApi for progress notifications. |
concurrencyTable |
IConcurrencyTable |
The store that manages concurrency limits for document processing. |
configurationTable |
IConfigurationTable |
Optional DynamoDB table for storing configuration settings. |
dataTrackingRetention |
aws-cdk-lib.Duration |
The retention period for document tracking data. |
documentDiscovery |
IDocumentDiscovery |
Optional document discovery construct. |
key |
aws-cdk-lib.aws_kms.IKey |
The KMS key used for encrypting resources in the document processing workflow. |
logLevel |
LogLevel |
The log level for the document processing components. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs generated by the document processing components. |
reportingEnvironment |
IReportingEnvironment |
Optional reporting environment for analytics and evaluation capabilities. |
trackingTable |
ITrackingTable |
Optional document tracking table. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for document processing components. |
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 location where source documents to be processed are stored.
This bucket will be monitored for new document uploads to trigger processing.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics emitted by the document processing system.
Used to organize and identify metrics related to document processing.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 location where processed documents and extraction results will be stored.
Contains the structured data output and processing artifacts.
workingBucketRequired
public readonly workingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket used for temporary storage during document processing.
Contains intermediate processing artifacts and working files.
apiOptional
public readonly api: IProcessingEnvironmentApi;
Optional ProcessingEnvironmentApi for progress notifications.
When provided, functions will use GraphQL mutations to update document status and notify clients about processing progress.
concurrencyTableOptional
public readonly concurrencyTable: IConcurrencyTable;
- Type: IConcurrencyTable
- Default: A new ConcurrencyTable is created
The store that manages concurrency limits for document processing.
Helps prevent overloading the system with too many concurrent document processing tasks.
configurationTableOptional
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
Optional DynamoDB table for storing configuration settings.
When not provided, a new table will be created. Contains document schemas, extraction parameters, and other system-wide settings.
dataTrackingRetentionOptional
public readonly dataTrackingRetention: Duration;
- Type: aws-cdk-lib.Duration
- Default: 365 days
The retention period for document tracking data.
Controls how long document metadata and processing results are kept in the system.
documentDiscoveryOptional
public readonly documentDiscovery: IDocumentDiscovery;
- Type: IDocumentDiscovery
Optional document discovery construct.
When provided, enables document discovery functionality including UI uploads.
keyOptional
public readonly key: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
The KMS key used for encrypting resources in the document processing workflow.
Provides encryption for queues, logs, and other sensitive components.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the document processing components.
Controls the verbosity of logs generated during document processing.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: RetentionDays.ONE_WEEK
The retention period for CloudWatch logs generated by the document processing components.
Controls how long system logs are kept for troubleshooting and auditing.
reportingEnvironmentOptional
public readonly reportingEnvironment: IReportingEnvironment;
- Type: IReportingEnvironment
Optional reporting environment for analytics and evaluation capabilities.
When provided, enables storage and querying of evaluation metrics and processing analytics.
trackingTableOptional
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
Optional document tracking table.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for document processing components.
When provided, deploys processing components within a VPC with specified settings.
ReportingEnvironmentProps
Initializer
import { ReportingEnvironmentProps } from '@cdklabs/genai-idp'
const reportingEnvironmentProps: ReportingEnvironmentProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where evaluation metrics and reporting data will be stored. |
reportingDatabase |
@aws-cdk/aws-glue-alpha.Database |
The AWS Glue database where reporting tables will be created. |
crawlerSchedule |
CrawlerSchedule |
The frequency for the document sections crawler to run. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting Glue crawler resources. |
reportingBucketRequired
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where evaluation metrics and reporting data will be stored.
The construct will create Glue tables that reference this bucket location.
reportingDatabaseRequired
public readonly reportingDatabase: Database;
- Type: @aws-cdk/aws-glue-alpha.Database
The AWS Glue database where reporting tables will be created.
The construct will create tables for document, section, attribute, and metering data.
crawlerScheduleOptional
public readonly crawlerSchedule: CrawlerSchedule;
- Type: CrawlerSchedule
- Default: CrawlerSchedule.DAILY
The frequency for the document sections crawler to run.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
- Default: Uses AWS managed encryption
Optional KMS key for encrypting Glue crawler resources.
SaveReportingDataFunctionProps
Properties for configuring the SaveReportingDataFunction.
Initializer
import { SaveReportingDataFunctionProps } from '@cdklabs/genai-idp'
const saveReportingDataFunctionProps: SaveReportingDataFunctionProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
adotInstrumentation |
aws-cdk-lib.aws_lambda.AdotInstrumentationConfig |
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation. |
allowAllIpv6Outbound |
boolean |
Whether to allow the Lambda to send all ipv6 network traffic. |
applicationLogLevel |
string |
Sets the application log level for the function. |
applicationLogLevelV2 |
aws-cdk-lib.aws_lambda.ApplicationLogLevel |
Sets the application log level for the function. |
architecture |
aws-cdk-lib.aws_lambda.Architecture |
The system architectures compatible with this lambda function. |
codeSigningConfig |
aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef |
Code signing config associated with this function. |
currentVersionOptions |
aws-cdk-lib.aws_lambda.VersionOptions |
Options for the lambda.Version resource automatically created by the fn.currentVersion method. |
deadLetterQueue |
aws-cdk-lib.aws_sqs.IQueue |
The SQS queue to use if DLQ is enabled. |
deadLetterQueueEnabled |
boolean |
Enabled DLQ. |
deadLetterTopic |
aws-cdk-lib.aws_sns.ITopic |
The SNS topic to use as a DLQ. |
description |
string |
A description of the function. |
durableConfig |
aws-cdk-lib.aws_lambda.DurableConfig |
The durable configuration for the function. |
environmentEncryption |
aws-cdk-lib.interfaces.aws_kms.IKeyRef |
The AWS KMS key that's used to encrypt your function's environment variables. |
ephemeralStorageSize |
aws-cdk-lib.Size |
The size of the function’s /tmp directory in MiB. |
events |
aws-cdk-lib.aws_lambda.IEventSource[] |
Event sources for this function. |
functionName |
string |
A name for the function. |
initialPolicy |
aws-cdk-lib.aws_iam.PolicyStatement[] |
Initial policy statements to add to the created Lambda Role. |
insightsVersion |
aws-cdk-lib.aws_lambda.LambdaInsightsVersion |
Specify the version of CloudWatch Lambda insights to use for monitoring. |
ipv6AllowedForDualStack |
boolean |
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. |
logFormat |
string |
Sets the logFormat for the function. |
loggingFormat |
aws-cdk-lib.aws_lambda.LoggingFormat |
Sets the loggingFormat for the function. |
logGroup |
aws-cdk-lib.aws_logs.ILogGroup |
The log group the function sends logs to. |
logRemovalPolicy |
aws-cdk-lib.RemovalPolicy |
Determine the removal policy of the log group that is auto-created by this construct. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The number of days log events are kept in CloudWatch Logs. |
logRetentionRetryOptions |
aws-cdk-lib.aws_lambda.LogRetentionRetryOptions |
When log retention is specified, a custom resource attempts to create the CloudWatch log group. |
logRetentionRole |
aws-cdk-lib.aws_iam.IRole |
The IAM role for the Lambda function associated with the custom resource that sets the retention policy. |
maxEventAge |
aws-cdk-lib.Duration |
The maximum age of a request that Lambda sends to a function for processing. |
onFailure |
aws-cdk-lib.aws_lambda.IDestination |
The destination for failed invocations. |
onSuccess |
aws-cdk-lib.aws_lambda.IDestination |
The destination for successful invocations. |
paramsAndSecrets |
aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion |
Specify the configuration of Parameters and Secrets Extension. |
profiling |
boolean |
Enable profiling. |
profilingGroup |
aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup |
Profiling Group. |
recursiveLoop |
aws-cdk-lib.aws_lambda.RecursiveLoop |
Sets the Recursive Loop Protection for Lambda Function. |
reservedConcurrentExecutions |
number |
The maximum of concurrent executions you want to reserve for the function. |
retryAttempts |
number |
The maximum number of times to retry when the function returns an error. |
role |
aws-cdk-lib.aws_iam.IRole |
Lambda execution role. |
runtimeManagementMode |
aws-cdk-lib.aws_lambda.RuntimeManagementMode |
Sets the runtime management configuration for a function's version. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
The list of security groups to associate with the Lambda's network interfaces. |
snapStart |
aws-cdk-lib.aws_lambda.SnapStartConf |
Enable SnapStart for Lambda Function. |
systemLogLevel |
string |
Sets the system log level for the function. |
systemLogLevelV2 |
aws-cdk-lib.aws_lambda.SystemLogLevel |
Sets the system log level for the function. |
tenancyConfig |
aws-cdk-lib.aws_lambda.TenancyConfig |
The tenancy configuration for the function. |
tracing |
aws-cdk-lib.aws_lambda.Tracing |
Enable AWS X-Ray Tracing for Lambda Function. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
VPC network to place Lambda network interfaces. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Where to place the network interfaces within the VPC. |
metricNamespace |
string |
The metric namespace for CloudWatch metrics. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket containing processed document outputs for reading. |
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where reporting data will be saved in Parquet format. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key for encrypting function resources. |
logLevel |
LogLevel |
The log level for the function. |
adotInstrumentationOptional
public readonly adotInstrumentation: AdotInstrumentationConfig;
- Type: aws-cdk-lib.aws_lambda.AdotInstrumentationConfig
- Default: No ADOT instrumentation
Specify the configuration of AWS Distro for OpenTelemetry (ADOT) instrumentation.
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
- Default: false
Whether to allow the Lambda to send all ipv6 network traffic.
If set to true, there will only be a single egress rule which allows all outbound ipv6 traffic. If set to false, you must individually add traffic rules to allow the Lambda to connect to network targets using ipv6.
Do not specify this property if the securityGroups or securityGroup property is set.
Instead, configure allowAllIpv6Outbound directly on the security group.
~~applicationLogLevel~~Optional
- Deprecated: Use
applicationLogLevelV2as a property instead.
public readonly applicationLogLevel: string;
- Type: string
- Default: "INFO"
Sets the application log level for the function.
applicationLogLevelV2Optional
public readonly applicationLogLevelV2: ApplicationLogLevel;
- Type: aws-cdk-lib.aws_lambda.ApplicationLogLevel
- Default: ApplicationLogLevel.INFO
Sets the application log level for the function.
architectureOptional
public readonly architecture: Architecture;
- Type: aws-cdk-lib.aws_lambda.Architecture
- Default: Architecture.X86_64
The system architectures compatible with this lambda function.
codeSigningConfigOptional
public readonly codeSigningConfig: ICodeSigningConfigRef;
- Type: aws-cdk-lib.interfaces.aws_lambda.ICodeSigningConfigRef
- Default: Not Sign the Code
Code signing config associated with this function.
currentVersionOptionsOptional
public readonly currentVersionOptions: VersionOptions;
- Type: aws-cdk-lib.aws_lambda.VersionOptions
- Default: default options as described in
VersionOptions
Options for the lambda.Version resource automatically created by the fn.currentVersion method.
deadLetterQueueOptional
public readonly deadLetterQueue: IQueue;
- Type: aws-cdk-lib.aws_sqs.IQueue
- Default: SQS queue with 14 day retention period if
deadLetterQueueEnabledistrue
The SQS queue to use if DLQ is enabled.
If SNS topic is desired, specify deadLetterTopic property instead.
deadLetterQueueEnabledOptional
public readonly deadLetterQueueEnabled: boolean;
- Type: boolean
- Default: false unless
deadLetterQueueis set, which implies DLQ is enabled.
Enabled DLQ.
If deadLetterQueue is undefined,
an SQS queue with default options will be defined for your Function.
deadLetterTopicOptional
public readonly deadLetterTopic: ITopic;
- Type: aws-cdk-lib.aws_sns.ITopic
- Default: no SNS topic
The SNS topic to use as a DLQ.
Note that if deadLetterQueueEnabled is set to true, an SQS queue will be created
rather than an SNS topic. Using an SNS topic as a DLQ requires this property to be set explicitly.
descriptionOptional
public readonly description: string;
- Type: string
- Default: No description.
A description of the function.
durableConfigOptional
public readonly durableConfig: DurableConfig;
- Type: aws-cdk-lib.aws_lambda.DurableConfig
- Default: No durable configuration
The durable configuration for the function.
If durability is added to an existing function, a resource replacement will be triggered. See the 'durableConfig' section in the module README for more details.
environmentEncryptionOptional
public readonly environmentEncryption: IKeyRef;
- Type: aws-cdk-lib.interfaces.aws_kms.IKeyRef
- Default: AWS Lambda creates and uses an AWS managed customer master key (CMK).
The AWS KMS key that's used to encrypt your function's environment variables.
ephemeralStorageSizeOptional
public readonly ephemeralStorageSize: Size;
- Type: aws-cdk-lib.Size
- Default: 512 MiB
The size of the function’s /tmp directory in MiB.
eventsOptional
public readonly events: IEventSource[];
- Type: aws-cdk-lib.aws_lambda.IEventSource[]
- Default: No event sources.
Event sources for this function.
You can also add event sources using addEventSource.
functionNameOptional
public readonly functionName: string;
- Type: string
- Default: AWS CloudFormation generates a unique physical ID and uses that ID for the function's name. For more information, see Name Type.
A name for the function.
initialPolicyOptional
public readonly initialPolicy: PolicyStatement[];
- Type: aws-cdk-lib.aws_iam.PolicyStatement[]
- Default: No policy statements are added to the created Lambda role.
Initial policy statements to add to the created Lambda Role.
You can call addToRolePolicy to the created lambda to add statements post creation.
insightsVersionOptional
public readonly insightsVersion: LambdaInsightsVersion;
- Type: aws-cdk-lib.aws_lambda.LambdaInsightsVersion
- Default: No Lambda Insights
Specify the version of CloudWatch Lambda insights to use for monitoring.
ipv6AllowedForDualStackOptional
public readonly ipv6AllowedForDualStack: boolean;
- Type: boolean
- Default: false
Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Only used if 'vpc' is supplied.
~~logFormat~~Optional
- Deprecated: Use
loggingFormatas a property instead.
public readonly logFormat: string;
- Type: string
- Default: "Text"
Sets the logFormat for the function.
loggingFormatOptional
public readonly loggingFormat: LoggingFormat;
- Type: aws-cdk-lib.aws_lambda.LoggingFormat
- Default: LoggingFormat.TEXT
Sets the loggingFormat for the function.
logGroupOptional
public readonly logGroup: ILogGroup;
- Type: aws-cdk-lib.aws_logs.ILogGroup
- Default:
/aws/lambda/${this.functionName}- default log group created by Lambda
The log group the function sends logs to.
By default, Lambda functions send logs to an automatically created default log group named /aws/lambda/\<function name>. However you cannot change the properties of this auto-created log group using the AWS CDK, e.g. you cannot set a different log retention.
Use the logGroup property to create a fully customizable LogGroup ahead of time, and instruct the Lambda function to send logs to it.
Providing a user-controlled log group was rolled out to commercial regions on 2023-11-16. If you are deploying to another type of region, please check regional availability first.
~~logRemovalPolicy~~Optional
- Deprecated: use
logGroupinstead
public readonly logRemovalPolicy: RemovalPolicy;
- Type: aws-cdk-lib.RemovalPolicy
- Default: RemovalPolicy.Retain
Determine the removal policy of the log group that is auto-created by this construct.
Normally you want to retain the log group so you can diagnose issues from logs even after a deployment that no longer includes the log group. In that case, use the normal date-based retention policy to age out your logs.
~~logRetention~~Optional
- Deprecated: use
logGroupinstead
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
- Default: logs.RetentionDays.INFINITE
The number of days log events are kept in CloudWatch Logs.
When updating
this property, unsetting it doesn't remove the log retention policy. To
remove the retention policy, set the value to INFINITE.
This is a legacy API and we strongly recommend you move away from it if you can.
Instead create a fully customizable log group with logs.LogGroup and use the logGroup property
to instruct the Lambda function to send logs to it.
Migrating from logRetention to logGroup will cause the name of the log group to change.
Users and code and referencing the name verbatim will have to adjust.
In AWS CDK code, you can access the log group name directly from the LogGroup construct:
import * as logs from 'aws-cdk-lib/aws-logs';
declare const myLogGroup: logs.LogGroup;
myLogGroup.logGroupName;
logRetentionRetryOptionsOptional
public readonly logRetentionRetryOptions: LogRetentionRetryOptions;
- Type: aws-cdk-lib.aws_lambda.LogRetentionRetryOptions
- Default: Default AWS SDK retry options.
When log retention is specified, a custom resource attempts to create the CloudWatch log group.
These options control the retry policy when interacting with CloudWatch APIs.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
logRetentionRoleOptional
public readonly logRetentionRole: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A new role is created.
The IAM role for the Lambda function associated with the custom resource that sets the retention policy.
This is a legacy API and we strongly recommend you migrate to logGroup if you can.
logGroup allows you to create a fully customizable log group and instruct the Lambda function to send logs to it.
maxEventAgeOptional
public readonly maxEventAge: Duration;
- Type: aws-cdk-lib.Duration
- Default: Duration.hours(6)
The maximum age of a request that Lambda sends to a function for processing.
Minimum: 60 seconds Maximum: 6 hours
onFailureOptional
public readonly onFailure: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for failed invocations.
onSuccessOptional
public readonly onSuccess: IDestination;
- Type: aws-cdk-lib.aws_lambda.IDestination
- Default: no destination
The destination for successful invocations.
paramsAndSecretsOptional
public readonly paramsAndSecrets: ParamsAndSecretsLayerVersion;
- Type: aws-cdk-lib.aws_lambda.ParamsAndSecretsLayerVersion
- Default: No Parameters and Secrets Extension
Specify the configuration of Parameters and Secrets Extension.
profilingOptional
public readonly profiling: boolean;
- Type: boolean
- Default: No profiling.
Enable profiling.
profilingGroupOptional
public readonly profilingGroup: IProfilingGroup;
- Type: aws-cdk-lib.aws_codeguruprofiler.IProfilingGroup
- Default: A new profiling group will be created if
profilingis set.
Profiling Group.
recursiveLoopOptional
public readonly recursiveLoop: RecursiveLoop;
- Type: aws-cdk-lib.aws_lambda.RecursiveLoop
- Default: RecursiveLoop.Terminate
Sets the Recursive Loop Protection for Lambda Function.
It lets Lambda detect and terminate unintended recursive loops.
reservedConcurrentExecutionsOptional
public readonly reservedConcurrentExecutions: number;
- Type: number
- Default: No specific limit - account limit.
The maximum of concurrent executions you want to reserve for the function.
retryAttemptsOptional
public readonly retryAttempts: number;
- Type: number
- Default: 2
The maximum number of times to retry when the function returns an error.
Minimum: 0 Maximum: 2
roleOptional
public readonly role: IRole;
- Type: aws-cdk-lib.aws_iam.IRole
- Default: A unique role will be generated for this lambda function. Both supplied and generated roles can always be changed by calling
addToRolePolicy.
Lambda execution role.
This is the role that will be assumed by the function upon execution. It controls the permissions that the function will have. The Role must be assumable by the 'lambda.amazonaws.com' service principal.
The default Role automatically has permissions granted for Lambda execution. If you provide a Role, you must add the relevant AWS managed policies yourself.
The relevant managed policies are "service-role/AWSLambdaBasicExecutionRole" and "service-role/AWSLambdaVPCAccessExecutionRole".
runtimeManagementModeOptional
public readonly runtimeManagementMode: RuntimeManagementMode;
- Type: aws-cdk-lib.aws_lambda.RuntimeManagementMode
- Default: Auto
Sets the runtime management configuration for a function's version.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
- Default: If the function is placed within a VPC and a security group is not specified, either by this or securityGroup prop, a dedicated security group will be created for this function.
The list of security groups to associate with the Lambda's network interfaces.
Only used if 'vpc' is supplied.
snapStartOptional
public readonly snapStart: SnapStartConf;
- Type: aws-cdk-lib.aws_lambda.SnapStartConf
- Default: No snapstart
Enable SnapStart for Lambda Function.
SnapStart is currently supported for Java 11, Java 17, Python 3.12, Python 3.13, and .NET 8 runtime
~~systemLogLevel~~Optional
- Deprecated: Use
systemLogLevelV2as a property instead.
public readonly systemLogLevel: string;
- Type: string
- Default: "INFO"
Sets the system log level for the function.
systemLogLevelV2Optional
public readonly systemLogLevelV2: SystemLogLevel;
- Type: aws-cdk-lib.aws_lambda.SystemLogLevel
- Default: SystemLogLevel.INFO
Sets the system log level for the function.
tenancyConfigOptional
public readonly tenancyConfig: TenancyConfig;
- Type: aws-cdk-lib.aws_lambda.TenancyConfig
- Default: Tenant isolation is not enabled
The tenancy configuration for the function.
tracingOptional
public readonly tracing: Tracing;
- Type: aws-cdk-lib.aws_lambda.Tracing
- Default: Tracing.Disabled
Enable AWS X-Ray Tracing for Lambda Function.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
- Default: Function is not placed within a VPC.
VPC network to place Lambda network interfaces.
Specify this if the Lambda function needs to access resources in a VPC.
This is required when vpcSubnets is specified.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
- Default: the Vpc default strategy if not specified
Where to place the network interfaces within the VPC.
This requires vpc to be specified in order for interfaces to actually be
placed in the subnets. If vpc is not specify, this will raise an error.
Note: Internet access for Lambda Functions requires a NAT Gateway, so picking
public subnets is not allowed (unless allowPublicSubnet is set to true).
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The metric namespace for CloudWatch metrics.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket containing processed document outputs for reading.
reportingBucketRequired
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where reporting data will be saved in Parquet format.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key for encrypting function resources.
logLevelOptional
public readonly logLevel: LogLevel;
- Type: LogLevel
- Default: LogLevel.INFO
The log level for the function.
UserIdentityProps
Properties for configuring the UserIdentity construct.
Initializer
import { UserIdentityProps } from '@cdklabs/genai-idp'
const userIdentityProps: UserIdentityProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
identityPoolOptions |
aws-cdk-lib.aws_cognito_identitypool.IdentityPoolProps |
Configuration for the Identity Pool. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
Optional pre-existing Cognito User Pool to use for authentication. |
identityPoolOptionsOptional
public readonly identityPoolOptions: IdentityPoolProps;
- Type: aws-cdk-lib.aws_cognito_identitypool.IdentityPoolProps
Configuration for the Identity Pool.
Allows customization of the Cognito Identity Pool that provides temporary AWS credentials to authenticated users.
userPoolOptional
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
Optional pre-existing Cognito User Pool to use for authentication.
When not provided, a new User Pool will be created with standard settings.
VpcConfiguration
Configuration for VPC settings of document processing components.
Controls VPC placement, subnet selection, and security group assignments for Lambda functions and other resources in the processing environment.
Initializer
import { VpcConfiguration } from '@cdklabs/genai-idp'
const vpcConfiguration: VpcConfiguration = { ... }
Properties
| Name | Type | Description |
|---|---|---|
allowAllIpv6Outbound |
boolean |
Controls whether IPv6 outbound traffic is allowed to all destinations. |
allowAllOutbound |
boolean |
Controls whether outbound traffic is allowed to all destinations. |
securityGroups |
aws-cdk-lib.aws_ec2.ISecurityGroup[] |
Optional security groups to apply to document processing components. |
vpc |
aws-cdk-lib.aws_ec2.IVpc |
Optional VPC where document processing components will be deployed. |
vpcSubnets |
aws-cdk-lib.aws_ec2.SubnetSelection |
Optional subnet selection for VPC-deployed resources. |
allowAllIpv6OutboundOptional
public readonly allowAllIpv6Outbound: boolean;
- Type: boolean
Controls whether IPv6 outbound traffic is allowed to all destinations.
When true, allows document processing components to access external resources via IPv6.
allowAllOutboundOptional
public readonly allowAllOutbound: boolean;
- Type: boolean
Controls whether outbound traffic is allowed to all destinations.
When true, allows document processing components to access external resources.
securityGroupsOptional
public readonly securityGroups: ISecurityGroup[];
- Type: aws-cdk-lib.aws_ec2.ISecurityGroup[]
Optional security groups to apply to document processing components.
Controls network access and security rules for VPC-deployed resources.
vpcOptional
public readonly vpc: IVpc;
- Type: aws-cdk-lib.aws_ec2.IVpc
Optional VPC where document processing components will be deployed.
When provided, Lambda functions and other resources will be deployed within this VPC.
vpcSubnetsOptional
public readonly vpcSubnets: SubnetSelection;
- Type: aws-cdk-lib.aws_ec2.SubnetSelection
Optional subnet selection for VPC-deployed resources.
Determines which subnets within the VPC will host document processing components.
WebApplicationProps
Initializer
import { WebApplicationProps } from '@cdklabs/genai-idp'
const webApplicationProps: WebApplicationProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
apiUrl |
string |
The GraphQL API URL for the processing environment. |
environment |
IProcessingEnvironment |
The processing environment that provides shared infrastructure and services. |
userIdentity |
IUserIdentity |
The user identity management system that handles authentication and authorization for the web application. |
autoConfigure |
boolean |
Whether to automatically configure CORS rules on S3 buckets for CloudFront access. |
distribution |
aws-cdk-lib.aws_cloudfront.IDistribution |
Optional pre-existing CloudFront distribution to use for the web application. |
loggingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 Bucket used for storing CloudFront and S3 access logs. |
shouldAllowSignUpEmailDomain |
boolean |
Controls whether the UI allows users to sign up with any email domain. |
webAppBucket |
aws-cdk-lib.aws_s3.IBucket |
Optional pre-existing S3 bucket to use for the web application. |
apiUrlRequired
public readonly apiUrl: string;
- Type: string
The GraphQL API URL for the processing environment.
This allows for flexible URL configuration including custom domains, cross-stack references, or external API endpoints.
Example
// Using a CDK-generated API URL
apiUrl: myApi.graphqlUrl
// Using a custom domain
apiUrl: 'https://api.mydomain.com/graphql'
// Using a cross-stack reference
apiUrl: 'https://abc123.appsync-api.us-east-1.amazonaws.com/graphql'
environmentRequired
public readonly environment: IProcessingEnvironment;
- Type: IProcessingEnvironment
The processing environment that provides shared infrastructure and services.
Contains input/output buckets, tracking tables, API endpoints, and other resources needed for document processing operations.
userIdentityRequired
public readonly userIdentity: IUserIdentity;
- Type: IUserIdentity
The user identity management system that handles authentication and authorization for the web application.
Provides Cognito resources for user management and secure access to AWS resources.
autoConfigureOptional
public readonly autoConfigure: boolean;
- Type: boolean
- Default: true
Whether to automatically configure CORS rules on S3 buckets for CloudFront access.
When true, the library will configure CORS rules on the input, output, and discovery buckets to allow access from the CloudFront distribution domain.
When false, users are responsible for configuring CORS rules themselves. This is useful when users have existing CORS policies or need custom CORS configurations.
distributionOptional
public readonly distribution: IDistribution;
- Type: aws-cdk-lib.aws_cloudfront.IDistribution
- Default: A new distribution is created with best-practice defaults
Optional pre-existing CloudFront distribution to use for the web application.
When not provided, a default distribution will be created with sensible defaults that work well for most use cases.
loggingBucketOptional
public readonly loggingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 Bucket used for storing CloudFront and S3 access logs.
Helps with security auditing and troubleshooting.
shouldAllowSignUpEmailDomainOptional
public readonly shouldAllowSignUpEmailDomain: boolean;
- Type: boolean
- Default: false
Controls whether the UI allows users to sign up with any email domain.
When true, enables self-service registration for all users. When false, sign-up functionality is restricted and must be managed by administrators.
webAppBucketOptional
public readonly webAppBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
Optional pre-existing S3 bucket to use for the web application.
When not provided, a new bucket will be created.
WorkteamProps
Properties for configuring the SageMaker workteam for HITL.
Initializer
import { WorkteamProps } from '@cdklabs/genai-idp'
const workteamProps: WorkteamProps = { ... }
Properties
| Name | Type | Description |
|---|---|---|
userGroup |
aws-cdk-lib.aws_cognito.CfnUserPoolGroup |
The Cognito User Group that contains the human reviewers. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
The Cognito User Pool for authentication. |
userPoolClient |
aws-cdk-lib.aws_cognito.IUserPoolClient |
The Cognito User Pool Client for A2I integration. |
description |
string |
Description for the workteam. |
existingPrivateWorkforceArn |
string |
Optional existing private workforce ARN to use instead of creating a new workteam. |
workTeamName |
string |
No description. |
userGroupRequired
public readonly userGroup: CfnUserPoolGroup;
- Type: aws-cdk-lib.aws_cognito.CfnUserPoolGroup
The Cognito User Group that contains the human reviewers.
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
The Cognito User Pool for authentication.
userPoolClientRequired
public readonly userPoolClient: IUserPoolClient;
- Type: aws-cdk-lib.aws_cognito.IUserPoolClient
The Cognito User Pool Client for A2I integration.
descriptionOptional
public readonly description: string;
- Type: string
- Default: "Private workteam for working on A2I tasks"
Description for the workteam.
existingPrivateWorkforceArnOptional
public readonly existingPrivateWorkforceArn: string;
- Type: string
Optional existing private workforce ARN to use instead of creating a new workteam.
When provided, the construct will use the existing workforce instead of creating a new one.
workTeamNameOptional
public readonly workTeamName: string;
- Type: string
Classes
ConfigurationDefinition
- Implements: IConfigurationDefinition
A configuration definition for document processing.
Manages configuration data and provides methods to access it.
Initializers
import { ConfigurationDefinition } from '@cdklabs/genai-idp'
new ConfigurationDefinition(props: ConfigurationDefinitionProps)
| Name | Type | Description |
|---|---|---|
props |
ConfigurationDefinitionProps |
Properties for the configuration definition. |
propsRequired
Properties for the configuration definition.
Methods
| Name | Description |
|---|---|
raw |
Gets the raw configuration object. |
raw
public raw(): {[ key: string ]: any}
Gets the raw configuration object.
ConfigurationDefinitionLoader
Utility class for loading configuration definitions from files.
Provides methods to parse YAML configuration files into JavaScript objects.
Initializers
import { ConfigurationDefinitionLoader } from '@cdklabs/genai-idp'
new ConfigurationDefinitionLoader()
| Name | Type | Description |
|---|---|---|
Static Functions
| Name | Description |
|---|---|
fromFile |
Loads and parses a YAML configuration file. |
fromFile
import { ConfigurationDefinitionLoader } from '@cdklabs/genai-idp'
ConfigurationDefinitionLoader.fromFile(filePath: string)
Loads and parses a YAML configuration file.
filePathRequired
- Type: string
Path to the YAML configuration file.
IdpPythonLayerVersion
A singleton class that provides a Python Lambda Layer with the idp_common package.
Initializers
import { IdpPythonLayerVersion } from '@cdklabs/genai-idp'
new IdpPythonLayerVersion()
| Name | Type | Description |
|---|---|---|
Static Functions
| Name | Description |
|---|---|
getOrCreate |
Gets or creates a singleton instance of the IdpPythonLayerVersion. |
getOrCreate
import { IdpPythonLayerVersion } from '@cdklabs/genai-idp'
IdpPythonLayerVersion.getOrCreate(scope: Construct, modules: ...string[])
Gets or creates a singleton instance of the IdpPythonLayerVersion.
scopeRequired
- Type: constructs.Construct
The construct scope where the layer should be created if it doesn't exist.
modulesRequired
- Type: ...string[]
The modules to install (using TypeScript spread operator).
Protocols
IAgentAnalytics
-
Extends: constructs.IConstruct
-
Implemented By: AgentAnalytics, IAgentAnalytics
Interface for Agent Analytics implementations.
Provides AI-powered analytics capabilities for natural language querying of processed document data.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
agentProcessor |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that processes agent queries using Bedrock AgentCore. |
agentRequestHandler |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that handles agent query requests from the UI. |
agentTable |
IAgentTable |
The DynamoDB table for tracking agent jobs and analytics queries. |
listAvailableAgents |
aws-cdk-lib.aws_lambda.IFunction |
Lambda function that lists available analytics agents. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
agentProcessorRequired
public readonly agentProcessor: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that processes agent queries using Bedrock AgentCore.
agentRequestHandlerRequired
public readonly agentRequestHandler: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that handles agent query requests from the UI.
agentTableRequired
public readonly agentTable: IAgentTable;
- Type: IAgentTable
The DynamoDB table for tracking agent jobs and analytics queries.
listAvailableAgentsRequired
public readonly listAvailableAgents: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Lambda function that lists available analytics agents.
IAgentTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: AgentTable, IAgentTable
Interface for Agent Table implementations.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IConcurrencyTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: ConcurrencyTable, IConcurrencyTable
Interface for the concurrency management table.
This table is used to track and limit concurrent document processing tasks, preventing resource exhaustion and ensuring system stability under load.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IConfigurationDefinition
- Implemented By: ConfigurationDefinition, IConfigurationDefinition
Interface for configuration definitions.
Provides methods to access configuration data.
Methods
| Name | Description |
|---|---|
raw |
Gets the raw configuration object. |
raw
public raw(): {[ key: string ]: any}
Gets the raw configuration object.
IConfigurationDefinitionPropertyTransform
- Implemented By: IConfigurationDefinitionPropertyTransform
Defines a transformation to apply to a specific property in the configuration.
Used to modify configuration values during initialization.
Methods
| Name | Description |
|---|---|
transform |
Function to transform the property value. |
transform
public transform(value: any): any
Function to transform the property value.
valueRequired
- Type: any
The original property value.
Properties
| Name | Type | Description |
|---|---|---|
flatPath |
string |
Dot-notation path to the property to transform (e.g., "extraction.model"). |
flatPathRequired
public readonly flatPath: string;
- Type: string
Dot-notation path to the property to transform (e.g., "extraction.model").
IConfigurationTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: ConfigurationTable, IConfigurationTable
Interface for the configuration management table.
This table stores system-wide configuration settings for the document processing solution, including extraction schemas, model parameters, evaluation criteria, and UI settings.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
ICustomPromptGenerator
-
Extends: constructs.IConstruct
-
Implemented By: CustomPromptGenerator, ICustomPromptGenerator
Interface for custom prompt generator implementations.
Custom prompt generators allow injection of business logic into document processing workflows for Patterns 2 and 3, enabling dynamic prompt customization based on document content, customer configurations, or external system integrations.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
generatorFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that implements the custom prompt generation logic. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
generatorFunctionRequired
public readonly generatorFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that implements the custom prompt generation logic.
This function receives template placeholders and returns customized prompts.
IDiscoveryQueue
-
Extends: aws-cdk-lib.aws_sqs.IQueue
-
Implemented By: DiscoveryQueue, IDiscoveryQueue
Interface for the discovery processing queue.
This queue handles async processing of discovery jobs.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
queueRef |
aws-cdk-lib.interfaces.aws_sqs.QueueReference |
A reference to a Queue resource. |
fifo |
boolean |
Whether this queue is an Amazon SQS FIFO queue. |
queueArn |
string |
The ARN of this queue. |
queueName |
string |
The name of this queue. |
queueUrl |
string |
The URL of this queue. |
encryptionMasterKey |
aws-cdk-lib.aws_kms.IKey |
If this queue is server-side encrypted, this is the KMS encryption key. |
encryptionType |
aws-cdk-lib.aws_sqs.QueueEncryption |
Whether the contents of the queue are encrypted, and by what type of key. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
queueRefRequired
public readonly queueRef: QueueReference;
- Type: aws-cdk-lib.interfaces.aws_sqs.QueueReference
A reference to a Queue resource.
fifoRequired
public readonly fifo: boolean;
- Type: boolean
Whether this queue is an Amazon SQS FIFO queue.
If false, this is a standard queue.
queueArnRequired
public readonly queueArn: string;
- Type: string
The ARN of this queue.
queueNameRequired
public readonly queueName: string;
- Type: string
The name of this queue.
queueUrlRequired
public readonly queueUrl: string;
- Type: string
The URL of this queue.
encryptionMasterKeyOptional
public readonly encryptionMasterKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
If this queue is server-side encrypted, this is the KMS encryption key.
encryptionTypeOptional
public readonly encryptionType: QueueEncryption;
- Type: aws-cdk-lib.aws_sqs.QueueEncryption
Whether the contents of the queue are encrypted, and by what type of key.
IDiscoveryTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: DiscoveryTable, IDiscoveryTable
Interface for the discovery tracking table.
This table tracks discovery job status and metadata.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IDocumentDiscovery
- Implemented By: DocumentDiscovery, IDocumentDiscovery
Interface for the document discovery system.
Provides document analysis capabilities for automated configuration generation.
Methods
| Name | Description |
|---|---|
initializeFunctions |
Initialize Lambda functions with API dependencies. |
initializeFunctions
public initializeFunctions(api: IProcessingEnvironmentApi, configurationTable: IConfigurationTable, encryptionKey?: IKey, logLevel?: LogLevel, logRetention?: RetentionDays, vpcConfiguration?: VpcConfiguration): DocumentDiscoveryFunctions
Initialize Lambda functions with API dependencies.
Called by ProcessingEnvironmentApi when adding document discovery.
apiRequired
configurationTableRequired
- Type: IConfigurationTable
encryptionKeyOptional
- Type: aws-cdk-lib.aws_kms.IKey
logLevelOptional
- Type: LogLevel
logRetentionOptional
- Type: aws-cdk-lib.aws_logs.RetentionDays
vpcConfigurationOptional
- Type: VpcConfiguration
Properties
| Name | Type | Description |
|---|---|---|
discoveryBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket for document discovery uploads. |
discoveryQueue |
IDiscoveryQueue |
The SQS queue for processing discovery jobs asynchronously. |
discoveryTable |
IDiscoveryTable |
The DynamoDB table that tracks discovery job status and metadata. |
discoveryBucketRequired
public readonly discoveryBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket for document discovery uploads.
discoveryQueueRequired
public readonly discoveryQueue: IDiscoveryQueue;
- Type: IDiscoveryQueue
The SQS queue for processing discovery jobs asynchronously.
discoveryTableRequired
public readonly discoveryTable: IDiscoveryTable;
- Type: IDiscoveryTable
The DynamoDB table that tracks discovery job status and metadata.
IDocumentProcessor
-
Extends: constructs.IConstruct
-
Implemented By: IDocumentProcessor
Interface for document processor implementations.
Document processors handle the extraction of structured data from documents using different processing patterns and AI/ML services.
The GenAI IDP Accelerator includes multiple processor implementations: - Pattern 1: Uses Amazon Bedrock Data Automation for document processing with minimal custom code - Pattern 2: Implements custom extraction using Amazon Bedrock foundation models for flexible processing - Pattern 3: Provides specialized document processing using SageMaker endpoints for custom classification models
Each pattern is optimized for different document types, complexity levels, and customization needs.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
environment |
IProcessingEnvironment |
The processing environment that provides shared infrastructure and services. |
maxProcessingConcurrency |
number |
The maximum number of documents that can be processed concurrently. |
stateMachine |
aws-cdk-lib.aws_stepfunctions.IStateMachine |
The Step Functions state machine that orchestrates the document processing workflow. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
environmentRequired
public readonly environment: IProcessingEnvironment;
- Type: IProcessingEnvironment
The processing environment that provides shared infrastructure and services.
Contains input/output buckets, tracking tables, API endpoints, and other resources needed for document processing operations.
maxProcessingConcurrencyRequired
public readonly maxProcessingConcurrency: number;
- Type: number
The maximum number of documents that can be processed concurrently.
Controls the throughput and resource utilization of the document processing system.
stateMachineRequired
public readonly stateMachine: IStateMachine;
- Type: aws-cdk-lib.aws_stepfunctions.IStateMachine
The Step Functions state machine that orchestrates the document processing workflow.
Manages the sequence of processing steps and handles error conditions. This state machine is triggered for each document that needs processing and coordinates the entire extraction pipeline.
IHitlEnvironment
- Implemented By: HitlEnvironment, IHitlEnvironment
Interface for the HITL environment.
Properties
| Name | Type | Description |
|---|---|---|
labelingConsoleUrl |
string |
The labeling console URL for SageMaker Ground Truth. |
userPoolClient |
aws-cdk-lib.aws_cognito.IUserPoolClient |
The Cognito User Pool Client for A2I integration. |
workforcePortalUrl |
string |
The workforce portal URL for human reviewers. |
workteam |
IWorkteam |
The SageMaker workteam for HITL tasks. |
labelingConsoleUrlRequired
public readonly labelingConsoleUrl: string;
- Type: string
The labeling console URL for SageMaker Ground Truth.
userPoolClientRequired
public readonly userPoolClient: IUserPoolClient;
- Type: aws-cdk-lib.aws_cognito.IUserPoolClient
The Cognito User Pool Client for A2I integration.
workforcePortalUrlRequired
public readonly workforcePortalUrl: string;
- Type: string
The workforce portal URL for human reviewers.
workteamRequired
public readonly workteam: IWorkteam;
- Type: IWorkteam
The SageMaker workteam for HITL tasks.
IProcessingEnvironment
- Implemented By: ProcessingEnvironment, IProcessingEnvironment
Methods
| Name | Description |
|---|---|
attach |
Attaches a document processor to this processing environment. |
attach
public attach(processor: IDocumentProcessor, options?: DocumentProcessorAttachmentOptions): void
Attaches a document processor to this processing environment.
Sets up the necessary event triggers, permissions, and integrations to enable the processor to work with this environment.
processorRequired
- Type: IDocumentProcessor
The document processor to attach to this environment.
optionsOptional
Properties
| Name | Type | Description |
|---|---|---|
configurationFunction |
aws-cdk-lib.aws_lambda.IFunction |
The Lambda function that updates configuration settings. |
configurationTable |
IConfigurationTable |
The DynamoDB table that stores configuration settings. |
inputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where source documents to be processed are stored. |
logLevel |
LogLevel |
The log level for document processing components. |
metricNamespace |
string |
The namespace for CloudWatch metrics emitted by the document processing system. |
outputBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where processed documents and extraction results are stored. |
trackingTable |
ITrackingTable |
The DynamoDB table that tracks document processing status and metadata. |
workingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket used for temporary storage during document processing. |
api |
IProcessingEnvironmentApi |
Optional ProcessingEnvironmentApi for progress notifications. |
documentDiscovery |
IDocumentDiscovery |
Optional document discovery system for automated configuration generation. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS key used for encrypting sensitive data in the processing environment. |
logRetention |
aws-cdk-lib.aws_logs.RetentionDays |
The retention period for CloudWatch logs generated by document processing components. |
reportingEnvironment |
IReportingEnvironment |
Optional reporting environment for analytics and evaluation capabilities. |
saveReportingDataFunction |
aws-cdk-lib.aws_lambda.IFunction |
Optional Lambda function that saves reporting data to the reporting bucket. |
vpcConfiguration |
VpcConfiguration |
Optional VPC configuration for document processing components. |
configurationFunctionRequired
public readonly configurationFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
The Lambda function that updates configuration settings.
Used to initialize and update configuration during deployment and runtime.
configurationTableRequired
public readonly configurationTable: IConfigurationTable;
- Type: IConfigurationTable
The DynamoDB table that stores configuration settings.
Contains document schemas, extraction parameters, and other system-wide settings.
inputBucketRequired
public readonly inputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where source documents to be processed are stored.
This bucket is monitored for new document uploads to trigger processing.
logLevelRequired
public readonly logLevel: LogLevel;
- Type: LogLevel
The log level for document processing components.
Controls the verbosity of logs generated during document processing.
metricNamespaceRequired
public readonly metricNamespace: string;
- Type: string
The namespace for CloudWatch metrics emitted by the document processing system.
Used to organize and identify metrics related to document processing.
outputBucketRequired
public readonly outputBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where processed documents and extraction results are stored.
Contains the structured data output and processing artifacts.
trackingTableRequired
public readonly trackingTable: ITrackingTable;
- Type: ITrackingTable
The DynamoDB table that tracks document processing status and metadata.
Stores information about documents being processed, including status and results.
workingBucketRequired
public readonly workingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket used for temporary storage during document processing.
Contains intermediate processing artifacts and working files.
apiOptional
public readonly api: IProcessingEnvironmentApi;
Optional ProcessingEnvironmentApi for progress notifications.
When provided, functions will use GraphQL mutations to update document status and notify clients about processing progress.
documentDiscoveryOptional
public readonly documentDiscovery: IDocumentDiscovery;
- Type: IDocumentDiscovery
Optional document discovery system for automated configuration generation.
When provided, enables discovery job processing, status tracking, and UI upload functionality.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS key used for encrypting sensitive data in the processing environment.
When provided, ensures that document content and metadata are encrypted at rest.
logRetentionOptional
public readonly logRetention: RetentionDays;
- Type: aws-cdk-lib.aws_logs.RetentionDays
The retention period for CloudWatch logs generated by document processing components.
Controls how long system logs are kept for troubleshooting and auditing.
reportingEnvironmentOptional
public readonly reportingEnvironment: IReportingEnvironment;
- Type: IReportingEnvironment
Optional reporting environment for analytics and evaluation capabilities.
When provided, enables storage and querying of evaluation metrics and processing analytics.
saveReportingDataFunctionOptional
public readonly saveReportingDataFunction: IFunction;
- Type: aws-cdk-lib.aws_lambda.IFunction
Optional Lambda function that saves reporting data to the reporting bucket.
Available when a reporting environment is provided.
vpcConfigurationOptional
public readonly vpcConfiguration: VpcConfiguration;
- Type: VpcConfiguration
Optional VPC configuration for document processing components.
When provided, deploys processing components within a VPC with specified settings.
IProcessingEnvironmentApi
-
Extends: aws-cdk-lib.aws_appsync.IGraphqlApi
-
Implemented By: ProcessingEnvironmentApi, IProcessingEnvironmentApi
Interface for the document processing environment API.
Provides GraphQL API capabilities for monitoring and managing document processing.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
apiId |
string |
an unique AWS AppSync GraphQL API identifier i.e. 'lxz775lwdrgcndgz3nurvac7oa'. |
arn |
string |
the ARN of the API. |
graphQLEndpointArn |
string |
The GraphQL endpoint ARN. |
modes |
aws-cdk-lib.aws_appsync.AuthorizationType[] |
The Authorization Types for this GraphQL Api. |
visibility |
aws-cdk-lib.aws_appsync.Visibility |
the visibility of the API. |
graphqlUrl |
string |
The URL endpoint for the GraphQL API. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
apiIdRequired
public readonly apiId: string;
- Type: string
an unique AWS AppSync GraphQL API identifier i.e. 'lxz775lwdrgcndgz3nurvac7oa'.
arnRequired
public readonly arn: string;
- Type: string
the ARN of the API.
graphQLEndpointArnRequired
public readonly graphQLEndpointArn: string;
- Type: string
The GraphQL endpoint ARN.
modesRequired
public readonly modes: AuthorizationType[];
- Type: aws-cdk-lib.aws_appsync.AuthorizationType[]
The Authorization Types for this GraphQL Api.
visibilityRequired
public readonly visibility: Visibility;
- Type: aws-cdk-lib.aws_appsync.Visibility
the visibility of the API.
graphqlUrlRequired
public readonly graphqlUrl: string;
- Type: string
The URL endpoint for the GraphQL API.
Used by client applications to interact with the document processing system.
IReportingEnvironment
- Implemented By: ReportingEnvironment, IReportingEnvironment
Interface for the reporting environment that provides analytics and evaluation capabilities.
This environment stores evaluation metrics, document processing analytics, and metering data in a structured format suitable for querying with Amazon Athena.
Properties
| Name | Type | Description |
|---|---|---|
attributeEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for attribute-level evaluation metrics. |
documentEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for document-level evaluation metrics. |
meteringTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for metering data. |
reportingBucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where evaluation metrics and reporting data are stored in Parquet format. |
reportingDatabase |
@aws-cdk/aws-glue-alpha.Database |
The AWS Glue database containing tables for evaluation metrics. |
sectionEvaluationsTable |
@aws-cdk/aws-glue-alpha.S3Table |
The Glue table for section-level evaluation metrics. |
attributeEvaluationsTableRequired
public readonly attributeEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for attribute-level evaluation metrics.
Contains detailed evaluation metrics for individual extracted attributes.
documentEvaluationsTableRequired
public readonly documentEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for document-level evaluation metrics.
Contains accuracy, precision, recall, F1 score, and other document-level metrics.
meteringTableRequired
public readonly meteringTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for metering data.
Contains cost and usage metrics for document processing operations.
reportingBucketRequired
public readonly reportingBucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where evaluation metrics and reporting data are stored in Parquet format.
Contains document-level, section-level, and attribute-level evaluation metrics.
reportingDatabaseRequired
public readonly reportingDatabase: Database;
- Type: @aws-cdk/aws-glue-alpha.Database
The AWS Glue database containing tables for evaluation metrics.
Provides a structured catalog for querying evaluation data with Amazon Athena.
sectionEvaluationsTableRequired
public readonly sectionEvaluationsTable: S3Table;
- Type: @aws-cdk/aws-glue-alpha.S3Table
The Glue table for section-level evaluation metrics.
Contains evaluation metrics for individual sections within documents.
ITrackingTable
-
Extends: aws-cdk-lib.aws_dynamodb.ITable
-
Implemented By: TrackingTable, ITrackingTable
Interface for the document tracking table.
This table stores information about document processing status, metadata, and results, enabling tracking of documents throughout their processing lifecycle from upload to completion.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
tableArn |
string |
Arn of the dynamodb table. |
tableName |
string |
Table name of the dynamodb table. |
encryptionKey |
aws-cdk-lib.aws_kms.IKey |
Optional KMS encryption key associated with this table. |
tableStreamArn |
string |
ARN of the table's stream, if there is one. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
tableArnRequired
public readonly tableArn: string;
- Type: string
Arn of the dynamodb table.
tableNameRequired
public readonly tableName: string;
- Type: string
Table name of the dynamodb table.
encryptionKeyOptional
public readonly encryptionKey: IKey;
- Type: aws-cdk-lib.aws_kms.IKey
Optional KMS encryption key associated with this table.
tableStreamArnOptional
public readonly tableStreamArn: string;
- Type: string
ARN of the table's stream, if there is one.
IUserIdentity
- Implemented By: UserIdentity, IUserIdentity
Interface for user identity management components.
Provides authentication and authorization for the web application.
Properties
| Name | Type | Description |
|---|---|---|
identityPool |
aws-cdk-lib.aws_cognito_identitypool.IdentityPool |
The Cognito Identity Pool that provides temporary AWS credentials. |
userPool |
aws-cdk-lib.aws_cognito.IUserPool |
The Cognito UserPool that stores user identities and credentials. |
userPoolClient |
aws-cdk-lib.aws_cognito.IUserPoolClient |
The Cognito UserPool Client used by the web application for OAuth flows. |
identityPoolRequired
public readonly identityPool: IdentityPool;
- Type: aws-cdk-lib.aws_cognito_identitypool.IdentityPool
The Cognito Identity Pool that provides temporary AWS credentials.
Allows authenticated users to access AWS services with appropriate permissions.
userPoolRequired
public readonly userPool: IUserPool;
- Type: aws-cdk-lib.aws_cognito.IUserPool
The Cognito UserPool that stores user identities and credentials.
Handles user registration, authentication, and account management.
userPoolClientRequired
public readonly userPoolClient: IUserPoolClient;
- Type: aws-cdk-lib.aws_cognito.IUserPoolClient
The Cognito UserPool Client used by the web application for OAuth flows.
Enables the web UI to authenticate users against the UserPool.
IWebApplication
- Implemented By: WebApplication, IWebApplication
Interface for the web application that provides a user interface for the document processing solution.
Enables users to upload documents, monitor processing status, and access extraction results.
Properties
| Name | Type | Description |
|---|---|---|
bucket |
aws-cdk-lib.aws_s3.IBucket |
The S3 bucket where the web application assets are deployed. |
distribution |
aws-cdk-lib.aws_cloudfront.IDistribution |
The CloudFront distribution that serves the web application. |
bucketRequired
public readonly bucket: IBucket;
- Type: aws-cdk-lib.aws_s3.IBucket
The S3 bucket where the web application assets are deployed.
Contains the static files for the web UI including HTML, CSS, and JavaScript.
distributionRequired
public readonly distribution: IDistribution;
- Type: aws-cdk-lib.aws_cloudfront.IDistribution
The CloudFront distribution that serves the web application.
Provides global content delivery with low latency and high performance.
IWorkteam
Interface for SageMaker workteam used in HITL workflows.
Properties
| Name | Type | Description |
|---|---|---|
node |
constructs.Node |
The tree node. |
env |
aws-cdk-lib.interfaces.ResourceEnvironment |
The environment this resource belongs to. |
stack |
aws-cdk-lib.Stack |
The stack in which this resource is defined. |
workteamArn |
string |
The ARN of the SageMaker workteam. |
workteamName |
string |
The name of the SageMaker workteam. |
nodeRequired
public readonly node: Node;
- Type: constructs.Node
The tree node.
envRequired
public readonly env: ResourceEnvironment;
- Type: aws-cdk-lib.interfaces.ResourceEnvironment
The environment this resource belongs to.
For resources that are created and managed in a Stack (those created by
creating new class instances like new Role(), new Bucket(), etc.), this
is always the same as the environment of the stack they belong to.
For referenced resources (those obtained from referencing methods like
Role.fromRoleArn(), Bucket.fromBucketName(), etc.), they might be
different than the stack they were imported into.
stackRequired
public readonly stack: Stack;
- Type: aws-cdk-lib.Stack
The stack in which this resource is defined.
workteamArnRequired
public readonly workteamArn: string;
- Type: string
The ARN of the SageMaker workteam.
workteamNameRequired
public readonly workteamName: string;
- Type: string
The name of the SageMaker workteam.
Enums
CrawlerSchedule
Enumeration of supported crawler schedules.
Members
| Name | Description |
|---|---|
MANUAL |
Manual execution only - no automatic schedule. |
EVERY_15_MINUTES |
Run every 15 minutes. |
HOURLY |
Run every hour. |
DAILY |
Run daily. |
MANUAL
Manual execution only - no automatic schedule.
EVERY_15_MINUTES
Run every 15 minutes.
HOURLY
Run every hour.
DAILY
Run daily.
LogLevel
Defines the logging verbosity levels for the document processing components.
Controls the amount of detail included in logs for troubleshooting and monitoring.
The log level affects all Lambda functions and other components in the IDP solution, allowing administrators to adjust logging detail based on operational needs.
Members
| Name | Description |
|---|---|
DEBUG |
Most verbose logging level, includes detailed debugging information. Useful during development and troubleshooting but generates large log volumes. |
INFO |
Standard logging level for operational information. Provides general information about the system's operation without excessive detail. |
WARN |
Logs potentially harmful situations that don't prevent the system from working. |
ERROR |
Logs error events that might still allow the application to continue running. Indicates failures that should be investigated. |
DEBUG
Most verbose logging level, includes detailed debugging information. Useful during development and troubleshooting but generates large log volumes.
Includes detailed information about internal operations, variable values, and processing steps that are useful for diagnosing issues.
INFO
Standard logging level for operational information. Provides general information about the system's operation without excessive detail.
Includes information about document processing events, workflow transitions, and important operational milestones.
WARN
Logs potentially harmful situations that don't prevent the system from working.
Indicates issues that should be addressed but aren't critical failures.
Includes warnings about potential problems, performance issues, or situations that might lead to errors if not addressed.
ERROR
Logs error events that might still allow the application to continue running. Indicates failures that should be investigated.
Includes information about processing failures, service errors, and other issues that affect system functionality.