From 1e73ba4dbdbedcb4a0698eccc3d0b0da601072b5 Mon Sep 17 00:00:00 2001 From: Momo Kornher Date: Tue, 24 Sep 2024 09:27:30 +0100 Subject: [PATCH 1/2] remove ecs-capacity-provider --- .../us-east-1/aws-ecs-capacityprovider.json | 105 ------------------ 1 file changed, 105 deletions(-) delete mode 100644 tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-ecs-capacityprovider.json diff --git a/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-ecs-capacityprovider.json b/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-ecs-capacityprovider.json deleted file mode 100644 index 1df3e93899112..0000000000000 --- a/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-ecs-capacityprovider.json +++ /dev/null @@ -1,105 +0,0 @@ -{ - "propertyTransform" : { - "/properties/AutoScalingGroupProvider/AutoScalingGroupArn" : "$split(AutoScalingGroupProvider.AutoScalingGroupArn, \"autoScalingGroupName/\")[-1] $OR $split(AutoScalingGroupArn, \"autoScalingGroupName/\")[-1]" - }, - "tagging" : { - "taggable" : true - }, - "handlers" : { - "read" : { - "permissions" : [ "ecs:DescribeCapacityProviders" ] - }, - "create" : { - "permissions" : [ "autoscaling:CreateOrUpdateTags", "ecs:CreateCapacityProvider", "ecs:DescribeCapacityProviders", "ecs:TagResource" ] - }, - "update" : { - "permissions" : [ "ecs:UpdateCapacityProvider", "ecs:DescribeCapacityProviders", "ecs:ListTagsForResource", "ecs:TagResource", "ecs:UntagResource" ] - }, - "list" : { - "permissions" : [ "ecs:DescribeCapacityProviders" ] - }, - "delete" : { - "permissions" : [ "ecs:DescribeCapacityProviders", "ecs:DeleteCapacityProvider" ] - } - }, - "typeName" : "AWS::ECS::CapacityProvider", - "description" : "Resource Type definition for AWS::ECS::CapacityProvider.", - "createOnlyProperties" : [ "/properties/AutoScalingGroupProvider/AutoScalingGroupArn", "/properties/Name" ], - "additionalProperties" : false, - "primaryIdentifier" : [ "/properties/Name" ], - "definitions" : { - "ManagedScaling" : { - "description" : "The managed scaling settings for the Auto Scaling group capacity provider.", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "Status" : { - "type" : "string", - "enum" : [ "DISABLED", "ENABLED" ] - }, - "MinimumScalingStepSize" : { - "type" : "integer" - }, - "InstanceWarmupPeriod" : { - "type" : "integer" - }, - "TargetCapacity" : { - "type" : "integer" - }, - "MaximumScalingStepSize" : { - "type" : "integer" - } - } - }, - "AutoScalingGroupProvider" : { - "additionalProperties" : false, - "type" : "object", - "properties" : { - "ManagedScaling" : { - "$ref" : "#/definitions/ManagedScaling" - }, - "AutoScalingGroupArn" : { - "type" : "string" - }, - "ManagedTerminationProtection" : { - "type" : "string", - "enum" : [ "DISABLED", "ENABLED" ] - }, - "ManagedDraining" : { - "type" : "string", - "enum" : [ "DISABLED", "ENABLED" ] - } - }, - "required" : [ "AutoScalingGroupArn" ] - }, - "Tag" : { - "additionalProperties" : false, - "type" : "object", - "properties" : { - "Value" : { - "minLength" : 1, - "type" : "string" - }, - "Key" : { - "minLength" : 1, - "type" : "string" - } - } - } - }, - "properties" : { - "AutoScalingGroupProvider" : { - "$ref" : "#/definitions/AutoScalingGroupProvider" - }, - "Tags" : { - "type" : "array", - "items" : { - "$ref" : "#/definitions/Tag" - } - }, - "Name" : { - "type" : "string" - } - }, - "required" : [ "AutoScalingGroupProvider" ] -} \ No newline at end of file From 25e73e5387cfb329ea587f26cc0d324bfd976a8a Mon Sep 17 00:00:00 2001 From: Momo Kornher Date: Tue, 24 Sep 2024 09:27:45 +0100 Subject: [PATCH 2/2] remove lambda patches --- .../aws-lambda-eventsourcemapping.json | 409 ---------------- .../aws-lambda-function-recursive-loop.json | 444 ------------------ 2 files changed, 853 deletions(-) delete mode 100644 tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-eventsourcemapping.json delete mode 100644 tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-function-recursive-loop.json diff --git a/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-eventsourcemapping.json b/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-eventsourcemapping.json deleted file mode 100644 index 965ef4c491c1a..0000000000000 --- a/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-eventsourcemapping.json +++ /dev/null @@ -1,409 +0,0 @@ -{ - "typeName" : "AWS::Lambda::EventSourceMapping", - "description" : "Resource Type definition for AWS::Lambda::EventSourceMapping", - "nonPublicProperties": ["/properties/KmsKeyArn"], - "additionalProperties" : false, - "properties" : { - "Id": { - "description": "Event Source Mapping Identifier UUID.", - "type": "string", - "pattern": "[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}", - "minLength": 36, - "maxLength": 36 - }, - "BatchSize": { - "description": "The maximum number of items to retrieve in a single batch.", - "type": "integer", - "minimum": 1, - "maximum": 10000 - }, - "BisectBatchOnFunctionError": { - "description": "(Streams) If the function returns an error, split the batch in two and retry.", - "type": "boolean" - }, - "DestinationConfig": { - "description": "(Kinesis, DynamoDB, Amazon MSK, and self-managed Kafka event sources only) A configuration object that specifies the destination of an event after Lambda processes it.", - "$ref": "#/definitions/DestinationConfig" - }, - "Enabled": { - "description": "Disables the event source mapping to pause polling and invocation.", - "type": "boolean" - }, - "EventSourceArn": { - "description": "The Amazon Resource Name (ARN) of the event source.", - "type": "string", - "pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)", - "minLength": 12, - "maxLength": 1024 - }, - "FilterCriteria": { - "description": "The filter criteria to control event filtering.", - "$ref": "#/definitions/FilterCriteria" - }, - "KmsKeyArn": { - "description": "The Amazon Resource Name (ARN) of the KMS key.", - "type": "string", - "pattern": "(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()", - "minLength": 12, - "maxLength": 2048 - }, - "FunctionName": { - "description": "The name of the Lambda function.", - "type": "string", - "pattern": "(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1}:)?(\\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\\$LATEST|[a-zA-Z0-9-_]+))?", - "minLength": 1, - "maxLength": 140 - }, - "MaximumBatchingWindowInSeconds": { - "description": "(Streams) The maximum amount of time to gather records before invoking the function, in seconds.", - "type": "integer", - "minimum": 0, - "maximum": 300 - }, - "MaximumRecordAgeInSeconds": { - "description": "(Streams) The maximum age of a record that Lambda sends to a function for processing.", - "type": "integer", - "minimum": -1, - "maximum": 604800 - }, - "MaximumRetryAttempts": { - "description": "(Streams) The maximum number of times to retry when the function returns an error.", - "type": "integer", - "minimum": -1, - "maximum": 10000 - }, - "ParallelizationFactor": { - "description": "(Streams) The number of batches to process from each shard concurrently.", - "type": "integer", - "minimum": 1, - "maximum": 10 - }, - "StartingPosition": { - "description": "The position in a stream from which to start reading. Required for Amazon Kinesis and Amazon DynamoDB Streams sources.", - "type": "string", - "pattern": "(LATEST|TRIM_HORIZON|AT_TIMESTAMP)+", - "minLength": 6, - "maxLength": 12 - }, - "StartingPositionTimestamp": { - "description": "With StartingPosition set to AT_TIMESTAMP, the time from which to start reading, in Unix time seconds.", - "type": "number" - }, - "Topics": { - "description": "(Kafka) A list of Kafka topics.", - "type": "array", - "uniqueItems": true, - "items": { - "type": "string", - "pattern": "^[^.]([a-zA-Z0-9\\-_.]+)", - "minLength": 1, - "maxLength": 249 - }, - "minItems": 1, - "maxItems": 1 - }, - "Queues": { - "description": "(ActiveMQ) A list of ActiveMQ queues.", - "type": "array", - "uniqueItems": true, - "items": { - "type": "string", - "pattern": "[\\s\\S]*", - "minLength": 1, - "maxLength": 1000 - }, - "minItems": 1, - "maxItems": 1 - }, - "SourceAccessConfigurations": { - "description": "A list of SourceAccessConfiguration.", - "type": "array", - "uniqueItems": true, - "items": { - "$ref": "#/definitions/SourceAccessConfiguration" - }, - "minItems": 1, - "maxItems": 22 - }, - "TumblingWindowInSeconds": { - "description": "(Streams) Tumbling window (non-overlapping time window) duration to perform aggregations.", - "type": "integer", - "minimum": 0, - "maximum": 900 - }, - "FunctionResponseTypes": { - "description": "(Streams) A list of response types supported by the function.", - "type": "array", - "uniqueItems": true, - "items": { - "type": "string", - "enum": [ - "ReportBatchItemFailures" - ] - }, - "minLength": 0, - "maxLength": 1 - }, - "SelfManagedEventSource": { - "description": "Self-managed event source endpoints.", - "$ref": "#/definitions/SelfManagedEventSource" - }, - "AmazonManagedKafkaEventSourceConfig": { - "description": "Specific configuration settings for an MSK event source.", - "$ref": "#/definitions/AmazonManagedKafkaEventSourceConfig" - }, - "SelfManagedKafkaEventSourceConfig": { - "description": "Specific configuration settings for a Self-Managed Apache Kafka event source.", - "$ref": "#/definitions/SelfManagedKafkaEventSourceConfig" - }, - "ScalingConfig": { - "description": "The scaling configuration for the event source.", - "$ref": "#/definitions/ScalingConfig" - }, - "DocumentDBEventSourceConfig": { - "description": "Document db event source config.", - "$ref": "#/definitions/DocumentDBEventSourceConfig" - } - }, - "definitions" : { - "DestinationConfig" : { - "type" : "object", - "additionalProperties" : false, - "description": "A configuration object that specifies the destination of an event after Lambda processes it.", - "properties" : { - "OnFailure": { - "description": "A destination for records of invocations that failed processing.", - "$ref": "#/definitions/OnFailure" - } - } - }, - "FilterCriteria": { - "type": "object", - "description": "The filter criteria to control event filtering.", - "additionalProperties" : false, - "properties": { - "Filters": { - "description": "List of filters of this FilterCriteria", - "type": "array", - "uniqueItems": true, - "items": { - "$ref": "#/definitions/Filter" - }, - "minItems": 1, - "maxItems": 20 - } - } - }, - "Filter": { - "type": "object", - "description": "The filter object that defines parameters for ESM filtering.", - "additionalProperties" : false, - "properties": { - "Pattern": { - "type": "string", - "description": "The filter pattern that defines which events should be passed for invocations.", - "pattern": ".*", - "minLength": 0, - "maxLength": 4096 - } - } - }, - "OnFailure": { - "type" : "object", - "description" : "A destination for records of invocations that failed processing.", - "additionalProperties" : false, - "properties" : { - "Destination": { - "description": "The Amazon Resource Name (ARN) of the destination resource.", - "type": "string", - "pattern": "arn:(aws[a-zA-Z0-9-]*):([a-zA-Z0-9\\-])+:([a-z]{2}(-gov)?(-iso([a-z])?)?-[a-z]+-\\d{1})?:(\\d{12})?:(.*)", - "minLength": 12, - "maxLength": 1024 - } - } - }, - "SourceAccessConfiguration" : { - "type" : "object", - "additionalProperties" : false, - "description": "The configuration used by AWS Lambda to access event source", - "properties" : { - "Type" : { - "description": "The type of source access configuration.", - "enum": [ - "BASIC_AUTH", - "VPC_SUBNET", - "VPC_SECURITY_GROUP", - "SASL_SCRAM_512_AUTH", - "SASL_SCRAM_256_AUTH", - "VIRTUAL_HOST", - "CLIENT_CERTIFICATE_TLS_AUTH", - "SERVER_ROOT_CA_CERTIFICATE" - ], - "type": "string" - }, - "URI" : { - "description": "The URI for the source access configuration resource.", - "type": "string", - "pattern": "[a-zA-Z0-9-\\/*:_+=.@-]*", - "minLength": 1, - "maxLength": 200 - } - } - }, - "SelfManagedEventSource" : { - "type": "object", - "additionalProperties": false, - "description": "The configuration used by AWS Lambda to access a self-managed event source.", - "properties": { - "Endpoints": { - "description": "The endpoints for a self-managed event source.", - "$ref": "#/definitions/Endpoints" - } - } - }, - "Endpoints" : { - "type": "object", - "additionalProperties": false, - "description": "The endpoints used by AWS Lambda to access a self-managed event source.", - "properties": { - "KafkaBootstrapServers": { - "type": "array", - "description": "A list of Kafka server endpoints.", - "uniqueItems": true, - "items": { - "type": "string", - "description": "The URL of a Kafka server.", - "pattern": "^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\\-]*[a-zA-Z0-9])\\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\\-]*[A-Za-z0-9]):[0-9]{1,5}", - "minLength": 1, - "maxLength": 300 - }, - "minItems": 1, - "maxItems": 10 - } - } - }, - "ConsumerGroupId": { - "description": "The identifier for the Kafka Consumer Group to join.", - "type": "string", - "pattern": "[a-zA-Z0-9-\\/*:_+=.@-]*", - "minLength": 1, - "maxLength": 200 - }, - "AmazonManagedKafkaEventSourceConfig": { - "description": "Specific configuration settings for an MSK event source.", - "type": "object", - "additionalProperties": false, - "properties": { - "ConsumerGroupId": { - "description": "The identifier for the Kafka Consumer Group to join.", - "$ref": "#/definitions/ConsumerGroupId" - } - } - }, - "SelfManagedKafkaEventSourceConfig": { - "description": "Specific configuration settings for a Self-Managed Apache Kafka event source.", - "type": "object", - "additionalProperties": false, - "properties": { - "ConsumerGroupId": { - "description": "The identifier for the Kafka Consumer Group to join.", - "$ref": "#/definitions/ConsumerGroupId" - } - } - }, - "MaximumConcurrency": { - "description": "The maximum number of concurrent functions that an event source can invoke.", - "type": "integer", - "minimum": 2, - "maximum": 1000 - }, - "ScalingConfig": { - "description": "The scaling configuration for the event source.", - "type": "object", - "additionalProperties": false, - "properties": { - "MaximumConcurrency": { - "description": "The maximum number of concurrent functions that the event source can invoke.", - "$ref": "#/definitions/MaximumConcurrency" - } - } - }, - "DocumentDBEventSourceConfig": { - "description": "Document db event source config.", - "type": "object", - "additionalProperties": false, - "properties": { - "DatabaseName": { - "description": "The database name to connect to.", - "type": "string", - "minLength": 1, - "maxLength": 63 - }, - "CollectionName": { - "description": "The collection name to connect to.", - "type": "string", - "minLength": 1, - "maxLength": 57 - }, - "FullDocument": { - "description": "Include full document in change stream response. The default option will only send the changes made to documents to Lambda. If you want the complete document sent to Lambda, set this to UpdateLookup.", - "type": "string", - "enum": [ - "UpdateLookup", - "Default" - ] - } - } - } - }, - "required" : [ "FunctionName" ], - "createOnlyProperties" : [ - "/properties/EventSourceArn", - "/properties/StartingPosition", - "/properties/StartingPositionTimestamp", - "/properties/SelfManagedEventSource", - "/properties/AmazonManagedKafkaEventSourceConfig", - "/properties/SelfManagedKafkaEventSourceConfig" - ], - "readOnlyProperties" : [ "/properties/Id" ], - "primaryIdentifier" : [ "/properties/Id" ], - "propertyTransform" : { - "/properties/StartingPositionTimestamp": "StartingPositionTimestamp * 1000" - }, - "handlers": { - "create": { - "permissions": [ - "lambda:CreateEventSourceMapping", - "lambda:GetEventSourceMapping" - ] - }, - "delete": { - "permissions": [ - "lambda:DeleteEventSourceMapping", - "lambda:GetEventSourceMapping" - ] - }, - "list": { - "permissions": [ - "lambda:ListEventSourceMappings" - ] - }, - "read": { - "permissions": [ - "lambda:GetEventSourceMapping" - ] - }, - "update": { - "permissions": [ - "lambda:UpdateEventSourceMapping", - "lambda:GetEventSourceMapping" - ] - } - }, - "tagging": { - "taggable": false, - "tagOnCreate": false, - "tagUpdatable": false, - "cloudFormationSystemTags": false - } -} \ No newline at end of file diff --git a/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-function-recursive-loop.json b/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-function-recursive-loop.json deleted file mode 100644 index 4c2951843f230..0000000000000 --- a/tools/@aws-cdk/spec2cdk/temporary-schemas/us-east-1/aws-lambda-function-recursive-loop.json +++ /dev/null @@ -1,444 +0,0 @@ -{ - "tagging" : { - "taggable" : true, - "tagOnCreate" : true, - "tagUpdatable" : true, - "tagProperty" : "/properties/Tags", - "cloudFormationSystemTags" : true - }, - "handlers" : { - "read" : { - "permissions" : [ "lambda:GetFunction", "lambda:GetFunctionCodeSigningConfig" ] - }, - "create" : { - "permissions" : [ "lambda:CreateFunction", "lambda:GetFunction", "lambda:PutFunctionConcurrency", "iam:PassRole", "s3:GetObject", "s3:GetObjectVersion", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticfilesystem:DescribeMountTargets", "kms:CreateGrant", "kms:Decrypt", "kms:Encrypt", "kms:GenerateDataKey", "lambda:GetCodeSigningConfig", "lambda:GetFunctionCodeSigningConfig", "lambda:GetLayerVersion", "lambda:GetRuntimeManagementConfig", "lambda:PutRuntimeManagementConfig", "lambda:TagResource" ] - }, - "update" : { - "permissions" : [ "lambda:DeleteFunctionConcurrency", "lambda:GetFunction", "lambda:PutFunctionConcurrency", "lambda:ListTags", "lambda:TagResource", "lambda:UntagResource", "lambda:UpdateFunctionConfiguration", "lambda:UpdateFunctionCode", "iam:PassRole", "s3:GetObject", "s3:GetObjectVersion", "ec2:DescribeSecurityGroups", "ec2:DescribeSubnets", "ec2:DescribeVpcs", "elasticfilesystem:DescribeMountTargets", "kms:CreateGrant", "kms:Decrypt", "kms:GenerateDataKey", "lambda:GetRuntimeManagementConfig", "lambda:PutRuntimeManagementConfig", "lambda:PutFunctionCodeSigningConfig", "lambda:DeleteFunctionCodeSigningConfig", "lambda:GetCodeSigningConfig", "lambda:GetFunctionCodeSigningConfig" ] - }, - "list" : { - "permissions" : [ "lambda:ListFunctions" ] - }, - "delete" : { - "permissions" : [ "lambda:DeleteFunction", "lambda:GetFunction", "ec2:DescribeNetworkInterfaces" ] - } - }, - "typeName" : "AWS::Lambda::Function", - "readOnlyProperties" : [ "/properties/SnapStartResponse", "/properties/SnapStartResponse/ApplyOn", "/properties/SnapStartResponse/OptimizationStatus", "/properties/Arn" ], - "description" : "The ``AWS::Lambda::Function`` resource creates a Lambda function. To create a function, you need a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) and an [execution role](https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html). The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use AWS services, such as Amazon CloudWatch Logs for log streaming and AWS X-Ray for request tracing.\n You set the package type to ``Image`` if the deployment package is a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html). For a container image, the code property must include the URI of a container image in the Amazon ECR registry. You do not need to specify the handler and runtime properties. \n You set the package type to ``Zip`` if the deployment package is a [.zip file archive](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html#gettingstarted-package-zip). For a .zip file archive, the code property specifies the location of the .zip file. You must also specify the handler and runtime properties. For a Python example, see [Deploy Python Lambda functions with .zip file archives](https://docs.aws.amazon.com/lambda/latest/dg/python-package.html).\n You can use [code signing](https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html) if your deployment package is a .zip file archive. To enable code signing for this function, specify the ARN of a code-signing configuration. When a user attempts to deploy a code package with ``UpdateFunctionCode``, Lambda checks that the code package has a valid signature from a trusted publisher. The code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.\n Note that you configure [provisioned concurrency](https://docs.aws.amazon.com/lambda/latest/dg/provisioned-concurrency.html) on a ``AWS::Lambda::Version`` or a ``AWS::Lambda::Alias``.\n For a complete introduction to Lambda functions, see [What is Lambda?](https://docs.aws.amazon.com/lambda/latest/dg/lambda-welcome.html) in the *Lambda developer guide.*", - "writeOnlyProperties" : [ "/properties/SnapStart", "/properties/SnapStart/ApplyOn", "/properties/Code", "/properties/Code/ImageUri", "/properties/Code/S3Bucket", "/properties/Code/S3Key", "/properties/Code/S3ObjectVersion", "/properties/Code/ZipFile" ], - "createOnlyProperties" : [ "/properties/FunctionName" ], - "additionalProperties" : false, - "primaryIdentifier" : [ "/properties/FunctionName" ], - "definitions" : { - "ImageConfig" : { - "description" : "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms).", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "WorkingDirectory" : { - "description" : "Specifies the working directory. The length of the directory string cannot exceed 1,000 characters.", - "type" : "string" - }, - "Command" : { - "maxItems" : 1500, - "uniqueItems" : true, - "description" : "Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list.", - "type" : "array", - "items" : { - "type" : "string" - } - }, - "EntryPoint" : { - "maxItems" : 1500, - "uniqueItems" : true, - "description" : "Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list.", - "type" : "array", - "items" : { - "type" : "string" - } - } - } - }, - "TracingConfig" : { - "description" : "The function's [](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) tracing configuration. To sample and record incoming requests, set ``Mode`` to ``Active``.", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "Mode" : { - "description" : "The tracing mode.", - "type" : "string", - "enum" : [ "Active", "PassThrough" ] - } - } - }, - "VpcConfig" : { - "description" : "The VPC security groups and subnets that are attached to a Lambda function. When you connect a function to a VPC, Lambda creates an elastic network interface for each combination of security group and subnet in the function's VPC configuration. The function can only access resources and the internet through that VPC. For more information, see [VPC Settings](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html).\n When you delete a function, CFN monitors the state of its network interfaces and waits for Lambda to delete them before proceeding. If the VPC is defined in the same stack, the network interfaces need to be deleted by Lambda before CFN can delete the VPC's resources.\n To monitor network interfaces, CFN needs the ``ec2:DescribeNetworkInterfaces`` permission. It obtains this from the user or role that modifies the stack. If you don't provide this permission, CFN does not wait for network interfaces to be deleted.", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "Ipv6AllowedForDualStack" : { - "description" : "Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.", - "type" : "boolean" - }, - "SecurityGroupIds" : { - "maxItems" : 5, - "uniqueItems" : false, - "description" : "A list of VPC security group IDs.", - "type" : "array", - "items" : { - "type" : "string" - } - }, - "SubnetIds" : { - "maxItems" : 16, - "uniqueItems" : false, - "description" : "A list of VPC subnet IDs.", - "type" : "array", - "items" : { - "type" : "string" - } - } - } - }, - "DeadLetterConfig" : { - "description" : "The [dead-letter queue](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq) for failed asynchronous invocations.", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "TargetArn" : { - "pattern" : "^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$", - "description" : "The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic.", - "type" : "string" - } - } - }, - "RuntimeManagementConfig" : { - "description" : "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html).", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "UpdateRuntimeOn" : { - "description" : "Specify the runtime update mode.\n + *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase). This is the best choice for most customers to ensure they always benefit from runtime updates.\n + *FunctionUpdate* - LAM updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date.\n + *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback).\n \n *Valid Values*: ``Auto`` | ``FunctionUpdate`` | ``Manual``", - "type" : "string", - "enum" : [ "Auto", "FunctionUpdate", "Manual" ] - }, - "RuntimeVersionArn" : { - "description" : "The ARN of the runtime version you want the function to use.\n This is only required if you're using the *Manual* runtime update mode.", - "type" : "string" - } - }, - "required" : [ "UpdateRuntimeOn" ] - }, - "SnapStart" : { - "description" : "The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "ApplyOn" : { - "description" : "Set ``ApplyOn`` to ``PublishedVersions`` to create a snapshot of the initialized execution environment when you publish a function version.", - "type" : "string", - "enum" : [ "PublishedVersions", "None" ] - } - }, - "required" : [ "ApplyOn" ] - }, - "SnapStartResponse" : { - "description" : "The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "OptimizationStatus" : { - "description" : "When you provide a [qualified Amazon Resource Name (ARN)](https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html#versioning-versions-using), this response element indicates whether SnapStart is activated for the specified function version.", - "type" : "string", - "enum" : [ "On", "Off" ] - }, - "ApplyOn" : { - "description" : "When set to ``PublishedVersions``, Lambda creates a snapshot of the execution environment when you publish a function version.", - "type" : "string", - "enum" : [ "PublishedVersions", "None" ] - } - } - }, - "Code" : { - "description" : "The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template.\n Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template.", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "S3ObjectVersion" : { - "minLength" : 1, - "description" : "For versioned objects, the version of the deployment package object to use.", - "type" : "string", - "maxLength" : 1024 - }, - "S3Bucket" : { - "minLength" : 3, - "pattern" : "^[0-9A-Za-z\\.\\-_]*(?``. To use a different log group, enter an existing log group or enter a new log group name.", - "type" : "string", - "maxLength" : 512 - }, - "SystemLogLevel" : { - "description" : "Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where ``DEBUG`` is the highest level and ``WARN`` is the lowest.", - "type" : "string", - "enum" : [ "DEBUG", "INFO", "WARN" ] - } - } - }, - "Environment" : { - "description" : "A function's environment variable settings. You can use environment variables to adjust your function's behavior without updating code. An environment variable is a pair of strings that are stored in a function's version-specific configuration.", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "Variables" : { - "patternProperties" : { - "[a-zA-Z][a-zA-Z0-9_]+" : { - "type" : "string" - } - }, - "description" : "Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html).", - "additionalProperties" : false, - "type" : "object" - } - } - }, - "FileSystemConfig" : { - "description" : "Details about the connection between a Lambda function and an [Amazon EFS file system](https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html).", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "Arn" : { - "pattern" : "^arn:aws[a-zA-Z-]*:elasticfilesystem:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:access-point/fsap-[a-f0-9]{17}$", - "description" : "The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system.", - "type" : "string", - "maxLength" : 200 - }, - "LocalMountPath" : { - "pattern" : "^/mnt/[a-zA-Z0-9-_.]+$", - "description" : "The path where the function can access the file system, starting with ``/mnt/``.", - "type" : "string", - "maxLength" : 160 - } - }, - "required" : [ "Arn", "LocalMountPath" ] - }, - "Tag" : { - "description" : "", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "Value" : { - "minLength" : 0, - "description" : "", - "type" : "string", - "maxLength" : 256 - }, - "Key" : { - "minLength" : 1, - "description" : "", - "type" : "string", - "maxLength" : 128 - } - }, - "required" : [ "Key" ] - }, - "EphemeralStorage" : { - "description" : "The size of the function's ``/tmp`` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", - "additionalProperties" : false, - "type" : "object", - "properties" : { - "Size" : { - "description" : "The size of the function's ``/tmp`` directory.", - "maximum" : 10240, - "type" : "integer", - "minimum" : 512 - } - }, - "required" : [ "Size" ] - } - }, - "required" : [ "Code", "Role" ], - "properties" : { - "Description" : { - "description" : "A description of the function.", - "type" : "string", - "maxLength" : 256 - }, - "TracingConfig" : { - "description" : "Set ``Mode`` to ``Active`` to sample and trace a subset of incoming requests with [X-Ray](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html).", - "$ref" : "#/definitions/TracingConfig" - }, - "VpcConfig" : { - "description" : "For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can access resources and the internet only through that VPC. For more information, see [Configuring a Lambda function to access resources in a VPC](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html).", - "$ref" : "#/definitions/VpcConfig" - }, - "RuntimeManagementConfig" : { - "description" : "Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html).", - "$ref" : "#/definitions/RuntimeManagementConfig" - }, - "ReservedConcurrentExecutions" : { - "description" : "The number of simultaneous executions to reserve for the function.", - "type" : "integer", - "minimum" : 0 - }, - "SnapStart" : { - "description" : "The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting.", - "$ref" : "#/definitions/SnapStart" - }, - "FileSystemConfigs" : { - "maxItems" : 1, - "description" : "Connection settings for an Amazon EFS file system. To connect a function to a file system, a mount target must be available in every Availability Zone that your function connects to. If your template contains an [AWS::EFS::MountTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-efs-mounttarget.html) resource, you must also specify a ``DependsOn`` attribute to ensure that the mount target is created or updated before the function.\n For more information about using the ``DependsOn`` attribute, see [DependsOn Attribute](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-dependson.html).", - "type" : "array", - "items" : { - "$ref" : "#/definitions/FileSystemConfig" - } - }, - "FunctionName" : { - "minLength" : 1, - "description" : "The name of the Lambda function, up to 64 characters in length. If you don't specify a name, CFN generates one.\n If you specify a name, you cannot perform updates that require replacement of this resource. You can perform updates that require no or some interruption. If you must replace the resource, specify a new name.", - "type" : "string" - }, - "Runtime" : { - "description" : "The identifier of the function's [runtime](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html). Runtime is required if the deployment package is a .zip file archive. Specifying a runtime results in an error if you're deploying a function using a container image.\n The following list includes deprecated runtimes. Lambda blocks creating new functions and updating existing functions shortly after each runtime is deprecated. For more information, see [Runtime use after deprecation](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtime-deprecation-levels).\n For a list of all currently supported runtimes, see [Supported runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html#runtimes-supported).", - "type" : "string" - }, - "KmsKeyArn" : { - "pattern" : "^(arn:(aws[a-zA-Z-]*)?:[a-z0-9-.]+:.*)|()$", - "description" : "The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's [environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption). When [Lambda SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html) is activated, Lambda also uses this key is to encrypt your function's snapshot. If you deploy your function using a container image, Lambda also uses this key to encrypt your function when it's deployed. Note that this is not the same key that's used to protect your container image in the Amazon Elastic Container Registry (Amazon ECR). If you don't provide a customer managed key, Lambda uses a default service key.", - "type" : "string" - }, - "PackageType" : { - "description" : "The type of deployment package. Set to ``Image`` for container image and set ``Zip`` for .zip file archive.", - "type" : "string", - "enum" : [ "Image", "Zip" ] - }, - "CodeSigningConfigArn" : { - "pattern" : "arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\\d{1}:\\d{12}:code-signing-config:csc-[a-z0-9]{17}", - "description" : "To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.", - "type" : "string" - }, - "Layers" : { - "uniqueItems" : false, - "description" : "A list of [function layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) to add to the function's execution environment. Specify each layer by its ARN, including the version.", - "type" : "array", - "items" : { - "type" : "string" - } - }, - "Tags" : { - "uniqueItems" : true, - "description" : "A list of [tags](https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function.", - "insertionOrder" : false, - "type" : "array", - "items" : { - "$ref" : "#/definitions/Tag" - } - }, - "ImageConfig" : { - "description" : "Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms).", - "$ref" : "#/definitions/ImageConfig" - }, - "MemorySize" : { - "description" : "The amount of [memory available to the function](https://docs.aws.amazon.com/lambda/latest/dg/configuration-function-common.html#configuration-memory-console) at runtime. Increasing the function memory also increases its CPU allocation. The default value is 128 MB. The value can be any multiple of 1 MB. Note that new AWS accounts have reduced concurrency and memory quotas. AWS raises these quotas automatically based on your usage. You can also request a quota increase.", - "type" : "integer" - }, - "DeadLetterConfig" : { - "description" : "A dead-letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. For more information, see [Dead-letter queues](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-dlq).", - "$ref" : "#/definitions/DeadLetterConfig" - }, - "Timeout" : { - "description" : "The amount of time (in seconds) that Lambda allows a function to run before stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. For more information, see [Lambda execution environment](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html).", - "type" : "integer", - "minimum" : 1 - }, - "Handler" : { - "pattern" : "^[^\\s]+$", - "description" : "The name of the method within your code that Lambda calls to run your function. Handler is required if the deployment package is a .zip file archive. The format includes the file name. It can also include namespaces and other qualifiers, depending on the runtime. For more information, see [Lambda programming model](https://docs.aws.amazon.com/lambda/latest/dg/foundation-progmodel.html).", - "type" : "string", - "maxLength" : 128 - }, - "SnapStartResponse" : { - "description" : "", - "$ref" : "#/definitions/SnapStartResponse" - }, - "Code" : { - "description" : "The code for the function.", - "$ref" : "#/definitions/Code" - }, - "Role" : { - "pattern" : "^arn:(aws[a-zA-Z-]*)?:iam::\\d{12}:role/?[a-zA-Z_0-9+=,.@\\-_/]+$", - "description" : "The Amazon Resource Name (ARN) of the function's execution role.", - "type" : "string" - }, - "LoggingConfig" : { - "description" : "The function's Amazon CloudWatch Logs configuration settings.", - "$ref" : "#/definitions/LoggingConfig" - }, - "Environment" : { - "description" : "Environment variables that are accessible from function code during execution.", - "$ref" : "#/definitions/Environment" - }, - "Arn" : { - "description" : "", - "type" : "string" - }, - "EphemeralStorage" : { - "description" : "The size of the function's ``/tmp`` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB.", - "$ref" : "#/definitions/EphemeralStorage" - }, - "Architectures" : { - "minItems" : 1, - "maxItems" : 1, - "uniqueItems" : true, - "description" : "The instruction set architecture that the function supports. Enter a string array with one of the valid values (arm64 or x86_64). The default value is ``x86_64``.", - "type" : "array", - "items" : { - "type" : "string", - "enum" : [ "x86_64", "arm64" ] - } - }, - "RecursiveLoop" : { - "description" : "This property is set to terminate unintended recursions. If set to ``Terminate``, Lambda detects and terminates unitended recursive loops. If set to ``Allow`` Lambda lets recursions be and does not terminate it.", - "type" : "string", - "enum" : [ "Allow", "Terminate" ] - } - } - } \ No newline at end of file