| Reference Documentation: | https://docs.aws.amazon.com/solutions/latest/constructs/ |
|---|
| Language | Package |
|---|---|
 Python |
aws_solutions_constructs.aws_lambda_dynamodb |
 Typescript |
@aws-solutions-constructs/aws-lambda-dynamodb |
 Java |
software.amazon.awsconstructs.services.lambdadynamodb |
This AWS Solutions Construct implements the AWS Lambda function and Amazon DynamoDB table with the least privileged permissions.
Here is a minimal deployable pattern definition:
Typescript
import { Construct } from 'constructs';
import { Stack, StackProps } from 'aws-cdk-lib';
import { LambdaToDynamoDBProps, LambdaToDynamoDB } from '@aws-solutions-constructs/aws-lambda-dynamodb';
import * as lambda from 'aws-cdk-lib/aws-lambda';
const constructProps: LambdaToDynamoDBProps = {
lambdaFunctionProps: {
code: lambda.Code.fromAsset(`lambda`),
runtime: lambda.Runtime.NODEJS_20_X,
handler: 'index.handler'
},
};
new LambdaToDynamoDB(this, 'test-lambda-dynamodb-stack', constructProps);Python
from aws_solutions_constructs.aws_lambda_dynamodb import LambdaToDynamoDBProps, LambdaToDynamoDB
from aws_cdk import (
aws_lambda as _lambda,
Stack
)
from constructs import Construct
LambdaToDynamoDB(self, 'test_lambda_dynamodb_stack',
lambda_function_props=_lambda.FunctionProps(
code=_lambda.Code.from_asset(
'lambda'),
runtime=_lambda.Runtime.Python_3_11,
handler='index.handler'
))Java
import software.constructs.Construct;
import software.amazon.awscdk.Stack;
import software.amazon.awscdk.StackProps;
import software.amazon.awscdk.services.lambda.*;
import software.amazon.awscdk.services.lambda.Runtime;
import software.amazon.awsconstructs.services.lambdadynamodb.*;
new LambdaToDynamoDB(this, "test_lambda_dynamodb_stack", new LambdaToDynamoDBProps.Builder()
.lambdaFunctionProps(new FunctionProps.Builder()
.runtime(Runtime.NODEJS_20_X)
.code(Code.fromAsset("lambda"))
.handler("index.handler")
.build())
.build());| Name | Type | Description |
|---|---|---|
| existingLambdaObj? | lambda.Function |
Existing instance of Lambda Function object, providing both this and lambdaFunctionProps will cause an error. |
| lambdaFunctionProps? | lambda.FunctionProps |
User provided props to override the default props for the Lambda function. |
| dynamoTableProps? | dynamodb.TableProps |
Optional user provided props to override the default props for DynamoDB Table |
| existingTableObj? | dynamodb.Table |
Existing instance of DynamoDB table object, providing both this and dynamoTableProps will cause an error. |
| tablePermissions? | string |
Optional table permissions to grant to the Lambda function. One of the following may be specified: All, Read, ReadWrite, Write. |
| tableEnvironmentVariableName? | string |
Optional Name for the Lambda function environment variable set to the name of the DynamoDB table. Default: DDB_TABLE_NAME |
| existingVpc? | ec2.IVpc |
An optional, existing VPC into which this pattern should be deployed. When deployed in a VPC, the Lambda function will use ENIs in the VPC to access network resources and a Gateway Endpoint will be created in the VPC for Amazon DynamoDB. If an existing VPC is provided, the deployVpc property cannot be true. This uses ec2.IVpc to allow clients to supply VPCs that exist outside the stack using the ec2.Vpc.fromLookup() method. |
| vpcProps? | ec2.VpcProps |
Optional user-provided properties to override the default properties for the new VPC. enableDnsHostnames, enableDnsSupport, natGateways and subnetConfiguration are set by the pattern, so any values for those properties supplied here will be overridden. If deployVpc is not true then this property will be ignored. |
| deployVpc? | boolean |
Whether to create a new VPC based on vpcProps into which to deploy this pattern. Setting this to true will deploy the minimal, most private VPC to run the pattern:
true then existingVpc cannot be specified. Defaults to false. |
| Name | Type | Description |
|---|---|---|
| lambdaFunction | lambda.Function |
Returns an instance of lambda.Function created by the construct |
| dynamoTable | dynamodb.Table |
Returns an instance of dynamodb.Table created by the construct |
| vpc? | ec2.IVpc |
Returns an interface on the VPC used by the pattern (if any). This may be a VPC created by the pattern or the VPC supplied to the pattern constructor. |
Out of the box implementation of the Construct without any override will set the following defaults:
- Configure limited privilege access IAM role for Lambda function
- Enable reusing connections with Keep-Alive for NodeJs Lambda function
- Enable X-Ray Tracing
- Set Environment Variables
- (default) DDB_TABLE_NAME
- AWS_NODEJS_CONNECTION_REUSE_ENABLED (for Node 10.x and higher functions)
- Set the billing mode for DynamoDB Table to On-Demand (Pay per request)
- Enable server-side encryption for DynamoDB Table using AWS managed KMS Key
- Creates a partition key called 'id' for DynamoDB Table
- Retain the Table when deleting the CloudFormation stack
- Enable continuous backups and point-in-time recovery
© Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.