AWS::Lambda::Function

Lambda Function

The AWS::Lambda::Function resource creates a Lambda function. To create a function, you need a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) and an [execution role](https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html). The deployment package is a .zip file archive or container image that contains your function code. The execution role grants the function permission to use AWS services, such as Amazon CloudWatch Log...

Properties

31 configurable properties. 2 required. Click a row to see details.

Filter:

Property	Type	Flags
`Code`	`Code`	Required
`Role`	`string`	Required
`Architectures`	`Array<string>`
`CapacityProviderConfig`	`CapacityProviderConfig`
`CodeSigningConfigArn`	`string`
`DeadLetterConfig`	`DeadLetterConfig`
`Description`	`string`
`DurableConfig`	`DurableConfig`
`Environment`	`Environment`
`EphemeralStorage`	`EphemeralStorage`
`FileSystemConfigs`	`Array<FileSystemConfig>`
`FunctionName`	`string`	Create-only
`FunctionScalingConfig`	`FunctionScalingConfig`
`Handler`	`string`
`ImageConfig`	`ImageConfig`
`KmsKeyArn`	`string`
`Layers`	`Array<string>`
`LoggingConfig`	`LoggingConfig`
`MemorySize`	`integer`
`PackageType`	`string`	Create-only
`PublishToLatestPublished`	`boolean`	Write-only
`RecursiveLoop`	`string`
`ReservedConcurrentExecutions`	`integer`
`Runtime`	`string`
`RuntimeManagementConfig`	`RuntimeManagementConfig`
`SnapStart`	`SnapStart`	Write-only
`Tags`	`Array<Tag>`
`TenancyConfig`	`TenancyConfig`	Create-only
`Timeout`	`integer`
`TracingConfig`	`TracingConfig`
`VpcConfig`	`VpcConfig`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`Arn`	`string`	-
`SnapStartResponse`	`SnapStartResponse`	-

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::Lambda::Function

Resources:
  MyResource:
    Type: AWS::Lambda::Function
    Properties:
      Code: "value"
      Role: "value"
      Tags:
        - Key: Environment
          Value: Production
      Description: !Ref "AWS::StackName"

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

read

lambda:GetFunctionlambda:GetFunctionCodeSigningConfiglambda:GetFunctionRecursionConfiglambda:GetRuntimeManagementConfiglambda:GetFunctionScalingConfig

create

lambda:CreateFunctionlambda:GetFunctionlambda:PutFunctionConcurrencyiam:PassRoles3:GetObjects3:GetObjectVersionec2:DescribeSecurityGroupsec2:DescribeSubnets

update

lambda:DeleteFunctionConcurrencylambda:GetFunctionlambda:PutFunctionConcurrencylambda:TagResourcelambda:UntagResourcelambda:UpdateFunctionConfigurationlambda:UpdateFunctionCodeiam:PassRole

list

lambda:ListFunctions

delete

lambda:DeleteFunctionlambda:GetFunctionec2:DescribeNetworkInterfaces

Get the Lambda Cheat Sheet

Everything you need to know about Lambda on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

ServiceLambda

Properties33

Required2

TaggingSupported

Primary IDFunctionName

Supported Operations

ReadCreateUpdateListDelete

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

FunctionNamePackageTypeTenancyConfig

Related Resources

External Links

AWS Documentation