0
# Serverless Services
1
2
Complete serverless computing platform including Lambda functions, API Gateway, SQS, SNS, and event-driven services for building scalable serverless applications.
3
4
## Capabilities
5
6
### Lambda Functions
7
8
Create and manage AWS Lambda functions for serverless computing.
9
10
```typescript { .api }
11
/**
12
* Creates a Lambda function
13
*/
14
class lambda.Function extends pulumi.CustomResource {
15
constructor(name: string, args: lambda.FunctionArgs, opts?: pulumi.ResourceOptions);
16
17
/** The function name */
18
public readonly functionName!: pulumi.Output<string>;
19
/** The function ARN */
20
public readonly arn!: pulumi.Output<string>;
21
/** The ARN to be used for invoking Lambda Function from API Gateway */
22
public readonly invokeArn!: pulumi.Output<string>;
23
/** The function handler */
24
public readonly handler!: pulumi.Output<string>;
25
/** The function runtime */
26
public readonly runtime!: pulumi.Output<string>;
27
/** The function role ARN */
28
public readonly role!: pulumi.Output<string>;
29
/** The function timeout */
30
public readonly timeout!: pulumi.Output<number>;
31
/** The function memory size */
32
public readonly memorySize!: pulumi.Output<number>;
33
/** The function description */
34
public readonly description!: pulumi.Output<string>;
35
/** The function environment variables */
36
public readonly environment!: pulumi.Output<lambda.FunctionEnvironment>;
37
/** The VPC configuration */
38
public readonly vpcConfig!: pulumi.Output<lambda.FunctionVpcConfig>;
39
/** The dead letter configuration */
40
public readonly deadLetterConfig!: pulumi.Output<lambda.FunctionDeadLetterConfig>;
41
/** The tracing configuration */
42
public readonly tracingConfig!: pulumi.Output<lambda.FunctionTracingConfig>;
43
/** Resource tags */
44
public readonly tags!: pulumi.Output<{[key: string]: string}>;
45
}
46
47
interface lambda.FunctionArgs {
48
/** The function name */
49
functionName?: pulumi.Input<string>;
50
/** The function handler */
51
handler: pulumi.Input<string>;
52
/** The function runtime */
53
runtime: pulumi.Input<string>;
54
/** The function role ARN */
55
role: pulumi.Input<string>;
56
/** The function code */
57
code?: pulumi.Input<pulumi.asset.Archive>;
58
/** The S3 bucket containing the function's deployment package */
59
s3Bucket?: pulumi.Input<string>;
60
/** The S3 key of the function's deployment package */
61
s3Key?: pulumi.Input<string>;
62
/** The S3 object version containing the function's deployment package */
63
s3ObjectVersion?: pulumi.Input<string>;
64
/** The function timeout in seconds */
65
timeout?: pulumi.Input<number>;
66
/** The function memory size in MB */
67
memorySize?: pulumi.Input<number>;
68
/** The function description */
69
description?: pulumi.Input<string>;
70
/** Environment variables */
71
environment?: pulumi.Input<lambda.FunctionEnvironment>;
72
/** VPC configuration */
73
vpcConfig?: pulumi.Input<lambda.FunctionVpcConfig>;
74
/** Dead letter configuration */
75
deadLetterConfig?: pulumi.Input<lambda.FunctionDeadLetterConfig>;
76
/** Tracing configuration */
77
tracingConfig?: pulumi.Input<lambda.FunctionTracingConfig>;
78
/** Resource tags */
79
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
80
}
81
```
82
83
**Usage Example:**
84
85
```typescript
86
import * as aws from "@pulumi/aws";
87
import * as pulumi from "@pulumi/pulumi";
88
89
// Create an IAM role for the Lambda function
90
const lambdaRole = new aws.iam.Role("lambda-role", {
91
assumeRolePolicy: JSON.stringify({
92
Version: "2012-10-17",
93
Statement: [{
94
Action: "sts:AssumeRole",
95
Effect: "Allow",
96
Principal: {
97
Service: "lambda.amazonaws.com",
98
},
99
}],
100
}),
101
});
102
103
// Attach the basic execution policy
104
const lambdaPolicyAttachment = new aws.iam.RolePolicyAttachment("lambda-policy", {
105
role: lambdaRole.name,
106
policyArn: "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
107
});
108
109
// Create the Lambda function
110
const helloWorldFunction = new aws.lambda.Function("hello-world", {
111
code: new pulumi.asset.AssetArchive({
112
".": new pulumi.asset.FileArchive("./lambda-function"),
113
}),
114
handler: "index.handler",
115
role: lambdaRole.arn,
116
runtime: "nodejs18.x",
117
timeout: 60,
118
memorySize: 128,
119
environment: {
120
variables: {
121
NODE_ENV: "production",
122
LOG_LEVEL: "info",
123
},
124
},
125
tags: {
126
Environment: "Production",
127
Application: "HelloWorld",
128
},
129
});
130
131
export const functionArn = helloWorldFunction.arn;
132
export const invokeArn = helloWorldFunction.invokeArn;
133
```
134
135
### API Gateway
136
137
Create and manage API Gateway REST APIs for HTTP APIs.
138
139
```typescript { .api }
140
/**
141
* Creates an API Gateway REST API
142
*/
143
class apigateway.RestApi extends pulumi.CustomResource {
144
constructor(name: string, args?: apigateway.RestApiArgs, opts?: pulumi.ResourceOptions);
145
146
/** The API ID */
147
public readonly id!: pulumi.Output<string>;
148
/** The API name */
149
public readonly name!: pulumi.Output<string>;
150
/** The API description */
151
public readonly description!: pulumi.Output<string>;
152
/** The source of the API key for requests */
153
public readonly apiKeySource!: pulumi.Output<string>;
154
/** The list of binary media types supported by the RestApi */
155
public readonly binaryMediaTypes!: pulumi.Output<string[]>;
156
/** The creation date of the REST API */
157
public readonly createdDate!: pulumi.Output<string>;
158
/** The execution ARN part to be used in lambda_permission's source_arn */
159
public readonly executionArn!: pulumi.Output<string>;
160
/** The minimum compression size */
161
public readonly minimumCompressionSize!: pulumi.Output<number>;
162
/** The API policy */
163
public readonly policy!: pulumi.Output<string>;
164
/** The root resource ID */
165
public readonly rootResourceId!: pulumi.Output<string>;
166
/** Resource tags */
167
public readonly tags!: pulumi.Output<{[key: string]: string}>;
168
}
169
170
interface apigateway.RestApiArgs {
171
/** The name of the REST API */
172
name?: pulumi.Input<string>;
173
/** The description of the REST API */
174
description?: pulumi.Input<string>;
175
/** The source of the API key for requests */
176
apiKeySource?: pulumi.Input<string>;
177
/** The list of binary media types supported by the RestApi */
178
binaryMediaTypes?: pulumi.Input<pulumi.Input<string>[]>;
179
/** An OpenAPI specification that defines the set of routes and integrations to create as part of the REST API */
180
body?: pulumi.Input<string>;
181
/** The minimum compression size */
182
minimumCompressionSize?: pulumi.Input<number>;
183
/** JSON formatted policy document that controls access to the API Gateway */
184
policy?: pulumi.Input<string>;
185
/** The endpoint configuration */
186
endpointConfiguration?: pulumi.Input<apigateway.RestApiEndpointConfiguration>;
187
/** Whether warnings are ignored during API import */
188
putRestApiMode?: pulumi.Input<string>;
189
/** Resource tags */
190
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
191
}
192
```
193
194
### API Gateway Resources and Methods
195
196
Create API Gateway resources and HTTP methods.
197
198
```typescript { .api }
199
/**
200
* Creates an API Gateway resource
201
*/
202
class apigateway.Resource extends pulumi.CustomResource {
203
constructor(name: string, args: apigateway.ResourceArgs, opts?: pulumi.ResourceOptions);
204
205
/** The resource ID */
206
public readonly id!: pulumi.Output<string>;
207
/** The complete path for this API resource */
208
public readonly path!: pulumi.Output<string>;
209
/** The last path segment for this API resource */
210
public readonly pathPart!: pulumi.Output<string>;
211
/** The ID of the parent API resource */
212
public readonly parentId!: pulumi.Output<string>;
213
/** The ID of the associated REST API */
214
public readonly restApi!: pulumi.Output<string>;
215
}
216
217
/**
218
* Creates an API Gateway method
219
*/
220
class apigateway.Method extends pulumi.CustomResource {
221
constructor(name: string, args: apigateway.MethodArgs, opts?: pulumi.ResourceOptions);
222
223
/** The HTTP Method */
224
public readonly httpMethod!: pulumi.Output<string>;
225
/** The ID of the associated REST API */
226
public readonly restApi!: pulumi.Output<string>;
227
/** The API resource ID */
228
public readonly resourceId!: pulumi.Output<string>;
229
/** The type of authorization used for the method */
230
public readonly authorization!: pulumi.Output<string>;
231
/** The authorization scopes used when the authorization is COGNITO_USER_POOLS */
232
public readonly authorizationScopes!: pulumi.Output<string[]>;
233
/** The authorizer id to be used when the authorization is CUSTOM or COGNITO_USER_POOLS */
234
public readonly authorizerId!: pulumi.Output<string>;
235
/** Whether the method requires a valid ApiKey */
236
public readonly apiKeyRequired!: pulumi.Output<boolean>;
237
/** Whether the method requires a valid requestValidator */
238
public readonly requestValidatorId!: pulumi.Output<string>;
239
/** A map of the API models used for the request's content type */
240
public readonly requestModels!: pulumi.Output<{[key: string]: string}>;
241
/** A map of request parameters */
242
public readonly requestParameters!: pulumi.Output<{[key: string]: boolean}>;
243
}
244
```
245
246
### SQS (Simple Queue Service)
247
248
Create and manage SQS queues for message queuing.
249
250
```typescript { .api }
251
/**
252
* Creates an SQS queue
253
*/
254
class sqs.Queue extends pulumi.CustomResource {
255
constructor(name: string, args?: sqs.QueueArgs, opts?: pulumi.ResourceOptions);
256
257
/** The URL for the created Amazon SQS queue */
258
public readonly id!: pulumi.Output<string>;
259
/** The ARN of the SQS queue */
260
public readonly arn!: pulumi.Output<string>;
261
/** The name of the queue */
262
public readonly name!: pulumi.Output<string>;
263
/** The URL for the created Amazon SQS queue */
264
public readonly url!: pulumi.Output<string>;
265
/** Resource tags */
266
public readonly tags!: pulumi.Output<{[key: string]: string}>;
267
}
268
269
interface sqs.QueueArgs {
270
/** The name of the queue */
271
name?: pulumi.Input<string>;
272
/** The time in seconds that the delivery of all messages in the queue will be delayed */
273
delaySeconds?: pulumi.Input<number>;
274
/** The limit of how many bytes a message can contain before Amazon SQS rejects it */
275
maxMessageSize?: pulumi.Input<number>;
276
/** The number of seconds Amazon SQS retains a message */
277
messageRetentionSeconds?: pulumi.Input<number>;
278
/** The number of seconds for which a ReceiveMessage action waits for a message to arrive */
279
receiveWaitTimeSeconds?: pulumi.Input<number>;
280
/** The JSON policy for the SQS queue */
281
policy?: pulumi.Input<string>;
282
/** The JSON policy to set up the Dead Letter Queue redrive */
283
redrivePolicy?: pulumi.Input<string>;
284
/** Whether the queue is a FIFO queue */
285
fifoQueue?: pulumi.Input<boolean>;
286
/** Whether content-based deduplication is enabled for FIFO queues */
287
contentBasedDeduplication?: pulumi.Input<boolean>;
288
/** The length of time for which a message received from a queue will be invisible to other receiving components */
289
visibilityTimeoutSeconds?: pulumi.Input<number>;
290
/** The ARN of the KMS Master Key for server-side encryption */
291
kmsMasterKeyId?: pulumi.Input<string>;
292
/** The length of time for which the queue receives the key */
293
kmsDataKeyReusePeriodSeconds?: pulumi.Input<number>;
294
/** Resource tags */
295
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
296
}
297
```
298
299
### SNS (Simple Notification Service)
300
301
Create and manage SNS topics for pub/sub messaging.
302
303
```typescript { .api }
304
/**
305
* Creates an SNS topic
306
*/
307
class sns.Topic extends pulumi.CustomResource {
308
constructor(name: string, args?: sns.TopicArgs, opts?: pulumi.ResourceOptions);
309
310
/** The topic ARN */
311
public readonly arn!: pulumi.Output<string>;
312
/** The name of the topic */
313
public readonly name!: pulumi.Output<string>;
314
/** The display name for the topic */
315
public readonly displayName!: pulumi.Output<string>;
316
/** The JSON serialization of the topic's access control policy */
317
public readonly policy!: pulumi.Output<string>;
318
/** The JSON serialization of the topic's delivery policy */
319
public readonly deliveryPolicy!: pulumi.Output<string>;
320
/** Resource tags */
321
public readonly tags!: pulumi.Output<{[key: string]: string}>;
322
}
323
324
interface sns.TopicArgs {
325
/** The name of the topic */
326
name?: pulumi.Input<string>;
327
/** The display name for the topic */
328
displayName?: pulumi.Input<string>;
329
/** The JSON serialization of the topic's access control policy */
330
policy?: pulumi.Input<string>;
331
/** The JSON serialization of the topic's delivery policy */
332
deliveryPolicy?: pulumi.Input<string>;
333
/** The ARN of the KMS key to use for encryption at rest */
334
kmsMasterKeyId?: pulumi.Input<string>;
335
/** Whether the topic is a FIFO topic */
336
fifoTopic?: pulumi.Input<boolean>;
337
/** Whether content-based deduplication is enabled for FIFO topics */
338
contentBasedDeduplication?: pulumi.Input<boolean>;
339
/** Resource tags */
340
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
341
}
342
```
343
344
### SNS Topic Subscriptions
345
346
Create subscriptions to SNS topics.
347
348
```typescript { .api }
349
/**
350
* Creates an SNS topic subscription
351
*/
352
class sns.TopicSubscription extends pulumi.CustomResource {
353
constructor(name: string, args: sns.TopicSubscriptionArgs, opts?: pulumi.ResourceOptions);
354
355
/** The ARN of the subscription */
356
public readonly arn!: pulumi.Output<string>;
357
/** The ARN of the topic the subscription belongs to */
358
public readonly topicArn!: pulumi.Output<string>;
359
/** The protocol to use */
360
public readonly protocol!: pulumi.Output<string>;
361
/** The endpoint to send data to */
362
public readonly endpoint!: pulumi.Output<string>;
363
/** Whether the subscription confirmation was authenticated */
364
public readonly confirmationWasAuthenticated!: pulumi.Output<boolean>;
365
/** The delivery policy JSON assigned to the subscription */
366
public readonly deliveryPolicy!: pulumi.Output<string>;
367
/** The endpoint auto confirms the subscription */
368
public readonly endpointAutoConfirms!: pulumi.Output<boolean>;
369
/** The filter policy JSON assigned to the subscription */
370
public readonly filterPolicy!: pulumi.Output<string>;
371
/** Whether the subscription has not been confirmed */
372
public readonly pendingConfirmation!: pulumi.Output<boolean>;
373
/** Whether raw message delivery is enabled for the subscription */
374
public readonly rawMessageDelivery!: pulumi.Output<boolean>;
375
}
376
377
interface sns.TopicSubscriptionArgs {
378
/** The ARN of the SNS topic to subscribe to */
379
topicArn: pulumi.Input<string>;
380
/** The protocol to use */
381
protocol: pulumi.Input<string>;
382
/** The endpoint to send data to */
383
endpoint: pulumi.Input<string>;
384
/** The delivery policy JSON assigned to the subscription */
385
deliveryPolicy?: pulumi.Input<string>;
386
/** Whether the endpoint auto confirms the subscription */
387
endpointAutoConfirms?: pulumi.Input<boolean>;
388
/** The filter policy JSON assigned to the subscription */
389
filterPolicy?: pulumi.Input<string>;
390
/** The scope of the filter policy */
391
filterPolicyScope?: pulumi.Input<string>;
392
/** Whether raw message delivery is enabled for the subscription */
393
rawMessageDelivery?: pulumi.Input<boolean>;
394
/** The maximum number of retries */
395
redrivePolicy?: pulumi.Input<string>;
396
/** The JSON of the subscription's replay policy */
397
replayPolicy?: pulumi.Input<string>;
398
/** The JSON of the subscription attributes */
399
subscriptionRoleArn?: pulumi.Input<string>;
400
}
401
```
402
403
### EventBridge (CloudWatch Events)
404
405
Create and manage EventBridge rules for event-driven architectures.
406
407
```typescript { .api }
408
/**
409
* Creates an EventBridge rule
410
*/
411
class cloudwatch.EventRule extends pulumi.CustomResource {
412
constructor(name: string, args?: cloudwatch.EventRuleArgs, opts?: pulumi.ResourceOptions);
413
414
/** The Amazon Resource Name (ARN) of the rule */
415
public readonly arn!: pulumi.Output<string>;
416
/** The name of the rule */
417
public readonly name!: pulumi.Output<string>;
418
/** The description of the rule */
419
public readonly description!: pulumi.Output<string>;
420
/** The event pattern described as a JSON object */
421
public readonly eventPattern!: pulumi.Output<string>;
422
/** Whether the rule is enabled */
423
public readonly isEnabled!: pulumi.Output<boolean>;
424
/** The scheduling expression */
425
public readonly scheduleExpression!: pulumi.Output<string>;
426
/** The Amazon Resource Name (ARN) associated with the role */
427
public readonly roleArn!: pulumi.Output<string>;
428
/** Resource tags */
429
public readonly tags!: pulumi.Output<{[key: string]: string}>;
430
}
431
432
interface cloudwatch.EventRuleArgs {
433
/** The name of the rule */
434
name?: pulumi.Input<string>;
435
/** The description of the rule */
436
description?: pulumi.Input<string>;
437
/** The event pattern described as a JSON object */
438
eventPattern?: pulumi.Input<string>;
439
/** Whether the rule is enabled */
440
isEnabled?: pulumi.Input<boolean>;
441
/** The scheduling expression */
442
scheduleExpression?: pulumi.Input<string>;
443
/** The Amazon Resource Name (ARN) associated with the role */
444
roleArn?: pulumi.Input<string>;
445
/** The name or ARN of the event bus to associate with this rule */
446
eventBusName?: pulumi.Input<string>;
447
/** Resource tags */
448
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
449
}
450
```
451
452
### Step Functions
453
454
Create and manage Step Functions state machines for workflow orchestration.
455
456
```typescript { .api }
457
/**
458
* Creates a Step Functions state machine
459
*/
460
class sfn.StateMachine extends pulumi.CustomResource {
461
constructor(name: string, args: sfn.StateMachineArgs, opts?: pulumi.ResourceOptions);
462
463
/** The ARN of the state machine */
464
public readonly arn!: pulumi.Output<string>;
465
/** The name of the state machine */
466
public readonly name!: pulumi.Output<string>;
467
/** The Amazon States Language definition of the state machine */
468
public readonly definition!: pulumi.Output<string>;
469
/** The Amazon Resource Name (ARN) of the IAM role to use for this state machine */
470
public readonly roleArn!: pulumi.Output<string>;
471
/** The type of the state machine */
472
public readonly type!: pulumi.Output<string>;
473
/** The creation date of the state machine */
474
public readonly creationDate!: pulumi.Output<string>;
475
/** The current status of the state machine */
476
public readonly status!: pulumi.Output<string>;
477
/** Resource tags */
478
public readonly tags!: pulumi.Output<{[key: string]: string}>;
479
}
480
481
interface sfn.StateMachineArgs {
482
/** The name of the state machine */
483
name?: pulumi.Input<string>;
484
/** The Amazon States Language definition of the state machine */
485
definition: pulumi.Input<string>;
486
/** The Amazon Resource Name (ARN) of the IAM role to use for this state machine */
487
roleArn: pulumi.Input<string>;
488
/** The type of the state machine */
489
type?: pulumi.Input<string>;
490
/** Defines what execution history events are logged and where they are logged */
491
loggingConfiguration?: pulumi.Input<sfn.StateMachineLoggingConfiguration>;
492
/** Amazon X-Ray tracing configuration */
493
tracingConfiguration?: pulumi.Input<sfn.StateMachineTracingConfiguration>;
494
/** Resource tags */
495
tags?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
496
}
497
```
498
499
### Data Source Functions
500
501
Query existing serverless resources.
502
503
```typescript { .api }
504
/**
505
* Get information about a Lambda function
506
*/
507
function lambda.getFunction(args: lambda.GetFunctionArgs): Promise<lambda.GetFunctionResult>;
508
509
/**
510
* Get information about an API Gateway REST API
511
*/
512
function apigateway.getRestApi(args?: apigateway.GetRestApiArgs): Promise<apigateway.GetRestApiResult>;
513
514
/**
515
* Get information about an SQS queue
516
*/
517
function sqs.getQueue(args: sqs.GetQueueArgs): Promise<sqs.GetQueueResult>;
518
519
/**
520
* Get information about an SNS topic
521
*/
522
function sns.getTopic(args: sns.GetTopicArgs): Promise<sns.GetTopicResult>;
523
524
/**
525
* Get information about a Step Functions state machine
526
*/
527
function sfn.getStateMachine(args: sfn.GetStateMachineArgs): Promise<sfn.GetStateMachineResult>;
528
```
529
530
## Types
531
532
```typescript { .api }
533
interface lambda.FunctionEnvironment {
534
/** Environment variable key-value pairs */
535
variables?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;
536
}
537
538
interface lambda.FunctionVpcConfig {
539
/** List of security group IDs associated with the Lambda function */
540
securityGroupIds: pulumi.Input<pulumi.Input<string>[]>;
541
/** List of subnet IDs associated with the Lambda function */
542
subnetIds: pulumi.Input<pulumi.Input<string>[]>;
543
}
544
545
interface lambda.FunctionDeadLetterConfig {
546
/** The ARN of an Amazon SQS queue or Amazon SNS topic */
547
targetArn: pulumi.Input<string>;
548
}
549
550
interface lambda.FunctionTracingConfig {
551
/** Whether to sample and trace a subset of incoming requests with AWS X-Ray */
552
mode: pulumi.Input<string>;
553
}
554
555
interface apigateway.RestApiEndpointConfiguration {
556
/** List of endpoint types */
557
types: pulumi.Input<pulumi.Input<string>[]>;
558
/** Set of VPC Endpoint identifiers */
559
vpcEndpointIds?: pulumi.Input<pulumi.Input<string>[]>;
560
}
561
562
interface sfn.StateMachineLoggingConfiguration {
563
/** Whether to include execution data */
564
includeExecutionData?: pulumi.Input<boolean>;
565
/** The log level */
566
level?: pulumi.Input<string>;
567
/** Amazon CloudWatch Logs resource policy */
568
logDestination?: pulumi.Input<string>;
569
}
570
571
interface sfn.StateMachineTracingConfiguration {
572
/** Whether tracing is enabled */
573
enabled?: pulumi.Input<boolean>;
574
}
575
```