AWS Lambda Policy
Policy name |
AWS Lambda |
Summary |
Triggers an AWS Lambda function from a standard HTTP request |
Category |
Transformation |
First Flex Gateway version available |
v1.9.0 |
Returned Status Codes |
502 - Bad Gateway, requests are blocked due to circuit breaker activation |
Summary
The AWS Lambda policy triggers an AWS Lambda function from a standard HTTP request. Pass the HTTP request payload as is or wrapped in a JSON schema. After the request is
The AWS Lambda policy is an extension of the AWS Lambda filter native to Envoy. To learn more about the AWS Lambda filter, see AWS Lambda Filter
. Not all AWS Lambda filter parameters are available to the AWS Lambda policy. To find what parameters are configurable, see Configuring Policy Parameters.
Configuring Policy Parameters
Flex Gateway Local Mode
In Local Mode, you apply the AWS Lambda policy to your API via declarative configuration files. Refer to the following policy definition and table of parameters:
- policyRef:
name: native-aws-lambda
config:
arn: <string> // REQUIRED
payloadPassthrough: <boolean> // REQUIRED
invocationMode: <string> // REQUIRED
authenticationMode: <string> // REQUIRED
credentialProfile: <string> // OPTIONAL
credentials:
accessKeyId: <string> // OPTIONAL
secretAccessKey: <string> // OPTIONAL
sessionToken: <string> // OPTIONALyaml| Parameter | Required or Optional | Default Value | Description |
|---|---|---|---|
|
Required |
N/A |
AWS Lambda ARN in this format: |
|
Required |
false |
By default, Flex sends the request to the AWS Lambda function wrapped in JSON. When |
|
Required |
sync |
The way to invoke the Lambda function, either |
|
Required |
N/A |
Determines the mode of authentication. Options are: |
|
Optional |
N/A |
Specifies the credential |
|
Optional |
N/A |
Configures the |
|
Required |
N/A |
AWS access key ID |
|
Required |
N/A |
AWS access key |
|
Optional |
N/A |
Session token |
Resource Configuration Example
The following example defines a rate limit of three requests every six seconds:
- policyRef:
name: native-aws-lambda
config:
arn: rn:<partition>:lambda:<region>:<account-number>:function:<function-name>
payloadPassthrough: true
invocationMode: sync
authenticationMode: static
credentials:
accessKeyId: id
secretAccessKey: secret
sessionToken: tokenyamlFlex Gateway Connected Mode
When you apply the Rate Limiting policy to your API from the UI, you can configure the following parameters:
| Parameter | Required or Optional | Description |
|---|---|---|
The ARN of the AWS Lambda |
Required |
AWS Lambda ARN in this format: |
Payload passthrough |
Required |
By default, Flex sends the request to the AWS Lambda function wrapped in JSON. When enabled, the request is sent as is. |
Determines the way to invoke the Lambda function |
Required |
The way to invoke the Lambda function. For Sync, Flex Gateway awaits the AWS response. For Async, Flex Gateway doesn’t wait for the response from AWS. |
Determines origin of credentials |
Required |
Determines the mode of authentication. Options are: Default, uses in order credential AWS environment variables, AWS credential file, AWS roles; Profile, profile from AWS credential file; Static, credentials configured in the policy. |
Credentials profile |
Optional |
Specifies the credential profile. Only for Profile authentication mode. |
Credentials |
Optional |
Configures the static credentials. Only for Static authentication mode. |
AccessKeyId |
Required |
AWS access key ID |
SecretAccessKey |
Required |
AWS access key |
SessionToken |
Optional |
Session token |