diff --git a/apis/v1alpha1/ack-generate-metadata.yaml b/apis/v1alpha1/ack-generate-metadata.yaml index a0c9bdea..04fdabc2 100755 --- a/apis/v1alpha1/ack-generate-metadata.yaml +++ b/apis/v1alpha1/ack-generate-metadata.yaml @@ -1,13 +1,13 @@ ack_generate_info: - build_date: "2026-01-07T18:53:41Z" - build_hash: e743d683160cf0f58a4864e052cdcb0927335ca7 - go_version: go1.25.5 - version: v0.57.0 -api_directory_checksum: 3cd2161708148476a53b44162a9e095bf92f91d3 + build_date: "2026-02-04T01:42:24Z" + build_hash: fc172a972627384bbe20716ba13d4ccdeb3edfdf + go_version: go1.24.5 + version: v0.57.0-1-gfc172a9 +api_directory_checksum: d04578a6fb3f9ff945165596fc9e4ec7027d0726 api_version: v1alpha1 -aws_sdk_go_version: v1.38.0 +aws_sdk_go_version: v1.41.0 generator_config_info: - file_checksum: 93eb58b9906482ad7eae4df0f2d96ec856173deb + file_checksum: fd3b3146f9f11a93daa2e10090308298b6b6c6a0 original_file_name: generator.yaml last_modification: reason: API generation diff --git a/apis/v1alpha1/alias.go b/apis/v1alpha1/alias.go index 891ff5b0..e81cee8b 100644 --- a/apis/v1alpha1/alias.go +++ b/apis/v1alpha1/alias.go @@ -57,12 +57,12 @@ type AliasSpec struct { // The length constraint applies only to the full ARN. If you specify only the // function name, it is limited to 64 characters in length. // - // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` FunctionName *string `json:"functionName,omitempty"` FunctionRef *ackv1alpha1.AWSResourceReferenceWrapper `json:"functionRef,omitempty"` // The function version that the alias invokes. // - // Regex Pattern: `^(\$LATEST|[0-9]+)$` + // Regex Pattern: `^(\$LATEST(\.PUBLISHED)?|[0-9]+)$` // +kubebuilder:validation:Required FunctionVersion *string `json:"functionVersion"` // The name of the alias. diff --git a/apis/v1alpha1/enums.go b/apis/v1alpha1/enums.go index b12e912f..cf0f8e4c 100644 --- a/apis/v1alpha1/enums.go +++ b/apis/v1alpha1/enums.go @@ -33,6 +33,28 @@ const ( Architecture_x86_64 Architecture = "x86_64" ) +type CapacityProviderPredefinedMetricType string + +const ( + CapacityProviderPredefinedMetricType_LambdaCapacityProviderAverageCPUUtilization CapacityProviderPredefinedMetricType = "LambdaCapacityProviderAverageCPUUtilization" +) + +type CapacityProviderScalingMode string + +const ( + CapacityProviderScalingMode_Auto CapacityProviderScalingMode = "Auto" + CapacityProviderScalingMode_Manual CapacityProviderScalingMode = "Manual" +) + +type CapacityProviderState string + +const ( + CapacityProviderState_Active CapacityProviderState = "Active" + CapacityProviderState_Deleting CapacityProviderState = "Deleting" + CapacityProviderState_Failed CapacityProviderState = "Failed" + CapacityProviderState_Pending CapacityProviderState = "Pending" +) + type CodeSigningPolicy string const ( @@ -60,6 +82,45 @@ const ( EventSourcePosition_TRIM_HORIZON EventSourcePosition = "TRIM_HORIZON" ) +type EventType string + +const ( + EventType_CallbackFailed EventType = "CallbackFailed" + EventType_CallbackStarted EventType = "CallbackStarted" + EventType_CallbackSucceeded EventType = "CallbackSucceeded" + EventType_CallbackTimedOut EventType = "CallbackTimedOut" + EventType_ChainedInvokeFailed EventType = "ChainedInvokeFailed" + EventType_ChainedInvokeStarted EventType = "ChainedInvokeStarted" + EventType_ChainedInvokeStopped EventType = "ChainedInvokeStopped" + EventType_ChainedInvokeSucceeded EventType = "ChainedInvokeSucceeded" + EventType_ChainedInvokeTimedOut EventType = "ChainedInvokeTimedOut" + EventType_ContextFailed EventType = "ContextFailed" + EventType_ContextStarted EventType = "ContextStarted" + EventType_ContextSucceeded EventType = "ContextSucceeded" + EventType_ExecutionFailed EventType = "ExecutionFailed" + EventType_ExecutionStarted EventType = "ExecutionStarted" + EventType_ExecutionStopped EventType = "ExecutionStopped" + EventType_ExecutionSucceeded EventType = "ExecutionSucceeded" + EventType_ExecutionTimedOut EventType = "ExecutionTimedOut" + EventType_InvocationCompleted EventType = "InvocationCompleted" + EventType_StepFailed EventType = "StepFailed" + EventType_StepStarted EventType = "StepStarted" + EventType_StepSucceeded EventType = "StepSucceeded" + EventType_WaitCancelled EventType = "WaitCancelled" + EventType_WaitStarted EventType = "WaitStarted" + EventType_WaitSucceeded EventType = "WaitSucceeded" +) + +type ExecutionStatus string + +const ( + ExecutionStatus_FAILED ExecutionStatus = "FAILED" + ExecutionStatus_RUNNING ExecutionStatus = "RUNNING" + ExecutionStatus_STOPPED ExecutionStatus = "STOPPED" + ExecutionStatus_SUCCEEDED ExecutionStatus = "SUCCEEDED" + ExecutionStatus_TIMED_OUT ExecutionStatus = "TIMED_OUT" +) + type FullDocument string const ( @@ -86,6 +147,12 @@ const ( FunctionVersion_ALL FunctionVersion = "ALL" ) +type FunctionVersionLatestPublished string + +const ( + FunctionVersionLatestPublished_LATEST_PUBLISHED FunctionVersionLatestPublished = "LATEST_PUBLISHED" +) + type InvocationType string const ( @@ -127,27 +194,40 @@ const ( type LastUpdateStatusReasonCode string const ( - LastUpdateStatusReasonCode_DisabledKMSKey LastUpdateStatusReasonCode = "DisabledKMSKey" - LastUpdateStatusReasonCode_EFSIOError LastUpdateStatusReasonCode = "EFSIOError" - LastUpdateStatusReasonCode_EFSMountConnectivityError LastUpdateStatusReasonCode = "EFSMountConnectivityError" - LastUpdateStatusReasonCode_EFSMountFailure LastUpdateStatusReasonCode = "EFSMountFailure" - LastUpdateStatusReasonCode_EFSMountTimeout LastUpdateStatusReasonCode = "EFSMountTimeout" - LastUpdateStatusReasonCode_EniLimitExceeded LastUpdateStatusReasonCode = "EniLimitExceeded" - LastUpdateStatusReasonCode_FunctionError LastUpdateStatusReasonCode = "FunctionError" - LastUpdateStatusReasonCode_ImageAccessDenied LastUpdateStatusReasonCode = "ImageAccessDenied" - LastUpdateStatusReasonCode_ImageDeleted LastUpdateStatusReasonCode = "ImageDeleted" - LastUpdateStatusReasonCode_InsufficientRolePermissions LastUpdateStatusReasonCode = "InsufficientRolePermissions" - LastUpdateStatusReasonCode_InternalError LastUpdateStatusReasonCode = "InternalError" - LastUpdateStatusReasonCode_InvalidConfiguration LastUpdateStatusReasonCode = "InvalidConfiguration" - LastUpdateStatusReasonCode_InvalidImage LastUpdateStatusReasonCode = "InvalidImage" - LastUpdateStatusReasonCode_InvalidRuntime LastUpdateStatusReasonCode = "InvalidRuntime" - LastUpdateStatusReasonCode_InvalidSecurityGroup LastUpdateStatusReasonCode = "InvalidSecurityGroup" - LastUpdateStatusReasonCode_InvalidStateKMSKey LastUpdateStatusReasonCode = "InvalidStateKMSKey" - LastUpdateStatusReasonCode_InvalidSubnet LastUpdateStatusReasonCode = "InvalidSubnet" - LastUpdateStatusReasonCode_InvalidZipFileException LastUpdateStatusReasonCode = "InvalidZipFileException" - LastUpdateStatusReasonCode_KMSKeyAccessDenied LastUpdateStatusReasonCode = "KMSKeyAccessDenied" - LastUpdateStatusReasonCode_KMSKeyNotFound LastUpdateStatusReasonCode = "KMSKeyNotFound" - LastUpdateStatusReasonCode_SubnetOutOfIPAddresses LastUpdateStatusReasonCode = "SubnetOutOfIPAddresses" + LastUpdateStatusReasonCode_CapacityProviderScalingLimitExceeded LastUpdateStatusReasonCode = "CapacityProviderScalingLimitExceeded" + LastUpdateStatusReasonCode_DisabledKMSKey LastUpdateStatusReasonCode = "DisabledKMSKey" + LastUpdateStatusReasonCode_DisallowedByVpcEncryptionControl LastUpdateStatusReasonCode = "DisallowedByVpcEncryptionControl" + LastUpdateStatusReasonCode_EC2RequestLimitExceeded LastUpdateStatusReasonCode = "EC2RequestLimitExceeded" + LastUpdateStatusReasonCode_EFSIOError LastUpdateStatusReasonCode = "EFSIOError" + LastUpdateStatusReasonCode_EFSMountConnectivityError LastUpdateStatusReasonCode = "EFSMountConnectivityError" + LastUpdateStatusReasonCode_EFSMountFailure LastUpdateStatusReasonCode = "EFSMountFailure" + LastUpdateStatusReasonCode_EFSMountTimeout LastUpdateStatusReasonCode = "EFSMountTimeout" + LastUpdateStatusReasonCode_EniLimitExceeded LastUpdateStatusReasonCode = "EniLimitExceeded" + LastUpdateStatusReasonCode_FunctionError LastUpdateStatusReasonCode = "FunctionError" + LastUpdateStatusReasonCode_FunctionError_ExtensionInitError LastUpdateStatusReasonCode = "FunctionError.ExtensionInitError" + LastUpdateStatusReasonCode_FunctionError_InitResourceExhausted LastUpdateStatusReasonCode = "FunctionError.InitResourceExhausted" + LastUpdateStatusReasonCode_FunctionError_InitTimeout LastUpdateStatusReasonCode = "FunctionError.InitTimeout" + LastUpdateStatusReasonCode_FunctionError_InvalidEntryPoint LastUpdateStatusReasonCode = "FunctionError.InvalidEntryPoint" + LastUpdateStatusReasonCode_FunctionError_InvalidWorkingDirectory LastUpdateStatusReasonCode = "FunctionError.InvalidWorkingDirectory" + LastUpdateStatusReasonCode_FunctionError_PermissionDenied LastUpdateStatusReasonCode = "FunctionError.PermissionDenied" + LastUpdateStatusReasonCode_FunctionError_RuntimeInitError LastUpdateStatusReasonCode = "FunctionError.RuntimeInitError" + LastUpdateStatusReasonCode_FunctionError_TooManyExtensions LastUpdateStatusReasonCode = "FunctionError.TooManyExtensions" + LastUpdateStatusReasonCode_ImageAccessDenied LastUpdateStatusReasonCode = "ImageAccessDenied" + LastUpdateStatusReasonCode_ImageDeleted LastUpdateStatusReasonCode = "ImageDeleted" + LastUpdateStatusReasonCode_InsufficientCapacity LastUpdateStatusReasonCode = "InsufficientCapacity" + LastUpdateStatusReasonCode_InsufficientRolePermissions LastUpdateStatusReasonCode = "InsufficientRolePermissions" + LastUpdateStatusReasonCode_InternalError LastUpdateStatusReasonCode = "InternalError" + LastUpdateStatusReasonCode_InvalidConfiguration LastUpdateStatusReasonCode = "InvalidConfiguration" + LastUpdateStatusReasonCode_InvalidImage LastUpdateStatusReasonCode = "InvalidImage" + LastUpdateStatusReasonCode_InvalidRuntime LastUpdateStatusReasonCode = "InvalidRuntime" + LastUpdateStatusReasonCode_InvalidSecurityGroup LastUpdateStatusReasonCode = "InvalidSecurityGroup" + LastUpdateStatusReasonCode_InvalidStateKMSKey LastUpdateStatusReasonCode = "InvalidStateKMSKey" + LastUpdateStatusReasonCode_InvalidSubnet LastUpdateStatusReasonCode = "InvalidSubnet" + LastUpdateStatusReasonCode_InvalidZipFileException LastUpdateStatusReasonCode = "InvalidZipFileException" + LastUpdateStatusReasonCode_KMSKeyAccessDenied LastUpdateStatusReasonCode = "KMSKeyAccessDenied" + LastUpdateStatusReasonCode_KMSKeyNotFound LastUpdateStatusReasonCode = "KMSKeyNotFound" + LastUpdateStatusReasonCode_SubnetOutOfIPAddresses LastUpdateStatusReasonCode = "SubnetOutOfIPAddresses" + LastUpdateStatusReasonCode_VcpuLimitExceeded LastUpdateStatusReasonCode = "VcpuLimitExceeded" ) type LogFormat string @@ -164,6 +244,40 @@ const ( LogType_Tail LogType = "Tail" ) +type OperationAction string + +const ( + OperationAction_CANCEL OperationAction = "CANCEL" + OperationAction_FAIL OperationAction = "FAIL" + OperationAction_RETRY OperationAction = "RETRY" + OperationAction_START OperationAction = "START" + OperationAction_SUCCEED OperationAction = "SUCCEED" +) + +type OperationStatus string + +const ( + OperationStatus_CANCELLED OperationStatus = "CANCELLED" + OperationStatus_FAILED OperationStatus = "FAILED" + OperationStatus_PENDING OperationStatus = "PENDING" + OperationStatus_READY OperationStatus = "READY" + OperationStatus_STARTED OperationStatus = "STARTED" + OperationStatus_STOPPED OperationStatus = "STOPPED" + OperationStatus_SUCCEEDED OperationStatus = "SUCCEEDED" + OperationStatus_TIMED_OUT OperationStatus = "TIMED_OUT" +) + +type OperationType string + +const ( + OperationType_CALLBACK OperationType = "CALLBACK" + OperationType_CHAINED_INVOKE OperationType = "CHAINED_INVOKE" + OperationType_CONTEXT OperationType = "CONTEXT" + OperationType_EXECUTION OperationType = "EXECUTION" + OperationType_STEP OperationType = "STEP" + OperationType_WAIT OperationType = "WAIT" +) + type PackageType string const ( @@ -206,6 +320,7 @@ const ( Runtime_java11 Runtime = "java11" Runtime_java17 Runtime = "java17" Runtime_java21 Runtime = "java21" + Runtime_java25 Runtime = "java25" Runtime_java8 Runtime = "java8" Runtime_java8_al2 Runtime = "java8.al2" Runtime_nodejs Runtime = "nodejs" @@ -216,6 +331,7 @@ const ( Runtime_nodejs18_x Runtime = "nodejs18.x" Runtime_nodejs20_x Runtime = "nodejs20.x" Runtime_nodejs22_x Runtime = "nodejs22.x" + Runtime_nodejs24_x Runtime = "nodejs24.x" Runtime_nodejs4_3 Runtime = "nodejs4.3" Runtime_nodejs4_3_edge Runtime = "nodejs4.3-edge" Runtime_nodejs6_10 Runtime = "nodejs6.10" @@ -228,6 +344,7 @@ const ( Runtime_python3_11 Runtime = "python3.11" Runtime_python3_12 Runtime = "python3.12" Runtime_python3_13 Runtime = "python3.13" + Runtime_python3_14 Runtime = "python3.14" Runtime_python3_6 Runtime = "python3.6" Runtime_python3_7 Runtime = "python3.7" Runtime_python3_8 Runtime = "python3.8" @@ -276,39 +393,57 @@ const ( type State string const ( - State_Active State = "Active" - State_Failed State = "Failed" - State_Inactive State = "Inactive" - State_Pending State = "Pending" + State_Active State = "Active" + State_ActiveNonInvocable State = "ActiveNonInvocable" + State_Deactivated State = "Deactivated" + State_Deactivating State = "Deactivating" + State_Deleting State = "Deleting" + State_Failed State = "Failed" + State_Inactive State = "Inactive" + State_Pending State = "Pending" ) type StateReasonCode string const ( - StateReasonCode_Creating StateReasonCode = "Creating" - StateReasonCode_DisabledKMSKey StateReasonCode = "DisabledKMSKey" - StateReasonCode_EFSIOError StateReasonCode = "EFSIOError" - StateReasonCode_EFSMountConnectivityError StateReasonCode = "EFSMountConnectivityError" - StateReasonCode_EFSMountFailure StateReasonCode = "EFSMountFailure" - StateReasonCode_EFSMountTimeout StateReasonCode = "EFSMountTimeout" - StateReasonCode_EniLimitExceeded StateReasonCode = "EniLimitExceeded" - StateReasonCode_FunctionError StateReasonCode = "FunctionError" - StateReasonCode_Idle StateReasonCode = "Idle" - StateReasonCode_ImageAccessDenied StateReasonCode = "ImageAccessDenied" - StateReasonCode_ImageDeleted StateReasonCode = "ImageDeleted" - StateReasonCode_InsufficientRolePermissions StateReasonCode = "InsufficientRolePermissions" - StateReasonCode_InternalError StateReasonCode = "InternalError" - StateReasonCode_InvalidConfiguration StateReasonCode = "InvalidConfiguration" - StateReasonCode_InvalidImage StateReasonCode = "InvalidImage" - StateReasonCode_InvalidRuntime StateReasonCode = "InvalidRuntime" - StateReasonCode_InvalidSecurityGroup StateReasonCode = "InvalidSecurityGroup" - StateReasonCode_InvalidStateKMSKey StateReasonCode = "InvalidStateKMSKey" - StateReasonCode_InvalidSubnet StateReasonCode = "InvalidSubnet" - StateReasonCode_InvalidZipFileException StateReasonCode = "InvalidZipFileException" - StateReasonCode_KMSKeyAccessDenied StateReasonCode = "KMSKeyAccessDenied" - StateReasonCode_KMSKeyNotFound StateReasonCode = "KMSKeyNotFound" - StateReasonCode_Restoring StateReasonCode = "Restoring" - StateReasonCode_SubnetOutOfIPAddresses StateReasonCode = "SubnetOutOfIPAddresses" + StateReasonCode_CapacityProviderScalingLimitExceeded StateReasonCode = "CapacityProviderScalingLimitExceeded" + StateReasonCode_Creating StateReasonCode = "Creating" + StateReasonCode_DisabledKMSKey StateReasonCode = "DisabledKMSKey" + StateReasonCode_DisallowedByVpcEncryptionControl StateReasonCode = "DisallowedByVpcEncryptionControl" + StateReasonCode_DrainingDurableExecutions StateReasonCode = "DrainingDurableExecutions" + StateReasonCode_EC2RequestLimitExceeded StateReasonCode = "EC2RequestLimitExceeded" + StateReasonCode_EFSIOError StateReasonCode = "EFSIOError" + StateReasonCode_EFSMountConnectivityError StateReasonCode = "EFSMountConnectivityError" + StateReasonCode_EFSMountFailure StateReasonCode = "EFSMountFailure" + StateReasonCode_EFSMountTimeout StateReasonCode = "EFSMountTimeout" + StateReasonCode_EniLimitExceeded StateReasonCode = "EniLimitExceeded" + StateReasonCode_FunctionError StateReasonCode = "FunctionError" + StateReasonCode_FunctionError_ExtensionInitError StateReasonCode = "FunctionError.ExtensionInitError" + StateReasonCode_FunctionError_InitResourceExhausted StateReasonCode = "FunctionError.InitResourceExhausted" + StateReasonCode_FunctionError_InitTimeout StateReasonCode = "FunctionError.InitTimeout" + StateReasonCode_FunctionError_InvalidEntryPoint StateReasonCode = "FunctionError.InvalidEntryPoint" + StateReasonCode_FunctionError_InvalidWorkingDirectory StateReasonCode = "FunctionError.InvalidWorkingDirectory" + StateReasonCode_FunctionError_PermissionDenied StateReasonCode = "FunctionError.PermissionDenied" + StateReasonCode_FunctionError_RuntimeInitError StateReasonCode = "FunctionError.RuntimeInitError" + StateReasonCode_FunctionError_TooManyExtensions StateReasonCode = "FunctionError.TooManyExtensions" + StateReasonCode_Idle StateReasonCode = "Idle" + StateReasonCode_ImageAccessDenied StateReasonCode = "ImageAccessDenied" + StateReasonCode_ImageDeleted StateReasonCode = "ImageDeleted" + StateReasonCode_InsufficientCapacity StateReasonCode = "InsufficientCapacity" + StateReasonCode_InsufficientRolePermissions StateReasonCode = "InsufficientRolePermissions" + StateReasonCode_InternalError StateReasonCode = "InternalError" + StateReasonCode_InvalidConfiguration StateReasonCode = "InvalidConfiguration" + StateReasonCode_InvalidImage StateReasonCode = "InvalidImage" + StateReasonCode_InvalidRuntime StateReasonCode = "InvalidRuntime" + StateReasonCode_InvalidSecurityGroup StateReasonCode = "InvalidSecurityGroup" + StateReasonCode_InvalidStateKMSKey StateReasonCode = "InvalidStateKMSKey" + StateReasonCode_InvalidSubnet StateReasonCode = "InvalidSubnet" + StateReasonCode_InvalidZipFileException StateReasonCode = "InvalidZipFileException" + StateReasonCode_KMSKeyAccessDenied StateReasonCode = "KMSKeyAccessDenied" + StateReasonCode_KMSKeyNotFound StateReasonCode = "KMSKeyNotFound" + StateReasonCode_Restoring StateReasonCode = "Restoring" + StateReasonCode_SubnetOutOfIPAddresses StateReasonCode = "SubnetOutOfIPAddresses" + StateReasonCode_VcpuLimitExceeded StateReasonCode = "VcpuLimitExceeded" ) type SystemLogLevel string @@ -319,6 +454,12 @@ const ( SystemLogLevel_WARN SystemLogLevel = "WARN" ) +type TenantIsolationMode string + +const ( + TenantIsolationMode_PER_TENANT TenantIsolationMode = "PER_TENANT" +) + type ThrottleReason string const ( diff --git a/apis/v1alpha1/event_source_mapping.go b/apis/v1alpha1/event_source_mapping.go index cf74f088..487ea5e1 100644 --- a/apis/v1alpha1/event_source_mapping.go +++ b/apis/v1alpha1/event_source_mapping.go @@ -46,12 +46,12 @@ type EventSourceMappingSpec struct { // // - DocumentDB – Default 100. Max 10,000. BatchSize *int64 `json:"batchSize,omitempty"` - // (Kinesis and DynamoDB Streams only) If the function returns an error, split - // the batch in two and retry. + // (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) If + // the function returns an error, split the batch in two and retry. BisectBatchOnFunctionError *bool `json:"bisectBatchOnFunctionError,omitempty"` - // (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Kafka only) A configuration - // object that specifies the destination of an event after Lambda processes - // it. + // (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) A + // configuration object that specifies the destination of an event after Lambda + // processes it. DestinationConfig *DestinationConfig `json:"destinationConfig,omitempty"` // When true, the event source mapping is active. When false, Lambda pauses // polling and invocation. @@ -96,11 +96,11 @@ type EventSourceMappingSpec struct { // The length constraint applies only to the full ARN. If you specify only the // function name, it's limited to 64 characters in length. // - // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_\.]+)(:(\$LATEST(\.PUBLISHED)?|[a-zA-Z0-9-_]+))?$` FunctionName *string `json:"functionName,omitempty"` FunctionRef *ackv1alpha1.AWSResourceReferenceWrapper `json:"functionRef,omitempty"` - // (Kinesis, DynamoDB Streams, and Amazon SQS) A list of current response type - // enums applied to the event source mapping. + // (Kinesis, DynamoDB Streams, Amazon MSK, self-managed Apache Kafka, and Amazon + // SQS) A list of current response type enums applied to the event source mapping. FunctionResponseTypes []*string `json:"functionResponseTypes,omitempty"` // The maximum amount of time, in seconds, that Lambda spends gathering records // before invoking the function. You can configure MaximumBatchingWindowInSeconds @@ -118,12 +118,13 @@ type EventSourceMappingSpec struct { // you set BatchSize to a value greater than 10, you must set MaximumBatchingWindowInSeconds // to at least 1. MaximumBatchingWindowInSeconds *int64 `json:"maximumBatchingWindowInSeconds,omitempty"` - // (Kinesis and DynamoDB Streams only) Discard records older than the specified - // age. The default value is infinite (-1). + // (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) Discard + // records older than the specified age. The default value is infinite (-1). MaximumRecordAgeInSeconds *int64 `json:"maximumRecordAgeInSeconds,omitempty"` - // (Kinesis and DynamoDB Streams only) Discard records after the specified number - // of retries. The default value is infinite (-1). When set to infinite (-1), - // failed records are retried until the record expires. + // (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) Discard + // records after the specified number of retries. The default value is infinite + // (-1). When set to infinite (-1), failed records are retried until the record + // expires. MaximumRetryAttempts *int64 `json:"maximumRetryAttempts,omitempty"` // (Kinesis and DynamoDB Streams only) The number of batches to process from // each shard concurrently. @@ -173,7 +174,7 @@ type EventSourceMappingStatus struct { Conditions []*ackv1alpha1.Condition `json:"conditions"` // The ARN of the Lambda function. // - // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` // +kubebuilder:validation:Optional FunctionARN *string `json:"functionARN,omitempty"` // The date that the event source mapping was last updated or that its state diff --git a/apis/v1alpha1/function.go b/apis/v1alpha1/function.go index a0670f70..e3974be7 100644 --- a/apis/v1alpha1/function.go +++ b/apis/v1alpha1/function.go @@ -125,7 +125,7 @@ type FunctionSpec struct { // The length constraint applies only to the full ARN. If you specify only the // function name, it is limited to 64 characters in length. // - // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` // +kubebuilder:validation:Required Name *string `json:"name"` // The type of deployment package. Set to Image for container image and set @@ -157,6 +157,11 @@ type FunctionSpec struct { // A list of tags (https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) // to apply to the function. Tags map[string]*string `json:"tags,omitempty"` + // Configuration for multi-tenant applications that use Lambda functions. Defines + // tenant isolation settings and resource allocations. Required for functions + // supporting multiple tenants. + // +kubebuilder:validation:XValidation:rule="self == oldSelf",message="Value is immutable once set" + TenancyConfig *TenancyConfig `json:"tenancyConfig,omitempty"` // The amount of time (in seconds) that Lambda allows a function to run before // stopping it. The default is 3 seconds. The maximum allowed value is 900 seconds. // For more information, see Lambda execution environment (https://docs.aws.amazon.com/lambda/latest/dg/runtimes-context.html). @@ -213,7 +218,7 @@ type FunctionStatus struct { LayerStatuses []*Layer `json:"layerStatuses,omitempty"` // For Lambda@Edge functions, the ARN of the main function. // - // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` // +kubebuilder:validation:Optional MasterARN *string `json:"masterARN,omitempty"` // The latest updated revision of the function or alias. diff --git a/apis/v1alpha1/function_url_config.go b/apis/v1alpha1/function_url_config.go index 82bbb668..bf232197 100644 --- a/apis/v1alpha1/function_url_config.go +++ b/apis/v1alpha1/function_url_config.go @@ -28,7 +28,7 @@ type FunctionURLConfigSpec struct { // The type of authentication that your function URL uses. Set to AWS_IAM if // you want to restrict access to authenticated users only. Set to NONE if you // want to bypass IAM authentication to create a public endpoint. For more information, - // see Security and auth model for Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). + // see Control access to Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). // +kubebuilder:validation:Required AuthType *string `json:"authType"` // The cross-origin resource sharing (CORS) (https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) @@ -47,12 +47,12 @@ type FunctionURLConfigSpec struct { // The length constraint applies only to the full ARN. If you specify only the // function name, it is limited to 64 characters in length. // - // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` FunctionName *string `json:"functionName,omitempty"` FunctionRef *ackv1alpha1.AWSResourceReferenceWrapper `json:"functionRef,omitempty"` // The alias name. // - // Regex Pattern: `^(^\$LATEST$)|((?!^[0-9]+$)([a-zA-Z0-9-_]+))$` + // Regex Pattern: `^((?!^\d+$)^[0-9a-zA-Z-_]+$)$` Qualifier *string `json:"qualifier,omitempty"` } @@ -75,7 +75,7 @@ type FunctionURLConfigStatus struct { CreationTime *string `json:"creationTime,omitempty"` // The Amazon Resource Name (ARN) of your function. // - // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` // +kubebuilder:validation:Optional FunctionARN *string `json:"functionARN,omitempty"` // The HTTP URL endpoint for your function. diff --git a/apis/v1alpha1/generator.yaml b/apis/v1alpha1/generator.yaml index 81738e5c..b5c95830 100644 --- a/apis/v1alpha1/generator.yaml +++ b/apis/v1alpha1/generator.yaml @@ -1,5 +1,6 @@ ignore: resource_names: + - CapacityProvider # Function # Alias # CodeSigningConfig @@ -29,6 +30,18 @@ ignore: - VpcConfig.Ipv6AllowedForDualStack - AddPermissionInput.FunctionName # We grab this from the Alias resource - AddPermissionInput.Qualifier # We grab this from the Alias resource + - PublishVersionInput.PublishTo + - PublishVersionOutput.PublishTo + - PublishVersionOutput.CapacityProviderConfig + - PublishVersionOutput.DurableConfig + - AddPermissionInput.InvokedViaFunctionUrl + - CreateFunctionInput.PublishTo + - CreateFunctionInput.CapacityProviderConfig + - CreateFunctionOutput.CapacityProviderConfig + - CreateFunctionInput.DurableConfig + - CreateFunctionOutput.DurableConfig + - CreateFunctionOutput.ConfigSha256 + - PublishVersionOutput.ConfigSha256 operations: GetFunction: output_wrapper_field_path: Configuration @@ -100,6 +113,8 @@ resources: from: operation: PutFunctionConcurrency path: ReservedConcurrentExecutions + TenancyConfig: + is_immutable: true Code: compare: is_ignored: false diff --git a/apis/v1alpha1/types.go b/apis/v1alpha1/types.go index 3d44a606..dc542e25 100644 --- a/apis/v1alpha1/types.go +++ b/apis/v1alpha1/types.go @@ -31,9 +31,10 @@ var ( // Limits that are related to concurrency and storage. All file and storage // sizes are in bytes. type AccountLimit struct { - CodeSizeUnzipped *int64 `json:"codeSizeUnzipped,omitempty"` - CodeSizeZipped *int64 `json:"codeSizeZipped,omitempty"` - TotalCodeSize *int64 `json:"totalCodeSize,omitempty"` + CodeSizeUnzipped *int64 `json:"codeSizeUnzipped,omitempty"` + CodeSizeZipped *int64 `json:"codeSizeZipped,omitempty"` + ConcurrentExecutions *int64 `json:"concurrentExecutions,omitempty"` + TotalCodeSize *int64 `json:"totalCodeSize,omitempty"` } // The number of functions and amount of storage in use. @@ -98,6 +99,45 @@ type CORS struct { MaxAge *int64 `json:"maxAge,omitempty"` } +// A capacity provider manages compute resources for Lambda functions. +type CapacityProvider struct { + CapacityProviderARN *string `json:"capacityProviderARN,omitempty"` + KMSKeyARN *string `json:"kmsKeyARN,omitempty"` + LastModified *string `json:"lastModified,omitempty"` +} + +// Configuration for the capacity provider that manages compute resources for +// Lambda functions. +type CapacityProviderConfig struct { + // Configuration for Lambda-managed instances used by the capacity provider. + LambdaManagedInstancesCapacityProviderConfig *LambdaManagedInstancesCapacityProviderConfig `json:"lambdaManagedInstancesCapacityProviderConfig,omitempty"` +} + +// Configuration that specifies the permissions required for the capacity provider +// to manage compute resources. +type CapacityProviderPermissionsConfig struct { + CapacityProviderOperatorRoleARN *string `json:"capacityProviderOperatorRoleARN,omitempty"` +} + +// Configuration options for chained function invocations in durable executions, +// including retry settings and timeout configuration. +type ChainedInvokeOptions struct { + FunctionName *string `json:"functionName,omitempty"` +} + +// Contains details about a chained function invocation that has started execution, +// including start time and execution context. +type ChainedInvokeStartedDetails struct { + ExecutedVersion *string `json:"executedVersion,omitempty"` + FunctionName *string `json:"functionName,omitempty"` +} + +// Contains operations that have been updated since the last checkpoint, such +// as completed asynchronous work like timers or callbacks. +type CheckpointUpdatedExecutionState struct { + NextMarker *string `json:"nextMarker,omitempty"` +} + // Details about a Code signing configuration (https://docs.aws.amazon.com/lambda/latest/dg/configuration-codesigning.html). type CodeSigningConfig_SDK struct { // List of signing profiles that can sign a code package. @@ -147,6 +187,13 @@ type DocumentDBEventSourceConfig struct { FullDocument *string `json:"fullDocument,omitempty"` } +// Configuration settings for durable functions (https://docs.aws.amazon.com/lambda/latest/dg/durable-functions.html), +// including execution timeout and retention period for execution history. +type DurableConfig struct { + ExecutionTimeout *int64 `json:"executionTimeout,omitempty"` + RetentionPeriodInDays *int64 `json:"retentionPeriodInDays,omitempty"` +} + // A function's environment variable settings. You can use environment variables // to adjust your function's behavior without updating code. An environment // variable is a pair of strings that are stored in a function's version-specific @@ -211,8 +258,7 @@ type EventSourceMappingConfiguration struct { ParallelizationFactor *int64 `json:"parallelizationFactor,omitempty"` // The provisioned mode (https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#invocation-eventsourcemapping-provisioned-mode) // configuration for the event source. Use Provisioned Mode to customize the - // minimum and maximum number of event pollers for your event source. An event - // poller is a compute unit that provides approximately 5 MBps of throughput. + // minimum and maximum number of event pollers for your event source. ProvisionedPollerConfig *ProvisionedPollerConfig `json:"provisionedPollerConfig,omitempty"` Queues []*string `json:"queues,omitempty"` // (Amazon SQS only) The scaling configuration for the event source. To remove @@ -238,6 +284,11 @@ type EventSourceMappingMetricsConfig struct { Metrics []*string `json:"metrics,omitempty"` } +// Information about a durable execution (https://docs.aws.amazon.com/lambda/latest/dg/durable-functions.html). +type Execution struct { + FunctionARN *string `json:"functionARN,omitempty"` +} + // Details about the connection between a Lambda function and an Amazon EFS // file system (https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html). type FileSystemConfig struct { @@ -289,12 +340,19 @@ type FunctionCodeLocation struct { // Details about a function's configuration. type FunctionConfiguration struct { Architectures []*string `json:"architectures,omitempty"` - CodeSHA256 *string `json:"codeSHA256,omitempty"` - CodeSize *int64 `json:"codeSize,omitempty"` + // Configuration for the capacity provider that manages compute resources for + // Lambda functions. + CapacityProviderConfig *CapacityProviderConfig `json:"capacityProviderConfig,omitempty"` + CodeSHA256 *string `json:"codeSHA256,omitempty"` + CodeSize *int64 `json:"codeSize,omitempty"` + ConfigSHA256 *string `json:"configSHA256,omitempty"` // The dead-letter queue (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async-retain-records.html#invocation-dlq) // for failed asynchronous invocations. DeadLetterConfig *DeadLetterConfig `json:"deadLetterConfig,omitempty"` Description *string `json:"description,omitempty"` + // Configuration settings for durable functions (https://docs.aws.amazon.com/lambda/latest/dg/durable-functions.html), + // including execution timeout and retention period for execution history. + DurableConfig *DurableConfig `json:"durableConfig,omitempty"` // The results of an operation to update or read environment variables. If the // operation succeeds, the response contains the environment variables. If it // fails, the response contains details about the error. @@ -333,7 +391,12 @@ type FunctionConfiguration struct { State *string `json:"state,omitempty"` StateReason *string `json:"stateReason,omitempty"` StateReasonCode *string `json:"stateReasonCode,omitempty"` - Timeout *int64 `json:"timeout,omitempty"` + // Specifies the tenant isolation mode configuration for a Lambda function. + // This allows you to configure specific tenant isolation strategies for your + // function invocations. Tenant isolation configuration cannot be modified after + // function creation. + TenancyConfig *TenancyConfig `json:"tenancyConfig,omitempty"` + Timeout *int64 `json:"timeout,omitempty"` // The function's X-Ray tracing configuration. TracingConfig *TracingConfigResponse `json:"tracingConfig,omitempty"` Version *string `json:"version,omitempty"` @@ -366,6 +429,13 @@ type FunctionURLConfig_SDK struct { LastModifiedTime *string `json:"lastModifiedTime,omitempty"` } +// Information about a function version that uses a specific capacity provider, +// including its ARN and current state. +type FunctionVersionsByCapacityProviderListItem struct { + FunctionARN *string `json:"functionARN,omitempty"` + State *string `json:"state,omitempty"` +} + // Configuration values that override the container image Dockerfile settings. // For more information, see Container image settings (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms). type ImageConfig struct { @@ -389,6 +459,17 @@ type ImageConfigResponse struct { ImageConfig *ImageConfig `json:"imageConfig,omitempty"` } +// Specifications that define the characteristics and constraints for compute +// instances used by the capacity provider. +type InstanceRequirements struct { + Architectures []*string `json:"architectures,omitempty"` +} + +// Details about a function invocation that completed. +type InvocationCompletedDetails struct { + RequestID *string `json:"requestID,omitempty"` +} + // A chunk of the streamed response payload. type InvokeResponseStreamUpdate struct { Payload []byte `json:"payload,omitempty"` @@ -432,6 +513,13 @@ type KafkaSchemaValidationConfig struct { Attribute *string `json:"attribute,omitempty"` } +// Configuration for Lambda-managed instances used by the capacity provider. +type LambdaManagedInstancesCapacityProviderConfig struct { + CapacityProviderARN *string `json:"capacityProviderARN,omitempty"` + ExecutionEnvironmentMemoryGiBPerVCPU *float64 `json:"executionEnvironmentMemoryGiBPerVCPU,omitempty"` + PerExecutionEnvironmentMaxConcurrency *int64 `json:"perExecutionEnvironmentMaxConcurrency,omitempty"` +} + // An Lambda layer (https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html). type Layer struct { ARN *string `json:"arn,omitempty"` @@ -514,11 +602,11 @@ type ProvisionedConcurrencyConfigListItem struct { // The provisioned mode (https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#invocation-eventsourcemapping-provisioned-mode) // configuration for the event source. Use Provisioned Mode to customize the -// minimum and maximum number of event pollers for your event source. An event -// poller is a compute unit that provides approximately 5 MBps of throughput. +// minimum and maximum number of event pollers for your event source. type ProvisionedPollerConfig struct { - MaximumPollers *int64 `json:"maximumPollers,omitempty"` - MinimumPollers *int64 `json:"minimumPollers,omitempty"` + MaximumPollers *int64 `json:"maximumPollers,omitempty"` + MinimumPollers *int64 `json:"minimumPollers,omitempty"` + PollerGroupName *string `json:"pollerGroupName,omitempty"` } type PutFunctionConcurrencyOutput struct { @@ -601,6 +689,14 @@ type TagsError struct { Message *string `json:"message,omitempty"` } +// Specifies the tenant isolation mode configuration for a Lambda function. +// This allows you to configure specific tenant isolation strategies for your +// function invocations. Tenant isolation configuration cannot be modified after +// function creation. +type TenancyConfig struct { + TenantIsolationMode *string `json:"tenantIsolationMode,omitempty"` +} + // The function's X-Ray (https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) // tracing configuration. To sample and record incoming requests, set Mode to // Active. diff --git a/apis/v1alpha1/version.go b/apis/v1alpha1/version.go index 84ce37c7..73a3c135 100644 --- a/apis/v1alpha1/version.go +++ b/apis/v1alpha1/version.go @@ -47,7 +47,7 @@ type VersionSpec struct { // The length constraint applies only to the full ARN. If you specify only the // function name, it is limited to 64 characters in length. // - // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` FunctionName *string `json:"functionName,omitempty"` FunctionRef *ackv1alpha1.AWSResourceReferenceWrapper `json:"functionRef,omitempty"` ProvisionedConcurrencyConfig *PutProvisionedConcurrencyConfigInput `json:"provisionedConcurrencyConfig,omitempty"` @@ -95,7 +95,7 @@ type VersionStatus struct { FileSystemConfigs []*FileSystemConfig `json:"fileSystemConfigs,omitempty"` // The function's Amazon Resource Name (ARN). // - // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_\.]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_\.]+(:(\$LATEST(\.PUBLISHED)?|[a-zA-Z0-9-_]+))?$` // +kubebuilder:validation:Optional FunctionARN *string `json:"functionARN,omitempty"` // The function that Lambda calls to begin running your function. @@ -149,7 +149,7 @@ type VersionStatus struct { Layers []*Layer `json:"layers,omitempty"` // For Lambda@Edge functions, the ARN of the main function. // - // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + // Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` // +kubebuilder:validation:Optional MasterARN *string `json:"masterARN,omitempty"` // The amount of memory available to the function at runtime. @@ -207,6 +207,11 @@ type VersionStatus struct { // you can't invoke or modify the function. // +kubebuilder:validation:Optional StateReasonCode *string `json:"stateReasonCode,omitempty"` + // The function's tenant isolation configuration settings. Determines whether + // the Lambda function runs on a shared or dedicated infrastructure per unique + // tenant. + // +kubebuilder:validation:Optional + TenancyConfig *TenancyConfig `json:"tenancyConfig,omitempty"` // The amount of time in seconds that Lambda allows a function to run before // stopping it. // +kubebuilder:validation:Optional diff --git a/apis/v1alpha1/zz_generated.deepcopy.go b/apis/v1alpha1/zz_generated.deepcopy.go index 46aa25d2..9973953e 100644 --- a/apis/v1alpha1/zz_generated.deepcopy.go +++ b/apis/v1alpha1/zz_generated.deepcopy.go @@ -37,6 +37,11 @@ func (in *AccountLimit) DeepCopyInto(out *AccountLimit) { *out = new(int64) **out = **in } + if in.ConcurrentExecutions != nil { + in, out := &in.ConcurrentExecutions, &out.ConcurrentExecutions + *out = new(int64) + **out = **in + } if in.TotalCodeSize != nil { in, out := &in.TotalCodeSize, &out.TotalCodeSize *out = new(int64) @@ -496,6 +501,141 @@ func (in *CORS) DeepCopy() *CORS { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CapacityProvider) DeepCopyInto(out *CapacityProvider) { + *out = *in + if in.CapacityProviderARN != nil { + in, out := &in.CapacityProviderARN, &out.CapacityProviderARN + *out = new(string) + **out = **in + } + if in.KMSKeyARN != nil { + in, out := &in.KMSKeyARN, &out.KMSKeyARN + *out = new(string) + **out = **in + } + if in.LastModified != nil { + in, out := &in.LastModified, &out.LastModified + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapacityProvider. +func (in *CapacityProvider) DeepCopy() *CapacityProvider { + if in == nil { + return nil + } + out := new(CapacityProvider) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CapacityProviderConfig) DeepCopyInto(out *CapacityProviderConfig) { + *out = *in + if in.LambdaManagedInstancesCapacityProviderConfig != nil { + in, out := &in.LambdaManagedInstancesCapacityProviderConfig, &out.LambdaManagedInstancesCapacityProviderConfig + *out = new(LambdaManagedInstancesCapacityProviderConfig) + (*in).DeepCopyInto(*out) + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapacityProviderConfig. +func (in *CapacityProviderConfig) DeepCopy() *CapacityProviderConfig { + if in == nil { + return nil + } + out := new(CapacityProviderConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CapacityProviderPermissionsConfig) DeepCopyInto(out *CapacityProviderPermissionsConfig) { + *out = *in + if in.CapacityProviderOperatorRoleARN != nil { + in, out := &in.CapacityProviderOperatorRoleARN, &out.CapacityProviderOperatorRoleARN + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CapacityProviderPermissionsConfig. +func (in *CapacityProviderPermissionsConfig) DeepCopy() *CapacityProviderPermissionsConfig { + if in == nil { + return nil + } + out := new(CapacityProviderPermissionsConfig) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ChainedInvokeOptions) DeepCopyInto(out *ChainedInvokeOptions) { + *out = *in + if in.FunctionName != nil { + in, out := &in.FunctionName, &out.FunctionName + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChainedInvokeOptions. +func (in *ChainedInvokeOptions) DeepCopy() *ChainedInvokeOptions { + if in == nil { + return nil + } + out := new(ChainedInvokeOptions) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *ChainedInvokeStartedDetails) DeepCopyInto(out *ChainedInvokeStartedDetails) { + *out = *in + if in.ExecutedVersion != nil { + in, out := &in.ExecutedVersion, &out.ExecutedVersion + *out = new(string) + **out = **in + } + if in.FunctionName != nil { + in, out := &in.FunctionName, &out.FunctionName + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ChainedInvokeStartedDetails. +func (in *ChainedInvokeStartedDetails) DeepCopy() *ChainedInvokeStartedDetails { + if in == nil { + return nil + } + out := new(ChainedInvokeStartedDetails) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *CheckpointUpdatedExecutionState) DeepCopyInto(out *CheckpointUpdatedExecutionState) { + *out = *in + if in.NextMarker != nil { + in, out := &in.NextMarker, &out.NextMarker + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CheckpointUpdatedExecutionState. +func (in *CheckpointUpdatedExecutionState) DeepCopy() *CheckpointUpdatedExecutionState { + if in == nil { + return nil + } + out := new(CheckpointUpdatedExecutionState) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *CodeSigningConfig) DeepCopyInto(out *CodeSigningConfig) { *out = *in @@ -766,6 +906,31 @@ func (in *DocumentDBEventSourceConfig) DeepCopy() *DocumentDBEventSourceConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DurableConfig) DeepCopyInto(out *DurableConfig) { + *out = *in + if in.ExecutionTimeout != nil { + in, out := &in.ExecutionTimeout, &out.ExecutionTimeout + *out = new(int64) + **out = **in + } + if in.RetentionPeriodInDays != nil { + in, out := &in.RetentionPeriodInDays, &out.RetentionPeriodInDays + *out = new(int64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DurableConfig. +func (in *DurableConfig) DeepCopy() *DurableConfig { + if in == nil { + return nil + } + out := new(DurableConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Environment) DeepCopyInto(out *Environment) { *out = *in @@ -1389,6 +1554,26 @@ func (in *EventSourceMappingStatus) DeepCopy() *EventSourceMappingStatus { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *Execution) DeepCopyInto(out *Execution) { + *out = *in + if in.FunctionARN != nil { + in, out := &in.FunctionARN, &out.FunctionARN + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Execution. +func (in *Execution) DeepCopy() *Execution { + if in == nil { + return nil + } + out := new(Execution) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *FileSystemConfig) DeepCopyInto(out *FileSystemConfig) { *out = *in @@ -1616,6 +1801,11 @@ func (in *FunctionConfiguration) DeepCopyInto(out *FunctionConfiguration) { } } } + if in.CapacityProviderConfig != nil { + in, out := &in.CapacityProviderConfig, &out.CapacityProviderConfig + *out = new(CapacityProviderConfig) + (*in).DeepCopyInto(*out) + } if in.CodeSHA256 != nil { in, out := &in.CodeSHA256, &out.CodeSHA256 *out = new(string) @@ -1626,6 +1816,11 @@ func (in *FunctionConfiguration) DeepCopyInto(out *FunctionConfiguration) { *out = new(int64) **out = **in } + if in.ConfigSHA256 != nil { + in, out := &in.ConfigSHA256, &out.ConfigSHA256 + *out = new(string) + **out = **in + } if in.DeadLetterConfig != nil { in, out := &in.DeadLetterConfig, &out.DeadLetterConfig *out = new(DeadLetterConfig) @@ -1636,6 +1831,11 @@ func (in *FunctionConfiguration) DeepCopyInto(out *FunctionConfiguration) { *out = new(string) **out = **in } + if in.DurableConfig != nil { + in, out := &in.DurableConfig, &out.DurableConfig + *out = new(DurableConfig) + (*in).DeepCopyInto(*out) + } if in.Environment != nil { in, out := &in.Environment, &out.Environment *out = new(EnvironmentResponse) @@ -1783,6 +1983,11 @@ func (in *FunctionConfiguration) DeepCopyInto(out *FunctionConfiguration) { *out = new(string) **out = **in } + if in.TenancyConfig != nil { + in, out := &in.TenancyConfig, &out.TenancyConfig + *out = new(TenancyConfig) + (*in).DeepCopyInto(*out) + } if in.Timeout != nil { in, out := &in.Timeout, &out.Timeout *out = new(int64) @@ -2043,6 +2248,11 @@ func (in *FunctionSpec) DeepCopyInto(out *FunctionSpec) { (*out)[key] = outVal } } + if in.TenancyConfig != nil { + in, out := &in.TenancyConfig, &out.TenancyConfig + *out = new(TenancyConfig) + (*in).DeepCopyInto(*out) + } if in.Timeout != nil { in, out := &in.Timeout, &out.Timeout *out = new(int64) @@ -2382,6 +2592,31 @@ func (in *FunctionURLConfig_SDK) DeepCopy() *FunctionURLConfig_SDK { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *FunctionVersionsByCapacityProviderListItem) DeepCopyInto(out *FunctionVersionsByCapacityProviderListItem) { + *out = *in + if in.FunctionARN != nil { + in, out := &in.FunctionARN, &out.FunctionARN + *out = new(string) + **out = **in + } + if in.State != nil { + in, out := &in.State, &out.State + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new FunctionVersionsByCapacityProviderListItem. +func (in *FunctionVersionsByCapacityProviderListItem) DeepCopy() *FunctionVersionsByCapacityProviderListItem { + if in == nil { + return nil + } + out := new(FunctionVersionsByCapacityProviderListItem) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *ImageConfig) DeepCopyInto(out *ImageConfig) { *out = *in @@ -2474,6 +2709,52 @@ func (in *ImageConfigResponse) DeepCopy() *ImageConfigResponse { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InstanceRequirements) DeepCopyInto(out *InstanceRequirements) { + *out = *in + if in.Architectures != nil { + in, out := &in.Architectures, &out.Architectures + *out = make([]*string, len(*in)) + for i := range *in { + if (*in)[i] != nil { + in, out := &(*in)[i], &(*out)[i] + *out = new(string) + **out = **in + } + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InstanceRequirements. +func (in *InstanceRequirements) DeepCopy() *InstanceRequirements { + if in == nil { + return nil + } + out := new(InstanceRequirements) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *InvocationCompletedDetails) DeepCopyInto(out *InvocationCompletedDetails) { + *out = *in + if in.RequestID != nil { + in, out := &in.RequestID, &out.RequestID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InvocationCompletedDetails. +func (in *InvocationCompletedDetails) DeepCopy() *InvocationCompletedDetails { + if in == nil { + return nil + } + out := new(InvocationCompletedDetails) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *InvokeResponseStreamUpdate) DeepCopyInto(out *InvokeResponseStreamUpdate) { *out = *in @@ -2621,6 +2902,36 @@ func (in *KafkaSchemaValidationConfig) DeepCopy() *KafkaSchemaValidationConfig { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *LambdaManagedInstancesCapacityProviderConfig) DeepCopyInto(out *LambdaManagedInstancesCapacityProviderConfig) { + *out = *in + if in.CapacityProviderARN != nil { + in, out := &in.CapacityProviderARN, &out.CapacityProviderARN + *out = new(string) + **out = **in + } + if in.ExecutionEnvironmentMemoryGiBPerVCPU != nil { + in, out := &in.ExecutionEnvironmentMemoryGiBPerVCPU, &out.ExecutionEnvironmentMemoryGiBPerVCPU + *out = new(float64) + **out = **in + } + if in.PerExecutionEnvironmentMaxConcurrency != nil { + in, out := &in.PerExecutionEnvironmentMaxConcurrency, &out.PerExecutionEnvironmentMaxConcurrency + *out = new(int64) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LambdaManagedInstancesCapacityProviderConfig. +func (in *LambdaManagedInstancesCapacityProviderConfig) DeepCopy() *LambdaManagedInstancesCapacityProviderConfig { + if in == nil { + return nil + } + out := new(LambdaManagedInstancesCapacityProviderConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *Layer) DeepCopyInto(out *Layer) { *out = *in @@ -3108,6 +3419,11 @@ func (in *ProvisionedPollerConfig) DeepCopyInto(out *ProvisionedPollerConfig) { *out = new(int64) **out = **in } + if in.PollerGroupName != nil { + in, out := &in.PollerGroupName, &out.PollerGroupName + *out = new(string) + **out = **in + } } // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProvisionedPollerConfig. @@ -3437,6 +3753,26 @@ func (in *TagsError) DeepCopy() *TagsError { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *TenancyConfig) DeepCopyInto(out *TenancyConfig) { + *out = *in + if in.TenantIsolationMode != nil { + in, out := &in.TenantIsolationMode, &out.TenantIsolationMode + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TenancyConfig. +func (in *TenancyConfig) DeepCopy() *TenancyConfig { + if in == nil { + return nil + } + out := new(TenancyConfig) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *TracingConfig) DeepCopyInto(out *TracingConfig) { *out = *in @@ -3864,6 +4200,11 @@ func (in *VersionStatus) DeepCopyInto(out *VersionStatus) { *out = new(string) **out = **in } + if in.TenancyConfig != nil { + in, out := &in.TenancyConfig, &out.TenancyConfig + *out = new(TenancyConfig) + (*in).DeepCopyInto(*out) + } if in.Timeout != nil { in, out := &in.Timeout, &out.Timeout *out = new(int64) diff --git a/config/controller/kustomization.yaml b/config/controller/kustomization.yaml index 248b3b03..854b82ef 100644 --- a/config/controller/kustomization.yaml +++ b/config/controller/kustomization.yaml @@ -6,4 +6,4 @@ kind: Kustomization images: - name: controller newName: public.ecr.aws/aws-controllers-k8s/lambda-controller - newTag: 1.10.1 + newTag: 0.0.0-non-release-version diff --git a/config/crd/bases/lambda.services.k8s.aws_aliases.yaml b/config/crd/bases/lambda.services.k8s.aws_aliases.yaml index ad395bd6..7a3a22b2 100644 --- a/config/crd/bases/lambda.services.k8s.aws_aliases.yaml +++ b/config/crd/bases/lambda.services.k8s.aws_aliases.yaml @@ -114,7 +114,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around @@ -137,7 +137,7 @@ spec: description: |- The function version that the alias invokes. - Regex Pattern: `^(\$LATEST|[0-9]+)$` + Regex Pattern: `^(\$LATEST(\.PUBLISHED)?|[0-9]+)$` type: string name: description: |- diff --git a/config/crd/bases/lambda.services.k8s.aws_eventsourcemappings.yaml b/config/crd/bases/lambda.services.k8s.aws_eventsourcemappings.yaml index 197fb526..1c964e70 100644 --- a/config/crd/bases/lambda.services.k8s.aws_eventsourcemappings.yaml +++ b/config/crd/bases/lambda.services.k8s.aws_eventsourcemappings.yaml @@ -126,14 +126,14 @@ spec: type: integer bisectBatchOnFunctionError: description: |- - (Kinesis and DynamoDB Streams only) If the function returns an error, split - the batch in two and retry. + (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) If + the function returns an error, split the batch in two and retry. type: boolean destinationConfig: description: |- - (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Kafka only) A configuration - object that specifies the destination of an event after Lambda processes - it. + (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) A + configuration object that specifies the destination of an event after Lambda + processes it. properties: onFailure: description: |- @@ -236,7 +236,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_\.]+)(:(\$LATEST(\.PUBLISHED)?|[a-zA-Z0-9-_]+))?$` type: string functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around @@ -257,8 +257,8 @@ spec: type: object functionResponseTypes: description: |- - (Kinesis, DynamoDB Streams, and Amazon SQS) A list of current response type - enums applied to the event source mapping. + (Kinesis, DynamoDB Streams, Amazon MSK, self-managed Apache Kafka, and Amazon + SQS) A list of current response type enums applied to the event source mapping. items: type: string type: array @@ -283,15 +283,16 @@ spec: type: integer maximumRecordAgeInSeconds: description: |- - (Kinesis and DynamoDB Streams only) Discard records older than the specified - age. The default value is infinite (-1). + (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) Discard + records older than the specified age. The default value is infinite (-1). format: int64 type: integer maximumRetryAttempts: description: |- - (Kinesis and DynamoDB Streams only) Discard records after the specified number - of retries. The default value is infinite (-1). When set to infinite (-1), - failed records are retried until the record expires. + (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) Discard + records after the specified number of retries. The default value is infinite + (-1). When set to infinite (-1), failed records are retried until the record + expires. format: int64 type: integer parallelizationFactor: @@ -518,7 +519,7 @@ spec: description: |- The ARN of the Lambda function. - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string lastModified: description: |- diff --git a/config/crd/bases/lambda.services.k8s.aws_functions.yaml b/config/crd/bases/lambda.services.k8s.aws_functions.yaml index ed6e9a32..60167c11 100644 --- a/config/crd/bases/lambda.services.k8s.aws_functions.yaml +++ b/config/crd/bases/lambda.services.k8s.aws_functions.yaml @@ -298,7 +298,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string packageType: description: |- @@ -365,6 +365,18 @@ spec: A list of tags (https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function. type: object + tenancyConfig: + description: |- + Configuration for multi-tenant applications that use Lambda functions. Defines + tenant isolation settings and resource allocations. Required for functions + supporting multiple tenants. + properties: + tenantIsolationMode: + type: string + type: object + x-kubernetes-validations: + - message: Value is immutable once set + rule: self == oldSelf timeout: description: |- The amount of time (in seconds) that Lambda allows a function to run before @@ -581,7 +593,7 @@ spec: description: |- For Lambda@Edge functions, the ARN of the main function. - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string revisionID: description: The latest updated revision of the function or alias. diff --git a/config/crd/bases/lambda.services.k8s.aws_functionurlconfigs.yaml b/config/crd/bases/lambda.services.k8s.aws_functionurlconfigs.yaml index d74d43a8..9e83cc72 100644 --- a/config/crd/bases/lambda.services.k8s.aws_functionurlconfigs.yaml +++ b/config/crd/bases/lambda.services.k8s.aws_functionurlconfigs.yaml @@ -47,7 +47,7 @@ spec: The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information, - see Security and auth model for Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). + see Control access to Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). type: string cors: description: |- @@ -91,7 +91,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around @@ -114,7 +114,7 @@ spec: description: |- The alias name. - Regex Pattern: `^(^\$LATEST$)|((?!^[0-9]+$)([a-zA-Z0-9-_]+))$` + Regex Pattern: `^((?!^\d+$)^[0-9a-zA-Z-_]+$)$` type: string required: - authType @@ -195,7 +195,7 @@ spec: description: |- The Amazon Resource Name (ARN) of your function. - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string functionURL: description: The HTTP URL endpoint for your function. diff --git a/config/crd/bases/lambda.services.k8s.aws_versions.yaml b/config/crd/bases/lambda.services.k8s.aws_versions.yaml index ef4c92a5..87d1fa68 100644 --- a/config/crd/bases/lambda.services.k8s.aws_versions.yaml +++ b/config/crd/bases/lambda.services.k8s.aws_versions.yaml @@ -106,7 +106,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around @@ -273,7 +273,7 @@ spec: description: |- The function's Amazon Resource Name (ARN). - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_\.]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_\.]+(:(\$LATEST(\.PUBLISHED)?|[a-zA-Z0-9-_]+))?$` type: string handler: description: |- @@ -372,7 +372,7 @@ spec: description: |- For Lambda@Edge functions, the ARN of the main function. - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string memorySize: description: The amount of memory available to the function at runtime. @@ -444,6 +444,15 @@ spec: The reason code for the function's current state. When the code is Creating, you can't invoke or modify the function. type: string + tenancyConfig: + description: |- + The function's tenant isolation configuration settings. Determines whether + the Lambda function runs on a shared or dedicated infrastructure per unique + tenant. + properties: + tenantIsolationMode: + type: string + type: object timeout: description: |- The amount of time in seconds that Lambda allows a function to run before diff --git a/generator.yaml b/generator.yaml index 81738e5c..b5c95830 100644 --- a/generator.yaml +++ b/generator.yaml @@ -1,5 +1,6 @@ ignore: resource_names: + - CapacityProvider # Function # Alias # CodeSigningConfig @@ -29,6 +30,18 @@ ignore: - VpcConfig.Ipv6AllowedForDualStack - AddPermissionInput.FunctionName # We grab this from the Alias resource - AddPermissionInput.Qualifier # We grab this from the Alias resource + - PublishVersionInput.PublishTo + - PublishVersionOutput.PublishTo + - PublishVersionOutput.CapacityProviderConfig + - PublishVersionOutput.DurableConfig + - AddPermissionInput.InvokedViaFunctionUrl + - CreateFunctionInput.PublishTo + - CreateFunctionInput.CapacityProviderConfig + - CreateFunctionOutput.CapacityProviderConfig + - CreateFunctionInput.DurableConfig + - CreateFunctionOutput.DurableConfig + - CreateFunctionOutput.ConfigSha256 + - PublishVersionOutput.ConfigSha256 operations: GetFunction: output_wrapper_field_path: Configuration @@ -100,6 +113,8 @@ resources: from: operation: PutFunctionConcurrency path: ReservedConcurrentExecutions + TenancyConfig: + is_immutable: true Code: compare: is_ignored: false diff --git a/go.mod b/go.mod index 7f26fbd1..cf4729e0 100644 --- a/go.mod +++ b/go.mod @@ -14,9 +14,9 @@ require ( github.com/aws-controllers-k8s/s3-controller v0.1.5 github.com/aws-controllers-k8s/secretsmanager-controller v1.1.0 github.com/aws/aws-sdk-go v1.49.0 - github.com/aws/aws-sdk-go-v2 v1.38.0 - github.com/aws/aws-sdk-go-v2/service/lambda v1.75.0 - github.com/aws/smithy-go v1.22.5 + github.com/aws/aws-sdk-go-v2 v1.41.1 + github.com/aws/aws-sdk-go-v2/service/lambda v1.87.1 + github.com/aws/smithy-go v1.24.0 github.com/go-logr/logr v1.4.2 github.com/micahhausler/aws-iam-policy v0.4.2 github.com/spf13/pflag v1.0.5 @@ -27,12 +27,12 @@ require ( ) require ( - github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.0 // indirect + github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.4 // indirect github.com/aws/aws-sdk-go-v2/config v1.28.6 // indirect github.com/aws/aws-sdk-go-v2/credentials v1.17.47 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.21 // indirect - github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.2 // indirect - github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.2 // indirect + github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17 // indirect + github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.17 // indirect github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 // indirect github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.6 // indirect diff --git a/go.sum b/go.sum index 53458377..136eaba8 100644 --- a/go.sum +++ b/go.sum @@ -16,36 +16,36 @@ github.com/aws-controllers-k8s/secretsmanager-controller v1.1.0 h1:S+8FLIRMcwzR+ github.com/aws-controllers-k8s/secretsmanager-controller v1.1.0/go.mod h1:Q8+dGg+vmB8FcUftJp+Jwe47V5xVVelYWCzCVuKqxOE= github.com/aws/aws-sdk-go v1.49.0 h1:g9BkW1fo9GqKfwg2+zCD+TW/D36Ux+vtfJ8guF4AYmY= github.com/aws/aws-sdk-go v1.49.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= -github.com/aws/aws-sdk-go-v2 v1.38.0 h1:UCRQ5mlqcFk9HJDIqENSLR3wiG1VTWlyUfLDEvY7RxU= -github.com/aws/aws-sdk-go-v2 v1.38.0/go.mod h1:9Q0OoGQoboYIAJyslFyF1f5K1Ryddop8gqMhWx/n4Wg= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.0 h1:6GMWV6CNpA/6fbFHnoAjrv4+LGfyTqZz2LtCHnspgDg= -github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.0/go.mod h1:/mXlTIVG9jbxkqDnr5UQNQxW1HRYxeGklkM9vAFeabg= +github.com/aws/aws-sdk-go-v2 v1.41.1 h1:ABlyEARCDLN034NhxlRUSZr4l71mh+T5KAeGh6cerhU= +github.com/aws/aws-sdk-go-v2 v1.41.1/go.mod h1:MayyLB8y+buD9hZqkCW3kX1AKq07Y5pXxtgB+rRFhz0= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.4 h1:489krEF9xIGkOaaX3CE/Be2uWjiXrkCH6gUX+bZA/BU= +github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.7.4/go.mod h1:IOAPF6oT9KCsceNTvvYMNHy0+kMF8akOjeDvPENWxp4= github.com/aws/aws-sdk-go-v2/config v1.28.6 h1:D89IKtGrs/I3QXOLNTH93NJYtDhm8SYa9Q5CsPShmyo= github.com/aws/aws-sdk-go-v2/config v1.28.6/go.mod h1:GDzxJ5wyyFSCoLkS+UhGB0dArhb9mI+Co4dHtoTxbko= github.com/aws/aws-sdk-go-v2/credentials v1.17.47 h1:48bA+3/fCdi2yAwVt+3COvmatZ6jUDNkDTIsqDiMUdw= github.com/aws/aws-sdk-go-v2/credentials v1.17.47/go.mod h1:+KdckOejLW3Ks3b0E3b5rHsr2f9yuORBum0WPnE5o5w= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.21 h1:AmoU1pziydclFT/xRV+xXE/Vb8fttJCLRPv8oAkprc0= github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.21/go.mod h1:AjUdLYe4Tgs6kpH4Bv7uMZo7pottoyHMn4eTcIcneaY= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.2 h1:sPiRHLVUIIQcoVZTNwqQcdtjkqkPopyYmIX0M5ElRf4= -github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.2/go.mod h1:ik86P3sgV+Bk7c1tBFCwI3VxMoSEwl4YkRB9xn1s340= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.2 h1:ZdzDAg075H6stMZtbD2o+PyB933M/f20e9WmCBC17wA= -github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.2/go.mod h1:eE1IIzXG9sdZCB0pNNpMpsYTLl4YdOQD3njiVN1e/E4= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17 h1:xOLELNKGp2vsiteLsvLPwxC+mYmO6OZ8PYgiuPJzF8U= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.17/go.mod h1:5M5CI3D12dNOtH3/mk6minaRwI2/37ifCURZISxA/IQ= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.17 h1:WWLqlh79iO48yLkj1v3ISRNiv+3KdQoZ6JWyfcsyQik= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.17/go.mod h1:EhG22vHRrvF8oXSTYStZhJc1aUgKtnJe+aOiFEV90cM= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ= github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1 h1:iXtILhvDxB6kPvEXgsDhGaZCSC6LQET5ZHSdJozeI0Y= github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.1/go.mod h1:9nu0fVANtYiAePIBh2/pFUSwtJ402hLnp854CNoDOeE= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.6 h1:50+XsN70RS7dwJ2CkVNXzj7U2L1HKP8nqTd3XWEXBN4= github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.6/go.mod h1:WqgLmwY7so32kG01zD8CPTJWVWM+TzJoOVHwTg4aPug= -github.com/aws/aws-sdk-go-v2/service/lambda v1.75.0 h1:8hoKtn/EgZ0bA2dQ/meHFNsalY5fuA7M3QDqnrVxPLA= -github.com/aws/aws-sdk-go-v2/service/lambda v1.75.0/go.mod h1:YDWB9+Y6hLDGdI+S1TQIs8Fq3pu5ZF+7l2ZwF7dzhjg= +github.com/aws/aws-sdk-go-v2/service/lambda v1.87.1 h1:QBdmTXWwqVgx0PueT/Xgp2+al5HR0gAV743pTzYeBRw= +github.com/aws/aws-sdk-go-v2/service/lambda v1.87.1/go.mod h1:ogjbkxFgFOjG3dYFQ8irC92gQfpfMDcy1RDKNSZWXNU= github.com/aws/aws-sdk-go-v2/service/sso v1.24.7 h1:rLnYAfXQ3YAccocshIH5mzNNwZBkBo+bP6EhIxak6Hw= github.com/aws/aws-sdk-go-v2/service/sso v1.24.7/go.mod h1:ZHtuQJ6t9A/+YDuxOLnbryAmITtr8UysSny3qcyvJTc= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.6 h1:JnhTZR3PiYDNKlXy50/pNeix9aGMo6lLpXwJ1mw8MD4= github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.6/go.mod h1:URronUEGfXZN1VpdktPSD1EkAL9mfrV+2F4sjH38qOY= github.com/aws/aws-sdk-go-v2/service/sts v1.33.2 h1:s4074ZO1Hk8qv65GqNXqDjmkf4HSQqJukaLuuW0TpDA= github.com/aws/aws-sdk-go-v2/service/sts v1.33.2/go.mod h1:mVggCnIWoM09jP71Wh+ea7+5gAp53q+49wDFs1SW5z8= -github.com/aws/smithy-go v1.22.5 h1:P9ATCXPMb2mPjYBgueqJNCA5S9UfktsW0tTxi+a7eqw= -github.com/aws/smithy-go v1.22.5/go.mod h1:t1ufH5HMublsJYulve2RKmHDC15xu1f26kHCp/HgceI= +github.com/aws/smithy-go v1.24.0 h1:LpilSUItNPFr1eY85RYgTIg5eIEPtvFbskaFcmmIUnk= +github.com/aws/smithy-go v1.24.0/go.mod h1:LEj2LM3rBRQJxPZTB4KuzZkaZYnZPnvgIhb4pu07mx0= github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM= github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= diff --git a/helm/crds/lambda.services.k8s.aws_aliases.yaml b/helm/crds/lambda.services.k8s.aws_aliases.yaml index ed8b2022..98f6f115 100644 --- a/helm/crds/lambda.services.k8s.aws_aliases.yaml +++ b/helm/crds/lambda.services.k8s.aws_aliases.yaml @@ -114,7 +114,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around @@ -137,7 +137,7 @@ spec: description: |- The function version that the alias invokes. - Regex Pattern: `^(\$LATEST|[0-9]+)$` + Regex Pattern: `^(\$LATEST(\.PUBLISHED)?|[0-9]+)$` type: string name: description: |- diff --git a/helm/crds/lambda.services.k8s.aws_eventsourcemappings.yaml b/helm/crds/lambda.services.k8s.aws_eventsourcemappings.yaml index 92121fb8..ffa9897f 100644 --- a/helm/crds/lambda.services.k8s.aws_eventsourcemappings.yaml +++ b/helm/crds/lambda.services.k8s.aws_eventsourcemappings.yaml @@ -126,14 +126,14 @@ spec: type: integer bisectBatchOnFunctionError: description: |- - (Kinesis and DynamoDB Streams only) If the function returns an error, split - the batch in two and retry. + (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) If + the function returns an error, split the batch in two and retry. type: boolean destinationConfig: description: |- - (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Kafka only) A configuration - object that specifies the destination of an event after Lambda processes - it. + (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) A + configuration object that specifies the destination of an event after Lambda + processes it. properties: onFailure: description: |- @@ -236,7 +236,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it's limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_\.]+)(:(\$LATEST(\.PUBLISHED)?|[a-zA-Z0-9-_]+))?$` type: string functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around @@ -257,8 +257,8 @@ spec: type: object functionResponseTypes: description: |- - (Kinesis, DynamoDB Streams, and Amazon SQS) A list of current response type - enums applied to the event source mapping. + (Kinesis, DynamoDB Streams, Amazon MSK, self-managed Apache Kafka, and Amazon + SQS) A list of current response type enums applied to the event source mapping. items: type: string type: array @@ -283,15 +283,16 @@ spec: type: integer maximumRecordAgeInSeconds: description: |- - (Kinesis and DynamoDB Streams only) Discard records older than the specified - age. The default value is infinite (-1). + (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) Discard + records older than the specified age. The default value is infinite (-1). format: int64 type: integer maximumRetryAttempts: description: |- - (Kinesis and DynamoDB Streams only) Discard records after the specified number - of retries. The default value is infinite (-1). When set to infinite (-1), - failed records are retried until the record expires. + (Kinesis, DynamoDB Streams, Amazon MSK, and self-managed Apache Kafka) Discard + records after the specified number of retries. The default value is infinite + (-1). When set to infinite (-1), failed records are retried until the record + expires. format: int64 type: integer parallelizationFactor: @@ -518,7 +519,7 @@ spec: description: |- The ARN of the Lambda function. - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string lastModified: description: |- diff --git a/helm/crds/lambda.services.k8s.aws_functions.yaml b/helm/crds/lambda.services.k8s.aws_functions.yaml index a9080c19..8bbffb58 100644 --- a/helm/crds/lambda.services.k8s.aws_functions.yaml +++ b/helm/crds/lambda.services.k8s.aws_functions.yaml @@ -298,7 +298,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string packageType: description: |- @@ -365,6 +365,18 @@ spec: A list of tags (https://docs.aws.amazon.com/lambda/latest/dg/tagging.html) to apply to the function. type: object + tenancyConfig: + description: |- + Configuration for multi-tenant applications that use Lambda functions. Defines + tenant isolation settings and resource allocations. Required for functions + supporting multiple tenants. + properties: + tenantIsolationMode: + type: string + type: object + x-kubernetes-validations: + - message: Value is immutable once set + rule: self == oldSelf timeout: description: |- The amount of time (in seconds) that Lambda allows a function to run before @@ -581,7 +593,7 @@ spec: description: |- For Lambda@Edge functions, the ARN of the main function. - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string revisionID: description: The latest updated revision of the function or alias. diff --git a/helm/crds/lambda.services.k8s.aws_functionurlconfigs.yaml b/helm/crds/lambda.services.k8s.aws_functionurlconfigs.yaml index 41b74d21..1b0e8b8f 100644 --- a/helm/crds/lambda.services.k8s.aws_functionurlconfigs.yaml +++ b/helm/crds/lambda.services.k8s.aws_functionurlconfigs.yaml @@ -47,7 +47,7 @@ spec: The type of authentication that your function URL uses. Set to AWS_IAM if you want to restrict access to authenticated users only. Set to NONE if you want to bypass IAM authentication to create a public endpoint. For more information, - see Security and auth model for Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). + see Control access to Lambda function URLs (https://docs.aws.amazon.com/lambda/latest/dg/urls-auth.html). type: string cors: description: |- @@ -91,7 +91,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around @@ -114,7 +114,7 @@ spec: description: |- The alias name. - Regex Pattern: `^(^\$LATEST$)|((?!^[0-9]+$)([a-zA-Z0-9-_]+))$` + Regex Pattern: `^((?!^\d+$)^[0-9a-zA-Z-_]+$)$` type: string required: - authType @@ -195,7 +195,7 @@ spec: description: |- The Amazon Resource Name (ARN) of your function. - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string functionURL: description: The HTTP URL endpoint for your function. diff --git a/helm/crds/lambda.services.k8s.aws_versions.yaml b/helm/crds/lambda.services.k8s.aws_versions.yaml index 2f60d43b..35d2d1c3 100644 --- a/helm/crds/lambda.services.k8s.aws_versions.yaml +++ b/helm/crds/lambda.services.k8s.aws_versions.yaml @@ -106,7 +106,7 @@ spec: The length constraint applies only to the full ARN. If you specify only the function name, it is limited to 64 characters in length. - Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}(-gov)?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^(arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string functionRef: description: "AWSResourceReferenceWrapper provides a wrapper around @@ -273,7 +273,7 @@ spec: description: |- The function's Amazon Resource Name (ARN). - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_\.]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_\.]+(:(\$LATEST(\.PUBLISHED)?|[a-zA-Z0-9-_]+))?$` type: string handler: description: |- @@ -372,7 +372,7 @@ spec: description: |- For Lambda@Edge functions, the ARN of the main function. - Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` + Regex Pattern: `^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}((-gov)|(-iso([a-z]?)))?-[a-z]+-\d{1}:\d{12}:function:[a-zA-Z0-9-_]+(:(\$LATEST|[a-zA-Z0-9-_]+))?$` type: string memorySize: description: The amount of memory available to the function at runtime. @@ -444,6 +444,15 @@ spec: The reason code for the function's current state. When the code is Creating, you can't invoke or modify the function. type: string + tenancyConfig: + description: |- + The function's tenant isolation configuration settings. Determines whether + the Lambda function runs on a shared or dedicated infrastructure per unique + tenant. + properties: + tenantIsolationMode: + type: string + type: object timeout: description: |- The amount of time in seconds that Lambda allows a function to run before diff --git a/pkg/resource/function/delta.go b/pkg/resource/function/delta.go index e36384ad..970e72c9 100644 --- a/pkg/resource/function/delta.go +++ b/pkg/resource/function/delta.go @@ -346,6 +346,17 @@ func newResourceDelta( if !ackcompare.MapStringStringEqual(desiredACKTags, latestACKTags) { delta.Add("Spec.Tags", a.ko.Spec.Tags, b.ko.Spec.Tags) } + if ackcompare.HasNilDifference(a.ko.Spec.TenancyConfig, b.ko.Spec.TenancyConfig) { + delta.Add("Spec.TenancyConfig", a.ko.Spec.TenancyConfig, b.ko.Spec.TenancyConfig) + } else if a.ko.Spec.TenancyConfig != nil && b.ko.Spec.TenancyConfig != nil { + if ackcompare.HasNilDifference(a.ko.Spec.TenancyConfig.TenantIsolationMode, b.ko.Spec.TenancyConfig.TenantIsolationMode) { + delta.Add("Spec.TenancyConfig.TenantIsolationMode", a.ko.Spec.TenancyConfig.TenantIsolationMode, b.ko.Spec.TenancyConfig.TenantIsolationMode) + } else if a.ko.Spec.TenancyConfig.TenantIsolationMode != nil && b.ko.Spec.TenancyConfig.TenantIsolationMode != nil { + if *a.ko.Spec.TenancyConfig.TenantIsolationMode != *b.ko.Spec.TenancyConfig.TenantIsolationMode { + delta.Add("Spec.TenancyConfig.TenantIsolationMode", a.ko.Spec.TenancyConfig.TenantIsolationMode, b.ko.Spec.TenancyConfig.TenantIsolationMode) + } + } + } if ackcompare.HasNilDifference(a.ko.Spec.Timeout, b.ko.Spec.Timeout) { delta.Add("Spec.Timeout", a.ko.Spec.Timeout, b.ko.Spec.Timeout) } else if a.ko.Spec.Timeout != nil && b.ko.Spec.Timeout != nil { diff --git a/pkg/resource/function/sdk.go b/pkg/resource/function/sdk.go index e20f609d..14ad968e 100644 --- a/pkg/resource/function/sdk.go +++ b/pkg/resource/function/sdk.go @@ -109,11 +109,11 @@ func (rm *resourceManager) sdkFind( } ko.Status.CodeSize = &resp.Configuration.CodeSize if resp.Configuration.DeadLetterConfig != nil { - f3 := &svcapitypes.DeadLetterConfig{} + f5 := &svcapitypes.DeadLetterConfig{} if resp.Configuration.DeadLetterConfig.TargetArn != nil { - f3.TargetARN = resp.Configuration.DeadLetterConfig.TargetArn + f5.TargetARN = resp.Configuration.DeadLetterConfig.TargetArn } - ko.Spec.DeadLetterConfig = f3 + ko.Spec.DeadLetterConfig = f5 } else { ko.Spec.DeadLetterConfig = nil } @@ -123,37 +123,37 @@ func (rm *resourceManager) sdkFind( ko.Spec.Description = nil } if resp.Configuration.Environment != nil { - f5 := &svcapitypes.Environment{} + f8 := &svcapitypes.Environment{} if resp.Configuration.Environment.Variables != nil { - f5.Variables = aws.StringMap(resp.Configuration.Environment.Variables) + f8.Variables = aws.StringMap(resp.Configuration.Environment.Variables) } - ko.Spec.Environment = f5 + ko.Spec.Environment = f8 } else { ko.Spec.Environment = nil } if resp.Configuration.EphemeralStorage != nil { - f6 := &svcapitypes.EphemeralStorage{} + f9 := &svcapitypes.EphemeralStorage{} if resp.Configuration.EphemeralStorage.Size != nil { sizeCopy := int64(*resp.Configuration.EphemeralStorage.Size) - f6.Size = &sizeCopy + f9.Size = &sizeCopy } - ko.Spec.EphemeralStorage = f6 + ko.Spec.EphemeralStorage = f9 } else { ko.Spec.EphemeralStorage = nil } if resp.Configuration.FileSystemConfigs != nil { - f7 := []*svcapitypes.FileSystemConfig{} - for _, f7iter := range resp.Configuration.FileSystemConfigs { - f7elem := &svcapitypes.FileSystemConfig{} - if f7iter.Arn != nil { - f7elem.ARN = f7iter.Arn + f10 := []*svcapitypes.FileSystemConfig{} + for _, f10iter := range resp.Configuration.FileSystemConfigs { + f10elem := &svcapitypes.FileSystemConfig{} + if f10iter.Arn != nil { + f10elem.ARN = f10iter.Arn } - if f7iter.LocalMountPath != nil { - f7elem.LocalMountPath = f7iter.LocalMountPath + if f10iter.LocalMountPath != nil { + f10elem.LocalMountPath = f10iter.LocalMountPath } - f7 = append(f7, f7elem) + f10 = append(f10, f10elem) } - ko.Spec.FileSystemConfigs = f7 + ko.Spec.FileSystemConfigs = f10 } else { ko.Spec.FileSystemConfigs = nil } @@ -175,31 +175,31 @@ func (rm *resourceManager) sdkFind( ko.Spec.Handler = nil } if resp.Configuration.ImageConfigResponse != nil { - f11 := &svcapitypes.ImageConfigResponse{} + f14 := &svcapitypes.ImageConfigResponse{} if resp.Configuration.ImageConfigResponse.Error != nil { - f11f0 := &svcapitypes.ImageConfigError{} + f14f0 := &svcapitypes.ImageConfigError{} if resp.Configuration.ImageConfigResponse.Error.ErrorCode != nil { - f11f0.ErrorCode = resp.Configuration.ImageConfigResponse.Error.ErrorCode + f14f0.ErrorCode = resp.Configuration.ImageConfigResponse.Error.ErrorCode } if resp.Configuration.ImageConfigResponse.Error.Message != nil { - f11f0.Message = resp.Configuration.ImageConfigResponse.Error.Message + f14f0.Message = resp.Configuration.ImageConfigResponse.Error.Message } - f11.Error = f11f0 + f14.Error = f14f0 } if resp.Configuration.ImageConfigResponse.ImageConfig != nil { - f11f1 := &svcapitypes.ImageConfig{} + f14f1 := &svcapitypes.ImageConfig{} if resp.Configuration.ImageConfigResponse.ImageConfig.Command != nil { - f11f1.Command = aws.StringSlice(resp.Configuration.ImageConfigResponse.ImageConfig.Command) + f14f1.Command = aws.StringSlice(resp.Configuration.ImageConfigResponse.ImageConfig.Command) } if resp.Configuration.ImageConfigResponse.ImageConfig.EntryPoint != nil { - f11f1.EntryPoint = aws.StringSlice(resp.Configuration.ImageConfigResponse.ImageConfig.EntryPoint) + f14f1.EntryPoint = aws.StringSlice(resp.Configuration.ImageConfigResponse.ImageConfig.EntryPoint) } if resp.Configuration.ImageConfigResponse.ImageConfig.WorkingDirectory != nil { - f11f1.WorkingDirectory = resp.Configuration.ImageConfigResponse.ImageConfig.WorkingDirectory + f14f1.WorkingDirectory = resp.Configuration.ImageConfigResponse.ImageConfig.WorkingDirectory } - f11.ImageConfig = f11f1 + f14.ImageConfig = f14f1 } - ko.Status.ImageConfigResponse = f11 + ko.Status.ImageConfigResponse = f14 } else { ko.Status.ImageConfigResponse = nil } @@ -229,20 +229,20 @@ func (rm *resourceManager) sdkFind( ko.Status.LastUpdateStatusReasonCode = nil } if resp.Configuration.LoggingConfig != nil { - f18 := &svcapitypes.LoggingConfig{} + f21 := &svcapitypes.LoggingConfig{} if resp.Configuration.LoggingConfig.ApplicationLogLevel != "" { - f18.ApplicationLogLevel = aws.String(string(resp.Configuration.LoggingConfig.ApplicationLogLevel)) + f21.ApplicationLogLevel = aws.String(string(resp.Configuration.LoggingConfig.ApplicationLogLevel)) } if resp.Configuration.LoggingConfig.LogFormat != "" { - f18.LogFormat = aws.String(string(resp.Configuration.LoggingConfig.LogFormat)) + f21.LogFormat = aws.String(string(resp.Configuration.LoggingConfig.LogFormat)) } if resp.Configuration.LoggingConfig.LogGroup != nil { - f18.LogGroup = resp.Configuration.LoggingConfig.LogGroup + f21.LogGroup = resp.Configuration.LoggingConfig.LogGroup } if resp.Configuration.LoggingConfig.SystemLogLevel != "" { - f18.SystemLogLevel = aws.String(string(resp.Configuration.LoggingConfig.SystemLogLevel)) + f21.SystemLogLevel = aws.String(string(resp.Configuration.LoggingConfig.SystemLogLevel)) } - ko.Spec.LoggingConfig = f18 + ko.Spec.LoggingConfig = f21 } else { ko.Spec.LoggingConfig = nil } @@ -288,11 +288,11 @@ func (rm *resourceManager) sdkFind( ko.Status.SigningProfileVersionARN = nil } if resp.Configuration.SnapStart != nil { - f28 := &svcapitypes.SnapStart{} + f31 := &svcapitypes.SnapStart{} if resp.Configuration.SnapStart.ApplyOn != "" { - f28.ApplyOn = aws.String(string(resp.Configuration.SnapStart.ApplyOn)) + f31.ApplyOn = aws.String(string(resp.Configuration.SnapStart.ApplyOn)) } - ko.Spec.SnapStart = f28 + ko.Spec.SnapStart = f31 } else { ko.Spec.SnapStart = nil } @@ -311,6 +311,15 @@ func (rm *resourceManager) sdkFind( } else { ko.Status.StateReasonCode = nil } + if resp.Configuration.TenancyConfig != nil { + f35 := &svcapitypes.TenancyConfig{} + if resp.Configuration.TenancyConfig.TenantIsolationMode != "" { + f35.TenantIsolationMode = aws.String(string(resp.Configuration.TenancyConfig.TenantIsolationMode)) + } + ko.Spec.TenancyConfig = f35 + } else { + ko.Spec.TenancyConfig = nil + } if resp.Configuration.Timeout != nil { timeoutCopy := int64(*resp.Configuration.Timeout) ko.Spec.Timeout = &timeoutCopy @@ -318,11 +327,11 @@ func (rm *resourceManager) sdkFind( ko.Spec.Timeout = nil } if resp.Configuration.TracingConfig != nil { - f33 := &svcapitypes.TracingConfig{} + f37 := &svcapitypes.TracingConfig{} if resp.Configuration.TracingConfig.Mode != "" { - f33.Mode = aws.String(string(resp.Configuration.TracingConfig.Mode)) + f37.Mode = aws.String(string(resp.Configuration.TracingConfig.Mode)) } - ko.Spec.TracingConfig = f33 + ko.Spec.TracingConfig = f37 } else { ko.Spec.TracingConfig = nil } @@ -332,14 +341,14 @@ func (rm *resourceManager) sdkFind( ko.Status.Version = nil } if resp.Configuration.VpcConfig != nil { - f35 := &svcapitypes.VPCConfig{} + f39 := &svcapitypes.VPCConfig{} if resp.Configuration.VpcConfig.SecurityGroupIds != nil { - f35.SecurityGroupIDs = aws.StringSlice(resp.Configuration.VpcConfig.SecurityGroupIds) + f39.SecurityGroupIDs = aws.StringSlice(resp.Configuration.VpcConfig.SecurityGroupIds) } if resp.Configuration.VpcConfig.SubnetIds != nil { - f35.SubnetIDs = aws.StringSlice(resp.Configuration.VpcConfig.SubnetIds) + f39.SubnetIDs = aws.StringSlice(resp.Configuration.VpcConfig.SubnetIds) } - ko.Spec.VPCConfig = f35 + ko.Spec.VPCConfig = f39 } else { ko.Spec.VPCConfig = nil } @@ -679,6 +688,15 @@ func (rm *resourceManager) sdkCreate( } else { ko.Status.StateReasonCode = nil } + if resp.TenancyConfig != nil { + f31 := &svcapitypes.TenancyConfig{} + if resp.TenancyConfig.TenantIsolationMode != "" { + f31.TenantIsolationMode = aws.String(string(resp.TenancyConfig.TenantIsolationMode)) + } + ko.Spec.TenancyConfig = f31 + } else { + ko.Spec.TenancyConfig = nil + } if resp.Timeout != nil { timeoutCopy := int64(*resp.Timeout) ko.Spec.Timeout = &timeoutCopy @@ -686,11 +704,11 @@ func (rm *resourceManager) sdkCreate( ko.Spec.Timeout = nil } if resp.TracingConfig != nil { - f32 := &svcapitypes.TracingConfig{} + f33 := &svcapitypes.TracingConfig{} if resp.TracingConfig.Mode != "" { - f32.Mode = aws.String(string(resp.TracingConfig.Mode)) + f33.Mode = aws.String(string(resp.TracingConfig.Mode)) } - ko.Spec.TracingConfig = f32 + ko.Spec.TracingConfig = f33 } else { ko.Spec.TracingConfig = nil } @@ -700,14 +718,14 @@ func (rm *resourceManager) sdkCreate( ko.Status.Version = nil } if resp.VpcConfig != nil { - f34 := &svcapitypes.VPCConfig{} + f35 := &svcapitypes.VPCConfig{} if resp.VpcConfig.SecurityGroupIds != nil { - f34.SecurityGroupIDs = aws.StringSlice(resp.VpcConfig.SecurityGroupIds) + f35.SecurityGroupIDs = aws.StringSlice(resp.VpcConfig.SecurityGroupIds) } if resp.VpcConfig.SubnetIds != nil { - f34.SubnetIDs = aws.StringSlice(resp.VpcConfig.SubnetIds) + f35.SubnetIDs = aws.StringSlice(resp.VpcConfig.SubnetIds) } - ko.Spec.VPCConfig = f34 + ko.Spec.VPCConfig = f35 } else { ko.Spec.VPCConfig = nil } @@ -899,6 +917,13 @@ func (rm *resourceManager) newCreateRequestPayload( if r.ko.Spec.Tags != nil { res.Tags = aws.ToStringMap(r.ko.Spec.Tags) } + if r.ko.Spec.TenancyConfig != nil { + f21 := &svcsdktypes.TenancyConfig{} + if r.ko.Spec.TenancyConfig.TenantIsolationMode != nil { + f21.TenantIsolationMode = svcsdktypes.TenantIsolationMode(*r.ko.Spec.TenancyConfig.TenantIsolationMode) + } + res.TenancyConfig = f21 + } if r.ko.Spec.Timeout != nil { timeoutCopy0 := *r.ko.Spec.Timeout if timeoutCopy0 > math.MaxInt32 || timeoutCopy0 < math.MinInt32 { @@ -908,21 +933,21 @@ func (rm *resourceManager) newCreateRequestPayload( res.Timeout = &timeoutCopy } if r.ko.Spec.TracingConfig != nil { - f22 := &svcsdktypes.TracingConfig{} + f23 := &svcsdktypes.TracingConfig{} if r.ko.Spec.TracingConfig.Mode != nil { - f22.Mode = svcsdktypes.TracingMode(*r.ko.Spec.TracingConfig.Mode) + f23.Mode = svcsdktypes.TracingMode(*r.ko.Spec.TracingConfig.Mode) } - res.TracingConfig = f22 + res.TracingConfig = f23 } if r.ko.Spec.VPCConfig != nil { - f23 := &svcsdktypes.VpcConfig{} + f24 := &svcsdktypes.VpcConfig{} if r.ko.Spec.VPCConfig.SecurityGroupIDs != nil { - f23.SecurityGroupIds = aws.ToStringSlice(r.ko.Spec.VPCConfig.SecurityGroupIDs) + f24.SecurityGroupIds = aws.ToStringSlice(r.ko.Spec.VPCConfig.SecurityGroupIDs) } if r.ko.Spec.VPCConfig.SubnetIDs != nil { - f23.SubnetIds = aws.ToStringSlice(r.ko.Spec.VPCConfig.SubnetIDs) + f24.SubnetIds = aws.ToStringSlice(r.ko.Spec.VPCConfig.SubnetIDs) } - res.VpcConfig = f23 + res.VpcConfig = f24 } return res, nil diff --git a/pkg/resource/version/sdk.go b/pkg/resource/version/sdk.go index 737c17b3..0d9a501c 100644 --- a/pkg/resource/version/sdk.go +++ b/pkg/resource/version/sdk.go @@ -111,11 +111,11 @@ func (rm *resourceManager) sdkFind( } ko.Status.CodeSize = &resp.CodeSize if resp.DeadLetterConfig != nil { - f3 := &svcapitypes.DeadLetterConfig{} + f5 := &svcapitypes.DeadLetterConfig{} if resp.DeadLetterConfig.TargetArn != nil { - f3.TargetARN = resp.DeadLetterConfig.TargetArn + f5.TargetARN = resp.DeadLetterConfig.TargetArn } - ko.Status.DeadLetterConfig = f3 + ko.Status.DeadLetterConfig = f5 } else { ko.Status.DeadLetterConfig = nil } @@ -125,47 +125,47 @@ func (rm *resourceManager) sdkFind( ko.Spec.Description = nil } if resp.Environment != nil { - f5 := &svcapitypes.EnvironmentResponse{} + f8 := &svcapitypes.EnvironmentResponse{} if resp.Environment.Error != nil { - f5f0 := &svcapitypes.EnvironmentError{} + f8f0 := &svcapitypes.EnvironmentError{} if resp.Environment.Error.ErrorCode != nil { - f5f0.ErrorCode = resp.Environment.Error.ErrorCode + f8f0.ErrorCode = resp.Environment.Error.ErrorCode } if resp.Environment.Error.Message != nil { - f5f0.Message = resp.Environment.Error.Message + f8f0.Message = resp.Environment.Error.Message } - f5.Error = f5f0 + f8.Error = f8f0 } if resp.Environment.Variables != nil { - f5.Variables = aws.StringMap(resp.Environment.Variables) + f8.Variables = aws.StringMap(resp.Environment.Variables) } - ko.Status.Environment = f5 + ko.Status.Environment = f8 } else { ko.Status.Environment = nil } if resp.EphemeralStorage != nil { - f6 := &svcapitypes.EphemeralStorage{} + f9 := &svcapitypes.EphemeralStorage{} if resp.EphemeralStorage.Size != nil { sizeCopy := int64(*resp.EphemeralStorage.Size) - f6.Size = &sizeCopy + f9.Size = &sizeCopy } - ko.Status.EphemeralStorage = f6 + ko.Status.EphemeralStorage = f9 } else { ko.Status.EphemeralStorage = nil } if resp.FileSystemConfigs != nil { - f7 := []*svcapitypes.FileSystemConfig{} - for _, f7iter := range resp.FileSystemConfigs { - f7elem := &svcapitypes.FileSystemConfig{} - if f7iter.Arn != nil { - f7elem.ARN = f7iter.Arn + f10 := []*svcapitypes.FileSystemConfig{} + for _, f10iter := range resp.FileSystemConfigs { + f10elem := &svcapitypes.FileSystemConfig{} + if f10iter.Arn != nil { + f10elem.ARN = f10iter.Arn } - if f7iter.LocalMountPath != nil { - f7elem.LocalMountPath = f7iter.LocalMountPath + if f10iter.LocalMountPath != nil { + f10elem.LocalMountPath = f10iter.LocalMountPath } - f7 = append(f7, f7elem) + f10 = append(f10, f10elem) } - ko.Status.FileSystemConfigs = f7 + ko.Status.FileSystemConfigs = f10 } else { ko.Status.FileSystemConfigs = nil } @@ -185,31 +185,31 @@ func (rm *resourceManager) sdkFind( ko.Status.Handler = nil } if resp.ImageConfigResponse != nil { - f11 := &svcapitypes.ImageConfigResponse{} + f14 := &svcapitypes.ImageConfigResponse{} if resp.ImageConfigResponse.Error != nil { - f11f0 := &svcapitypes.ImageConfigError{} + f14f0 := &svcapitypes.ImageConfigError{} if resp.ImageConfigResponse.Error.ErrorCode != nil { - f11f0.ErrorCode = resp.ImageConfigResponse.Error.ErrorCode + f14f0.ErrorCode = resp.ImageConfigResponse.Error.ErrorCode } if resp.ImageConfigResponse.Error.Message != nil { - f11f0.Message = resp.ImageConfigResponse.Error.Message + f14f0.Message = resp.ImageConfigResponse.Error.Message } - f11.Error = f11f0 + f14.Error = f14f0 } if resp.ImageConfigResponse.ImageConfig != nil { - f11f1 := &svcapitypes.ImageConfig{} + f14f1 := &svcapitypes.ImageConfig{} if resp.ImageConfigResponse.ImageConfig.Command != nil { - f11f1.Command = aws.StringSlice(resp.ImageConfigResponse.ImageConfig.Command) + f14f1.Command = aws.StringSlice(resp.ImageConfigResponse.ImageConfig.Command) } if resp.ImageConfigResponse.ImageConfig.EntryPoint != nil { - f11f1.EntryPoint = aws.StringSlice(resp.ImageConfigResponse.ImageConfig.EntryPoint) + f14f1.EntryPoint = aws.StringSlice(resp.ImageConfigResponse.ImageConfig.EntryPoint) } if resp.ImageConfigResponse.ImageConfig.WorkingDirectory != nil { - f11f1.WorkingDirectory = resp.ImageConfigResponse.ImageConfig.WorkingDirectory + f14f1.WorkingDirectory = resp.ImageConfigResponse.ImageConfig.WorkingDirectory } - f11.ImageConfig = f11f1 + f14.ImageConfig = f14f1 } - ko.Status.ImageConfigResponse = f11 + ko.Status.ImageConfigResponse = f14 } else { ko.Status.ImageConfigResponse = nil } @@ -239,22 +239,22 @@ func (rm *resourceManager) sdkFind( ko.Status.LastUpdateStatusReasonCode = nil } if resp.Layers != nil { - f17 := []*svcapitypes.Layer{} - for _, f17iter := range resp.Layers { - f17elem := &svcapitypes.Layer{} - if f17iter.Arn != nil { - f17elem.ARN = f17iter.Arn + f20 := []*svcapitypes.Layer{} + for _, f20iter := range resp.Layers { + f20elem := &svcapitypes.Layer{} + if f20iter.Arn != nil { + f20elem.ARN = f20iter.Arn } - f17elem.CodeSize = &f17iter.CodeSize - if f17iter.SigningJobArn != nil { - f17elem.SigningJobARN = f17iter.SigningJobArn + f20elem.CodeSize = &f20iter.CodeSize + if f20iter.SigningJobArn != nil { + f20elem.SigningJobARN = f20iter.SigningJobArn } - if f17iter.SigningProfileVersionArn != nil { - f17elem.SigningProfileVersionARN = f17iter.SigningProfileVersionArn + if f20iter.SigningProfileVersionArn != nil { + f20elem.SigningProfileVersionARN = f20iter.SigningProfileVersionArn } - f17 = append(f17, f17elem) + f20 = append(f20, f20elem) } - ko.Status.Layers = f17 + ko.Status.Layers = f20 } else { ko.Status.Layers = nil } @@ -300,14 +300,14 @@ func (rm *resourceManager) sdkFind( ko.Status.SigningProfileVersionARN = nil } if resp.SnapStart != nil { - f28 := &svcapitypes.SnapStartResponse{} + f31 := &svcapitypes.SnapStartResponse{} if resp.SnapStart.ApplyOn != "" { - f28.ApplyOn = aws.String(string(resp.SnapStart.ApplyOn)) + f31.ApplyOn = aws.String(string(resp.SnapStart.ApplyOn)) } if resp.SnapStart.OptimizationStatus != "" { - f28.OptimizationStatus = aws.String(string(resp.SnapStart.OptimizationStatus)) + f31.OptimizationStatus = aws.String(string(resp.SnapStart.OptimizationStatus)) } - ko.Status.SnapStart = f28 + ko.Status.SnapStart = f31 } else { ko.Status.SnapStart = nil } @@ -326,6 +326,15 @@ func (rm *resourceManager) sdkFind( } else { ko.Status.StateReasonCode = nil } + if resp.TenancyConfig != nil { + f35 := &svcapitypes.TenancyConfig{} + if resp.TenancyConfig.TenantIsolationMode != "" { + f35.TenantIsolationMode = aws.String(string(resp.TenancyConfig.TenantIsolationMode)) + } + ko.Status.TenancyConfig = f35 + } else { + ko.Status.TenancyConfig = nil + } if resp.Timeout != nil { timeoutCopy := int64(*resp.Timeout) ko.Status.Timeout = &timeoutCopy @@ -333,11 +342,11 @@ func (rm *resourceManager) sdkFind( ko.Status.Timeout = nil } if resp.TracingConfig != nil { - f33 := &svcapitypes.TracingConfigResponse{} + f37 := &svcapitypes.TracingConfigResponse{} if resp.TracingConfig.Mode != "" { - f33.Mode = aws.String(string(resp.TracingConfig.Mode)) + f37.Mode = aws.String(string(resp.TracingConfig.Mode)) } - ko.Status.TracingConfig = f33 + ko.Status.TracingConfig = f37 } else { ko.Status.TracingConfig = nil } @@ -347,20 +356,20 @@ func (rm *resourceManager) sdkFind( ko.Status.Version = nil } if resp.VpcConfig != nil { - f35 := &svcapitypes.VPCConfigResponse{} + f39 := &svcapitypes.VPCConfigResponse{} if resp.VpcConfig.Ipv6AllowedForDualStack != nil { - f35.IPv6AllowedForDualStack = resp.VpcConfig.Ipv6AllowedForDualStack + f39.IPv6AllowedForDualStack = resp.VpcConfig.Ipv6AllowedForDualStack } if resp.VpcConfig.SecurityGroupIds != nil { - f35.SecurityGroupIDs = aws.StringSlice(resp.VpcConfig.SecurityGroupIds) + f39.SecurityGroupIDs = aws.StringSlice(resp.VpcConfig.SecurityGroupIds) } if resp.VpcConfig.SubnetIds != nil { - f35.SubnetIDs = aws.StringSlice(resp.VpcConfig.SubnetIds) + f39.SubnetIDs = aws.StringSlice(resp.VpcConfig.SubnetIds) } if resp.VpcConfig.VpcId != nil { - f35.VPCID = resp.VpcConfig.VpcId + f39.VPCID = resp.VpcConfig.VpcId } - ko.Status.VPCConfig = f35 + ko.Status.VPCConfig = f39 } else { ko.Status.VPCConfig = nil } @@ -684,6 +693,15 @@ func (rm *resourceManager) sdkCreate( } else { ko.Status.StateReasonCode = nil } + if resp.TenancyConfig != nil { + f30 := &svcapitypes.TenancyConfig{} + if resp.TenancyConfig.TenantIsolationMode != "" { + f30.TenantIsolationMode = aws.String(string(resp.TenancyConfig.TenantIsolationMode)) + } + ko.Status.TenancyConfig = f30 + } else { + ko.Status.TenancyConfig = nil + } if resp.Timeout != nil { timeoutCopy := int64(*resp.Timeout) ko.Status.Timeout = &timeoutCopy @@ -691,11 +709,11 @@ func (rm *resourceManager) sdkCreate( ko.Status.Timeout = nil } if resp.TracingConfig != nil { - f31 := &svcapitypes.TracingConfigResponse{} + f32 := &svcapitypes.TracingConfigResponse{} if resp.TracingConfig.Mode != "" { - f31.Mode = aws.String(string(resp.TracingConfig.Mode)) + f32.Mode = aws.String(string(resp.TracingConfig.Mode)) } - ko.Status.TracingConfig = f31 + ko.Status.TracingConfig = f32 } else { ko.Status.TracingConfig = nil } @@ -705,20 +723,20 @@ func (rm *resourceManager) sdkCreate( ko.Status.Version = nil } if resp.VpcConfig != nil { - f33 := &svcapitypes.VPCConfigResponse{} + f34 := &svcapitypes.VPCConfigResponse{} if resp.VpcConfig.Ipv6AllowedForDualStack != nil { - f33.IPv6AllowedForDualStack = resp.VpcConfig.Ipv6AllowedForDualStack + f34.IPv6AllowedForDualStack = resp.VpcConfig.Ipv6AllowedForDualStack } if resp.VpcConfig.SecurityGroupIds != nil { - f33.SecurityGroupIDs = aws.StringSlice(resp.VpcConfig.SecurityGroupIds) + f34.SecurityGroupIDs = aws.StringSlice(resp.VpcConfig.SecurityGroupIds) } if resp.VpcConfig.SubnetIds != nil { - f33.SubnetIDs = aws.StringSlice(resp.VpcConfig.SubnetIds) + f34.SubnetIDs = aws.StringSlice(resp.VpcConfig.SubnetIds) } if resp.VpcConfig.VpcId != nil { - f33.VPCID = resp.VpcConfig.VpcId + f34.VPCID = resp.VpcConfig.VpcId } - ko.Status.VPCConfig = f33 + ko.Status.VPCConfig = f34 } else { ko.Status.VPCConfig = nil } diff --git a/test/e2e/resources/function_tenancy.yaml b/test/e2e/resources/function_tenancy.yaml new file mode 100644 index 00000000..dcbe403b --- /dev/null +++ b/test/e2e/resources/function_tenancy.yaml @@ -0,0 +1,17 @@ +apiVersion: lambda.services.k8s.aws/v1alpha1 +kind: Function +metadata: + name: $FUNCTION_NAME + annotations: + services.k8s.aws/region: $AWS_REGION +spec: + name: $FUNCTION_NAME + code: + s3Bucket: $BUCKET_NAME + s3Key: $LAMBDA_FILE_NAME + role: $LAMBDA_ROLE + runtime: python3.9 + handler: main + description: function with tenant isolation enabled + tenancyConfig: + tenantIsolationMode: "PER_TENANT" diff --git a/test/e2e/tests/test_function_tenancy.py b/test/e2e/tests/test_function_tenancy.py new file mode 100644 index 00000000..2e6e93b3 --- /dev/null +++ b/test/e2e/tests/test_function_tenancy.py @@ -0,0 +1,92 @@ +# Copyright Amazon.com Inc. or its affiliates. All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"). You may +# not use this file except in compliance with the License. A copy of the +# License is located at +# +# http://aws.amazon.com/apache2.0/ +# +# or in the "license" file accompanying this file. This file is distributed +# on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either +# express or implied. See the License for the specific language governing +# permissions and limitations under the License. + +"""Integration tests for the Lambda function API. +""" + +import pytest +import time +import logging + +from acktest.resources import random_suffix_name +from acktest.aws.identity import get_region +from acktest.k8s import resource as k8s + +from e2e import service_marker, CRD_GROUP, CRD_VERSION, load_lambda_resource +from e2e.replacement_values import REPLACEMENT_VALUES +from e2e.bootstrap_resources import get_bootstrap_resources +from e2e.service_bootstrap import LAMBDA_FUNCTION_FILE_ZIP +from e2e.tests.helper import LambdaValidator + +RESOURCE_PLURAL = "functions" + +CREATE_WAIT_AFTER_SECONDS = 30 +DELETE_WAIT_AFTER_SECONDS = 30 + +@service_marker +@pytest.mark.canary +class TestFunction: + def test_function_tenancy(self, lambda_client): + resource_name = random_suffix_name("lambda-function-tenancy", 24) + + resources = get_bootstrap_resources() + logging.debug(resources) + + replacements = REPLACEMENT_VALUES.copy() + replacements["FUNCTION_NAME"] = resource_name + replacements["BUCKET_NAME"] = resources.FunctionsBucket.name + replacements["LAMBDA_ROLE"] = resources.BasicRole.arn + replacements["LAMBDA_FILE_NAME"] = LAMBDA_FUNCTION_FILE_ZIP + replacements["AWS_REGION"] = get_region() + + # Load Lambda CR + resource_data = load_lambda_resource( + "function_tenancy", + additional_replacements=replacements, + ) + logging.debug(resource_data) + + # Create k8s resource + ref = k8s.CustomResourceReference( + CRD_GROUP, CRD_VERSION, RESOURCE_PLURAL, + resource_name, namespace="default", + ) + k8s.create_custom_resource(ref, resource_data) + cr = k8s.wait_resource_consumed_by_controller(ref) + + assert cr is not None + assert k8s.get_resource_exists(ref) + + time.sleep(CREATE_WAIT_AFTER_SECONDS) + + cr = k8s.wait_resource_consumed_by_controller(ref) + + lambda_validator = LambdaValidator(lambda_client) + + # Check Lambda function exists + assert lambda_validator.function_exists(resource_name) + + # Check tenancy config + function = lambda_validator.get_function(resource_name) + assert function is not None + assert "TenancyConfig" in function["Configuration"] + assert function["Configuration"]["TenancyConfig"]["TenantIsolationMode"] == "PER_TENANT" + + # Delete k8s resource + _, deleted = k8s.delete_custom_resource(ref) + assert deleted is True + + time.sleep(DELETE_WAIT_AFTER_SECONDS) + + # Check Lambda function doesn't exist + assert not lambda_validator.function_exists(resource_name)