AWS - Lambda
This Integration is part of the AWS - Lambda Pack.#
Amazon Web Services Serverless Compute service (lambda)
This integration was integrated and tested with version 2015-03-31 of AWS - Lambda.
For detailed instructions about setting up authentication, see: AWS Integrations - Authentication.
Required AWS IAM Permissions and Roles for Lambda are documented here.
Configure AWS - Lambda on Cortex XSOAR#
Navigate to Settings > Integrations > Servers & Services.
Search for AWS - Lambda.
Click Add instance to create and configure a new integration instance.
Parameter Description Required defaultRegion AWS Default Region False roleArn Role Arn False roleSessionName Role Session Name False sessionDuration Role Session Duration False access_key Access Key False secret_key Secret Key False timeout The time in seconds till a timeout exception is reached. You can specify just the read timeout (for example 60) or also the connect timeout followed after a comma (for example 60,10). If a connect timeout is not specified a default of 10 second will be used. You may also override the value at the aws-lambda-invoke command. False retries The maximum number of retry attempts when connection or throttling errors are encountered. Set to 0 to disable retries. The default value is 5 and the limit is 10. Note: Increasing the number of retries will increase the execution time. You may also override the value when executing the aws-lambda-invoke command. More details about the retries strategy is available here, False insecure Trust any certificate (not secure) False proxy Use system proxy settings False Click Test to validate the URLs, token, and connection.
Commands#
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
aws-lambda-get-function#
Returns the configuration information of the Lambda function and a presigned URL link to the .zip file you uploaded with CreateFunction so you can download the .zip file. Note that the URL is valid for up to 10 minutes. The configuration information is the same information you provided as parameters when uploading the function. Use the Qualifier parameter to retrieve a published version of the function. Otherwise, returns the unpublished version ($LATEST ).
Required Permissions#
AWSLambda_ReadOnlyAccess: more details here.
Base Command#
aws-lambda-get-function
Input#
| Argument Name | Description | Required |
|---|---|---|
| functionName | The name of the Lambda function. | Required |
| qualifier | Specify a version or alias to get details about a published version of the function. | Optional |
| region | The AWS Region, if not specified the default region will be used. Possible values are: us-east-1, us-east-2, us-west-1, us-west-2, ca-central-1, eu-west-1, eu-central-1, eu-west-2, ap-northeast-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, sa-east-1, eu-north-1, eu-west-3. | Optional |
| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional |
| roleSessionName | An identifier for the assumed role session. | Optional |
| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| AWS.Lambda.Functions.Configuration.FunctionName | string | The name of the function. |
| AWS.Lambda.Functions.Configuration.FunctionArn | string | The function's Amazon Resource Name. |
| AWS.Lambda.Functions.Configuration.Runtime | string | The runtime environment for the Lambda function. |
| AWS.Lambda.Functions.Configuration.Role | string | The function's execution role. |
| AWS.Lambda.Functions.Configuration.Handler | string | The function Lambda calls to begin executing your function. |
| AWS.Lambda.Functions.Configuration.CodeSize | string | The size of the function's deployment package in bytes. |
| AWS.Lambda.Functions.Configuration.Description | string | The function's description. |
| AWS.Lambda.Functions.Configuration.Timeout | number | The amount of time that Lambda allows a function to run before terminating it. |
| AWS.Lambda.Functions.Configuration.MemorySize | number | The memory allocated to the function |
| AWS.Lambda.Functions.Configuration.LastModified | date | The date and time that the function was last updated, in ISO-8601 format (YYYY-MM-DDThh:mm:ss.sTZD). |
| AWS.Lambda.Functions.Configuration.CodeSha256 | string | The SHA256 hash of the function's deployment package. |
| AWS.Lambda.Functions.Configuration.Version | string | The version of the Lambda function. |
| AWS.Lambda.Functions.Configuration.VpcConfig.SubnetIds | string | A list of VPC subnet IDs. |
| AWS.Lambda.Functions.Configuration.VpcConfig.SecurityGroupIds | string | A list of VPC security groups IDs. |
| AWS.Lambda.Functions.Configuration.VpcConfig.VpcId | string | The ID of the VPC. |
| AWS.Lambda.Functions.Configuration.DeadLetterConfig.TargetArn | string | The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic. |
| AWS.Lambda.Functions.Configuration.Environment.Variables | string | Environment variable key-value pairs |
| AWS.Lambda.Functions.Configuration.Environment.Error.ErrorCode | string | Error messages for environment variables that could not be applied. The error code. |
| AWS.Lambda.Functions.Configuration.Environment. | string | Error messages for environment variables that could not be applied. The error message. |
| AWS.Lambda.Functions.Configuration.KMSKeyArn | string | The KMS key used to encrypt the function's environment variables. Only returned if you've configured a customer managed CMK. |
| AWS.Lambda.Functions.Configuration.TracingConfig.Mode | string | The function's AWS X-Ray tracing configuration. The tracing mode. |
| AWS.Lambda.Functions.Configuration.MasterArn | string | The ARN of the master function. |
| AWS.Lambda.Functions.Configuration.RevisionId | string | Represents the latest updated revision of the function or alias. |
| AWS.Lambda.Functions.Configuration.Layers.Arn | string | The Amazon Resource Name (ARN) of the function layer. |
| AWS.Lambda.Functions.Configuration.Layers.CodeSize | number | The size of the layer archive in bytes. |
| AWS.Lambda.Functions.Code.RepositoryType | string | The repository from which you can download the function. |
| AWS.Lambda.Functions.Code.Location | string | The presigned URL you can use to download the function's .zip file that you previously uploaded. The URL is valid for up to 10 minutes. |
| AWS.Lambda.Functions.Tags | string | list of tags associated with the function. |
| AWS.Lambda.Functions.Concurrency.ReservedConcurrentExecutions | string | The number of concurrent executions reserved for this function. |
Command Example#
!aws-lambda-get-function functionName="test_echo"
Context Example#
Human Readable Output#
AWS Lambda Functions#
FunctionArn FunctionName Region Runtime arn:aws:lambda:us-west-2:123456789012:function:test_echo test_echo us-west-2 nodejs12.x
aws-lambda-list-functions#
Returns a list of your Lambda functions. For each function, the response includes the function configuration information. You must use GetFunction to retrieve the code for your function.
Required Permissions#
AWSLambda_ReadOnlyAccess: more details here.
Base Command#
aws-lambda-list-functions
Input#
| Argument Name | Description | Required |
|---|---|---|
| region | The AWS Region, if not specified the default region will be used. Possible values are: us-east-1, us-east-2, us-west-1, us-west-2, ca-central-1, eu-west-1, eu-central-1, eu-west-2, ap-northeast-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, sa-east-1, eu-north-1, eu-west-3. | Optional |
| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional |
| roleSessionName | An identifier for the assumed role session. | Optional |
| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| AWS.Lambda.Functions.FunctionName | string | The name of the function. |
| AWS.Lambda.Functions.FunctionArn | string | The function's Amazon Resource Name. |
| AWS.Lambda.Functions.Runtime | string | The runtime environment for the Lambda function. |
| AWS.Lambda.Functions.Role | string | The function's execution role. |
| AWS.Lambda.Functions.Handler | string | The function Lambda calls to begin executing your function. |
| AWS.Lambda.Functions.CodeSize | number | The size of the function's deployment package in bytes. |
| AWS.Lambda.Functions.Description | string | The function's description. |
| AWS.Lambda.Functions.Timeout | number | The amount of time that Lambda allows a function to run before terminating it. |
| AWS.Lambda.Functions.MemorySize | number | The memory allocated to the function. |
| AWS.Lambda.Functions.LastModified | date | The date and time that the function was last updated, in ISO-8601 format (YYYY-MM-DDThh:mm:ss.sTZD). |
| AWS.Lambda.Functions.CodeSha256 | string | The SHA256 hash of the function's deployment package. |
| AWS.Lambda.Functions.Version | string | The version of the Lambda function. |
| AWS.Lambda.Functions.VpcConfig.SubnetIds | string | A list of VPC subnet IDs. |
| AWS.Lambda.Functions.VpcConfig.SecurityGroupIds | string | A list of VPC security groups IDs. |
| AWS.Lambda.Functions.VpcConfig.VpcId | string | The ID of the VPC. |
| AWS.Lambda.Functions.DeadLetterConfig.TargetArn | string | The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic. |
| AWS.Lambda.Functions.Environment.Variables | string | Environment variable key-value pairs. |
| AWS.Lambda.Functions.Environment.Error.ErrorCode | string | Error messages for environment variables that could not be applied. The error code. |
| AWS.Lambda.Functions.Environment.Error.Message | string | Error messages for environment variables that could not be applied. The error message. |
| AWS.Lambda.Functions.KMSKeyArn | string | The KMS key used to encrypt the function's environment variables. Only returned if you've configured a customer managed CMK. |
| AWS.Lambda.Functions.TracingConfig.Mode | string | The function's AWS X-Ray tracing configuration. The tracing mode. |
| AWS.Lambda.Functions.MasterArn | string | The ARN of the master function. |
| AWS.Lambda.Functions.RevisionId | string | Represents the latest updated revision of the function or alias. |
| AWS.Lambda.Functions.Layers.Arn | string | The Amazon Resource Name (ARN) of the function layer. |
| AWS.Lambda.Functions.Layers.CodeSize | string | The size of the layer archive in bytes. |
Command Example#
!aws-lambda-list-functions
Context Example#
Human Readable Output#
AWS Lambda Functions#
FunctionArn FunctionName LastModified Region Runtime arn:aws:lambda:us-west-2:123456789012:function:test_sleep test_sleep 2020-12-30T16:15:55.726+0000 us-west-2 nodejs12.x arn:aws:lambda:us-west-2:123456789012:function:test_echo test_echo 2020-12-31T09:12:56.676+0000 us-west-2 nodejs12.x arn:aws:lambda:us-west-2:123456789012:function:testingFunction testingFunction 2019-02-20T15:33:28.335+0000 us-west-2 nodejs8.10
aws-lambda-list-aliases#
Returns list of aliases created for a Lambda function. For each alias, the response includes information such as the alias ARN, description, alias name, and the function version to which it points.
Required Permissions#
AWSLambda_ReadOnlyAccess: more details here.
Base Command#
aws-lambda-list-aliases
Input#
| Argument Name | Description | Required |
|---|---|---|
| functionName | The name of the lambda function. | Required |
| functionVersion | If you specify this optional parameter, the API returns only the aliases that are pointing to the specific Lambda function version, otherwise the API returns all of the aliases created for the Lambda function. | Optional |
| region | The AWS Region, if not specified the default region will be used. Possible values are: us-east-1, us-east-2, us-west-1, us-west-2, ca-central-1, eu-west-1, eu-central-1, eu-west-2, ap-northeast-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, sa-east-1, eu-north-1, eu-west-3. | Optional |
| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional |
| roleSessionName | An identifier for the assumed role session. | Optional |
| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| AWS.Lambda.Aliases.AliasArn | string | Lambda function ARN that is qualified using the alias name as the suffix. |
| AWS.Lambda.Aliases.Name | string | Alias name. |
| AWS.Lambda.Aliases.FunctionVersion | string | Function version to which the alias points. |
| AWS.Lambda.Aliases.Description | string | Alias description. |
| AWS.Lambda.Aliases.RoutingConfig.AdditionalVersionWeights | string | The name of the second alias, and the percentage of traffic that is routed to it. |
| AWS.Lambda.Aliases.RevisionId | string | Represents the latest updated revision of the function or alias. |
Command Example#
Human Readable Output#
aws-lambda-invoke#
Invokes a Lambda function. Specify just a function name to invoke the latest version of the function. To invoke a published version, use the Qualifier parameter to specify a version or alias . If you use the RequestResponse (synchronous) invocation option, note that the function may be invoked multiple times if a timeout is reached. For functions with a long timeout, your client may be disconnected during synchronous invocation while it waits for a response. Use the "timeout" and "retries" args to control this behavior. If you use the Event (asynchronous) invocation option, the function will be invoked at least once in response to an event and the function must be idempotent to handle this.
Required Permissions#
AWSLambdaRole: more details here.
Base Command#
aws-lambda-invoke
Input#
| Argument Name | Description | Required |
|---|---|---|
| functionName | The name of the Lambda function. | Required |
| invocationType | Choose from the following options. RequestResponse (default) - Invoke the function synchronously. Keep the connection open until the function returns a response or times out. Event - Invoke the function asynchronously. Send events that fail multiple times to the function's dead-letter queue (if configured). DryRun - Validate parameter values and verify that the user or role has permission to invoke the function. Possible values are: Event, RequestResponse, DryRun. | Optional |
| logType | You can set this optional parameter to Tail in the request only if you specify the InvocationType parameter with value RequestResponse . In this case, AWS Lambda returns the base64-encoded last 4 KB of log data produced by your Lambda function in the x-amz-log-result header. Possible values are: None, Tail. | Optional |
| clientContext | Using the ClientContext you can pass client-specific information to the Lambda function you are invoking. . | Optional |
| payload | JSON that you want to provide to your Lambda function as input. | Optional |
| qualifier | Specify a version or alias to invoke a published version of the function. | Optional |
| region | The AWS Region, if not specified the default region will be used. Possible values are: us-east-1, us-east-2, us-west-1, us-west-2, ca-central-1, eu-west-1, eu-central-1, eu-west-2, ap-northeast-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, sa-east-1, eu-north-1, eu-west-3. | Optional |
| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional |
| roleSessionName | An identifier for the assumed role session. | Optional |
| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional |
| retries | The maximum retry attempts when connection or throttling errors are encountered. Set to 0 to disable retries. If not specified will use the instances configured default timeout. | Optional |
| timeout | The time in seconds till a timeout exception is reached. You can specify just the read timeout (for example 60) or also the connect timeout followed after a comma (for example 60,10). If not specified will use the instances configured default timeout. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| AWS.Lambda.InvokedFunctions.FunctionName | string | The name of the Lambda function. |
| AWS.Lambda.InvokedFunctions.FunctionError | string | Indicates whether an error occurred while executing the Lambda function. If an error occurred this field will have one of two values; Handled or Unhandled . Handled errors are errors that are reported by the function while the Unhandled errors are those detected and reported by AWS Lambda. Unhandled errors include out of memory errors and function timeouts. |
| AWS.Lambda.InvokedFunctions.LogResult | string | logs for the Lambda function invocation. This is present only if the invocation type is RequestResponse and the logs were requested. |
| AWS.Lambda.InvokedFunctions.Payload | string | It is the JSON representation of the object returned by the Lambda function. This is present only if the invocation type is RequestResponse. |
| AWS.Lambda.InvokedFunctions.ExecutedVersion | string | The function version that has been executed. This value is returned only if the invocation type is RequestResponse. |
| AWS.Lambda.InvokedFunctions.Region | string | The AWS Region. |
Command Example#
!aws-lambda-invoke functionName="test_echo" logType="Tail" payload="{\"value\":\"test\"}"
Context Example#
Human Readable Output#
AWS Lambda Invoked Functions#
ExecutedVersion FunctionName LogResult Payload Region $LATEST test_echo START RequestId: c24e087f-5c05-4e92-a1a8-e54f2d6cd925 Version: $LATEST
END RequestId: c24e087f-5c05-4e92-a1a8-e54f2d6cd925
REPORT RequestId: c24e087f-5c05-4e92-a1a8-e54f2d6cd925 Duration: 16.00 ms Billed Duration: 16 ms Memory Size: 128 MB Max Memory Used: 65 MB Init Duration: 133.86 ms{"message":"Your function executed successfully!","payload":{"value":"test"}} us-west-2
aws-lambda-get-account-settings#
Retrieves details about your account's limits and usage in an AWS Region.
Required Permissions#
AWSLambda_ReadOnlyAccess: more details here.
Base Command#
aws-lambda-get-account-settings
Input#
| Argument Name | Description | Required |
|---|---|---|
| region | The AWS Region, if not specified the default region will be used. Possible values are: us-east-1, us-east-2, us-west-1, us-west-2, ca-central-1, eu-west-1, eu-central-1, eu-west-2, ap-northeast-1, ap-northeast-2, ap-southeast-1, ap-southeast-2, ap-south-1, sa-east-1, eu-north-1, eu-west-3. | Optional |
| roleArn | The Amazon Resource Name (ARN) of the role to assume. | Optional |
| roleSessionName | An identifier for the assumed role session. | Optional |
| roleSessionDuration | The duration, in seconds, of the role session. The value can range from 900 seconds (15 minutes) up to the maximum session duration setting for the role. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| AWS.Lambda.AccountLimit.TotalCodeSize | number | The amount of storage space that you can use for all deployment packages and layer archives. |
| AWS.Lambda.AccountLimit.CodeSizeUnzipped | number | The maximum size of your function's code and layers when they're extracted. |
| AWS.Lambda.AccountLimit.CodeSizeZipped | number | The maximum size of a deployment package when it's uploaded directly to AWS Lambda. Use Amazon S3 for larger files. |
| AWS.Lambda.AccountLimit.ConcurrentExecutions | number | The maximum number of simultaneous function executions. |
| AWS.Lambda.AccountLimit.UnreservedConcurrentExecutions | number | The maximum number of simultaneous function executions, minus the capacity that's reserved for individual functions with PutFunctionConcurrency . |
| AWS.Lambda.AccountUsage.TotalCodeSize | number | The amount of storage space, in bytes, that's being used by deployment packages and layer archives. |
| AWS.Lambda.AccountUsage. FunctionCount | number | The number of Lambda functions. |
Command Example#
!aws-lambda-get-account-settings
Context Example#
Human Readable Output#
AWS Lambda Functions#
AccountLimit AccountUsage TotalCodeSize: 80530636800
CodeSizeUnzipped: 262144000
CodeSizeZipped: 52428800
ConcurrentExecutions: 1000
UnreservedConcurrentExecutions: 1000TotalCodeSize: 272431
FunctionCount: 3