Configuring Lambda Function Services with flightcontrol.json
In addition to the Service Configuration attributes that are common to all services, the following attributes are specific to lambda function services.
Lambda function service type is currently in public preview. Please reach out to support if you have any questions or feedback.
Lambda Function Service Attributes
The type for all private web services is lambda-function
, and should be specified like the following:
type: 'lambda-function'
Lambda Config
lambda: object
- Example:
"lambda": {
"memory": 128,
"storage": 512,
"cpuArchitecture": "x86_64",
"packageType": "zip",
"fnUrl": {
"enabled": false,
},
"timeoutSecs": 3,
"tracing": true
}
Memory
lambda.memory: number
- Example:
"lambda": {"memory": "512"}
- The memory configuration for lambda, supports values in MB only.
- Supported values are between 128 - 10,240 (10GB).
Storage
lambda.storage: number
- Example:
"lambda": {"storage": "512"}
- The storage available in the
/tmp
directory to Lambda runtime in MB. - This storage is cleared out after the function execution.
- Supported values between 512 and 10,240 (10GB).
CPU Architecture
lambda.cpuArchitecture: 'x86_64' | 'arm64'
- Example:
"lambda": {"cpuArchitecture": "x86_64"}
- Depending on your dependency,
arm64
is probably the right choice, as it offers better performance for general workloads and lower pricing.
Package Type
lambda.packageType: "zip" | "docker"
- Example:
"lambda": {"packageType": "zip"}
- Lambda
zip
supports a maximum of 250MB of unzipped code including depdencies and layers, cold starts increases with package size. - Lambda container (
docker
) supports up to 10GB images,docker
lambda has slower cold starts compared to zip but usually consistent even with bigger images.
Timeout
lambda.timeoutSecs: number
- Example:
"lambda": {"timeoutSecs": 600}
- The timeout in seconds for each execution.
- Supported values between 1 and 900 (15 minutes).
Reserved Concurrency
lambda.reservedConcurrency: number
- Example:
"lambda": {"reservedConcurrency": 1}
- Reserved maximum concurrency allocated to Lambda. Taken from total concurrency units allowed for Lambdas across the region, which by default is 1000.
- A low number can cause throttling, a high number can cause other Lambdas to be throttled. For example if your quota is 1,000 and you set one Lambda reserved concurrency to 1,000, no other Lambdas will be able to run.
- Supported values between 0 and 900, 0 meaning no traffic allowed.
Tracing
lambda.tracing: boolean
- Example:
"lambda": {"tracing": true}
- Enables AWS X-Ray tracing for the lambda function.
- Required to see advanced metrics in AWS console like cold start statistics
VPC
lambda.vpc: boolean
- Example:
"lambda": {"vpc": true}
- Places the Lambda function inside the environment VPC
- Will incur +$32/mo for a NAT gateway if the environment doesn’t already have one
Function URL
lambda.fnUrl: object
- Example:
"lambda": {"fnUrl": {"enabled": false}}
- The configuration related to the lambda function URL.
The fnUrl
feature is not supported in the following regions: ap-south-2
, ap-southeast-4
,
ap-southeast-5
, ca-west-1
, eu-south-2
, eu-central-2
, il-central-1
, me-central-1
.
Extra options for fnURL
- Example:
"fnUrl": {
"enabled": true,
"invokeMode": "ResponseStream",
"authType": "None",
"cors": {
"allowCredentials": false,
"allowHeaders": [],
"allowMethods": ["*"],
"allowOrigin": ["*"],
"maxAge": 0,
"exposedHeaders": [],
}
}
- enabled - Boolean, whether the function URL is enabled or not.
- invokeMode - Whether Lambda streams the response
ResponseStream
back to requestor, or buffersBuffered
the whole response till the end of execution. Optional, with default valueBuffered
. - authType - Whether the requestor should authenticate with IAM
Iam
or notNone
. Optional, with default valueNone
. - cors.allowCredentials - Boolean, whether to allow cookies or other credentials in requests or not. Optional, default is
false
. - cors.allowHeaders - Array of HTTP headers that requestor can include in the request to Lambda. Optional, with default value
[]
. - cors.allowMethods - Array of HTTP methods that the requestor can use while triggering the lambda. Optional with default value to allow methods
["*"]
. - cors.allowOrigin - Array of origins that can request the Lambda. Optional, with default value to allow all origins
["*"]
. - cors.maxAge - maxAge in seconds that the browsers can cache the response from Lambda. Optional, with default value to disable cache
0
. - cors.exposedHeaders - Array of HTTP headers that are allowed to be exposed while responding to the origin. Optional, with default value of empty array, not allowing any headers
[]
.
Extra options
versionHistoryCount: number
- Example:
"versionHistoryCount": 15
- Optional with default:
10
, maximum value:75
- The number of versions to keep in the version history for rollback
Extra options for Nixpacks & Legacy Node.js
basePath?: string
(only supported when buildType: nixpacks
)
- Allows you to specify in which folder the commands should run
- Example:
"basePath": "./apps"
- Optional, defaults to ”./”
installCommand: string
- Example:
"installCommand": "./install.sh"
- Optional, intelligent default based on your language and framework detected at the
basePath
- What we use to install dependencies for your build
buildCommand: string
- Example:
"buildCommand": "blitz build"
- Optional, intelligent default based on your language and framework detected at the
basePath
- What we use to build your app
postBuildCommand: string
- Example:
"postBuildCommand": "./postBuildCommand.sh"
- Optional, Empty by Default
- Used as a build hook to run any operation after your build is complete
preDeployCommand: Array<string>
- Example:
"preDeployCommand": ["bundle", "exec", "rails", "db:prepare"],
- Optional
- A command that runs after successful build and before starting the deploy (more information).
- If configured, a dedicated container is started to run the command and shuts down on completion.
- The command must be split into array parts because this is used to override the Docker CMD, and if passed as a single string
runc
counts it as a single command instead of a command + arguments. - Note: using this for database migrations will add 2-3 minutes to your deploy time because of the time it takes this temporary container to boot and run.
outputDirectory: string
- Example:
"outputDirectory": "./dist"
- Required when package type is
zip
. Ignored when package type isimage
. This entire directory will be zipped and deployed to the Lambda. - If build type is Nixpacks:
- Set to relative path from configured base path to the directory of the Lambda handler file
- If build type is Dockerfile:
- Set to absolute path of the Lambda handler directory within the built image. If WORKDIR is set to
/app
and the Lambda handler is indist
, then set to/app/dist
.
- Set to absolute path of the Lambda handler directory within the built image. If WORKDIR is set to
startCommand: string
- Example:
"startCommand": "blitz start"
- Optional, intelligent default based on your language and framework detected at the
basePath
- What we use to start your app
postDeployCommand: Array<string>
- Example:
"postDeployCommand": ["node", "script.js"]
- Optional
- A command that runs after successful deploy (more information).
- If configured, a dedicated container is started to run the command and shuts down on completion.
- The command must be split into array parts because this is used to override the Docker CMD, and if passed as a single string
runc
counts it as a single command instead of a command + arguments.
Extra options for custom Dockerfile only
dockerfilePath: string
- Example:
"dockerfilePath": "packages/private web/Dockerfile"
- Relative path to the Dockerfile from your repo root
- It’s recommended to use
ENTRYPOINT
instead ofCMD
for your start command - You can authenticate with Docker Hub by adding your Docker Hub credentials as
DOCKER_USERNAME
andDOCKER_PASSWORD
environment variables. If these env variables are present, we’ll rundocker login
with them. This will prevent Docker Hub rate limit issues.
dockerContext: string
- Example:
"dockerContext": "packages/private web"
- Optional with default:
"."
(repo root) - Relative path to the docker context from the repo root
- It’s recommended to use
ENTRYPOINT
instead ofCMD
for your start command
injectEnvVariablesInDockerfile: boolean
- Example:
"injectEnvVariablesInDockerfile": false
- Optional with default:
true
- Whether to inject environment variables automatically into Dockerfile or not
- It’s recommended to use Docker build secrets to control how environment variable are used during build, check the guide here