dependabot[bot]
56e822f943
Removes [minimatch](https://github.com/isaacs/minimatch). It's no longer used after updating ancestor dependency [aws-cdk-lib](https://github.com/aws/aws-cdk/tree/HEAD/packages/aws-cdk-lib). These dependencies need to be updated together. Removes `minimatch` Updates `aws-cdk-lib` from 2.240.0 to 2.240.0 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/aws/aws-cdk/blob/main/CHANGELOG.v2.alpha.md">aws-cdk-lib's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to this project will be documented in this file. See <a href="https://github.com/conventional-changelog/standard-version">standard-version</a> for commit guidelines.</p> <h2><a href="https://github.com/aws/aws-cdk/compare/v2.239.0-alpha.0...v2.240.0-alpha.0">2.240.0-alpha.0</a> (2026-02-23)</h2> <h2><a href="https://github.com/aws/aws-cdk/compare/v2.238.0-alpha.0...v2.239.0-alpha.0">2.239.0-alpha.0</a> (2026-02-19)</h2> <h3>⚠ BREAKING CHANGES</h3> <p>redshift-alpha: update default node type from <code>DC2_LARGE</code> to <code>RA3_LARGE</code></p> <h3>Features</h3> <ul> <li><strong>bedrock-agentcore-alpha:</strong> add <code>fromCodeAsset</code> method to create runtime artifact with local code assets (<a href="https://redirect.github.com/aws/aws-cdk/issues/36472">#36472</a>) (<a href="https://github.com/aws/aws-cdk/commit/c5a87e6682a3668de849d4c7a0913fdee3eb170c">c5a87e6</a>), closes <a href="https://redirect.github.com/aws/aws-cdk/issues/36473">#36473</a></li> <li><strong>bedrock-agentcore-alpha:</strong> added new target type (api gateway) in agentcore gateway target. (<a href="https://redirect.github.com/aws/aws-cdk/issues/36841">#36841</a>) (<a href="https://github.com/aws/aws-cdk/commit/0842754ec56412a9b22f2e92f5aea7c86129ec52">0842754</a>), closes <a href="https://redirect.github.com/aws/aws-cdk/issues/36817">#36817</a></li> <li><strong>mixins-preview:</strong> add ECS ClusterSettingsMixin (<a href="https://redirect.github.com/aws/aws-cdk/issues/36796">#36796</a>) (<a href="https://github.com/aws/aws-cdk/commit/b8ab5be8f2e0733433a55dd48b26e7f56f6e0393">b8ab5be</a>)</li> <li><strong>mixins-preview:</strong> add s3 bucket mixin for publicAccessBlock (<a href="https://redirect.github.com/aws/aws-cdk/issues/36905">#36905</a>) (<a href="https://github.com/aws/aws-cdk/commit/feed4b2690bd481e464dd3ececa4cba0997a03db">feed4b2</a>)</li> <li><strong>mixins-preview:</strong> send Vended Logs to pre-created DeliveryDestination using <code>toDestination()</code> (<a href="https://redirect.github.com/aws/aws-cdk/issues/36896">#36896</a>) (<a href="https://github.com/aws/aws-cdk/commit/48f1fe6aa86473a25ffdcf53cfecb5e1169b54db">48f1fe6</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>redshift-alpha:</strong> update default node type from <code>DC2_LARGE</code> to <code>RA3_LARGE</code> (<a href="https://redirect.github.com/aws/aws-cdk/issues/36516">#36516</a>) (<a href="https://github.com/aws/aws-cdk/commit/ea19e5cde2e64d5cdcdfa3af41764542e77e221c">ea19e5c</a>), closes <a href="https://redirect.github.com/aws/aws-cdk/issues/36416">#36416</a></li> </ul> <h2><a href="https://github.com/aws/aws-cdk/compare/v2.237.1-alpha.0...v2.238.0-alpha.0">2.238.0-alpha.0</a> (2026-02-09)</h2> <h3>Features</h3> <ul> <li><strong>eks-v2-alpha:</strong> add support for bootstrapSelfManagedAddons (<a href="https://redirect.github.com/aws/aws-cdk/issues/36740">#36740</a>) (<a href="https://github.com/aws/aws-cdk/commit/1ffe38dc950a096cb5e1c1ee20f2c49899dc0a23">1ffe38d</a>)</li> <li><strong>eks-v2-alpha:</strong> add support for EKS hybrid nodes (<a href="https://redirect.github.com/aws/aws-cdk/issues/36749">#36749</a>) (<a href="https://github.com/aws/aws-cdk/commit/48ace56d82537630fc339cb41962473a97375aea">48ace56</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>eks-v2-alpha:</strong> ensure kubectl provider and handler functions use the same vpc configuration (<a href="https://redirect.github.com/aws/aws-cdk/issues/36735">#36735</a>) (<a href="https://github.com/aws/aws-cdk/commit/4e02f0896069105dae83c46f19f1b346a546ad57">4e02f08</a>), closes <a href="https://redirect.github.com/aws/aws-cdk/issues/34878">#34878</a> <a href="https://redirect.github.com/aws/aws-cdk/issues/34877">#34877</a></li> <li><strong>ivs-alpha:</strong> add region constraints to integration tests (<a href="https://redirect.github.com/aws/aws-cdk/issues/36851">#36851</a>) (<a href="https://github.com/aws/aws-cdk/commit/d55fec42357410b8263b814b931daf5dccc5c5e3">d55fec4</a>)</li> <li><strong>mixins-preview:</strong> apply mixins in order (<a href="https://redirect.github.com/aws/aws-cdk/issues/36847">#36847</a>) (<a href="https://github.com/aws/aws-cdk/commit/726060c0ea9f57de4c6e13c1f50c330e4fc2608e">726060c</a>)</li> <li><strong>mixins-preview:</strong> apply mixins in order in <code>MixinApplicator</code> (<a href="https://redirect.github.com/aws/aws-cdk/issues/36877">#36877</a>) (<a href="https://github.com/aws/aws-cdk/commit/09db1c99710c9f8e91774e767de93fff1a0d2650">09db1c9</a>), closes <a href="https://redirect.github.com/aws/aws-cdk/issues/36847">#36847</a></li> </ul> <h2><a href="https://github.com/aws/aws-cdk/compare/v2.237.0-alpha.0...v2.237.1-alpha.0">2.237.1-alpha.0</a> (2026-02-03)</h2> <h2><a href="https://github.com/aws/aws-cdk/compare/v2.236.0-alpha.0...v2.237.0-alpha.0">2.237.0-alpha.0</a> (2026-02-02)</h2> <h3>Features</h3> <ul> <li><strong>bedrock-agentcore-alpha:</strong> add support for custom claims and scopes to runtime/gateway authorizers (<a href="https://redirect.github.com/aws/aws-cdk/issues/36810">#36810</a>) (<a href="https://github.com/aws/aws-cdk/commit/a3abcd010648e83bed273dff8f581291b5b3c902">a3abcd0</a>)</li> <li><strong>eks-v2-alpha:</strong> pass additional helm chart values to aws-load-balancer-controller (<a href="https://redirect.github.com/aws/aws-cdk/issues/36754">#36754</a>) (<a href="https://github.com/aws/aws-cdk/commit/cf61814ac58448ddd70682e45c07dd8ca58c4fd1">cf61814</a>), closes <a href="https://github.com/aws//github.com/kubernetes-sigs/aws-load-balancer-controller/blob/main/helm/aws-load-balancer-controller/values.yaml/issues/L199">/github.com/kubernetes-sigs/aws-load-balancer-controller/blob/main/helm/aws-load-balancer-controller/values.yaml#L199</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/aws/aws-cdk/commits/v2.240.0/packages/aws-cdk-lib">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/awslabs/swift-aws-lambda-runtime/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This directory contains example code for Lambda functions.
Pre-requisites
-
Ensure you have the Swift 6.x toolchain installed. You can install Swift toolchains from Swift.org
-
When developing on macOS, be sure you use macOS 15 (Sequoia) or a more recent macOS version.
-
To build and archive your Lambda functions, you need to install docker.
-
To deploy your Lambda functions and invoke them, you must have an AWS account and install and configure the
awscommand line. -
Some examples are using AWS SAM. Install the SAM CLI before deploying these examples.
-
Some examples are using the AWS CDK. Install the CDK CLI before deploying these examples.
Examples
-
API Gateway V1: an REST API with Amazon API Gateway and a Lambda function as backend (requires AWS SAM).
-
API Gateway V2: an HTTPS API with Amazon API Gateway and a Lambda function as backend (requires AWS SAM).
-
API Gateway V2 with Lambda Authorizer: an HTTPS API with Amazon API Gateway protected by a Lambda authorizer (requires AWS SAM).
-
BackgroundTasks: a Lambda function that continues to run background tasks after having sent the response (requires AWS CLI).
-
CDK: a simple example of an AWS Lambda function invoked through an Amazon API Gateway and deployed with the Cloud Development Kit (CDK).
-
HelloJSON: a Lambda function that accepts JSON as an input parameter and responds with a JSON output (requires AWS CLI).
-
HelloWorld: a simple Lambda function (requires AWS CLI).
-
Hummingbird: a Lambda function using the Hummingbird web framework with API Gateway integration (requires AWS SAM).
-
S3EventNotifier: a Lambda function that receives object-upload notifications from an Amazon S3 bucket.
-
S3_AWSSDK: a Lambda function that uses the AWS SDK for Swift to invoke an Amazon S3 API (requires AWS SAM).
-
S3_Soto: a Lambda function that uses Soto to invoke an Amazon S3 API (requires AWS SAM).
-
Streaming with APIGateway: create a Lambda function exposed by a REST API Gateway. The Lambda function streams its response over time. (requires AWS SAM).
-
Streaming with Function Url: create a Lambda function exposed as an URL. The Lambda function streams its response over time. (requires AWS SAM).
-
Streaming+Codable: a Lambda function that combines JSON input decoding with response streaming capabilities, demonstrating a streaming codable interface (requires AWS SAM or the AWS CLI).
-
Testing: a test suite for Lambda functions.
AWS Credentials and Signature
This section is a short tutorial on the AWS Signature protocol and the AWS credentials.
What is AWS SigV4?
AWS SigV4, short for "Signature Version 4," is a protocol AWS uses to authenticate and secure requests. When you, as a developer, send a request to an AWS service, AWS SigV4 makes sure the request is verified and hasn’t been tampered with. This is done through a digital signature, which is created by combining your request details with your secret AWS credentials. This signature tells AWS that the request is genuine and is coming from a user who has the right permissions.
How to Obtain AWS Access Keys and Session Tokens
To start making authenticated requests with AWS SigV4, you’ll need three main pieces of information:
-
Access Key ID: This is a unique identifier for your AWS account, IAM (Identity and Access Management) user, or federated user.
-
Secret Access Key: This is a secret code that only you and AWS know. It works together with your access key ID to sign requests.
-
Session Token (Optional): If you're using temporary security credentials, AWS will also provide a session token. This is usually required if you're using temporary access (e.g., through AWS STS, which provides short-lived, temporary credentials, or for federated users).
To obtain these keys, you need an AWS account:
-
Sign up or Log in to AWS Console: Go to the AWS Management Console, log in, or create an AWS account if you don’t have one.
-
Create IAM User: In the console, go to IAM (Identity and Access Management) and create a new user. Ensure you set permissions that match what the user will need for your application (e.g., permissions to access specific AWS services, such as AWS Lambda).
-
Generate Access Key and Secret Access Key: In the IAM user credentials section, find the option to generate an "Access Key" and "Secret Access Key." Save these securely! You’ll need them to authenticate your requests.
-
(Optional) Generate Temporary Security Credentials: If you’re using temporary credentials (which are more secure for short-term access), use AWS Security Token Service (STS). You can call the
GetSessionTokenorAssumeRoleAPI to generate temporary credentials, including a session token.
With these in hand, you can use AWS SigV4 to securely sign your requests and interact with AWS services from your Swift app.
⚠️ Security and Reliability Notice
These are example applications for demonstration purposes. When deploying such infrastructure in production environments, we strongly encourage you to follow these best practices for improved security and resiliency:
- Enable access logging on API Gateway (documentation)
- Ensure that AWS Lambda function is configured for function-level concurrent execution limit (concurrency documentation, configuration guide)
- Check encryption settings for Lambda environment variables (documentation)
- Ensure that AWS Lambda function is configured for a Dead Letter Queue (DLQ) (documentation)
- Ensure that AWS Lambda function is configured inside a VPC when it needs to access private resources (documentation, code example)