Skip to main content

Lambda toggle event mapping state

Lambda toggle event mapping state toggles (or sets) the event source mapping state to disable for a Lambda function during a specific duration. Toggling between different states of event source mapping from a Lambda function may lead to failures when updating the database on an event trigger. This can break the service and impact its delivery.

Lambda Toggle Event Mapping State

Use cases

Lambda toggle event mapping:

  • Checks the performance of the running application when the event source mapping is not enabled. This may cause missing entries in a database.
  • Determines if the application has proper error handling or auto recovery actions configured.


  • Kubernetes >= 1.17
  • AWS Lambda event source mapping must be healthy and attached to the Lambda function.
  • Kubernetes secret must have the AWS access configuration(key) in the CHAOS_NAMESPACE. A secret file looks like this:
    apiVersion: v1
    kind: Secret
    name: cloud-secret
    type: Opaque
    cloud_config.yml: |-
    # Add the cloud AWS credentials respectively
    aws_access_key_id = XXXXXXXXXXXXXXXXXXX
    aws_secret_access_key = XXXXXXXXXXXXXXX

HCE recommends that you use the same secret name, that is, cloud-secret. Otherwise, you will need to update the AWS_SHARED_CREDENTIALS_FILE environment variable in the fault template with the new secret name and you won't be able to use the default health check probes.

Below is an example AWS policy to execute the fault.

"Version": "2012-10-17",
"Statement": [
"Effect": "Allow",
"Action": [
"Resource": "*"

Mandatory tunables

Tunable Description Notes
FUNCTION_NAME Function name of the target lambda function. It supports single function name. For example, test-function
EVENT_UUIDS Provide the UUID for the target event source mapping. You can provide multiple values as comma-separated values. For example, id1,id2
REGION The region name of the target lambda function For example, us-east-2

Optional tunables

Tunable Description Notes
TOTAL_CHAOS_DURATION Duration that you specify, through which chaos is injected into the target resource (in seconds). Default: 30 s. For more information, go to duration of the chaos.
AWS_SHARED_CREDENTIALS_FILE Path to the AWS secret credentials. Default: /tmp/cloud_config.yml.
SEQUENCE It defines sequence of chaos execution for multiple instance Default: parallel. Supports serial and parallel. For more information, go to sequence of chaos execution.
RAMP_TIME Period to wait before and after injection of chaos in sec For example, 30 s. For more information, go to ramp time.

Multiple event source mapping

Toggle between multiple event source mapping for a specific duration. Tune it by using EVENT_UUIDS environment variable that takes the UUID of the events as a comma-separated value.

The following YAML snippet illustrates the use of this environment variable:

# contains the removal of multiple event source mapping
kind: ChaosEngine
name: engine-nginx
engineState: "active"
chaosServiceAccount: litmus-admin
- name: lambda-toggle-event-mapping-state
# provide UUIDS of event source mapping
value: 'id1,id2'
# provide the function name for the chaos
value: 'chaos-function'