aws-samples · PankajRawat333 · Jun 21, 2026 · Jun 23, 2026 · Jun 23, 2026 · biswanathmukherjee
diff --git a/lambda-s3-files-cdk-dotnet/.gitignore b/lambda-s3-files-cdk-dotnet/.gitignore
@@ -0,0 +1,42 @@
+# CDK asset staging directory
+.cdk.staging
+cdk.out
+
+# Build results
+[Dd]ebug/
+[Rr]elease/
+x64/
+x86/
+[Bb]in/
+[Oo]bj/
+
+# Visual Studio
+.vs/
+*.suo
+*.user
+*.userosscache
+*.sln.docstates
+
+# NuGet
+*.nupkg
+**/[Pp]ackages/*
+!**/[Pp]ackages/build/
+
+# JetBrains Rider
+.idea/
+*.sln.iml
+
+# User-specific files
+*.userprefs
+
+# Build logs
+*.log
+*.binlog
+
+# Test Results
+[Tt]est[Rr]esult*/
+
+# .NET
+project.lock.json
+project.fragment.lock.json
+artifacts/
diff --git a/lambda-s3-files-cdk-dotnet/README.md b/lambda-s3-files-cdk-dotnet/README.md
@@ -0,0 +1,120 @@
+# AWS Lambda with Amazon S3 Files Mount (.NET)
+
+This pattern deploys a Lambda function with an Amazon S3 Files file system mounted at `/mnt/s3data`. The function performs standard file operations (read, write, list) on S3 data using the local filesystem — no S3 API calls needed.
+
+Learn more about this pattern at Serverless Land Patterns: https://serverlessland.com/patterns/lambda-s3-files-cdk-dotnet
+
+Important: this application uses various AWS services and there are costs associated with these services after the Free Tier usage - please see the [AWS Pricing page](https://aws.amazon.com/pricing/) for details. You are responsible for any AWS costs incurred. No warranty is implied in this example.
+
+## Requirements
+
+* [Create an AWS account](https://portal.aws.amazon.com/gp/aws/developer/registration/index.html) if you do not already have one and log in. The IAM user that you use must have sufficient permissions to make necessary AWS service calls and manage AWS resources.
+* [AWS CLI](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2.html) installed and configured
+* [Git Installed](https://git-scm.com/book/en/v2/Getting-Started-Installing-Git)
+* [.NET 10](https://dotnet.microsoft.com/en-us/download/dotnet/10.0) installed
+* [AWS Cloud Development Kit](https://docs.aws.amazon.com/cdk/latest/guide/cli.html) (AWS CDK) installed
+
+## Deployment Instructions
+
+1. Clone the project to your local working directory
+
+    ```bash
+    git clone https://github.com/aws-samples/serverless-patterns
+    ```
+
+2. Change the working directory to this pattern's directory
+
+    ```bash
+    cd serverless-patterns/lambda-s3-files-cdk-dotnet
+    ```
+
+3. Publish the Lambda function
+
+    ```bash
+    dotnet publish src/S3FilesLambda -c Release -o src/S3FilesLambda/publish -r linux-x64 --self-contained false
+    ```
+
+4. Deploy the stack to your default AWS account and region
+
+    ```bash
+    cdk deploy
+    ```
+
+## How it works
+
+S3 Files provides NFS access to S3 buckets with sub-millisecond latency on small files and full POSIX semantics. The pattern creates:
+
+- A **VPC** with isolated private subnets (no NAT gateway — uses VPC endpoints instead)
+- An **S3 Gateway VPC endpoint** for direct S3 API access from private subnets
+- An **S3 bucket** with versioning enabled (required by S3 Files)
+- An **S3 Files file system** backed by the bucket
+- **Mount targets** in each isolated subnet for NFS connectivity
+- An **access point** defining the POSIX identity and root path
+- A **.NET 10 Lambda function** with the S3 Files file system mounted at `/mnt/s3data`
+
+Multiple Lambda functions can connect to the same S3 Files file system simultaneously, sharing data through a common workspace without custom synchronization logic.
+
+## Architecture
+
+![Architecture](images/architecture.png)
+
+## Testing
+
+After deployment, invoke the Lambda function with different payloads to test file operations.
+
+> **Note:** Replace `<FunctionName>` in the commands below with the actual function name from the `FunctionName` output of the CloudFormation stack (visible after `cdk deploy` completes).
+
+### Write a file
+
+```bash
+aws lambda invoke --function-name <FunctionName> \
+  --payload '{"action": "write", "filename": "hello.txt", "content": "Hello from .NET Lambda!"}' \
+  --cli-binary-format raw-in-base64-out \
+  output.json && cat output.json
+```
+
+Expected response:
+```json
+{"status":"written","path":"/mnt/s3data/hello.txt","size":22}
+```
+
+### Read a file
+
+```bash
+aws lambda invoke --function-name <FunctionName> \
+  --payload '{"action": "read", "filename": "hello.txt"}' \
+  --cli-binary-format raw-in-base64-out \
+  output.json && cat output.json
+```
+
+Expected response:
+```json
+{"status":"read","path":"/mnt/s3data/hello.txt","content":"Hello from .NET Lambda!","size":22}
+```
+
+### List files
+
+```bash
+aws lambda invoke --function-name <FunctionName> \
+  --payload '{"action": "list"}' \
+  --cli-binary-format raw-in-base64-out \
+  output.json && cat output.json
+```
+
+Expected response:
+```json
+{"status":"listed","path":"/mnt/s3data","count":1,"entries":[{"name":"hello.txt","type":"file"}]}
+```
+
+## Cleanup
+
+Delete the stack:
+
+```bash
+cdk destroy
+```
+
+----
+Copyright 2026 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+
+SPDX-License-Identifier: MIT-0
diff --git a/lambda-s3-files-cdk-dotnet/cdk.json b/lambda-s3-files-cdk-dotnet/cdk.json
@@ -0,0 +1,63 @@
+{
+  "app": "dotnet run --project src/Cdk/Cdk.csproj",
+  "watch": {
+    "include": [
+      "**"
+    ],
+    "exclude": [
+      "README.md",
+      "cdk*.json",
+      "src/*/obj",
+      "src/*/bin",
+      "src/*.sln",
+      "src/*/GlobalSuppressions.cs",
+      "src/*/*.csproj"
+    ]
+  },
+  "context": {
+    "@aws-cdk/aws-lambda:recognizeLayerVersion": true,
+    "@aws-cdk/core:checkSecretUsage": true,
+    "@aws-cdk/core:target-partitions": [
+      "aws",
+      "aws-cn"
+    ],
+    "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true,
+    "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true,
+    "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true,
+    "@aws-cdk/aws-iam:minimizePolicies": true,
+    "@aws-cdk/core:validateSnapshotRemovalPolicy": true,
+    "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true,
+    "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true,
+    "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true,
+    "@aws-cdk/aws-apigateway:disableCloudWatchRole": true,
+    "@aws-cdk/core:enablePartitionLiterals": true,
+    "@aws-cdk/aws-events:eventsTargetQueueSameAccount": true,
+    "@aws-cdk/aws-iam:standardizedServicePrincipals": true,
+    "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true,
+    "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true,
+    "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true,
+    "@aws-cdk/customresources:installLatestAwsSdkDefault": false,
+    "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true,
+    "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true,
+    "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true,
+    "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true,
+    "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true,
+    "@aws-cdk/aws-redshift:columnId": true,
+    "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": true,
+    "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": true,
+    "@aws-cdk/aws-apigateway:requestValidatorUniqueId": true,
+    "@aws-cdk/aws-kms:aliasNameRef": true,
+    "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": true,
+    "@aws-cdk/core:includePrefixInUniqueNameGeneration": true,
+    "@aws-cdk/aws-efs:denyAnonymousAccess": true,
+    "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": true,
+    "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": true,
+    "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": true,
+    "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": true,
+    "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": true,
+    "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": true,
+    "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true,
+    "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": true,
+    "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": true
+  }
+}
diff --git a/lambda-s3-files-cdk-dotnet/example-pattern.json b/lambda-s3-files-cdk-dotnet/example-pattern.json
@@ -0,0 +1,63 @@
+{
+  "title": "AWS Lambda with Amazon S3 Files Mount (.NET)",
+  "description": "Mount an S3 bucket as a local file system on Lambda using S3 Files for standard file operations without S3 API calls.",
+  "language": ".NET",
+  "level": "300",
+  "framework": "AWS CDK",
+  "introBox": {
+    "headline": "How it works",
+    "text": [
+      "This pattern deploys a Lambda function with an Amazon S3 Files file system mounted at /mnt/s3data. The function performs standard file operations (read, write, list) on S3 data using the local filesystem — no S3 API calls needed.",
+      "S3 Files provides NFS access to S3 buckets with sub-millisecond latency on small files and full POSIX semantics. The pattern creates a VPC with isolated subnets (no NAT gateway), an S3 gateway VPC endpoint, S3 Files file system, mount targets, access point, and a Lambda function wired together.",
+      "Multiple Lambda functions can connect to the same S3 Files file system simultaneously, sharing data through a common workspace without custom synchronization logic."
+    ]
+  },
+  "gitHub": {
+    "template": {
+      "repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/lambda-s3-files-cdk-dotnet",
+      "templateURL": "serverless-patterns/lambda-s3-files-cdk-dotnet",
+      "projectFolder": "lambda-s3-files-cdk-dotnet",
+      "templateFile": "src/Cdk/LambdaS3FilesStack.cs"
+    }
+  },
+  "resources": {
+    "bullets": [
+      {
+        "text": "Amazon S3 Files Documentation",
+        "link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-files.html"
+      },
+      {
+        "text": "Configuring Amazon S3 Files access for Lambda",
+        "link": "https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem-s3files.html"
+      },
+      {
+        "text": "Mounting S3 file systems on Lambda functions",
+        "link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-files-mounting-lambda.html"
+      }
+    ]
+  },
+  "deploy": {
+    "text": [
+      "cdk deploy"
+    ]
+  },
+  "testing": {
+    "text": [
+      "See the GitHub repo for detailed testing instructions."
+    ]
+  },
+  "cleanup": {
+    "text": [
+      "Delete the stack: <code>cdk destroy</code>."
+    ]
+  },
+  "authors": [
+    {
+      "name": "Pankaj Rawat",
+      "image": "https://avatars.githubusercontent.com/u/21244341?s=96&v=4",
+      "bio": "Pankaj Rawat is a Lead Consultant at Amazon Web Services.",
+      "linkedin": "pankaj-rawat-14568765",
+      "twitter": "pankajrawat333"
+    }
+  ]
+}
diff --git a/lambda-s3-files-cdk-dotnet/images/architecture.png b/lambda-s3-files-cdk-dotnet/images/architecture.png
diff --git a/lambda-s3-files-cdk-dotnet/lambda-s3-files-cdk-dotnet.json b/lambda-s3-files-cdk-dotnet/lambda-s3-files-cdk-dotnet.json
@@ -0,0 +1,82 @@
+{
+    "title": "AWS Lambda with Amazon S3 Files Mount (.NET)",
+    "description": "Mount an S3 bucket as a local file system on Lambda using S3 Files for standard file operations without S3 API calls.",
+    "language": ".NET",
+    "level": "300",
+    "framework": "AWS CDK",
+    "introBox": {
+        "headline": "How it works",
+        "text": [
+            "This pattern deploys a Lambda function with an Amazon S3 Files file system mounted at /mnt/s3data. The function performs standard file operations (read, write, list) on S3 data using the local filesystem — no S3 API calls needed.",
+            "S3 Files provides NFS access to S3 buckets with sub-millisecond latency on small files and full POSIX semantics. The pattern creates a VPC with isolated subnets (no NAT gateway), an S3 gateway VPC endpoint, S3 Files file system, mount targets, access point, and a Lambda function wired together.",
+            "Multiple Lambda functions can connect to the same S3 Files file system simultaneously, sharing data through a common workspace without custom synchronization logic."
+        ]
+    },
+    "gitHub": {
+        "template": {
+            "repoURL": "https://github.com/aws-samples/serverless-patterns/tree/main/lambda-s3-files-cdk-dotnet",
+            "templateURL": "serverless-patterns/lambda-s3-files-cdk-dotnet",
+            "projectFolder": "lambda-s3-files-cdk-dotnet",
+            "templateFile": "src/Cdk/LambdaS3FilesStack.cs"
+        }
+    },
+    "resources": {
+        "bullets": [
+            {
+                "text": "Amazon S3 Files Documentation",
+                "link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-files.html"
+            },
+            {
+                "text": "Configuring Amazon S3 Files access for Lambda",
+                "link": "https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem-s3files.html"
+            },
+            {
+                "text": "Mounting S3 file systems on Lambda functions",
+                "link": "https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-files-mounting-lambda.html"
+            }
+        ]
+    },
+    "deploy": {
+        "text": [
+            "cdk deploy"
+        ]
+    },
+    "testing": {
+        "text": [
+            "See the GitHub repo for detailed testing instructions."
+        ]
+    },
+    "cleanup": {
+        "text": [
+            "Delete the stack: <code>cdk destroy</code>."
+        ]
+    },
+    "authors": [
+        {
+            "name": "Pankaj Rawat",
+            "image": "https://avatars.githubusercontent.com/u/21244341?s=96&v=4",
+            "bio": "Pankaj Rawat is a Lead Consultant at Amazon Web Services.",
+            "linkedin": "pankaj-rawat-14568765",
+            "twitter": "pankajrawat333"
+        }
+    ],
+    "patternArch": {
+        "icon1": {
+            "x": 20,
+            "y": 50,
+            "service": "lambda",
+            "label": "AWS Lambda"
+        },
+        "icon2": {
+            "x": 80,
+            "y": 50,
+            "service": "s3",
+            "label": "Amazon S3"
+        },
+        "line1": {
+            "from": "icon1",
+            "to": "icon2",
+            "label": "read/ write"
+        }
+    }
+}
diff --git a/lambda-s3-files-cdk-dotnet/src/Cdk/Cdk.csproj b/lambda-s3-files-cdk-dotnet/src/Cdk/Cdk.csproj
@@ -0,0 +1,16 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <RollForward>Major</RollForward>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <PackageReference Include="Amazon.CDK.Lib" Version="2.260.0" />
+    <PackageReference Include="Constructs" Version="10.5.0" />
+  </ItemGroup>
+
+</Project>