@intentius/chant-lexicon-aws 0.0.22 → 0.1.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@intentius/chant-lexicon-aws",
-  "version": "0.0.22",
+  "version": "0.1.0",
   "description": "AWS CloudFormation lexicon for chant — declarative IaC in TypeScript",
   "license": "Apache-2.0",
   "homepage": "https://intentius.io/chant",
@@ -43,11 +43,14 @@
     "prepack": "bun run generate && bun run bundle && bun run validate"
   },
   "dependencies": {
-    "@intentius/chant": "0.0.22",
     "fflate": "^0.8.2",
     "js-yaml": "^4.1.0"
   },
   "devDependencies": {
+    "@intentius/chant": "0.1.0",
     "typescript": "^5.9.3"
+  },
+  "peerDependencies": {
+    "@intentius/chant": "^0.1.0"
   }
 }

package/src/composites/alb-shared.ts

@@ -1,4 +1,4 @@
-import { Composite } from "@intentius/chant";
+import { Composite, mergeDefaults } from "@intentius/chant";
 import {
   EcsCluster,
   LoadBalancer,
@@ -21,14 +21,21 @@ export interface AlbSharedProps {
   listenerPort?: number;
   protocol?: "HTTP" | "HTTPS";
   certificateArn?: string;
+  defaults?: {
+    cluster?: Partial<ConstructorParameters<typeof EcsCluster>[0]>;
+    executionRole?: Partial<ConstructorParameters<typeof Role>[0]>;
+    alb?: Partial<ConstructorParameters<typeof LoadBalancer>[0]>;
+    listener?: Partial<ConstructorParameters<typeof Listener>[0]>;
+  };
 }
 
 export const AlbShared = Composite<AlbSharedProps>((props) => {
   const listenerPort = props.listenerPort ?? 80;
   const protocol = props.protocol ?? "HTTP";
+  const { defaults: defs } = props;
 
   // ECS Cluster
-  const cluster = new EcsCluster({});
+  const cluster = new EcsCluster(mergeDefaults({}, defs?.cluster));
 
   // Execution role — ECR pull + CloudWatch Logs write
   const executionPolicyDocument = {
@@ -52,10 +59,10 @@ export const AlbShared = Composite<AlbSharedProps>((props) => {
     PolicyDocument: executionPolicyDocument,
   });
 
-  const executionRole = new Role({
+  const executionRole = new Role(mergeDefaults({
     AssumeRolePolicyDocument: ecsTrustPolicy,
     Policies: [executionPolicy],
-  });
+  }, defs?.executionRole));
 
   // ALB security group — ingress on listener port from anywhere
   const albIngress = new SecurityGroup_Ingress({
@@ -72,12 +79,12 @@ export const AlbShared = Composite<AlbSharedProps>((props) => {
   });
 
   // Application Load Balancer
-  const alb = new LoadBalancer({
+  const alb = new LoadBalancer(mergeDefaults({
     Type: "application",
     Scheme: "internet-facing",
     Subnets: props.publicSubnetIds,
     SecurityGroups: [albSg.GroupId],
-  });
+  }, defs?.alb));
 
   // Listener — default action is fixed-response 404
   const fixedResponse = new Listener_FixedResponseConfig({
@@ -105,7 +112,7 @@ export const AlbShared = Composite<AlbSharedProps>((props) => {
     listenerProps.Certificates = [cert];
   }
 
-  const listener = new Listener(listenerProps);
+  const listener = new Listener(mergeDefaults(listenerProps, defs?.listener));
 
   return {
     cluster,

package/src/composites/composites.test.ts

@@ -783,3 +783,85 @@ describe("RdsInstance", () => {
     expect(dbProps.VPCSecurityGroups[0]).toBeInstanceOf(AttrRef);
   });
 });
+
+describe("per-member defaults", () => {
+  test("LambdaFunction: role defaults add extra ManagedPolicyArns", () => {
+    const instance = LambdaFunction({
+      ...baseProps,
+      defaults: {
+        role: { ManagedPolicyArns: ["arn:aws:iam::aws:policy/Extra"] },
+      },
+    });
+    const roleProps = (instance.role as any).props;
+    // Arrays concatenate: base [BasicExecution] + override [Extra]
+    expect(roleProps.ManagedPolicyArns).toContain(
+      "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
+    );
+    expect(roleProps.ManagedPolicyArns).toContain("arn:aws:iam::aws:policy/Extra");
+  });
+
+  test("LambdaFunction: func defaults override Timeout", () => {
+    const instance = LambdaFunction({
+      ...baseProps,
+      defaults: { func: { Timeout: 120 } },
+    });
+    const funcProps = (instance.func as any).props;
+    expect(funcProps.Timeout).toBe(120);
+  });
+
+  test("LambdaApi: permission defaults are applied", () => {
+    const instance = LambdaApi({
+      ...baseProps,
+      defaults: {
+        permission: { Action: "lambda:InvokeFunction" },
+      },
+    });
+    const permProps = (instance.permission as any).props;
+    expect(permProps.Action).toBe("lambda:InvokeFunction");
+  });
+
+  test("LambdaSqs: queue defaults are applied", () => {
+    const instance = LambdaSqs({
+      ...baseProps,
+      defaults: {
+        queue: { VisibilityTimeout: 60 },
+      },
+    });
+    const queueProps = (instance.queue as any).props;
+    expect(queueProps.VisibilityTimeout).toBe(60);
+  });
+
+  test("VpcDefault: vpc defaults are applied", () => {
+    const instance = VpcDefault({
+      defaults: {
+        vpc: { EnableDnsHostnames: false },
+      },
+    });
+    const vpcProps = (instance.vpc as any).props;
+    // Scalar override wins
+    expect(vpcProps.EnableDnsHostnames).toBe(false);
+    expect(vpcProps.EnableDnsSupport).toBe(true);
+  });
+
+  test("RdsInstance: db defaults are applied", () => {
+    const instance = RdsInstance({
+      vpcId: "vpc-123",
+      subnetIds: ["subnet-1", "subnet-2"],
+      masterPassword: "secret",
+      defaults: {
+        db: { DeletionProtection: true },
+      },
+    });
+    const dbProps = (instance.db as any).props;
+    expect(dbProps.DeletionProtection).toBe(true);
+  });
+
+  test("defaults with no overrides leaves behavior unchanged", () => {
+    const withoutDefaults = LambdaFunction(baseProps);
+    const withDefaults = LambdaFunction({ ...baseProps, defaults: {} });
+    const funcPropsA = (withoutDefaults.func as any).props;
+    const funcPropsB = (withDefaults.func as any).props;
+    expect(funcPropsA.FunctionName).toBe(funcPropsB.FunctionName);
+    expect(funcPropsA.Timeout).toBe(funcPropsB.Timeout);
+  });
+});

package/src/composites/fargate-alb.ts

@@ -1,4 +1,4 @@
-import { Composite } from "@intentius/chant";
+import { Composite, mergeDefaults } from "@intentius/chant";
 import {
   EcsCluster,
   EcsService,
@@ -41,6 +41,15 @@ export interface FargateAlbProps {
   ManagedPolicyArns?: string[];
   Policies?: InstanceType<typeof Role_Policy>[];
   logRetentionDays?: number;
+  defaults?: {
+    cluster?: Partial<ConstructorParameters<typeof EcsCluster>[0]>;
+    executionRole?: Partial<ConstructorParameters<typeof Role>[0]>;
+    taskRole?: Partial<ConstructorParameters<typeof Role>[0]>;
+    taskDef?: Partial<ConstructorParameters<typeof TaskDefinition>[0]>;
+    alb?: Partial<ConstructorParameters<typeof LoadBalancer>[0]>;
+    targetGroup?: Partial<ConstructorParameters<typeof TargetGroup>[0]>;
+    service?: Partial<ConstructorParameters<typeof EcsService>[0]>;
+  };
 }
 
 export const FargateAlb = Composite<FargateAlbProps>((props) => {
@@ -51,9 +60,10 @@ export const FargateAlb = Composite<FargateAlbProps>((props) => {
   const healthCheckPath = props.healthCheckPath ?? "/";
   const listenerPort = props.listenerPort ?? 80;
   const logRetentionDays = props.logRetentionDays ?? 30;
+  const { defaults: defs } = props;
 
   // ECS Cluster
-  const cluster = new EcsCluster({});
+  const cluster = new EcsCluster(mergeDefaults({}, defs?.cluster));
 
   // Execution role — ECR pull + CloudWatch Logs write
   const executionPolicyDocument = {
@@ -77,17 +87,17 @@ export const FargateAlb = Composite<FargateAlbProps>((props) => {
     PolicyDocument: executionPolicyDocument,
   });
 
-  const executionRole = new Role({
+  const executionRole = new Role(mergeDefaults({
     AssumeRolePolicyDocument: ecsTrustPolicy,
     Policies: [executionPolicy],
-  });
+  }, defs?.executionRole));
 
   // Task role — app permissions
-  const taskRole = new Role({
+  const taskRole = new Role(mergeDefaults({
     AssumeRolePolicyDocument: ecsTrustPolicy,
     ManagedPolicyArns: props.ManagedPolicyArns,
     Policies: props.Policies,
-  });
+  }, defs?.taskRole));
 
   // Log group
   const logGroup = new LogGroup({
@@ -129,7 +139,7 @@ export const FargateAlb = Composite<FargateAlbProps>((props) => {
   });
 
   // Task definition
-  const taskDef = new TaskDefinition({
+  const taskDef = new TaskDefinition(mergeDefaults({
     NetworkMode: "awsvpc",
     RequiresCompatibilities: ["FARGATE"],
     Cpu: cpu,
@@ -137,7 +147,7 @@ export const FargateAlb = Composite<FargateAlbProps>((props) => {
     ExecutionRoleArn: executionRole.Arn,
     TaskRoleArn: taskRole.Arn,
     ContainerDefinitions: [container],
-  });
+  }, defs?.taskDef));
 
   // ALB security group — ingress on listener port from anywhere
   const albIngress = new SecurityGroup_Ingress({
@@ -168,21 +178,21 @@ export const FargateAlb = Composite<FargateAlbProps>((props) => {
   });
 
   // Application Load Balancer
-  const alb = new LoadBalancer({
+  const alb = new LoadBalancer(mergeDefaults({
     Type: "application",
     Scheme: "internet-facing",
     Subnets: props.publicSubnetIds,
     SecurityGroups: [albSg.GroupId],
-  });
+  }, defs?.alb));
 
   // Target group
-  const targetGroup = new TargetGroup({
+  const targetGroup = new TargetGroup(mergeDefaults({
     TargetType: "ip",
     Protocol: "HTTP",
     Port: containerPort,
     VpcId: props.vpcId,
     HealthCheckPath: healthCheckPath,
-  });
+  }, defs?.targetGroup));
 
   // Listener
   const defaultAction = new Listener_Action({
@@ -215,7 +225,7 @@ export const FargateAlb = Composite<FargateAlbProps>((props) => {
   });
 
   const service = new EcsService(
-    {
+    mergeDefaults({
       Cluster: cluster.Arn,
       TaskDefinition: taskDef.TaskDefinitionArn,
       LaunchType: "FARGATE",
@@ -223,7 +233,7 @@ export const FargateAlb = Composite<FargateAlbProps>((props) => {
       HealthCheckGracePeriodSeconds: 60,
       LoadBalancers: [serviceLoadBalancer],
       NetworkConfiguration: networkConfig,
-    },
+    }, defs?.service),
     { DependsOn: [listener] },
   );
 

package/src/composites/fargate-service.ts

@@ -1,4 +1,4 @@
-import { Composite } from "@intentius/chant";
+import { Composite, mergeDefaults } from "@intentius/chant";
 import {
   EcsService,
   EcsService_LoadBalancer,
@@ -54,6 +54,12 @@ export interface FargateServiceProps {
   ManagedPolicyArns?: string[];
   Policies?: InstanceType<typeof Role_Policy>[];
   logRetentionDays?: number;
+  defaults?: {
+    taskRole?: Partial<ConstructorParameters<typeof Role>[0]>;
+    taskDef?: Partial<ConstructorParameters<typeof TaskDefinition>[0]>;
+    targetGroup?: Partial<ConstructorParameters<typeof TargetGroup>[0]>;
+    service?: Partial<ConstructorParameters<typeof EcsService>[0]>;
+  };
 }
 
 export const FargateService = Composite<FargateServiceProps>((props) => {
@@ -70,13 +76,14 @@ export const FargateService = Composite<FargateServiceProps>((props) => {
   const desiredCount = props.desiredCount ?? 2;
   const healthCheckPath = props.healthCheckPath ?? "/";
   const logRetentionDays = props.logRetentionDays ?? 30;
+  const { defaults: defs } = props;
 
   // Task role — app permissions
-  const taskRole = new Role({
+  const taskRole = new Role(mergeDefaults({
     AssumeRolePolicyDocument: ecsTrustPolicy,
     ManagedPolicyArns: props.ManagedPolicyArns,
     Policies: props.Policies,
-  });
+  }, defs?.taskRole));
 
   // Log group
   const logGroup = new LogGroup({
@@ -118,7 +125,7 @@ export const FargateService = Composite<FargateServiceProps>((props) => {
   });
 
   // Task definition
-  const taskDef = new TaskDefinition({
+  const taskDef = new TaskDefinition(mergeDefaults({
     NetworkMode: "awsvpc",
     RequiresCompatibilities: ["FARGATE"],
     Cpu: cpu,
@@ -126,7 +133,7 @@ export const FargateService = Composite<FargateServiceProps>((props) => {
     ExecutionRoleArn: props.executionRoleArn,
     TaskRoleArn: taskRole.Arn,
     ContainerDefinitions: [container],
-  });
+  }, defs?.taskDef));
 
   // Task security group — ingress on container port from ALB SG
   const taskIngress = new SecurityGroup_Ingress({
@@ -143,13 +150,13 @@ export const FargateService = Composite<FargateServiceProps>((props) => {
   });
 
   // Target group
-  const targetGroup = new TargetGroup({
+  const targetGroup = new TargetGroup(mergeDefaults({
     TargetType: "ip",
     Protocol: "HTTP",
     Port: containerPort,
     VpcId: props.vpcId,
     HealthCheckPath: healthCheckPath,
-  });
+  }, defs?.targetGroup));
 
   // Listener rule conditions
   const conditions: InstanceType<typeof ListenerRule_RuleCondition>[] = [];
@@ -209,7 +216,7 @@ export const FargateService = Composite<FargateServiceProps>((props) => {
   });
 
   const service = new EcsService(
-    {
+    mergeDefaults({
       Cluster: props.clusterArn,
       TaskDefinition: taskDef.TaskDefinitionArn,
       LaunchType: "FARGATE",
@@ -217,7 +224,7 @@ export const FargateService = Composite<FargateServiceProps>((props) => {
       HealthCheckGracePeriodSeconds: 60,
       LoadBalancers: [serviceLoadBalancer],
       NetworkConfiguration: networkConfig,
-    },
+    }, defs?.service),
     { DependsOn: [rule] },
   );
 

package/src/composites/lambda-api.ts

@@ -1,20 +1,24 @@
-import { Composite } from "@intentius/chant";
+import { Composite, mergeDefaults } from "@intentius/chant";
 import { Permission } from "../generated";
 import { LambdaFunction, type LambdaFunctionProps } from "./lambda-function";
 
 export interface LambdaApiProps extends LambdaFunctionProps {
   sourceArn?: string;
+  defaults?: LambdaFunctionProps["defaults"] & {
+    permission?: Partial<ConstructorParameters<typeof Permission>[0]>;
+  };
 }
 
 export const LambdaApi = Composite<LambdaApiProps>((props) => {
+  const { defaults } = props;
   const { role, func } = LambdaFunction(props);
 
-  const permission = new Permission({
+  const permission = new Permission(mergeDefaults({
     FunctionName: func.Arn,
     Action: "lambda:InvokeFunction",
     Principal: "apigateway.amazonaws.com",
     SourceArn: props.sourceArn,
-  });
+  }, defaults?.permission));
 
   return { role, func, permission };
 }, "LambdaApi");

package/src/composites/lambda-dynamodb.ts

@@ -1,4 +1,4 @@
-import { Composite } from "@intentius/chant";
+import { Composite, mergeDefaults } from "@intentius/chant";
 import { Table, Table_AttributeDefinition, Table_KeySchema, Role_Policy } from "../generated";
 import { DynamoDBActions } from "../actions/dynamodb";
 import { LambdaFunction, type LambdaFunctionProps } from "./lambda-function";
@@ -8,6 +8,9 @@ export interface LambdaDynamoDBProps extends LambdaFunctionProps {
   partitionKey: string;
   sortKey?: string;
   access?: "ReadOnly" | "ReadWrite" | "Full";
+  defaults?: LambdaFunctionProps["defaults"] & {
+    table?: Partial<ConstructorParameters<typeof Table>[0]>;
+  };
 }
 
 export const LambdaDynamoDB = Composite<LambdaDynamoDBProps>((props) => {
@@ -27,12 +30,14 @@ export const LambdaDynamoDB = Composite<LambdaDynamoDBProps>((props) => {
     );
   }
 
-  const table = new Table({
+  const { defaults } = props;
+
+  const table = new Table(mergeDefaults({
     TableName: props.tableName,
     BillingMode: "PAY_PER_REQUEST",
     AttributeDefinitions: attributeDefinitions,
     KeySchema: keySchema,
-  });
+  }, defaults?.table));
 
   const access = props.access ?? "ReadWrite";
   const dynamoPolicyDocument = {

package/src/composites/lambda-eventbridge.ts

@@ -1,4 +1,4 @@
-import { Composite } from "@intentius/chant";
+import { Composite, mergeDefaults } from "@intentius/chant";
 import { EventRule, EventRule_Target, Permission } from "../generated";
 import { LambdaFunction, type LambdaFunctionProps } from "./lambda-function";
 
@@ -7,12 +7,17 @@ export interface LambdaEventBridgeProps extends LambdaFunctionProps {
   schedule?: string;
   eventPattern?: Record<string, unknown>;
   enabled?: boolean;
+  defaults?: LambdaFunctionProps["defaults"] & {
+    rule?: Partial<ConstructorParameters<typeof EventRule>[0]>;
+    permission?: Partial<ConstructorParameters<typeof Permission>[0]>;
+  };
 }
 
 export const LambdaEventBridge = Composite<LambdaEventBridgeProps>((props) => {
+  const { defaults } = props;
   const { role, func } = LambdaFunction(props);
 
-  const rule = new EventRule({
+  const rule = new EventRule(mergeDefaults({
     Name: props.ruleName,
     ScheduleExpression: props.schedule,
     EventPattern: props.eventPattern,
@@ -23,14 +28,14 @@ export const LambdaEventBridge = Composite<LambdaEventBridgeProps>((props) => {
         Id: "Target0",
       }),
     ],
-  });
+  }, defaults?.rule));
 
-  const permission = new Permission({
+  const permission = new Permission(mergeDefaults({
     FunctionName: func.Arn,
     Action: "lambda:InvokeFunction",
     Principal: "events.amazonaws.com",
     SourceArn: rule.Arn,
-  });
+  }, defaults?.permission));
 
   return { rule, role, func, permission };
 }, "LambdaEventBridge");

package/src/composites/lambda-function.ts

@@ -1,4 +1,4 @@
-import { Composite, withDefaults } from "@intentius/chant";
+import { Composite, withDefaults, mergeDefaults } from "@intentius/chant";
 import { Role, Function, Function_VpcConfig, Role_Policy } from "../generated";
 
 const lambdaTrustPolicy = {
@@ -28,9 +28,14 @@ export interface LambdaFunctionProps {
   ManagedPolicyArns?: string[];
   Policies?: InstanceType<typeof Role_Policy>[];
   VpcConfig?: ConstructorParameters<typeof Function_VpcConfig>[0];
+  defaults?: {
+    role?: Partial<ConstructorParameters<typeof Role>[0]>;
+    func?: Partial<ConstructorParameters<typeof Function>[0]>;
+  };
 }
 
 export const LambdaFunction = Composite<LambdaFunctionProps>((props) => {
+  const { defaults } = props;
   const managedPolicies = [BASIC_EXECUTION_ARN];
   if (props.VpcConfig) {
     managedPolicies.push(VPC_ACCESS_ARN);
@@ -39,13 +44,13 @@ export const LambdaFunction = Composite<LambdaFunctionProps>((props) => {
     managedPolicies.push(...props.ManagedPolicyArns);
   }
 
-  const role = new Role({
+  const role = new Role(mergeDefaults({
     AssumeRolePolicyDocument: lambdaTrustPolicy,
     ManagedPolicyArns: managedPolicies,
     Policies: props.Policies,
-  });
+  }, defaults?.role));
 
-  const func = new Function({
+  const func = new Function(mergeDefaults({
     FunctionName: props.name,
     Runtime: props.Runtime as any,
     Handler: props.Handler,
@@ -55,7 +60,7 @@ export const LambdaFunction = Composite<LambdaFunctionProps>((props) => {
     MemorySize: props.MemorySize,
     Environment: props.Environment,
     VpcConfig: props.VpcConfig ? new Function_VpcConfig(props.VpcConfig) : undefined,
-  });
+  }, defaults?.func));
 
   return { role, func };
 }, "LambdaFunction");

package/src/composites/lambda-s3.ts

@@ -1,4 +1,4 @@
-import { Composite } from "@intentius/chant";
+import { Composite, mergeDefaults } from "@intentius/chant";
 import {
   Bucket,
   Bucket_BucketEncryption,
@@ -14,6 +14,9 @@ import { LambdaFunction, type LambdaFunctionProps } from "./lambda-function";
 export interface LambdaS3Props extends LambdaFunctionProps {
   bucketName?: string;
   access?: "ReadOnly" | "ReadWrite" | "Full";
+  defaults?: LambdaFunctionProps["defaults"] & {
+    bucket?: Partial<ConstructorParameters<typeof Bucket>[0]>;
+  };
 }
 
 export const LambdaS3 = Composite<LambdaS3Props>((props) => {
@@ -36,11 +39,13 @@ export const LambdaS3 = Composite<LambdaS3Props>((props) => {
     RestrictPublicBuckets: true,
   });
 
-  const bucket = new Bucket({
+  const { defaults } = props;
+
+  const bucket = new Bucket(mergeDefaults({
     BucketName: props.bucketName,
     BucketEncryption: bucketEncryption,
     PublicAccessBlockConfiguration: publicAccessBlock,
-  });
+  }, defaults?.bucket));
 
   const access = props.access ?? "ReadWrite";
   const s3PolicyDocument = {

package/src/composites/lambda-sns.ts

@@ -1,30 +1,36 @@
-import { Composite } from "@intentius/chant";
+import { Composite, mergeDefaults } from "@intentius/chant";
 import { Topic, Subscription, Permission } from "../generated";
 import { LambdaFunction, type LambdaFunctionProps } from "./lambda-function";
 
 export interface LambdaSnsProps extends LambdaFunctionProps {
   topicName?: string;
+  defaults?: LambdaFunctionProps["defaults"] & {
+    topic?: Partial<ConstructorParameters<typeof Topic>[0]>;
+    subscription?: Partial<ConstructorParameters<typeof Subscription>[0]>;
+    permission?: Partial<ConstructorParameters<typeof Permission>[0]>;
+  };
 }
 
 export const LambdaSns = Composite<LambdaSnsProps>((props) => {
+  const { defaults } = props;
   const { role, func } = LambdaFunction(props);
 
-  const topic = new Topic({
+  const topic = new Topic(mergeDefaults({
     TopicName: props.topicName,
-  });
+  }, defaults?.topic));
 
-  const subscription = new Subscription({
+  const subscription = new Subscription(mergeDefaults({
     TopicArn: topic.TopicArn,
     Protocol: "lambda",
     Endpoint: func.Arn,
-  });
+  }, defaults?.subscription));
 
-  const permission = new Permission({
+  const permission = new Permission(mergeDefaults({
     FunctionName: func.Arn,
     Action: "lambda:InvokeFunction",
     Principal: "sns.amazonaws.com",
     SourceArn: topic.TopicArn,
-  });
+  }, defaults?.permission));
 
   return { topic, role, func, subscription, permission };
 }, "LambdaSns");

package/src/composites/lambda-sqs.ts

@@ -1,4 +1,4 @@
-import { Composite } from "@intentius/chant";
+import { Composite, mergeDefaults } from "@intentius/chant";
 import { Queue, EventSourceMapping, Role_Policy } from "../generated";
 import { SQSActions } from "../actions/sqs";
 import { LambdaFunction, type LambdaFunctionProps } from "./lambda-function";
@@ -7,12 +7,18 @@ export interface LambdaSqsProps extends LambdaFunctionProps {
   queueName?: string;
   batchSize?: number;
   maxBatchingWindow?: number;
+  defaults?: LambdaFunctionProps["defaults"] & {
+    queue?: Partial<ConstructorParameters<typeof Queue>[0]>;
+    eventSourceMapping?: Partial<ConstructorParameters<typeof EventSourceMapping>[0]>;
+  };
 }
 
 export const LambdaSqs = Composite<LambdaSqsProps>((props) => {
-  const queue = new Queue({
+  const { defaults } = props;
+
+  const queue = new Queue(mergeDefaults({
     QueueName: props.queueName,
-  });
+  }, defaults?.queue));
 
   const sqsPolicyDocument = {
     Version: "2012-10-17",
@@ -33,12 +39,12 @@ export const LambdaSqs = Composite<LambdaSqsProps>((props) => {
   const policies = props.Policies ? [sqsPolicy, ...props.Policies] : [sqsPolicy];
   const { role, func } = LambdaFunction({ ...props, Policies: policies });
 
-  const eventSourceMapping = new EventSourceMapping({
+  const eventSourceMapping = new EventSourceMapping(mergeDefaults({
     EventSourceArn: queue.Arn,
     FunctionName: func.Arn,
     BatchSize: props.batchSize ?? 10,
     MaximumBatchingWindowInSeconds: props.maxBatchingWindow,
-  });
+  }, defaults?.eventSourceMapping));
 
   return { queue, role, func, eventSourceMapping };
 }, "LambdaSqs");