Terraform module to create AWS Lambda Function .
terrafrom config example:
data "archive_file" "lambda_zip" {
type = "zip"
source_file = "files/lambda_function.py"
output_path = "lambda_function.zip"
}
module "lambda_function" {
source = "../.."
runtime = "python3.8"
handler = "lambda_function.lambda_handler"
memory_size = "256"
timeout = 120
filename = data.archive_file.lambda_zip.output_path
depends_on = [data.archive_file.lambda_zip]
source_code_hash = data.archive_file.lambda_zip.output_sha
lambda_environment = {
variables = {
ERROR_QUEUE_URL = "http://ERROR_QUEUE_URL"
INPUT_QUEUE_URL = "http://INPUT_QUEUE_URL"
}
}
function_role_policy_statements = {
policy-sqs = [
{
Action = [
"sqs:*"
]
Effect = "Allow"
Resource = [
"arn:aws:sqs:us-east-2:444455556666:queue1",
"arn:aws:sqs:us-east-2:444455556666:queue2"
]
},
]
}
labels = local.labels
}
more info see examples/test
terraform run example
cd examples/test
terraform init
terraform plan
Terraform versions tested
- 0.15.3
- 1.1.8
No requirements.
Name | Version |
---|---|
aws | n/a |
No modules.
Name | Type |
---|---|
aws_cloudwatch_log_group.default | resource |
aws_iam_role.function_iam_role | resource |
aws_iam_role_policy.function_iam_role | resource |
aws_iam_role_policy_attachment.function_iam_role | resource |
aws_iam_role_policy_attachment.function_iam_role_default | resource |
aws_lambda_function.default | resource |
aws_iam_policy_document.function_iam | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
architectures | Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Default is ["x86_64"]. Removing this attribute, function's architecture stay the same. |
list(string) |
null |
no |
description | Description of what the Lambda Function does. | string |
null |
no |
filename | The path to the function's deployment package within the local filesystem. If defined, The s3_-prefixed options and image_uri cannot be used. | string |
null |
no |
function_iam_role_name | optionally define a custom value for the function iam role name and tag=Name parameter in aws_iam_role. By default, it is defined as a construction from var.labels |
string |
"default" |
no |
function_name | optionally define a custom value for the function name and tag=Name parameter in aws_lambda_function. By default, it is defined as a construction from var.labels |
string |
"default" |
no |
function_role_policy_arns | A list of IAM Policy ARNs to attach to the generated function role. | list(string) |
[] |
no |
function_role_policy_arns_default | default arns list for function | list |
[ |
no |
function_role_policy_statements | A map of zero or multiple role policies statements which will be attached to task role(in addition to default) |
map(any) |
{} |
no |
handler | The function entrypoint in your code. | string |
null |
no |
labels | Minimum required map of labels(tags) for creating aws resources | object({ |
n/a | yes |
lambda_environment | Environment (e.g. env variables) configuration for the Lambda function enable you to dynamically pass settings to your function code and libraries | object({ |
null |
no |
memory_size | Amount of memory in MB the Lambda Function can use at runtime. | number |
128 |
no |
package_type | The Lambda deployment package type. Valid values are Zip and Image. | string |
"Zip" |
no |
permissions_boundary | A permissions boundary ARN to apply to the roles that are created. | string |
"" |
no |
runtime | The runtime environment for the Lambda function you are uploading. | string |
null |
no |
source_code_hash | Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key. The usual way to set this is filebase64sha256('file.zip') where 'file.zip' is the local filename of the lambda function source archive. |
string |
"" |
no |
tags | Additional tags | map(string) |
{} |
no |
timeout | The amount of time the Lambda Function has to run in seconds. | number |
15 |
no |
No outputs.