Terraform module to create and manage a AWS Lambda function created through either a zip archive or docker container image
module "lambda" {
source = "bitbucket.org/liveviewtech/terraform-aws-lambda.git?ref=v2"
name = local.project_id
filename = data.archive_file.function.output_path
source_code_hash = data.archive_file.function.output_base64sha256
handler = "function.handler"
runtime = "python3.9"
private_subnet_ids = module.acs.private_subnet_ids
security_groups = []
vpc_id = module.acs.vpc.id
environment_variables = {
NAME = "Steve"
}
secrets = {
SUPER_SECRET = aws_ssm_parameter.super_secret.name
}
role_permissions_boundary_arn = module.acs.role_permissions_boundary.arn
}- Lambda Function
- Default Security Group
- Lambda Layer to fetch SSM parameters
- IAM Role
- Includes policy to fetch SSM parameters if secrets are included
- CloudWatch Log Group
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| description | Description of your Lambda Function (or Layer) | string |
"" |
no |
| environment_variables | A map that defines environment variables for the Lambda Function. | map(string) |
{} |
no |
| filename | The path to the function's deployment package within the local filesystem. If defined, The s3_-prefixed options and image_uri cannot be used. | string |
"" |
no |
| handler | The function entrypoint in your code. | string |
"" |
no |
| image_uri | The ECR image URI containing the function's deployment package. | string |
"" |
no |
| layers | List of Lambda Layer Version ARNs (maximum of 4) to attach to the Lambda Function. | list(string) |
[] |
no |
| log_retention_in_days | CloudWatch log group retention in days. Defaults to 120. | number |
120 |
no |
| memory_size | Amount of memory in MB your Lambda Function can use at runtime. Valid value between 128 MB to 10,240 MB (10 GB), in 64 MB increments. | number |
128 |
no |
| name | Name for your lambda function | string |
"" |
no |
| package_type | The Lambda deployment package type. Valid values are Zip and Image. | string |
"Zip" |
no |
| private_subnet_ids | List of subnet IDs for the fargate service. | list(string) |
[] |
no |
| role_permissions_boundary_arn | ARN of the IAM Role permissions boundary to place on each IAM role created. | string |
"" |
no |
| runtime | The runtime environment for your function. (e.g. python3.9) | string |
"" |
no |
| secrets | A map that defines secrets for the Lambda Function. | map(string) |
{} |
no |
| security_groups | List of extra security group IDs to attach to the function | list(string) |
[] |
no |
| source_code_hash | The path to your deployment package. Used to detect changes requiring re-provisioning | string |
null |
no |
| tags | A map of AWS Tags to attach to each resource created | map(string) |
{} |
no |
| timeout | The amount of time your Lambda Function has to run in seconds. | number |
30 |
no |
| vpc_id | VPC ID | string |
"" |
no |
| Name | Description |
|---|---|
| function_arn | The ARN of the Lambda Function |
| function_name | The name of the Lambda Function |
| role_arn | The ARN of the IAM role created for the Lambda Function |
| role_name | The name of the IAM role created for the Lambda Function |