The following requirements are needed by this module:
- aws (5.59.0)
The following providers are used by this module:
- aws (5.59.0)
No modules.
The following resources are used by this module:
- aws_iam_policy.iam_policy (resource)
- aws_iam_role.iam_role (resource)
- aws_iam_role_policy_attachment.iam_role_policy_attachment (resource)
- aws_iam_role_policy_attachment.iam_role_policy_attachment_arn (resource)
- aws_lambda_function.lambda (resource)
The following input variables are required:
Description: Unique name for your Lambda Function.
Type: string
Description: Function entrypoint in your code.
Type: string
Description: Function runtime
Type: string
The following input variables are optional (have default values):
Description: General tags provided for the whole module
Type: map(string)
Default: {}
Description: Map for generating policies that are going to be attached to the lambda
Type:
map(object({
name = string
description = string
path = string
policy = string
tags = map(string)
}))Default: {}
Description: The policy that grants an entity permission to assume the role. Must be a valid JSON.
Type: string
Default: null
Description: he description of the role.
Type: string
Default: null
Description: Specifies to force detaching any policies the role has before destroying it. Defaults to false.
Type: bool
Default: false
Description: The maximum session duration (in seconds) that you want to set for the specified role. If you do not specify a value for this setting, the default maximum of one hour is applied. This setting can have a value from 1 hour to 12 hours.
Type: number
Default: null
Description: The name of the role. If omitted, Terraform will assign a random, unique name.
Type: string
Default: null
Description: The path to the role. See IAM Identifiers for more information.
Type: string
Default: null
Description: The ARN of the policy that is used to set the permissions boundary for the role.
Type: string
Default: null
Description: The ARN of the policy you want to apply.
Type: map(string)
Default: {}
Description: Key-value map of tags for the IAM role.
Type: map(string)
Default: {}
Description: For JSON structured logs, choose the detail level of the logs your application sends to CloudWatch when using supported logging libraries.
Type: string
Default: null
Description: Instruction set architecture for your Lambda function. Valid values are x86_64 and arm64. Removing this attribute, function's architecture stay the same.
Type: string
Default: "x86_64"
Description: To enable code signing for this function, specify the ARN of a code-signing configuration. A code-signing configuration includes a set of signing profiles, which define the trusted publishers for this function.
Type: string
Default: null
Description: ARN of an SNS topic or SQS queue to notify when an invocation fails. If this option is used, the function's IAM role must be granted suitable access to write to the target object, which means allowing either the sns:Publish or sqs:SendMessage action on this ARN, depending on which service is targeted.
Type: string
Default: null
Description: Description of what your Lambda Function does.
Type: string
Default: null
Description: Map of environment variables that are accessible from the function code during execution.
Type: map(string)
Default: null
Description: The size of the Lambda function Ephemeral storage(/tmp) represented in MB.
Type: number
Default: null
Description: Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system.
Type: string
Default: null
Description: Path where the function can access the file system, starting with /mnt/.
Type: string
Default: null
Description: Path to the function's deployment package within the local filesystem. Exactly one of filename, image_uri, or s3_bucket must be specified.
Type: string
Default: null
Description: Parameters that you want to pass in with entry_point.
Type: list(string)
Default: null
Description: Entry point to your application, which is typically the location of the runtime executable.
Type: list(string)
Default: null
Description: Working directory.
Type: string
Default: null
Description: ECR image URI containing the function's deployment package. Exactly one of filename, image_uri, or s3_bucket must be specified.
Type: string
Default: null
Description: Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables.
Type: string
Default: null
Description: List of Lambda Layer Version ARNs to attach to your Lambda Function.
Type: list(string)
Default: null
Description: Select between Text and structured JSON format for your function's logs.
Type: string
Default: "JSON"
Description: The CloudWatch log group your function sends logs to.
Type: string
Default: null
Description: Configuration block used to specify advanced logging settings.
Type: number
Default: null
Description: Lambda deployment package type. Valid values are Zip and Image.
Type: string
Default: "Zip"
Description: Whether to publish creation/change as new Lambda Function Version.
Type: bool
Default: false
Description: Whether to replace the security groups on the function's VPC configuration prior to destruction. Removing these security group associations prior to function destruction can speed up security group deletion times of AWS's internal cleanup operations.
Type: bool
Default: false
Description: List of security group IDs to assign to the function's VPC configuration prior to destruction.
Type: set(string)
Default: null
Description: Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations.
Type: number
Default: -1
Description: Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources.
Type: string
Default: null
Description: S3 bucket location containing the function's deployment package. This bucket must reside in the same AWS region where you are creating the Lambda function. Exactly one of filename, image_uri, or s3_bucket must be specified. When s3_bucket is set, s3_key is required.
Type: string
Default: null
Description: S3 key of an object containing the function's deployment package.
Type: string
Default: null
Description: Object version containing the function's deployment package.
Type: string
Default: null
Description: Set to true if you do not wish the function to be deleted at destroy time, and instead just remove the function from the Terraform state.
Type: bool
Default: false
Description: Conditions where snap start is enabled. Valid values are PublishedVersions.
Type: string
Default: null
Description: Virtual attribute used to trigger replacement when source code changes. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key.
Type: string
Default: null
Description: For JSON structured logs, choose the detail level of the Lambda platform event logs sent to CloudWatch, such as ERROR, DEBUG, or INFO.
Type: string
Default: null
Description: Map of tags to assign to the object.
Type: map(string)
Default: null
Description: Amount of time your Lambda Function has to run in seconds.
Type: number
Default: 3
Description: Whether to sample and trace a subset of incoming requests with AWS X-Ray.
Type: string
Default: null
Description: Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets.
Type: bool
Default: false
Description: List of security group IDs associated with the Lambda function.
Type: list(string)
Default: null
Description: List of subnet IDs associated with the Lambda function.
Type: list(string)
Default: null
The following outputs are exported:
Description: The arn of the iam role for the lambda
Description: The id of the iam role for the lambda
Description: The unique_id of the iam role for the lambda
Description: The arn of the lambda.
Description: ARN to be used for invoking Lambda Function from API Gateway - to be used in aws_api_gateway_integration's uri.
Description: The id of the lambda.
Description: Date this lambda was last modified.
Description: ARN identifying your Lambda Function Version (if versioning is enabled via publish = true).
Description: Qualified ARN (ARN with lambda version number) to be used for invoking Lambda Function from API Gateway - to be used in aws_api_gateway_integration's uri.
Description: ARN of the signing job.
Description: ARN of the signing profile version.
Description: Optimization status of the snap start configuration. Valid values are On and Off.
Description: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
Description: Latest published version of your Lambda Function.
Description: Optimization status of the snap start configuration. Valid values are On and Off.