|
1 | | -# terraform-aws-lambda-edge |
2 | | - |
3 | | -## Usage |
4 | | - |
5 | | -```terraform |
6 | | -module "lambda" { |
7 | | - source = "git@github.com:oozou/terraform-aws-lambda.git?ref=v1.1.0" |
8 | | -
|
9 | | - prefix = "oozou" |
10 | | - environment = "dev" |
11 | | - name = "demo" |
12 | | -
|
13 | | - is_edge = true # Defautl is `fault`, If you want to publish to the edge don't forget to override aws's provider to virgina |
14 | | -
|
15 | | - # If is_edge is `false`, ignore this config |
16 | | - is_create_lambda_bucket = true # Default is `false`; plz use false, if not 1 lambda: 1 bucket |
17 | | - bucket_name = "" # If `is_create_lambda_bucket` is `false`; specified this, default is `""` |
18 | | -
|
19 | | - # Source code |
20 | | - source_code_dir = "./src" |
21 | | - file_globs = ["main.py"] |
22 | | - compressed_local_file_dir = "./outputs" |
23 | | -
|
24 | | - # Lambda Env |
25 | | - runtime = "python3.9" |
26 | | - handler = "main.lambda_handler" |
27 | | -
|
28 | | - # Lambda Specification |
29 | | - timeout = 3 # Default is `3` seconds |
30 | | - memory_size = 128 # Default is `128` MB, the more mem size increase, the performance is better |
31 | | - reserved_concurrent_executions = -1 |
32 | | - # Optional to connect Lambda to VPC |
33 | | - vpc_config = { |
34 | | - security_group_ids = ["sg-028f637312eea735e"] |
35 | | - subnet_ids_to_associate = ["subnet-0b853f8c85796d72d", "subnet-07c068b4b51262793", "subnet-0362f68c559ef7716"] |
36 | | - } |
37 | | - dead_letter_target_arn = "arn:aws:sns:ap-southeast-1:557291035693:demo" # To send failed processing to target, Default is `""` |
38 | | -
|
39 | | - # IAM |
40 | | - is_create_lambda_role = true # Default is `true` |
41 | | - lambda_role_arn = "" # If `is_create_lambda_role` is `false` |
42 | | - # The policies that you want to attach to IAM Role created by only this module |
43 | | - additional_lambda_role_policy_arns = { |
44 | | - allow_lambda_to_read_s3 = "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess" |
45 | | - } |
46 | | -
|
47 | | - # Resource policy |
48 | | - lambda_permission_configurations = { |
49 | | - lambda_on_my_account = { |
50 | | - pricipal = "apigateway.amazonaws.com" |
51 | | - source_arn = "arn:aws:execute-api:ap-southeast-1:557291035693:lk36vflbha/*/*/" |
52 | | - } |
53 | | - lambda_on_my_another_account_wrong = { |
54 | | - pricipal = "apigateway.amazonaws.com" |
55 | | - source_arn = "arn:aws:execute-api:ap-southeast-1:562563527952:q6pwa6wgr6/*/*/" |
56 | | - source_account = "557291035693" # Optional just to restrict the permission |
57 | | - } |
58 | | - lambda_on_my_another_account_correct = { |
59 | | - pricipal = "apigateway.amazonaws.com" |
60 | | - source_arn = "arn:aws:execute-api:ap-southeast-1:557291035693:wpj4t3scmb/*/*/" |
61 | | - } |
62 | | - } |
63 | | -
|
64 | | - # Logging |
65 | | - is_create_cloudwatch_log_group = true # Default is `true` |
66 | | - cloudwatch_log_retention_in_days = 30 # Default is `90` |
67 | | -
|
68 | | - # Env |
69 | | - ssm_params = {} |
70 | | - plaintext_params = { |
71 | | - region = "ap-southeast-1" |
72 | | - cluster_name = "oozou-dev-test-schedule-cluster" |
73 | | - nodegroup_name = "oozou-dev-test-schedule-custom-nodegroup" |
74 | | - min = 1, |
75 | | - max = 1, |
76 | | - desired = 1 |
77 | | - } |
78 | | -
|
79 | | - tags = var.generics_info["custom_tags"] |
80 | | -} |
81 | | -``` |
| 1 | +# terraform-aws-lambda |
82 | 2 |
|
83 | 3 | <!-- BEGIN_TF_DOCS --> |
84 | 4 | ## Requirements |
@@ -127,7 +47,7 @@ module "lambda" { |
127 | 47 |
|
128 | 48 | | Name | Description | Type | Default | Required | |
129 | 49 | |--------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------|:--------:| |
130 | | -| <a name="input_additional_lambda_role_policy_arns"></a> [additional\_lambda\_role\_policy\_arns](#input\_additional\_lambda\_role\_policy\_arns) | Map of policies ARNs to attach to the lambda | `map(string)` | `{}` | no | |
| 50 | +| <a name="input_additional_lambda_role_policy_arns"></a> [additional\_lambda\_role\_policy\_arns](#input\_additional\_lambda\_role\_policy\_arns) | Map of policies ARNs to attach to the lambda | `list(string)` | `[]` | no | |
131 | 51 | | <a name="input_bucket_name"></a> [bucket\_name](#input\_bucket\_name) | Name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified. | `string` | `""` | no | |
132 | 52 | | <a name="input_cloudwatch_log_kms_key_id"></a> [cloudwatch\_log\_kms\_key\_id](#input\_cloudwatch\_log\_kms\_key\_id) | The ARN for the KMS encryption key. | `string` | `null` | no | |
133 | 53 | | <a name="input_cloudwatch_log_retention_in_days"></a> [cloudwatch\_log\_retention\_in\_days](#input\_cloudwatch\_log\_retention\_in\_days) | Retention day for cloudwatch log group | `number` | `90` | no | |
|
0 commit comments