Terraform module to create AWS Lambda service.
NOTE: This module is missing a ton of features - feel free to create a pull request to add in more features!
Terraform 0.13. Pin module version to ~> v1.0. Submit pull-requests to main branch.
module "lambda-function" {
source = "umotif-public/lambda/aws"
version = "~> 1.0"
function_name = local.name_prefix
package_type = "Image"
image_uri = var.image_uri
kms_key_arn = var.lambda_kms_key_arn
environment_variables = var.environment
vpc_attach = var.enable_vpc_attach
vpc_config_subnet_ids = var.subnet_ids
vpc_config_security_group_ids = [aws_security_group.sg_lambda.id]
enable_logs = var.enable_logs
log_kms_key_id = var.log_kms_key_id
log_group_name = "/aws/lambda/${local.name_prefix}"
tags = var.tags
}Module managed by
| Name | Version |
|---|---|
| terraform | >= 0.13.7 |
| aws | >= 3.61.0 |
| Name | Version |
|---|---|
| aws | >= 3.61.0 |
No modules.
| Name | Type |
|---|---|
| aws_cloudwatch_log_group.main | resource |
| aws_iam_role.lambda | resource |
| aws_iam_role_policy_attachment.logs_policy | resource |
| aws_iam_role_policy_attachment.role_attach_lambdavpc | resource |
| aws_lambda_event_source_mapping.main | resource |
| aws_lambda_function.main | resource |
| aws_lambda_permission.main | resource |
| aws_iam_policy_document.assume_role | data source |
| aws_partition.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| architectures | Instruction set architecture for your Lambda function. Valid values are ["x86_64"] and ["arm64"]. Removing this attribute, function's architecture stay the same. | list(string) |
[ |
no |
| description | Description of what your Lambda Function does. | string |
"" |
no |
| enable_lambda_triggers | Enable triggers for Lambda | bool |
false |
no |
| enable_logs | Enable the creation of a log file for Lambda function. | bool |
false |
no |
| environment_variables | A map that defines environment variables for the Lambda Function. | map(string) |
{} |
no |
| event_source_mapping | Map of event source mapping | any |
{} |
no |
| filename | Path to the function's deployment package within the local filesystem. Conflicts with image_uri, s3_bucket, s3_key, and s3_object_version. | string |
null |
no |
| function_name | Unique name for your Lambda Function | string |
n/a | yes |
| handler | Function entrypoint in your code. | string |
"index.handler" |
no |
| image_config_command | Parameters that you want to pass in with entry_point. | list(string) |
[] |
no |
| image_config_entry_point | Entry point to your application, which is typically the location of the runtime executable. | list(string) |
[] |
no |
| image_config_working_directory | Working directory. | string |
null |
no |
| image_uri | ECR image URI containing the function's deployment package. Conflicts with filename, s3_bucket, s3_key, and s3_object_version. | string |
null |
no |
| kms_key_arn | Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key that is used to encrypt environment variables. If this configuration is not provided when environment variables are in use, AWS Lambda uses a default service key. If this configuration is provided when environment variables are not in use, the AWS Lambda API does not save this configuration and Terraform will show a perpetual difference of adding the key. To fix the perpetual difference, remove this configuration. | string |
"" |
no |
| lambda_triggers | Map of triggers for Lambda | any |
{} |
no |
| log_group_name | Name of log group for storing Lambda logs | string |
"" |
no |
| log_kms_key_id | The id of the KMS Key to use when encrypting log data. | string |
null |
no |
| log_retention_in_days | Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, 3653, and 0. If you select 0, the events in the log group are always retained and never expire. | number |
null |
no |
| memory_size | Amount of memory in MB your Lambda Function can use at runtime. | number |
128 |
no |
| package_type | Lambda deployment package type. Valid values are Zip and Image. | string |
"Zip" |
no |
| publish | Whether to publish creation/change as new Lambda Function Version. | bool |
false |
no |
| reserved_concurrent_executions | Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. | number |
-1 |
no |
| role | Amazon Resource Name (ARN) of the function's execution role. The role provides the function's identity and access to AWS services and resources. | string |
"" |
no |
| runtime | Identifier of the function's runtime. | string |
"nodejs12.x" |
no |
| source_code_hash | Used to trigger updates. Must be set to a base64-encoded SHA256 hash of the package file specified with either filename or s3_key. The usual way to set this is filebase64sha256("file.zip") (Terraform 0.11.12 and later) , where "file.zip" is the local filename of the lambda function source archive. | string |
null |
no |
| tags | A map of tags (key-value pairs) passed to resources. | map(string) |
{} |
no |
| timeout | Amount of time your Lambda Function has to run in seconds. | number |
3 |
no |
| vpc_attach | Attach Lambda to VPC | bool |
false |
no |
| vpc_config_security_group_ids | List of security group IDs associated with the Lambda function that should run inside the VPC. | list(string) |
null |
no |
| vpc_config_subnet_ids | List of subnet IDs associated with the Lambda function that should run inside the VPC. | list(string) |
null |
no |
| Name | Description |
|---|---|
| lambda_cloudwatch_log_group_arn | The ARN of the Cloudwatch Log Group |
| lambda_cloudwatch_log_group_name | The name of the Cloudwatch Log Group |
| lambda_function_arn | The ARN of the Lambda Function |
| lambda_function_image_uri | ECR image URI containing the function's deployment package |
| lambda_function_invoke_arn | The Invoke ARN of the Lambda Function |
| lambda_function_kms_key_arn | The ARN for the KMS encryption key of Lambda Function |
| lambda_function_last_modified | The date Lambda Function resource was last modified |
| lambda_function_name | The name of the Lambda Function |
| lambda_function_qualified_arn | The ARN identifying your Lambda Function Version |
| lambda_function_signing_job_arn | The ARN of the signing job |
| lambda_function_signing_profile_version_arn | The ARN of the signing profile version |
| lambda_function_source_code_hash | Base64-encoded representation of raw SHA-256 sum of the zip file |
| lambda_function_source_code_size | The size in bytes of the function .zip file |
| lambda_function_version | Latest published version of Lambda Function |
| lambda_role_arn | The ARN of the IAM role created for the Lambda Function |
| lambda_role_name | The name of the IAM role created for the Lambda Function |
See LICENSE for full details.
pre-committerraform-docsrequired forterraform_docshooks.TFLintrequired forterraform_tflinthook.
brew install pre-commit terraform-docs tflint
brew tap git-chglog/git-chglog
brew install git-chglog