| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| archive | >= 2.0.0 |
| aws | >= 5.0.0 |
| null | >= 3.0.0 |
| Name | Version |
|---|---|
| archive | >= 2.0.0 |
| aws | >= 5.0.0 |
| null | >= 3.0.0 |
| Name | Source | Version |
|---|---|---|
| cloudwatch_log_group_kms | oozou/kms-key/aws | 2.0.1 |
| s3 | oozou/s3/aws | 2.0.1 |
| Name | Type |
|---|---|
| aws_cloudwatch_log_group.this | resource |
| aws_iam_policy.ssm_policy | resource |
| aws_iam_role.this | resource |
| aws_iam_role_policy.logs_role_policy | resource |
| aws_iam_role_policy_attachment.ssm_policy_attachment | resource |
| aws_iam_role_policy_attachment.this | resource |
| aws_lambda_function.this | resource |
| aws_lambda_permission.allow_serivce | resource |
| aws_s3_object.this | resource |
| aws_ssm_parameter.params | resource |
| null_resource.lambda | resource |
| archive_file.this | data source |
| aws_caller_identity.this | data source |
| aws_iam_policy_document.assume_role_policy_doc | data source |
| aws_iam_policy_document.cloudwatch_log_group_kms_policy | data source |
| aws_iam_policy_document.lambda_access_vpc | data source |
| aws_iam_policy_document.lambda_logs_policy_doc | data source |
| aws_iam_policy_document.lambda_policy | data source |
| aws_iam_policy_document.secret_access_policy_doc | data source |
| aws_region.this | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| additional_lambda_log_group_kms_policy | Additional IAM policy document for the Lambda log group KMS key. | string |
null |
no |
| additional_lambda_role_policy_arns | List of policies ARNs to attach to the lambda's created role | list(string) |
[] |
no |
| archive_file_trigger | The map of string that will be used to determine trigger to do archive | map(string) |
{} |
no |
| bucket_name | Name of the bucket to put the file in. Alternatively, an S3 access point ARN can be specified. | string |
"" |
no |
| cloudwatch_log_group_kms_key_arn | The ARN for the KMS encryption key. | string |
null |
no |
| cloudwatch_log_retention_in_days | Retention day for cloudwatch log group | number |
90 |
no |
| compressed_local_file_dir | A path to the directory to store plan time generated local files | string |
"" |
no |
| dead_letter_target_arn | Dead letter queue configuration that specifies the queue or topic where Lambda sends asynchronous events when they fail processing. | string |
null |
no |
| environment | Environment Variable used as a prefix | string |
n/a | yes |
| environment_variables | A map that defines environment variables for the Lambda Function. | map(string) |
{} |
no |
| handler | Function entrypoint in your code. | string |
n/a | yes |
| is_create_cloudwatch_log_group | Whether to create cloudwatch log group or not | bool |
true |
no |
| is_create_default_kms | Whether to create cloudwatch log group kms or not | bool |
true |
no |
| is_create_lambda_bucket | Whether to create lambda bucket or not | bool |
false |
no |
| is_create_lambda_role | Whether to create lamda role or not | bool |
true |
no |
| is_edge | Whether lambda is lambda@Edge or not | bool |
false |
no |
| lambda_permission_configurations | principal - (Required) The principal who is getting this permission e.g., s3.amazonaws.com, an AWS account ID, or any valid AWS service principal such as events.amazonaws.com or sns.amazonaws.com. source_arn - (Optional) When the principal is an AWS service, the ARN of the specific resource within that service to grant permission to. Without this, any resource from source_account - (Optional) This parameter is used for S3 and SES. The AWS account ID (without a hyphen) of the source owner. |
any |
{} |
no |
| lambda_role_arn | The arn of role that already created by something to asso with lambda | string |
"" |
no |
| layer_arns | (Optional) List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. | list(string) |
[] |
no |
| memory_size | (Optional) Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. | number |
128 |
no |
| name | Name of the ECS cluster to create | string |
n/a | yes |
| prefix | The prefix name of customer to be displayed in AWS console and resource | string |
n/a | yes |
| reserved_concurrent_executions | (Optional) Amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. See Managing Concurrency | number |
-1 |
no |
| runtime | The runtime of the lambda function | string |
n/a | yes |
| source_code_dir | An absolute path to the directory containing the code to upload to lambda | string |
"" |
no |
| ssm_params | Lambda@Edge does not support env vars, so it is a common pattern to exchange Env vars for SSM params. ! SECRET you would have lookups in SSM, like: const someEnvValue = await ssmClient.getParameter({ Name: 'SOME_SSM_PARAM_NAME', WithDecryption: true }) |
map(string) |
{} |
no |
| tags | Custom tags which can be passed on to the AWS resources. They should be key value pairs having distinct keys | map(any) |
{} |
no |
| timeout | (Optional) Amount of time your Lambda Function has to run in seconds. Defaults to 3. | number |
3 |
no |
| tracing_mode | Tracing mode of the Lambda Function. Valid value can be either PassThrough or Active. | string |
"PassThrough" |
no |
| vpc_config | For network connectivity to AWS resources in a VPC, specify a list of security groups and subnets in the VPC. When you connect a function to a VPC, it can only access resources and the internet through that VPC. See VPC Settings. security_group_ids - (Required) List of security group IDs associated with the Lambda function. subnet_ids_to_associate - (Required) List of subnet IDs associated with the Lambda function. |
object({ |
{ |
no |
| Name | Description |
|---|---|
| arn | Amazon Resource Name (ARN) identifying your Lambda Function. |
| execution_role_arn | Role arn of lambda |
| function_arn | function arn |
| function_name | Name of AWS Lambda function |