This module creates one or multiple lambdas that can be invoked by other AWS resources such as API Gateway or SNS. Each lambda accesses the same package through different handlers.
module "lambda" {
source = git::https://github.com/vistaprint/terraformmodules.git//modules/lambda"
lambda_file = "lambda.zip"
functions = {
LambdaModuleTest1 = {
handler = "package.say_hello"
}
LambdaModuleTest2 = {
handler = "package.say_goodbye"
}
}
variables = {
foo = "FOO"
bar = "BAR"
}
memory_size = "256"
permissions = [
{
principal = "apigateway.amazonaws.com"
statement_id = "AllowExecutionFromAPIGateway"
source_arn = "arn:aws:execute-api:${var.region}:${data.aws_caller_identity.current.account_id}:${aws_api_gateway_rest_api.api.id}/*/GET/*/*"
}
]
policy = data.template_file.example_policy.rendered
prefix = "MyLambdas"
runtime = "python3.6"
}The example above uses a role policy generated by a template. This is an example template with CloudWatch logging and DynamoDB get functionality. Save as templates/example_policy.tpl relative to the main.tf it will be used in.
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams",
"dynamodb:GetItem"
],
"Resource": [
"arn:aws:logs:*:*:*",
"arn:aws:dynamodb:${region}:${accountId}:table/*"
]
}
]
}To use the template in main.tf specify a data resource like so:
data "template_file" "example_policy" {
template = file("templates/example_policy.tpl")
vars {
region = var.region
accountId = var.accountId
}
}The lambda module outputs the ARNs for all the created functions. The output variable (lambda_arns) is a map where keys represent the function name (excluding the prefix), and values contain the individual ARNs for each function.
In the example above, each lambda function can be accessed as:
module.lambda.lambda_arns["LambdaModuleTest1"]
module.lambda.lambda_arns["LambdaModuleTest2"]