Releases: sudoblark/sudoblark.terraform.module.aws.lambda
Releases · sudoblark/sudoblark.terraform.module.aws.lambda
Fix lambda being unable to plan or apply in practice
Description
Fix issue with policy attachment json boolean preventing lambda from actually planning or applying when tested using https://github.com/sudoblark/sudoblark.terraform.modularised-demo.
What's Changed
- Fix lambda unable to plan due to policy json attachment by @benjaminlukeclark in #2
Full Changelog: 1.0.0...1.0.1
Supported module data structure (Unchanged since last release)
Data structure
---------------
A list of dictionaries, where each dictionary has the following attributes:
REQUIRED
---------
- name : The friendly name of for the lambda
- description : A human-friendly description of the lambda
- iam_policy_statements : A list of dictionaries where each dictionary is an IAM statement defining lambda permissions
-- Each dictionary in this list must define the following attributes:
--- sid: Friendly name for the policy, no spaces or special characters allowed
--- actions: A list of IAM actions the lambda is allowed to perform
--- resources: Which resource(s) the lambda may perform the above actions against
--- conditions : An OPTIONAL list of dictionaries, which each defines:
---- test : Test condition for limiting the action
---- variable : Value to test
---- values : A list of strings, denoting what to test for
MUTUALLY_EXCLUSIVE
---------
There are a few flavours of lambdas supported, but they are mutually exclusive.
You can have both in the same collection, but you can't have both for the same lambda.
i.e. you can have one dictionary for ZIP and one for containers, but not ZIP and container
information in the same lambda
For ZIP based lambdas, the following arguments are needed:
- source_folder : Folder where the zipped lambda lives under src/lambda.zip
- handler : file.function reference for the lambda handler, i.e. its entrypoint
For container based lambdas, the following arguments are needed:
- image_uri : URI of the image to utilise
- image_tag : Version of image to use, defaults to "latest"
OPTIONAL
---------
- environment_variables : A dictionary of env vars to mount for the lambda at runtime, defaults to an empty dictionary
- runtime : Runtime version to utilise for lambda, defaults to python3.9
- timeout : Timeout (in seconds) for the lambda, defaults to 900
- memory : MBs of memory lambda should be allocated, defaults to 512
- security_group_ids : IDs of security groups the lambda should utilise
- lambda_subnet_ids : Private IPs which the lambda may utilise for runtime
- storage : MBs of storage lambda should be allocated, defaults to 512
- common_lambda_layers : ARNs of lambda layers to include.
- destination_on_failure: ARN of resource to notify when an invocation fails.
Contributors
benjaminlukeclark
Assets 2
Initial module setup
Description
The initial release of the lambda module.
Changelog available here.
TL; DR
A new terraform module to allow creation of n lambdas.
NEW
- For each dictionary provided, this module:
- Creates a new lambda, using either a ZIP or a container image as the basis for the lambda function.
- Allows definition of lambda permissions via policy statements.
- Allows setting of environment variables, runtime, timeout, memory and storage
- Allows pairing with security groups and/or subnets to run the lambda in a VPC
Please see examples folder for example instantiation of module.
SUPPORTED MODULE DATA STRUCTURE
Data structure
---------------
A list of dictionaries, where each dictionary has the following attributes:
REQUIRED
---------
- name : The friendly name of for the lambda
- description : A human-friendly description of the lambda
- iam_policy_statements : A list of dictionaries where each dictionary is an IAM statement defining lambda permissions
-- Each dictionary in this list must define the following attributes:
--- sid: Friendly name for the policy, no spaces or special characters allowed
--- actions: A list of IAM actions the lambda is allowed to perform
--- resources: Which resource(s) the lambda may perform the above actions against
--- conditions : An OPTIONAL list of dictionaries, which each defines:
---- test : Test condition for limiting the action
---- variable : Value to test
---- values : A list of strings, denoting what to test for
MUTUALLY_EXCLUSIVE
---------
There are a few flavours of lambdas supported, but they are mutually exclusive.
You can have both in the same collection, but you can't have both for the same lambda.
i.e. you can have one dictionary for ZIP and one for containers, but not ZIP and container
information in the same lambda
For ZIP based lambdas, the following arguments are needed:
- source_folder : Folder where the zipped lambda lives under src/lambda.zip
- handler : file.function reference for the lambda handler, i.e. its entrypoint
For container based lambdas, the following arguments are needed:
- image_uri : URI of the image to utilise
- image_tag : Version of image to use, defaults to "latest"
OPTIONAL
---------
- environment_variables : A dictionary of env vars to mount for the lambda at runtime, defaults to an empty dictionary
- runtime : Runtime version to utilise for lambda, defaults to python3.9
- timeout : Timeout (in seconds) for the lambda, defaults to 900
- memory : MBs of memory lambda should be allocated, defaults to 512
- security_group_ids : IDs of security groups the lambda should utilise
- lambda_subnet_ids : Private IPs which the lambda may utilise for runtime
- storage : MBs of storage lambda should be allocated, defaults to 512
- common_lambda_layers : ARNs of lambda layers to include.
- destination_on_failure: ARN of resource to notify when an invocation fails.
FEEDBACK
Submit suggestions for improvements to [email protected].