Skip to main content



Terraform module to provision a lambda with full permissions



additional_assume_role_policiesList of objects defining additional non-Lambda IAM trust relationship statementslist(object({\n Action = list(string)\n Principal = object({\n Service = string\n })\n Effect = string\n }))false
aliasLambda alias namestringfalse
architectureThe CPU architecture to usefalse
aws_profileThe account profile to deploy the lamnda function withinstringtrue
aws_regionThe region in which to deploy the lambda functionstringtrue
custom_role_nameOverride for the default lambda role namestringfalse
dead_letter_targetTarget ARN for an SQS queue or SNS topic to notify on failed invocationsstringfalse
dead_letter_target_typeThe type of the dlq target, must be 'SNS' or 'SQS'stringfalse
descriptionDescription of what the Lambda Function doesstringfalse
handlerPath to the lambda handlerstringtrue
insights_enabledTurn on Lambda insights for the Lambda (limited regions only)boolfalse
instant_alias_updateWhether to immediately point the alias at the latest versionboolfalse
lambda_concurrencyLimit concurrent executions of the lambda fnnumberfalse
lambda_runtimeRuntime to invoke the lambda withstringtrue
layersList of lambda layer ARNs to attachlist(string)false
log_retentionTime in days to retain logs fornumberfalse
memory_sizeMemory allocation for the lambda functionnumberfalse
nameThe name to give to the lambda functionstringtrue
policiesList of objects defining IAM policy statementslist(object({\n Action = list(string)\n Resource = list(string)\n Effect = string\n }))false
publishShould this be published as a versionboolfalse
s3_bucketThe S3 bucket your lambda artifact is stored instringtrue
s3_keyThe name of the lambda artifact in the bucketstringtrue
tagsTags to attach to all resourcesmap(string)true
timeoutFunction timeout, execution gets cancelled after this many secondsnumberfalse
tracing_config_modeX Ray tracing mode to usestringfalse
vpc_security_groupsVPC security groups to apply to the lambdalist(string)false
vpc_subnetsVPC subnets to run the lambda inlist(string)false
writeConnectionSecretToRefThe secret which the cloud resource connection will be written towriteConnectionSecretToReffalse


nameThe secret name which the cloud resource connection will be written tostringtrue
namespaceThe secret namespace which the cloud resource connection will be written tostringfalse