Requirements
| Name | Version |
|---|---|
| terraform | >= 0.12 |
Inputs
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| application_log_level | The detail level of the logs the application sends to CloudWatch | string | "INFO" | no |
| aws_account_id | The AWS Account ID (numeric) | string | n/a | yes |
| component | The name of the tfscaffold component | string | n/a | yes |
| default_tags | A map of default tags to apply to all taggable resources within the component | map(string) | {} | no |
| description | Description of the Lambda | string | n/a | yes |
| enable_dlq_and_notifications | Create an SQS Queue and on-failure destination to be used as the Lambda’s Dead Letter Queue and notifications | bool | false | no |
| enable_lambda_insights | Enable the lambda insights layer, this must be disabled for lambda@edge usage | bool | true | no |
| enable_xray_tracing | Enable AWS X-Ray active tracing for the Lambda function. | bool | false | no |
| environment | The name of the tfscaffold environment | string | n/a | yes |
| filter_pattern | Filter pattern to use for the log subscription filter | string | "" | no |
| force_lambda_code_deploy | If the lambda package in s3 has the same commit id tag as the terraform build branch, the lambda will not update automatically. Set to True if making changes to Lambda code from on the same commit for example during development | bool | false | no |
| function_code_base_path | The base path to the sourcecode directories needed for this lambda | string | "./" | no |
| function_code_dir | The directory for this lambda | string | null | no |
| function_include_common | Include the ‘common’ lambda module with this lambda | bool | true | no |
| function_module_name | The name of the function module as used by the lambda handler, e.g. index or exports | string | "index" | no |
| function_name | Base name of this lambda | string | n/a | yes |
| function_s3_bucket | The bucket to upload Lambda packages to | string | null | no |
| group | The name of the tfscaffold group | string | null | no |
| handler_function_name | The name of the lambda handler function (passed directly to the Lambda’s handler option) | string | "handler" | no |
| iam_policy_document | n/a | <pre>object({ body = string })</pre> | null | no |
| image_config | Optional image configuration for Image-based Lambda | <pre>object({ entry_point = optional(list(string)) command = optional(list(string)) working_directory = optional(string) })</pre> | null | no |
| image_repository_names | ECR repository names allowed for Image-based Lambda | list(string) | [] | no |
| image_uri | ECR image URI for Image-based Lambda | string | null | no |
| kms_key_arn | KMS key arn to use for this function | string | n/a | yes |
| lambda_at_edge | Whether this Lambda is a Lambda@Edge function | bool | false | no |
| lambda_dlq_message_retention_seconds | The number of seconds to retain messages in the Lambda DLQ SQS queue | number | 1209600 | no |
| lambda_env_vars | Lambda environment parameters map | map(string) | {} | no |
| layers | Lambda layer arns to include | list(any) | [] | no |
| log_destination_arn | Destination ARN to use for the log subscription filter | string | "" | no |
| log_level | The log level to be used in lambda functions within the component. Any log with a lower severity than the configured value will not be logged: https://docs.python.org/3/library/logging.html#levels | string | "INFO" | no |
| log_retention_in_days | The retention period in days for the Cloudwatch Logs events generated by the lambda function | number | n/a | yes |
| log_subscription_lambda_create_permission | Whether to create a permission for the log forwarder. Set to false if using a generic one. | bool | true | no |
| log_subscription_role_arn | The ARN of the IAM role to use for the log subscription filter | string | "" | no |
| memory | The amount of memory to apply to the created Lambda | number | n/a | yes |
| package_type | Lambda package type: Zip or Image | string | "Zip" | no |
| permission_statements | Statements giving an external source permission to invoke the Lambda function | <pre>list(object({ action = optional(string) principal = string source_arn = optional(string) source_account = optional(string) statement_id = string }))</pre> | [] | no |
| project | The name of the tfscaffold project | string | n/a | yes |
| region | The AWS Region | string | n/a | yes |
| runtime | The runtime to use for the lambda function | string | null | no |
| schedule | The fully qualified Cloudwatch Events schedule for when to run the lambda function, e.g. rate(1 day) or a cron() expression. Default disables all events resources | string | "" | no |
| send_to_firehose | Enable sending logs to firehose | bool | true | no |
| sns_destination | SNS Topic ARN to be used for on-failure Lambda invocation records | string | null | no |
| sns_destination_kms_key | KMS Key ARN to be used for SNS Topic for on-failure Lambda invocation records | string | null | no |
| system_log_level | The detail level of the Lambda platform event logs sent to CloudWatch | string | "WARN" | no |
| timeout | Timeout in seconds of the lambda function invocation | number | n/a | yes |
| vpc_config | Lambdas can run in a VPC, should be a map containing a subnet_ids list and a security_group_ids list | map(any) | null | no |
Outputs
| Name | Description |
|---|---|
| cloudwatch_log_group_name | Name of the CloudWatch Log Group for the Lambda function |
| function_arn | ARN of the Lambda function |
| function_env_vars | Environment variables for the Lambda function |
| function_invoke_arn | Invoke ARN of the Lambda function |
| function_name | Name of the Lambda function |
| function_qualified_arn | Qualified ARN of the Lambda function, including version or alias |
| iam_role_arn | ARN of the IAM role associated with the Lambda function |
| iam_role_name | Name of the IAM role associated with the Lambda function |