=============================
This module is used to provision AWS Lambda outside VPC to run on a schedule. This will create:
- One CloudWatchEvent
- Lambda function
- IAM Role assigned to the lambda with the following policies attached: AWSLambdaBasicExecutionRole. You could add other policy that the lambda needs.
region- Region where the lambda is deployed. The default is ap-southeast-1lambda_code_bucket- The name of the s3 bucket where the deployment resideslambda_code_path- Name of the S3 deployment objectlambda_name- Unique name for Lambda functionlambda_runtime- A valid Lambda runtime environmentlambda_handler- The entrypoint into your Lambda functionlambda_memory_size- The memory size allocated to your lambda functiontags- Tags associated with the lambda functionenvironment_variables- Environment variables for your lambda functioniam_policy_document- Additional IAM policy document to be attached to your lambda if the lambda needs to access another AWS resource.schedule_expression- a valid rate or cron expression
data "aws_iam_policy_document" "read-a-bucket" {
statement {
sid = "AllowReadOfABucket"
effect = "Allow"
actions = [
"s3:GetObject",
]
resources = [
"arn:aws:s3:::public-bucket/*",
]
}
}
module "periodic_worker" {
source = "git::ssh://[email protected]/terraform-aws-periodic-worker-vpc.git?ref=[version]"
lambda_code_bucket = "tools-infra-lambda-bucket"
lambda_code_path = "dummy.zip"
lambda_name = "alambda"
lambda_runtime = "nodejs6.10"
lambda_handler = "lib.default"
lambda_memory_size = "128"
lambda_timeout = "300"
require_additional_policy = true
tags = {
"team" = "someteam"
"domain" = "somedomain"
}
schedule_expression = "cron(*/10 * * * ? *)"
iam_policy_document = "${data.aws_iam_policy_document.read-a-bucket.json}"
}lambda_arn- ARN for the created Lambda functionrole_arn- ARN of the IAM role assigned to the lambda
Created and maintained by Oktaviandi Hadi Nugraha