mod-terraform-aws-lambda/variables.tf at main · virsas/mod-terraform-aws-lambda · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
# Account setup
variable "profile" {
  description           = "The profile from ~/.aws/credentials file used for authentication. By default it is the default profile."
  type                  = string
  default               = "default"
}

variable "accountID" {
  description           = "ID of your AWS account. It is a required variable normally used in JSON files or while assuming a role."
  type                  = string

  validation {
    condition           = length(var.accountID) == 12
    error_message       = "Please, provide a valid account ID."
  }
}

variable "region" {
  description           = "The region for the resources. By default it is us-east-1."
  type                  = string
  default               = "us-east-1"
}

variable "assumeRole" {
  description           = "Enable / Disable role assume. This is disabled by default and normally used for sub organization configuration."
  type                  = bool
  default               = false
}

variable "assumableRole" {
  description           = "The role the user will assume if assumeRole is enabled. By default, it is OrganizationAccountAccessRole."
  type                  = string
  default               = "OrganizationAccountAccessRole"
}

# Required
variable "name" {
  description = "Name of the function, it is the same as the name of the zip."
  type        = string
}

variable "lambdaRole" {
  description = "Role used to execute the lambda. This role must have an access to resources lambda will work with."
  type        = string
}

variable "runtime" {
  description = "Valid Values: nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2 | nodejs18.x"
  type        = string
}

# Preset
variable "lambda_path" {
  description = "By default the lambda zip files are located in ./lambdas directory with names *NAME*.zip."
  type        = string
  default     = "./lambdas"
}

variable "architecture" {
  description = "Instance architecture. Valid values are [\"x86_64\"] and [\"arm64\"]. Default is [\"x86_64\"]"
  type        = list(string)
  default     = ["x86_64"]
}

variable "handler" {
  description = "Function entrypoint. By default index.handler"
  type        = string
  default     = "index.handler"
}

variable "memory" {
  description = "Amount of memory available to Lambda function. In MB and defaults to 128."
  type        = number
  default     = 128
}

variable "timeout" {
  description = "Allowed time for function to run. In seconds. Defaults to 3. Max value 900"
  type        = number
  default     = 3
}

variable "publish" {
  description = "Weather to publish a change as a new version of lambda function. Valid values true/false. Defaults to true."
  type        = bool
  default     = true
}

variable "storage" {
  description = "The amount of /tmp storage allocated for the Lambda. In MB. Defaults to 512."
  type        = number
  default     = 512
}

variable "env" {
  description = "In case your lambda needs env variables you can configure them as list of objects {\"foo\" = \"bar\"}."
  type        = map(string)
  default     = null
}

variable "enable_policy" {
  description = "Enable resource policy on this lambda function. By default it is disabled."
  type        = bool
  default     = false
}

variable "policy_action" {
  description = "The AWS Lambda action you want to allow in this statement. By default lambda:InvokeFunction"
  type        = string
  default     = "lambda:InvokeFunction"
}

variable "policy_principal" {
  description = " The principal who is getting this permission. s3.amazonaws.com, an AWS account ID, or AWS IAM principal, or AWS service principal such as events.amazonaws.com or sns.amazonaws.com. By default it is s3.amazonaws.com"
  type        = string
  default     = "s3.amazonaws.com"
}

variable "policy_source_account" {
  description = "Optional. The ID of AWS account that is allowed to trigger the function"
  type        = string
  default     = null
}

variable "policy_source_arn" {
  description = "Optional. The ARN of the resource that is allowed to trigger the function"
  type        = string
  default     = null
}