diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index e79e67b2..e809a4e4 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,6 @@
repos:
- repo: https://github.com/antonbabenko/pre-commit-terraform
- rev: v1.81.0
+ rev: v1.83.5
hooks:
- id: terraform_fmt
- id: terraform_wrapper_module_for_each
@@ -24,7 +24,7 @@ repos:
- '--args=--only=terraform_standard_module_structure'
- '--args=--only=terraform_workspace_remote'
- repo: https://github.com/pre-commit/pre-commit-hooks
- rev: v4.4.0
+ rev: v4.5.0
hooks:
- id: check-merge-conflict
- id: end-of-file-fixer
diff --git a/README.md b/README.md
index 7ff45dff..6f6f7a19 100644
--- a/README.md
+++ b/README.md
@@ -558,31 +558,31 @@ module "lambda_function_existing_package_from_remote_url" {
```
## How to use AWS SAM CLI to test Lambda Function?
-[AWS SAM CLI](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-command-reference.html) is an open source tool that help the developers to initiate, build, test, and deploy serverless
+[AWS SAM CLI](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-command-reference.html) is an open source tool that help the developers to initiate, build, test, and deploy serverless
applications. SAM CLI tool [supports Terraform applications](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/what-is-terraform-support.html).
SAM CLI provides two ways of testing: local testing and testing on-cloud (Accelerate).
### Local Testing
Using SAM CLI, you can invoke the lambda functions defined in the terraform application locally using the [sam local invoke](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-cli-command-reference-sam-local-invoke.html)
-command, providing the function terraform address, or function name, and to set the `hook-name` to `terraform` to tell SAM CLI that the underlying project is a terraform application.
+command, providing the function terraform address, or function name, and to set the `hook-name` to `terraform` to tell SAM CLI that the underlying project is a terraform application.
You can execute the `sam local invoke` command from your terraform application root directory as following:
```
-sam local invoke --hook-name terraform module.hello_world_function.aws_lambda_function.this[0]
+sam local invoke --hook-name terraform module.hello_world_function.aws_lambda_function.this[0]
```
You can also pass an event to your lambda function, or overwrite its environment variables. Check [here](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-using-invoke.html) for more information.
You can also invoke your lambda function in debugging mode, and step-through your lambda function source code locally in your preferred editor. Check [here](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-using-debugging.html) for more information.
### Testing on-cloud (Accelerate)
-You can use AWS SAM CLI to quickly test your application on your AWS development account. Using SAM Accelerate, you will be able to develop your lambda functions locally,
+You can use AWS SAM CLI to quickly test your application on your AWS development account. Using SAM Accelerate, you will be able to develop your lambda functions locally,
and once you save your updates, SAM CLI will update your development account with the updated Lambda functions. So, you can test it on cloud, and if there is any bug,
you can quickly update the code, and SAM CLI will take care of pushing it to the cloud. Check [here](https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/accelerate.html) for more information about SAM Accelerate.
You can execute the `sam sync` command from your terraform application root directory as following:
```
-sam sync --hook-name terraform --watch
+sam sync --hook-name terraform --watch
```
## How to deploy and manage Lambda Functions?
@@ -838,6 +838,7 @@ No modules.
| [s3\_acl](#input\_s3\_acl) | The canned ACL to apply. Valid values are private, public-read, public-read-write, aws-exec-read, authenticated-read, bucket-owner-read, and bucket-owner-full-control. Defaults to private. | `string` | `"private"` | no |
| [s3\_bucket](#input\_s3\_bucket) | S3 bucket to store artifacts | `string` | `null` | no |
| [s3\_existing\_package](#input\_s3\_existing\_package) | The S3 bucket object with keys bucket, key, version pointing to an existing zip-file to use | `map(string)` | `null` | no |
+| [s3\_kms\_key\_id](#input\_s3\_kms\_key\_id) | Specifies a custom KMS key to use for S3 object encryption. | `string` | `null` | no |
| [s3\_object\_storage\_class](#input\_s3\_object\_storage\_class) | Specifies the desired Storage Class for the artifact uploaded to S3. Can be either STANDARD, REDUCED\_REDUNDANCY, ONEZONE\_IA, INTELLIGENT\_TIERING, or STANDARD\_IA. | `string` | `"ONEZONE_IA"` | no |
| [s3\_object\_tags](#input\_s3\_object\_tags) | A map of tags to assign to S3 bucket object. | `map(string)` | `{}` | no |
| [s3\_object\_tags\_only](#input\_s3\_object\_tags\_only) | Set to true to not merge tags with s3\_object\_tags. Useful to avoid breaching S3 Object 10 tag limit. | `bool` | `false` | no |
diff --git a/main.tf b/main.tf
index a7bbf09b..76ce118d 100644
--- a/main.tf
+++ b/main.tf
@@ -175,6 +175,7 @@ resource "aws_s3_object" "lambda_package" {
storage_class = var.s3_object_storage_class
server_side_encryption = var.s3_server_side_encryption
+ kms_key_id = var.s3_kms_key_id
tags = var.s3_object_tags_only ? var.s3_object_tags : merge(var.tags, var.s3_object_tags)
diff --git a/variables.tf b/variables.tf
index b085b895..b1713c82 100644
--- a/variables.tf
+++ b/variables.tf
@@ -684,6 +684,12 @@ variable "s3_server_side_encryption" {
default = null
}
+variable "s3_kms_key_id" {
+ description = "Specifies a custom KMS key to use for S3 object encryption."
+ type = string
+ default = null
+}
+
variable "source_path" {
description = "The absolute path to a local file or directory containing your Lambda source code"
type = any # string | list(string | map(any))
diff --git a/wrappers/alias/main.tf b/wrappers/alias/main.tf
index 81d3aad9..7729dd06 100644
--- a/wrappers/alias/main.tf
+++ b/wrappers/alias/main.tf
@@ -3,23 +3,23 @@ module "wrapper" {
for_each = var.items
+ allowed_triggers = try(each.value.allowed_triggers, var.defaults.allowed_triggers, {})
create = try(each.value.create, var.defaults.create, true)
- use_existing_alias = try(each.value.use_existing_alias, var.defaults.use_existing_alias, false)
- refresh_alias = try(each.value.refresh_alias, var.defaults.refresh_alias, true)
create_async_event_config = try(each.value.create_async_event_config, var.defaults.create_async_event_config, false)
- create_version_async_event_config = try(each.value.create_version_async_event_config, var.defaults.create_version_async_event_config, true)
+ create_qualified_alias_allowed_triggers = try(each.value.create_qualified_alias_allowed_triggers, var.defaults.create_qualified_alias_allowed_triggers, true)
create_qualified_alias_async_event_config = try(each.value.create_qualified_alias_async_event_config, var.defaults.create_qualified_alias_async_event_config, true)
create_version_allowed_triggers = try(each.value.create_version_allowed_triggers, var.defaults.create_version_allowed_triggers, true)
- create_qualified_alias_allowed_triggers = try(each.value.create_qualified_alias_allowed_triggers, var.defaults.create_qualified_alias_allowed_triggers, true)
- name = try(each.value.name, var.defaults.name, "")
+ create_version_async_event_config = try(each.value.create_version_async_event_config, var.defaults.create_version_async_event_config, true)
description = try(each.value.description, var.defaults.description, "")
+ destination_on_failure = try(each.value.destination_on_failure, var.defaults.destination_on_failure, null)
+ destination_on_success = try(each.value.destination_on_success, var.defaults.destination_on_success, null)
+ event_source_mapping = try(each.value.event_source_mapping, var.defaults.event_source_mapping, {})
function_name = try(each.value.function_name, var.defaults.function_name, "")
function_version = try(each.value.function_version, var.defaults.function_version, "")
- routing_additional_version_weights = try(each.value.routing_additional_version_weights, var.defaults.routing_additional_version_weights, {})
maximum_event_age_in_seconds = try(each.value.maximum_event_age_in_seconds, var.defaults.maximum_event_age_in_seconds, null)
maximum_retry_attempts = try(each.value.maximum_retry_attempts, var.defaults.maximum_retry_attempts, null)
- destination_on_failure = try(each.value.destination_on_failure, var.defaults.destination_on_failure, null)
- destination_on_success = try(each.value.destination_on_success, var.defaults.destination_on_success, null)
- allowed_triggers = try(each.value.allowed_triggers, var.defaults.allowed_triggers, {})
- event_source_mapping = try(each.value.event_source_mapping, var.defaults.event_source_mapping, {})
+ name = try(each.value.name, var.defaults.name, "")
+ refresh_alias = try(each.value.refresh_alias, var.defaults.refresh_alias, true)
+ routing_additional_version_weights = try(each.value.routing_additional_version_weights, var.defaults.routing_additional_version_weights, {})
+ use_existing_alias = try(each.value.use_existing_alias, var.defaults.use_existing_alias, false)
}
diff --git a/wrappers/deploy/main.tf b/wrappers/deploy/main.tf
index e09fa0f1..47cc3d8b 100644
--- a/wrappers/deploy/main.tf
+++ b/wrappers/deploy/main.tf
@@ -3,39 +3,39 @@ module "wrapper" {
for_each = var.items
- create = try(each.value.create, var.defaults.create, true)
- tags = try(each.value.tags, var.defaults.tags, {})
- alias_name = try(each.value.alias_name, var.defaults.alias_name, "")
- function_name = try(each.value.function_name, var.defaults.function_name, "")
- current_version = try(each.value.current_version, var.defaults.current_version, "")
- target_version = try(each.value.target_version, var.defaults.target_version, "")
- before_allow_traffic_hook_arn = try(each.value.before_allow_traffic_hook_arn, var.defaults.before_allow_traffic_hook_arn, "")
after_allow_traffic_hook_arn = try(each.value.after_allow_traffic_hook_arn, var.defaults.after_allow_traffic_hook_arn, "")
- interpreter = try(each.value.interpreter, var.defaults.interpreter, ["/bin/bash", "-c"])
- description = try(each.value.description, var.defaults.description, "")
- create_app = try(each.value.create_app, var.defaults.create_app, false)
- use_existing_app = try(each.value.use_existing_app, var.defaults.use_existing_app, false)
+ alarm_enabled = try(each.value.alarm_enabled, var.defaults.alarm_enabled, false)
+ alarm_ignore_poll_alarm_failure = try(each.value.alarm_ignore_poll_alarm_failure, var.defaults.alarm_ignore_poll_alarm_failure, false)
+ alarms = try(each.value.alarms, var.defaults.alarms, [])
+ alias_name = try(each.value.alias_name, var.defaults.alias_name, "")
app_name = try(each.value.app_name, var.defaults.app_name, "")
- create_deployment_group = try(each.value.create_deployment_group, var.defaults.create_deployment_group, false)
- use_existing_deployment_group = try(each.value.use_existing_deployment_group, var.defaults.use_existing_deployment_group, false)
- deployment_group_name = try(each.value.deployment_group_name, var.defaults.deployment_group_name, "")
- deployment_config_name = try(each.value.deployment_config_name, var.defaults.deployment_config_name, "CodeDeployDefault.LambdaAllAtOnce")
+ attach_hooks_policy = try(each.value.attach_hooks_policy, var.defaults.attach_hooks_policy, true)
+ attach_triggers_policy = try(each.value.attach_triggers_policy, var.defaults.attach_triggers_policy, false)
auto_rollback_enabled = try(each.value.auto_rollback_enabled, var.defaults.auto_rollback_enabled, true)
auto_rollback_events = try(each.value.auto_rollback_events, var.defaults.auto_rollback_events, ["DEPLOYMENT_STOP_ON_ALARM"])
- alarm_enabled = try(each.value.alarm_enabled, var.defaults.alarm_enabled, false)
- alarms = try(each.value.alarms, var.defaults.alarms, [])
- alarm_ignore_poll_alarm_failure = try(each.value.alarm_ignore_poll_alarm_failure, var.defaults.alarm_ignore_poll_alarm_failure, false)
- triggers = try(each.value.triggers, var.defaults.triggers, {})
aws_cli_command = try(each.value.aws_cli_command, var.defaults.aws_cli_command, "aws")
- save_deploy_script = try(each.value.save_deploy_script, var.defaults.save_deploy_script, false)
+ before_allow_traffic_hook_arn = try(each.value.before_allow_traffic_hook_arn, var.defaults.before_allow_traffic_hook_arn, "")
+ codedeploy_principals = try(each.value.codedeploy_principals, var.defaults.codedeploy_principals, ["codedeploy.amazonaws.com"])
+ codedeploy_role_name = try(each.value.codedeploy_role_name, var.defaults.codedeploy_role_name, "")
+ create = try(each.value.create, var.defaults.create, true)
+ create_app = try(each.value.create_app, var.defaults.create_app, false)
+ create_codedeploy_role = try(each.value.create_codedeploy_role, var.defaults.create_codedeploy_role, true)
create_deployment = try(each.value.create_deployment, var.defaults.create_deployment, false)
- run_deployment = try(each.value.run_deployment, var.defaults.run_deployment, false)
+ create_deployment_group = try(each.value.create_deployment_group, var.defaults.create_deployment_group, false)
+ current_version = try(each.value.current_version, var.defaults.current_version, "")
+ deployment_config_name = try(each.value.deployment_config_name, var.defaults.deployment_config_name, "CodeDeployDefault.LambdaAllAtOnce")
+ deployment_group_name = try(each.value.deployment_group_name, var.defaults.deployment_group_name, "")
+ description = try(each.value.description, var.defaults.description, "")
force_deploy = try(each.value.force_deploy, var.defaults.force_deploy, false)
- wait_deployment_completion = try(each.value.wait_deployment_completion, var.defaults.wait_deployment_completion, false)
- create_codedeploy_role = try(each.value.create_codedeploy_role, var.defaults.create_codedeploy_role, true)
- codedeploy_role_name = try(each.value.codedeploy_role_name, var.defaults.codedeploy_role_name, "")
- codedeploy_principals = try(each.value.codedeploy_principals, var.defaults.codedeploy_principals, ["codedeploy.amazonaws.com"])
- attach_hooks_policy = try(each.value.attach_hooks_policy, var.defaults.attach_hooks_policy, true)
- attach_triggers_policy = try(each.value.attach_triggers_policy, var.defaults.attach_triggers_policy, false)
+ function_name = try(each.value.function_name, var.defaults.function_name, "")
get_deployment_sleep_timer = try(each.value.get_deployment_sleep_timer, var.defaults.get_deployment_sleep_timer, 5)
+ interpreter = try(each.value.interpreter, var.defaults.interpreter, ["/bin/bash", "-c"])
+ run_deployment = try(each.value.run_deployment, var.defaults.run_deployment, false)
+ save_deploy_script = try(each.value.save_deploy_script, var.defaults.save_deploy_script, false)
+ tags = try(each.value.tags, var.defaults.tags, {})
+ target_version = try(each.value.target_version, var.defaults.target_version, "")
+ triggers = try(each.value.triggers, var.defaults.triggers, {})
+ use_existing_app = try(each.value.use_existing_app, var.defaults.use_existing_app, false)
+ use_existing_deployment_group = try(each.value.use_existing_deployment_group, var.defaults.use_existing_deployment_group, false)
+ wait_deployment_completion = try(each.value.wait_deployment_completion, var.defaults.wait_deployment_completion, false)
}
diff --git a/wrappers/docker-build/main.tf b/wrappers/docker-build/main.tf
index c53be636..81afa562 100644
--- a/wrappers/docker-build/main.tf
+++ b/wrappers/docker-build/main.tf
@@ -3,19 +3,19 @@ module "wrapper" {
for_each = var.items
+ build_args = try(each.value.build_args, var.defaults.build_args, {})
create_ecr_repo = try(each.value.create_ecr_repo, var.defaults.create_ecr_repo, false)
create_sam_metadata = try(each.value.create_sam_metadata, var.defaults.create_sam_metadata, false)
+ docker_file_path = try(each.value.docker_file_path, var.defaults.docker_file_path, "Dockerfile")
ecr_address = try(each.value.ecr_address, var.defaults.ecr_address, null)
+ ecr_force_delete = try(each.value.ecr_force_delete, var.defaults.ecr_force_delete, true)
ecr_repo = try(each.value.ecr_repo, var.defaults.ecr_repo, null)
+ ecr_repo_lifecycle_policy = try(each.value.ecr_repo_lifecycle_policy, var.defaults.ecr_repo_lifecycle_policy, null)
+ ecr_repo_tags = try(each.value.ecr_repo_tags, var.defaults.ecr_repo_tags, {})
image_tag = try(each.value.image_tag, var.defaults.image_tag, null)
- source_path = try(each.value.source_path, var.defaults.source_path, null)
- docker_file_path = try(each.value.docker_file_path, var.defaults.docker_file_path, "Dockerfile")
image_tag_mutability = try(each.value.image_tag_mutability, var.defaults.image_tag_mutability, "MUTABLE")
- scan_on_push = try(each.value.scan_on_push, var.defaults.scan_on_push, false)
- ecr_force_delete = try(each.value.ecr_force_delete, var.defaults.ecr_force_delete, true)
- ecr_repo_tags = try(each.value.ecr_repo_tags, var.defaults.ecr_repo_tags, {})
- build_args = try(each.value.build_args, var.defaults.build_args, {})
- ecr_repo_lifecycle_policy = try(each.value.ecr_repo_lifecycle_policy, var.defaults.ecr_repo_lifecycle_policy, null)
keep_remotely = try(each.value.keep_remotely, var.defaults.keep_remotely, false)
platform = try(each.value.platform, var.defaults.platform, null)
+ scan_on_push = try(each.value.scan_on_push, var.defaults.scan_on_push, false)
+ source_path = try(each.value.source_path, var.defaults.source_path, null)
}
diff --git a/wrappers/main.tf b/wrappers/main.tf
index 4a101cd2..d842223d 100644
--- a/wrappers/main.tf
+++ b/wrappers/main.tf
@@ -3,122 +3,123 @@ module "wrapper" {
for_each = var.items
+ allowed_triggers = try(each.value.allowed_triggers, var.defaults.allowed_triggers, {})
+ architectures = try(each.value.architectures, var.defaults.architectures, null)
+ artifacts_dir = try(each.value.artifacts_dir, var.defaults.artifacts_dir, "builds")
+ assume_role_policy_statements = try(each.value.assume_role_policy_statements, var.defaults.assume_role_policy_statements, {})
+ attach_async_event_policy = try(each.value.attach_async_event_policy, var.defaults.attach_async_event_policy, false)
+ attach_cloudwatch_logs_policy = try(each.value.attach_cloudwatch_logs_policy, var.defaults.attach_cloudwatch_logs_policy, true)
+ attach_dead_letter_policy = try(each.value.attach_dead_letter_policy, var.defaults.attach_dead_letter_policy, false)
+ attach_network_policy = try(each.value.attach_network_policy, var.defaults.attach_network_policy, false)
+ attach_policies = try(each.value.attach_policies, var.defaults.attach_policies, false)
+ attach_policy = try(each.value.attach_policy, var.defaults.attach_policy, false)
+ attach_policy_json = try(each.value.attach_policy_json, var.defaults.attach_policy_json, false)
+ attach_policy_jsons = try(each.value.attach_policy_jsons, var.defaults.attach_policy_jsons, false)
+ attach_policy_statements = try(each.value.attach_policy_statements, var.defaults.attach_policy_statements, false)
+ attach_tracing_policy = try(each.value.attach_tracing_policy, var.defaults.attach_tracing_policy, false)
+ authorization_type = try(each.value.authorization_type, var.defaults.authorization_type, "NONE")
+ build_in_docker = try(each.value.build_in_docker, var.defaults.build_in_docker, false)
+ cloudwatch_logs_kms_key_id = try(each.value.cloudwatch_logs_kms_key_id, var.defaults.cloudwatch_logs_kms_key_id, null)
+ cloudwatch_logs_retention_in_days = try(each.value.cloudwatch_logs_retention_in_days, var.defaults.cloudwatch_logs_retention_in_days, null)
+ cloudwatch_logs_tags = try(each.value.cloudwatch_logs_tags, var.defaults.cloudwatch_logs_tags, {})
+ code_signing_config_arn = try(each.value.code_signing_config_arn, var.defaults.code_signing_config_arn, null)
+ compatible_architectures = try(each.value.compatible_architectures, var.defaults.compatible_architectures, null)
+ compatible_runtimes = try(each.value.compatible_runtimes, var.defaults.compatible_runtimes, [])
+ cors = try(each.value.cors, var.defaults.cors, {})
create = try(each.value.create, var.defaults.create, true)
- create_package = try(each.value.create_package, var.defaults.create_package, true)
+ create_async_event_config = try(each.value.create_async_event_config, var.defaults.create_async_event_config, false)
+ create_current_version_allowed_triggers = try(each.value.create_current_version_allowed_triggers, var.defaults.create_current_version_allowed_triggers, true)
+ create_current_version_async_event_config = try(each.value.create_current_version_async_event_config, var.defaults.create_current_version_async_event_config, true)
create_function = try(each.value.create_function, var.defaults.create_function, true)
+ create_lambda_function_url = try(each.value.create_lambda_function_url, var.defaults.create_lambda_function_url, false)
create_layer = try(each.value.create_layer, var.defaults.create_layer, false)
+ create_package = try(each.value.create_package, var.defaults.create_package, true)
create_role = try(each.value.create_role, var.defaults.create_role, true)
- create_lambda_function_url = try(each.value.create_lambda_function_url, var.defaults.create_lambda_function_url, false)
create_sam_metadata = try(each.value.create_sam_metadata, var.defaults.create_sam_metadata, false)
- putin_khuylo = try(each.value.putin_khuylo, var.defaults.putin_khuylo, true)
- lambda_at_edge = try(each.value.lambda_at_edge, var.defaults.lambda_at_edge, false)
- lambda_at_edge_logs_all_regions = try(each.value.lambda_at_edge_logs_all_regions, var.defaults.lambda_at_edge_logs_all_regions, true)
- function_name = try(each.value.function_name, var.defaults.function_name, "")
- handler = try(each.value.handler, var.defaults.handler, "")
- runtime = try(each.value.runtime, var.defaults.runtime, "")
- lambda_role = try(each.value.lambda_role, var.defaults.lambda_role, "")
- description = try(each.value.description, var.defaults.description, "")
- code_signing_config_arn = try(each.value.code_signing_config_arn, var.defaults.code_signing_config_arn, null)
- layers = try(each.value.layers, var.defaults.layers, null)
- architectures = try(each.value.architectures, var.defaults.architectures, null)
- kms_key_arn = try(each.value.kms_key_arn, var.defaults.kms_key_arn, null)
- memory_size = try(each.value.memory_size, var.defaults.memory_size, 128)
- ephemeral_storage_size = try(each.value.ephemeral_storage_size, var.defaults.ephemeral_storage_size, 512)
- publish = try(each.value.publish, var.defaults.publish, false)
- reserved_concurrent_executions = try(each.value.reserved_concurrent_executions, var.defaults.reserved_concurrent_executions, -1)
- timeout = try(each.value.timeout, var.defaults.timeout, 3)
+ create_unqualified_alias_allowed_triggers = try(each.value.create_unqualified_alias_allowed_triggers, var.defaults.create_unqualified_alias_allowed_triggers, true)
+ create_unqualified_alias_async_event_config = try(each.value.create_unqualified_alias_async_event_config, var.defaults.create_unqualified_alias_async_event_config, true)
+ create_unqualified_alias_lambda_function_url = try(each.value.create_unqualified_alias_lambda_function_url, var.defaults.create_unqualified_alias_lambda_function_url, true)
dead_letter_target_arn = try(each.value.dead_letter_target_arn, var.defaults.dead_letter_target_arn, null)
+ description = try(each.value.description, var.defaults.description, "")
+ destination_on_failure = try(each.value.destination_on_failure, var.defaults.destination_on_failure, null)
+ destination_on_success = try(each.value.destination_on_success, var.defaults.destination_on_success, null)
+ docker_additional_options = try(each.value.docker_additional_options, var.defaults.docker_additional_options, [])
+ docker_build_root = try(each.value.docker_build_root, var.defaults.docker_build_root, "")
+ docker_entrypoint = try(each.value.docker_entrypoint, var.defaults.docker_entrypoint, null)
+ docker_file = try(each.value.docker_file, var.defaults.docker_file, "")
+ docker_image = try(each.value.docker_image, var.defaults.docker_image, "")
+ docker_pip_cache = try(each.value.docker_pip_cache, var.defaults.docker_pip_cache, null)
+ docker_with_ssh_agent = try(each.value.docker_with_ssh_agent, var.defaults.docker_with_ssh_agent, false)
environment_variables = try(each.value.environment_variables, var.defaults.environment_variables, {})
- tracing_mode = try(each.value.tracing_mode, var.defaults.tracing_mode, null)
- vpc_subnet_ids = try(each.value.vpc_subnet_ids, var.defaults.vpc_subnet_ids, null)
- vpc_security_group_ids = try(each.value.vpc_security_group_ids, var.defaults.vpc_security_group_ids, null)
- tags = try(each.value.tags, var.defaults.tags, {})
+ ephemeral_storage_size = try(each.value.ephemeral_storage_size, var.defaults.ephemeral_storage_size, 512)
+ event_source_mapping = try(each.value.event_source_mapping, var.defaults.event_source_mapping, {})
+ file_system_arn = try(each.value.file_system_arn, var.defaults.file_system_arn, null)
+ file_system_local_mount_path = try(each.value.file_system_local_mount_path, var.defaults.file_system_local_mount_path, null)
+ function_name = try(each.value.function_name, var.defaults.function_name, "")
function_tags = try(each.value.function_tags, var.defaults.function_tags, {})
- s3_object_tags = try(each.value.s3_object_tags, var.defaults.s3_object_tags, {})
- s3_object_tags_only = try(each.value.s3_object_tags_only, var.defaults.s3_object_tags_only, false)
- package_type = try(each.value.package_type, var.defaults.package_type, "Zip")
- image_uri = try(each.value.image_uri, var.defaults.image_uri, null)
- image_config_entry_point = try(each.value.image_config_entry_point, var.defaults.image_config_entry_point, [])
+ handler = try(each.value.handler, var.defaults.handler, "")
+ hash_extra = try(each.value.hash_extra, var.defaults.hash_extra, "")
+ ignore_source_code_hash = try(each.value.ignore_source_code_hash, var.defaults.ignore_source_code_hash, false)
image_config_command = try(each.value.image_config_command, var.defaults.image_config_command, [])
+ image_config_entry_point = try(each.value.image_config_entry_point, var.defaults.image_config_entry_point, [])
image_config_working_directory = try(each.value.image_config_working_directory, var.defaults.image_config_working_directory, null)
- snap_start = try(each.value.snap_start, var.defaults.snap_start, false)
- replace_security_groups_on_destroy = try(each.value.replace_security_groups_on_destroy, var.defaults.replace_security_groups_on_destroy, null)
- replacement_security_group_ids = try(each.value.replacement_security_group_ids, var.defaults.replacement_security_group_ids, null)
- timeouts = try(each.value.timeouts, var.defaults.timeouts, {})
- create_unqualified_alias_lambda_function_url = try(each.value.create_unqualified_alias_lambda_function_url, var.defaults.create_unqualified_alias_lambda_function_url, true)
- authorization_type = try(each.value.authorization_type, var.defaults.authorization_type, "NONE")
- cors = try(each.value.cors, var.defaults.cors, {})
+ image_uri = try(each.value.image_uri, var.defaults.image_uri, null)
invoke_mode = try(each.value.invoke_mode, var.defaults.invoke_mode, null)
+ kms_key_arn = try(each.value.kms_key_arn, var.defaults.kms_key_arn, null)
+ lambda_at_edge = try(each.value.lambda_at_edge, var.defaults.lambda_at_edge, false)
+ lambda_at_edge_logs_all_regions = try(each.value.lambda_at_edge_logs_all_regions, var.defaults.lambda_at_edge_logs_all_regions, true)
+ lambda_role = try(each.value.lambda_role, var.defaults.lambda_role, "")
layer_name = try(each.value.layer_name, var.defaults.layer_name, "")
layer_skip_destroy = try(each.value.layer_skip_destroy, var.defaults.layer_skip_destroy, false)
+ layers = try(each.value.layers, var.defaults.layers, null)
license_info = try(each.value.license_info, var.defaults.license_info, "")
- compatible_runtimes = try(each.value.compatible_runtimes, var.defaults.compatible_runtimes, [])
- compatible_architectures = try(each.value.compatible_architectures, var.defaults.compatible_architectures, null)
- create_async_event_config = try(each.value.create_async_event_config, var.defaults.create_async_event_config, false)
- create_current_version_async_event_config = try(each.value.create_current_version_async_event_config, var.defaults.create_current_version_async_event_config, true)
- create_unqualified_alias_async_event_config = try(each.value.create_unqualified_alias_async_event_config, var.defaults.create_unqualified_alias_async_event_config, true)
+ local_existing_package = try(each.value.local_existing_package, var.defaults.local_existing_package, null)
maximum_event_age_in_seconds = try(each.value.maximum_event_age_in_seconds, var.defaults.maximum_event_age_in_seconds, null)
maximum_retry_attempts = try(each.value.maximum_retry_attempts, var.defaults.maximum_retry_attempts, null)
- destination_on_failure = try(each.value.destination_on_failure, var.defaults.destination_on_failure, null)
- destination_on_success = try(each.value.destination_on_success, var.defaults.destination_on_success, null)
+ memory_size = try(each.value.memory_size, var.defaults.memory_size, 128)
+ number_of_policies = try(each.value.number_of_policies, var.defaults.number_of_policies, 0)
+ number_of_policy_jsons = try(each.value.number_of_policy_jsons, var.defaults.number_of_policy_jsons, 0)
+ package_type = try(each.value.package_type, var.defaults.package_type, "Zip")
+ policies = try(each.value.policies, var.defaults.policies, [])
+ policy = try(each.value.policy, var.defaults.policy, null)
+ policy_json = try(each.value.policy_json, var.defaults.policy_json, null)
+ policy_jsons = try(each.value.policy_jsons, var.defaults.policy_jsons, [])
+ policy_name = try(each.value.policy_name, var.defaults.policy_name, null)
+ policy_path = try(each.value.policy_path, var.defaults.policy_path, null)
+ policy_statements = try(each.value.policy_statements, var.defaults.policy_statements, {})
provisioned_concurrent_executions = try(each.value.provisioned_concurrent_executions, var.defaults.provisioned_concurrent_executions, -1)
- create_current_version_allowed_triggers = try(each.value.create_current_version_allowed_triggers, var.defaults.create_current_version_allowed_triggers, true)
- create_unqualified_alias_allowed_triggers = try(each.value.create_unqualified_alias_allowed_triggers, var.defaults.create_unqualified_alias_allowed_triggers, true)
- allowed_triggers = try(each.value.allowed_triggers, var.defaults.allowed_triggers, {})
- event_source_mapping = try(each.value.event_source_mapping, var.defaults.event_source_mapping, {})
- use_existing_cloudwatch_log_group = try(each.value.use_existing_cloudwatch_log_group, var.defaults.use_existing_cloudwatch_log_group, false)
- cloudwatch_logs_retention_in_days = try(each.value.cloudwatch_logs_retention_in_days, var.defaults.cloudwatch_logs_retention_in_days, null)
- cloudwatch_logs_kms_key_id = try(each.value.cloudwatch_logs_kms_key_id, var.defaults.cloudwatch_logs_kms_key_id, null)
- cloudwatch_logs_tags = try(each.value.cloudwatch_logs_tags, var.defaults.cloudwatch_logs_tags, {})
- role_name = try(each.value.role_name, var.defaults.role_name, null)
+ publish = try(each.value.publish, var.defaults.publish, false)
+ putin_khuylo = try(each.value.putin_khuylo, var.defaults.putin_khuylo, true)
+ recreate_missing_package = try(each.value.recreate_missing_package, var.defaults.recreate_missing_package, true)
+ replace_security_groups_on_destroy = try(each.value.replace_security_groups_on_destroy, var.defaults.replace_security_groups_on_destroy, null)
+ replacement_security_group_ids = try(each.value.replacement_security_group_ids, var.defaults.replacement_security_group_ids, null)
+ reserved_concurrent_executions = try(each.value.reserved_concurrent_executions, var.defaults.reserved_concurrent_executions, -1)
role_description = try(each.value.role_description, var.defaults.role_description, null)
- role_path = try(each.value.role_path, var.defaults.role_path, null)
role_force_detach_policies = try(each.value.role_force_detach_policies, var.defaults.role_force_detach_policies, true)
+ role_maximum_session_duration = try(each.value.role_maximum_session_duration, var.defaults.role_maximum_session_duration, 3600)
+ role_name = try(each.value.role_name, var.defaults.role_name, null)
+ role_path = try(each.value.role_path, var.defaults.role_path, null)
role_permissions_boundary = try(each.value.role_permissions_boundary, var.defaults.role_permissions_boundary, null)
role_tags = try(each.value.role_tags, var.defaults.role_tags, {})
- role_maximum_session_duration = try(each.value.role_maximum_session_duration, var.defaults.role_maximum_session_duration, 3600)
- policy_name = try(each.value.policy_name, var.defaults.policy_name, null)
- attach_cloudwatch_logs_policy = try(each.value.attach_cloudwatch_logs_policy, var.defaults.attach_cloudwatch_logs_policy, true)
- attach_dead_letter_policy = try(each.value.attach_dead_letter_policy, var.defaults.attach_dead_letter_policy, false)
- attach_network_policy = try(each.value.attach_network_policy, var.defaults.attach_network_policy, false)
- attach_tracing_policy = try(each.value.attach_tracing_policy, var.defaults.attach_tracing_policy, false)
- attach_async_event_policy = try(each.value.attach_async_event_policy, var.defaults.attach_async_event_policy, false)
- attach_policy_json = try(each.value.attach_policy_json, var.defaults.attach_policy_json, false)
- attach_policy_jsons = try(each.value.attach_policy_jsons, var.defaults.attach_policy_jsons, false)
- attach_policy = try(each.value.attach_policy, var.defaults.attach_policy, false)
- attach_policies = try(each.value.attach_policies, var.defaults.attach_policies, false)
- policy_path = try(each.value.policy_path, var.defaults.policy_path, null)
- number_of_policy_jsons = try(each.value.number_of_policy_jsons, var.defaults.number_of_policy_jsons, 0)
- number_of_policies = try(each.value.number_of_policies, var.defaults.number_of_policies, 0)
- attach_policy_statements = try(each.value.attach_policy_statements, var.defaults.attach_policy_statements, false)
- trusted_entities = try(each.value.trusted_entities, var.defaults.trusted_entities, [])
- assume_role_policy_statements = try(each.value.assume_role_policy_statements, var.defaults.assume_role_policy_statements, {})
- policy_json = try(each.value.policy_json, var.defaults.policy_json, null)
- policy_jsons = try(each.value.policy_jsons, var.defaults.policy_jsons, [])
- policy = try(each.value.policy, var.defaults.policy, null)
- policies = try(each.value.policies, var.defaults.policies, [])
- policy_statements = try(each.value.policy_statements, var.defaults.policy_statements, {})
- file_system_arn = try(each.value.file_system_arn, var.defaults.file_system_arn, null)
- file_system_local_mount_path = try(each.value.file_system_local_mount_path, var.defaults.file_system_local_mount_path, null)
- artifacts_dir = try(each.value.artifacts_dir, var.defaults.artifacts_dir, "builds")
- s3_prefix = try(each.value.s3_prefix, var.defaults.s3_prefix, null)
- ignore_source_code_hash = try(each.value.ignore_source_code_hash, var.defaults.ignore_source_code_hash, false)
- local_existing_package = try(each.value.local_existing_package, var.defaults.local_existing_package, null)
+ runtime = try(each.value.runtime, var.defaults.runtime, "")
+ s3_acl = try(each.value.s3_acl, var.defaults.s3_acl, "private")
+ s3_bucket = try(each.value.s3_bucket, var.defaults.s3_bucket, null)
s3_existing_package = try(each.value.s3_existing_package, var.defaults.s3_existing_package, null)
- store_on_s3 = try(each.value.store_on_s3, var.defaults.store_on_s3, false)
+ s3_kms_key_id = try(each.value.s3_kms_key_id, var.defaults.s3_kms_key_id, null)
s3_object_storage_class = try(each.value.s3_object_storage_class, var.defaults.s3_object_storage_class, "ONEZONE_IA")
- s3_bucket = try(each.value.s3_bucket, var.defaults.s3_bucket, null)
- s3_acl = try(each.value.s3_acl, var.defaults.s3_acl, "private")
+ s3_object_tags = try(each.value.s3_object_tags, var.defaults.s3_object_tags, {})
+ s3_object_tags_only = try(each.value.s3_object_tags_only, var.defaults.s3_object_tags_only, false)
+ s3_prefix = try(each.value.s3_prefix, var.defaults.s3_prefix, null)
s3_server_side_encryption = try(each.value.s3_server_side_encryption, var.defaults.s3_server_side_encryption, null)
+ snap_start = try(each.value.snap_start, var.defaults.snap_start, false)
source_path = try(each.value.source_path, var.defaults.source_path, null)
- hash_extra = try(each.value.hash_extra, var.defaults.hash_extra, "")
- build_in_docker = try(each.value.build_in_docker, var.defaults.build_in_docker, false)
- docker_file = try(each.value.docker_file, var.defaults.docker_file, "")
- docker_build_root = try(each.value.docker_build_root, var.defaults.docker_build_root, "")
- docker_image = try(each.value.docker_image, var.defaults.docker_image, "")
- docker_with_ssh_agent = try(each.value.docker_with_ssh_agent, var.defaults.docker_with_ssh_agent, false)
- docker_pip_cache = try(each.value.docker_pip_cache, var.defaults.docker_pip_cache, null)
- docker_additional_options = try(each.value.docker_additional_options, var.defaults.docker_additional_options, [])
- docker_entrypoint = try(each.value.docker_entrypoint, var.defaults.docker_entrypoint, null)
- recreate_missing_package = try(each.value.recreate_missing_package, var.defaults.recreate_missing_package, true)
+ store_on_s3 = try(each.value.store_on_s3, var.defaults.store_on_s3, false)
+ tags = try(each.value.tags, var.defaults.tags, {})
+ timeout = try(each.value.timeout, var.defaults.timeout, 3)
+ timeouts = try(each.value.timeouts, var.defaults.timeouts, {})
+ tracing_mode = try(each.value.tracing_mode, var.defaults.tracing_mode, null)
+ trusted_entities = try(each.value.trusted_entities, var.defaults.trusted_entities, [])
+ use_existing_cloudwatch_log_group = try(each.value.use_existing_cloudwatch_log_group, var.defaults.use_existing_cloudwatch_log_group, false)
+ vpc_security_group_ids = try(each.value.vpc_security_group_ids, var.defaults.vpc_security_group_ids, null)
+ vpc_subnet_ids = try(each.value.vpc_subnet_ids, var.defaults.vpc_subnet_ids, null)
}