Terraform configurations for the lambda-functions automation tool, managed remotely through HCP Terraform.
This project provisions and manages infrastructure for the lambda-functions automation tool.
Infrastructure is deployed to AWS.
| Service | Purpose |
|---|---|
| S3 | Lambda functions, layers and hashes |
| Lambda | Handler functions |
| Event Bridge | Automated Lambda layer cleanup |
| Terraform Cloud (HCP) | Remote backend for state and workflow |
- Terraform CLI: Installed on your local machine (download)
- HCP Terraform Account: Set up with an associated workspace for this repo
- AWS Account & IAM Permissions
- Terraform CLI Authentication to HCP: via
terraform login
git clone https://github.com/denesbeck/lambda-functions-tf.git
cd lambda-functions-tfterraform loginThis authenticates your CLI with Terraform Cloud for remote state and run operations.
terraform initThis will automatically detect and configure the remote backend specified in providers.tf.
You can preview changes locally with:
terraform planYou can apply changes by pushing them to the default branch (usually main) to trigger a run via VCS integration.
modules/core/:lambda.tfβ Lambda handler functionss3.tfβ S3 buckets for storing metadatascheduler.tfβ Automated Lambda layer cleanup
modules/iam/: IAM roles and policies for resourcesscheduler.tf- IAM role and trust policy for the EventBridge Schedulerlayer-cleanup.tf- IAM role and policy for the layer cleanup automationoidc.tf- IAM resources for the GH OIDC
modules/iam/apps/: Application specific IAM roles and policies
This project uses the following remote backend configuration (found in providers.tf):
terraform {
cloud {
organization = "crimson-org"
workspaces {
name = "lambda-functions-tf"
}
}
}- Terraform state is stored and versioned in HCP Terraform.
- You can manage plans, runs, and approvals through the Terraform Cloud UI.