SSM configuration refactored
Introducing a new configuration object ssm
to specify SSM parameter names. The IAM role will be enhanced with read permissions to those parameters.
In addition the variable kms_key_arn
will (also) be set in the aws_lambda_function
as described in https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#kms_key_arn.
(for spring-media users, this fixes spring-media/terraform-aws-lambda#61 and spring-media/terraform-aws-lambda#59)
Deprecations:
- the old
ssm_parameter_names
variable is deprecated and scheduled for deletion in the next major release of this module - using
kms_key_arn
to create an IAM role attachment to allowkms:Decrypt
for custom keys is deprecated and will be removed in the next major release of this module