Use this URL for the source of the module. See the usage examples below for more details.
github.com/pbs/terraform-aws-lambda-api-module?ref=0.6.45
More information can be found on these install methods and more in the documentation here.
This module provisions a Lambda function with an API Gateway in front of it to accept HTTP traffic.
Integrate this module like so:
module "api" {
source = "github.com/pbs/terraform-aws-lambda-api-module?ref=0.6.45"
handler = "main"
filename = "../artifacts/handler.zip"
runtime = "go1.x"
primary_hosted_zone = "example.com"
# Tagging Parameters
organization = var.organization
environment = var.environment
product = var.product
repo = var.repo
# Optional Parameters
}
If this repo is added as a subtree, then the version of the module should be close to the version shown here:
0.6.45
Note, however that subtrees can be altered as desired within repositories.
Further documentation on usage can be found here.
Below is automatically generated documentation on this Terraform module using terraform-docs
Name | Version |
---|---|
terraform | >= 1.3.2 |
aws | >= 4.5.0 |
Name | Version |
---|---|
aws | 5.24.0 |
Name | Source | Version |
---|---|---|
lambda | github.com/pbs/terraform-aws-lambda-module | 1.3.38 |
Name | Type |
---|---|
aws_apigatewayv2_api.api | resource |
aws_apigatewayv2_api_mapping.alternate_domain_api_mapping | resource |
aws_apigatewayv2_api_mapping.api_mapping | resource |
aws_apigatewayv2_domain_name.alternate_domain_name | resource |
aws_apigatewayv2_domain_name.domain_name | resource |
aws_apigatewayv2_integration.integration | resource |
aws_apigatewayv2_route.route | resource |
aws_apigatewayv2_stage.stage | resource |
aws_lambda_permission.lambda_permission | resource |
aws_route53_record.record | resource |
aws_acm_certificate.wildcard | data source |
aws_default_tags.common_tags | data source |
aws_route53_zone.zone | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
environment | Environment (sharedtools, dev, staging, qa, prod) | string |
n/a | yes |
organization | Organization using this module. Used to prefix tags so that they are easily identified as being from your organization | string |
n/a | yes |
product | Tag used to group resources according to product | string |
n/a | yes |
repo | Tag used to point to the repo using this module | string |
n/a | yes |
acm_arn | ARN of the ACM certificate for the API integration | string |
null |
no |
add_app_config_extension_layer | Add the AWS-AppConfig-Lambda-Extension layer to the Lambda function. Ignored if layers is not null or if runtime is not supported. | bool |
true |
no |
add_ssm_extension_layer | Add the AWS-Parameters-and-Secrets-Lambda-Extension layer to the Lambda function. Ignored if layers is not null or if using the ARM runtime. | bool |
true |
no |
add_vpc_config | Add VPC configuration to the Lambda function | bool |
false |
no |
allow_app_config_access | Allow AppConfig access from the Lambda function. Ignored if policy_json or role_arn are set. |
bool |
true |
no |
alternate_domain_name | Alternate domain name for the API for which a DNS record will not be created. This can be useful for APIs that need to have CNAMEs defined in external accounts. | string |
null |
no |
app_config_extension_account_number | Account number for the AWS-AppConfig-Extension layer | string |
"027255383542" |
no |
app_config_extension_version | Lambda layer version for the AWS-AppConfig-Extension layer | number |
null |
no |
architectures | Architectures to target for the Lambda function | list(string) |
[ |
no |
auto_deploy | Auto deploy API Gateway updates. Leave this true | string |
"true" |
no |
connection_type | Connection type for the integeration endpoint. Probably want this to be INTERNET | string |
"INTERNET" |
no |
cors_configuration | CORS configuration map | any |
null |
no |
create_dns | Whether or not to provision a CNAME pointing to this API. domain_name returns API integration target, which requires separate CNAME if false. | bool |
true |
no |
disable_execute_api_endpoint | (optional) disable default execute endpoint | bool |
true |
no |
dns_evaluate_target_health | (optional) evaluate health of endpoints by querying DNS records | bool |
false |
no |
domain_name | Domain name for the API | string |
null |
no |
endpoint_type | Endpoint type. Leave this REGIONAL | string |
"REGIONAL" |
no |
environment_vars | Map of environment variables for the Lambda. If null, defaults to setting an SSM_PATH based on the environment and name of the function. Set to {} if you would like for there to be no environment variables present. This is important if you are creating a Lambda@Edge. | map(any) |
null |
no |
file_system_config | File system configuration for the Lambda function | map(any) |
null |
no |
filename | Filename for the artifact to use for the Lambda | string |
null |
no |
handler | Lambda handler | string |
null |
no |
image_uri | URI of the container image to use for the Lambda | string |
null |
no |
integration_description | Integration description. Auto-generated off local.name if null | string |
null |
no |
integration_method | Integration method. Leave this POST | string |
"POST" |
no |
integration_type | Integration type. Leave this AWS_PROXY | string |
"AWS_PROXY" |
no |
lambda_description | Description for this lambda function | string |
null |
no |
lambda_insights_extension_account_number | Account number for the LambdaInsightsExtension layer | string |
"580247275435" |
no |
lambda_insights_extension_version | Lambda layer version for the LambdaInsightsExtension layer | number |
null |
no |
lambda_name | Name of the Lambda function | string |
null |
no |
layers | Lambda layers to apply to function. If null, a Lambda Layer extension is added by default. | list(string) |
null |
no |
log_retention_in_days | Number of days to retain CloudWatch Log entries | number |
7 |
no |
memory_size | Amount of memory in MB your Lambda Function can use at runtime | number |
128 |
no |
name | Name of the API | string |
null |
no |
package_type | Package type for the Lambda function. Valid values are Zip and Image. | string |
"Zip" |
no |
parameters_and_secrets_extension_account_number | Account number for the AWS-Parameters-and-Secrets-Lambda-Extension layer | string |
"177933569100" |
no |
parameters_and_secrets_extension_version | Lambda layer version for the AWS-Parameters-and-Secrets-Lambda-Extension layer | number |
null |
no |
payload_format_version | (optional) payload format version | string |
"1.0" |
no |
permissions_boundary_arn | ARN of the permissions boundary to use on the role created for this lambda | string |
null |
no |
policy_json | Policy JSON. If null, default policy granting access to SSM and cloudwatch logs is used | string |
null |
no |
primary_hosted_zone | Primary hosted zone for the API. e.g. example.org | string |
null |
no |
protocol_type | Protocol type. Can be HTTP and WEBSOCKET | string |
"HTTP" |
no |
publish | Whether to publish creation/change as new Lambda Function Version | bool |
true |
no |
role_arn | ARN of the role to be used for this Lambda | string |
null |
no |
route_key | Route key. Leave this $default | string |
"$default" |
no |
runtime | Runtime for the lambda function | string |
null |
no |
security_group_id | Security group ID. If null, one will be created. | string |
null |
no |
security_policy | TLS version. Leave this TLS_1_2 | string |
"TLS_1_2" |
no |
ssm_path | SSM path to use for environment variables. If null, defaults to /${var.environment}/${local.name} | string |
null |
no |
stage_name | Name of the stage | string |
"$default" |
no |
subnets | Subnets to use for the Lambda function. Ignored if add_vpc_config is false. If null, one will be looked up based on environment tag. | list(string) |
null |
no |
tags | Extra tags | map(string) |
{} |
no |
throttling_burst_limit | (optional) throttling burst limit | number |
5000 |
no |
throttling_rate_limit | (optional) throttling rate limit | number |
10000 |
no |
timeout | Timeout in seconds of the Lambda | number |
3 |
no |
tracing_config_mode | Tracing config mode for X-Ray integration on Lambda | string |
"Active" |
no |
use_prefix | Use prefix for resources instead of explicitly defining whole name where possible | bool |
true |
no |
vpc_id | VPC ID. If null, one will be looked up based on environment tag. | string |
null |
no |
Name | Description |
---|---|
alternate_domain_endpoint | Alternate endpoint that the API can be accessed at if a CNAME corresponding to alternate_domain_name resolves to this endpoint. Only populated if alternate_domain_name is not null |
alternate_domain_name | Alternate domain name that the API can be accessed at. Returns the CNAME record name that should be created externally for the API with value output as alternate_domain_endpoint . This is useful for APIs where the CNAME is defined in another account. |
arn | ARN of the API Gateway |
domain_name | Domain name that the API can be accessed at. If create_dns, return the CNAME created for the API, otherwise return the api integration domain name. This is useful when creating a DNS record for the API is not desired. |
lambda_arn | ARN of the Lambda function |
lambda_name | Name of the Lambda function |
sg | Security group of the lambda function if there is one |