diff --git a/docs/reference/modules/terraform-aws-lambda/api-gateway-account-settings/api-gateway-account-settings.md b/docs/reference/modules/terraform-aws-lambda/api-gateway-account-settings/api-gateway-account-settings.md
index 1d89813c31..ee29dde3f2 100644
--- a/docs/reference/modules/terraform-aws-lambda/api-gateway-account-settings/api-gateway-account-settings.md
+++ b/docs/reference/modules/terraform-aws-lambda/api-gateway-account-settings/api-gateway-account-settings.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# API Gateway Account Settings Module
-View Source
+View Source
Release Notes
@@ -34,7 +34,7 @@ The corresponding screen from the AWS Console is shown below:
## Quick start
-Check out the [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/examples) for sample code that demonstrates how to use this module.
+Check out the [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/examples) for sample code that demonstrates how to use this module.
## Sample Usage
@@ -49,7 +49,7 @@ Check out the [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tr
module "api_gateway_account_settings" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-account-settings?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-account-settings?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# OPTIONAL VARIABLES
@@ -91,7 +91,7 @@ module "api_gateway_account_settings" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-account-settings?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-account-settings?ref=v1.2.0"
}
inputs = {
@@ -190,11 +190,11 @@ When true, all IAM policies will be managed as dedicated policies rather than in
diff --git a/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy-methods/api-gateway-proxy-methods.md b/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy-methods/api-gateway-proxy-methods.md
index 8da5d764f2..89ac9d3983 100644
--- a/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy-methods/api-gateway-proxy-methods.md
+++ b/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy-methods/api-gateway-proxy-methods.md
@@ -9,20 +9,20 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# API Gateway Lambda Function Proxy Methods Module
-View Source
+View Source
Release Notes
-This module must be used in conjunction with [the api-gateway-proxy module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/api-gateway-proxy) to configure an API
+This module must be used in conjunction with [the api-gateway-proxy module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/api-gateway-proxy) to configure an API
Gateway REST API to route all requests from a root path to a lambda function.
-Refer to [the module docs](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/api-gateway-proxy/README.md) for the `api-gateway-proxy` module for more details on how to
+Refer to [the module docs](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/api-gateway-proxy/README.md) for the `api-gateway-proxy` module for more details on how to
use this module. Specifically, see the section [Can I expose additional lambda functions in a decentralized
-manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/api-gateway-proxy/core-concepts.md#can-i-expose-additional-lambda-functions-in-a-decentralized-manner)
+manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/api-gateway-proxy/core-concepts.md#can-i-expose-additional-lambda-functions-in-a-decentralized-manner)
## Sample Usage
@@ -37,7 +37,7 @@ manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/module
module "api_gateway_proxy_methods" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy-methods?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy-methods?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -85,7 +85,7 @@ module "api_gateway_proxy_methods" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy-methods?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy-methods?ref=v1.2.0"
}
inputs = {
@@ -292,11 +292,11 @@ ID of the API Gateway method for the root proxy (only created if path_prefix is
diff --git a/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy/api-gateway-proxy.md b/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy/api-gateway-proxy.md
index d8ce7538da..5d7770b1a9 100644
--- a/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy/api-gateway-proxy.md
+++ b/docs/reference/modules/terraform-aws-lambda/api-gateway-proxy/api-gateway-proxy.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# API Gateway Proxy Module
-View Source
+View Source
Release Notes
@@ -34,7 +34,7 @@ recommend using a framework like Serverless to avoid the verbose configuration o
:::note
If you are looking for a module to route different requests and methods to different Lambda functions, refer to the
-[lambda-http-api-gateway](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/lambda-http-api-gateway) module.
+[lambda-http-api-gateway](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/lambda-http-api-gateway) module.
:::
@@ -58,33 +58,33 @@ before, make sure to read [How to use the Gruntwork Infrastructure as Code Libra
### Core concepts
-* [What is API Gateway?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/api-gateway-proxy/core-concepts.md#what-is-api-gateway)
+* [What is API Gateway?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/api-gateway-proxy/core-concepts.md#what-is-api-gateway)
* [What is the difference between the different endpoint
- types?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/api-gateway-proxy/core-concepts.md#what-is-the-difference-between-the-different-endpoint-types)
+ types?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/api-gateway-proxy/core-concepts.md#what-is-the-difference-between-the-different-endpoint-types)
* [API Gateway Documentation](https://docs.aws.amazon.com/apigateway/latest/developerguide/welcome.html): Amazon's docs
on API Gateway covering core concepts such as security, monitoring, and invoking APIs.
### Repo organization
-* [modules](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
-* [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/examples): This folder contains working examples of how to use the submodules.
-* [test](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/test): Automated tests for the modules and examples.
+* [modules](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules): the main implementation code for this repo, broken down into multiple standalone, orthogonal submodules.
+* [examples](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/examples): This folder contains working examples of how to use the submodules.
+* [test](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/test): Automated tests for the modules and examples.
## Deploy
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples folder](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
+* [examples folder](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/examples): The `examples` folder contains sample code optimized for learning, experimenting, and testing (but not production usage).
## Manage
### Day-to-day operations
* [How do I expose AWS Lambda functions using API
- Gateway?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/api-gateway-proxy/core-concepts.md#how-do-i-expose-aws-lambda-functions-using-api-gateway)
+ Gateway?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/api-gateway-proxy/core-concepts.md#how-do-i-expose-aws-lambda-functions-using-api-gateway)
* [Can I expose additional lambda functions in a decentralized
- manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/api-gateway-proxy/core-concepts.md#can-i-expose-additional-lambda-functions-in-a-decentralized-manner)
-* [How do I pass in the us_east\_1 aws provider?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/api-gateway-proxy/core-concepts.md#how-do-i-pass-in-the-us_east\_1-aws-provider)
+ manner?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/api-gateway-proxy/core-concepts.md#can-i-expose-additional-lambda-functions-in-a-decentralized-manner)
+* [How do I pass in the us_east\_1 aws provider?](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/api-gateway-proxy/core-concepts.md#how-do-i-pass-in-the-us_east\_1-aws-provider)
## Sample Usage
@@ -99,7 +99,7 @@ If you just want to try this repo out for experimenting and learning, check out
module "api_gateway_proxy" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -260,7 +260,7 @@ module "api_gateway_proxy" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/api-gateway-proxy?ref=v1.2.0"
}
inputs = {
@@ -771,11 +771,11 @@ The URL of the API Gateway that you can use to invoke it.
diff --git a/docs/reference/modules/terraform-aws-lambda/keep-warm/keep-warm.md b/docs/reference/modules/terraform-aws-lambda/keep-warm/keep-warm.md
index 4669ff061e..6964ce3835 100644
--- a/docs/reference/modules/terraform-aws-lambda/keep-warm/keep-warm.md
+++ b/docs/reference/modules/terraform-aws-lambda/keep-warm/keep-warm.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Keep Warm Module
-View Source
+View Source
Release Notes
@@ -60,7 +60,7 @@ level](#concurrency) for your functions.
module "keep_warm" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/keep-warm?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/keep-warm?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -133,7 +133,7 @@ module "keep_warm" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/keep-warm?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/keep-warm?ref=v1.2.0"
}
inputs = {
@@ -339,11 +339,11 @@ When true, all IAM policies will be managed as dedicated policies rather than in
diff --git a/docs/reference/modules/terraform-aws-lambda/lambda-edge-log-group/lambda-edge-log-group.md b/docs/reference/modules/terraform-aws-lambda/lambda-edge-log-group/lambda-edge-log-group.md
index a3a6b43148..e3d6dd1b07 100644
--- a/docs/reference/modules/terraform-aws-lambda/lambda-edge-log-group/lambda-edge-log-group.md
+++ b/docs/reference/modules/terraform-aws-lambda/lambda-edge-log-group/lambda-edge-log-group.md
@@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Log group for Lambda Edge
-View Source
+View Source
Release Notes
-This module creates a Cloudwatch log group to receive Lambda Edge function logs in one single AWS Region. This module is meant to be used as a building block for the [`lambda-edge-multi-region-log-groups` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/lambda-edge-multi-region-log-groups).
+This module creates a Cloudwatch log group to receive Lambda Edge function logs in one single AWS Region. This module is meant to be used as a building block for the [`lambda-edge-multi-region-log-groups` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/lambda-edge-multi-region-log-groups).
## Why are the resources in this module not created within the Lambda Edge Module?
@@ -28,7 +28,7 @@ region that have [Regional Edge Caches](https://aws.amazon.com/blogs/networking-
Unfortunately, it is not possible to use a `for_each` on provider blocks and there are multiple issues related to
using nested providers. That means that, currently, the only way to create multi-regional modules is by code generating each
block and passing down the providers. A full example of creating the providers and using this module can be found at the
-[lambda-edge example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/examples/lambda-edge).
+[lambda-edge example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/examples/lambda-edge).
## Which regions have regional edge caches?
@@ -81,7 +81,7 @@ More information:
module "lambda_edge_log_group" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-log-group?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-log-group?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -153,7 +153,7 @@ module "lambda_edge_log_group" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-log-group?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-log-group?ref=v1.2.0"
}
inputs = {
@@ -334,11 +334,11 @@ When true, precreate the CloudWatch Log Group to use for log aggregation from th
diff --git a/docs/reference/modules/terraform-aws-lambda/lambda-edge-multi-region-log-groups/lambda-edge-multi-region-log-groups.md b/docs/reference/modules/terraform-aws-lambda/lambda-edge-multi-region-log-groups/lambda-edge-multi-region-log-groups.md
index b968c82b58..66aa0ddb3e 100644
--- a/docs/reference/modules/terraform-aws-lambda/lambda-edge-multi-region-log-groups/lambda-edge-multi-region-log-groups.md
+++ b/docs/reference/modules/terraform-aws-lambda/lambda-edge-multi-region-log-groups/lambda-edge-multi-region-log-groups.md
@@ -9,15 +9,15 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Multiregional Log groups for Lambda Edge
-View Source
+View Source
Release Notes
-This module uses the [`lambda-edge-log-group` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/lambda-edge-log-group) to create a Cloudwatch log group to receive Lambda Edge function logs in multiple AWS Regions.
+This module uses the [`lambda-edge-log-group` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/lambda-edge-log-group) to create a Cloudwatch log group to receive Lambda Edge function logs in multiple AWS Regions.
## Why are the resources in this module not created within the Lambda Edge Module?
@@ -27,8 +27,8 @@ region that have [Regional Edge Caches](https://aws.amazon.com/blogs/networking-
Unfortunately, it is not possible to use a `for_each` on provider blocks and there are multiple issues related to
using nested providers. That means that, currently, the only way to create multi-regional modules is by code generating each
-block and passing down the providers using the [`codegen`](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/codegen/) module. A full example of creating the providers and using
-this module can be found at the [lambda-edge example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/examples/lambda-edge).
+block and passing down the providers using the [`codegen`](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/codegen/) module. A full example of creating the providers and using
+this module can be found at the [lambda-edge example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/examples/lambda-edge).
## Which regions have regional edge caches?
@@ -81,7 +81,7 @@ More information:
module "lambda_edge_multi_region_log_groups" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-multi-region-log-groups?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-multi-region-log-groups?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -146,7 +146,7 @@ module "lambda_edge_multi_region_log_groups" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-multi-region-log-groups?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge-multi-region-log-groups?ref=v1.2.0"
}
inputs = {
@@ -316,11 +316,11 @@ Map of log group names per region
diff --git a/docs/reference/modules/terraform-aws-lambda/lambda-edge/lambda-edge.md b/docs/reference/modules/terraform-aws-lambda/lambda-edge/lambda-edge.md
index b7aeffd82e..fdf89710a1 100644
--- a/docs/reference/modules/terraform-aws-lambda/lambda-edge/lambda-edge.md
+++ b/docs/reference/modules/terraform-aws-lambda/lambda-edge/lambda-edge.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Lambda@Edge Function Module
-View Source
+View Source
Release Notes
@@ -65,7 +65,7 @@ resource "aws_lambda_permission" "with_sns" {
Lambda@Edge stores CloudWatch Logs in the AWS Regions closest to the location where the function receives traffic and is
executed. That means a log group must be created in every region that have [Regional Edge Caches](https://aws.amazon.com/blogs/networking-and-content-delivery/aggregating-lambdaedge-logs/).
-Instructions on how to do this can be found at the [`lambda-edge-multi-region-log-groups` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/lambda-edge-multi-region-log-groups). To see which regions are receiving traffic, you can find graphs of metrics for the
+Instructions on how to do this can be found at the [`lambda-edge-multi-region-log-groups` module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/lambda-edge-multi-region-log-groups). To see which regions are receiving traffic, you can find graphs of metrics for the
function on the CloudFront console and choose your region there.
## How to trigger this Lambda function from Cloudfront
@@ -94,7 +94,7 @@ triggers:
module "lambda_edge" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -286,7 +286,7 @@ module "lambda_edge" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-edge?ref=v1.2.0"
}
inputs = {
@@ -868,11 +868,11 @@ Name of the (optionally) created CloudWatch log groups for the lambda function.
diff --git a/docs/reference/modules/terraform-aws-lambda/lambda-function-url/lambda-function-url.md b/docs/reference/modules/terraform-aws-lambda/lambda-function-url/lambda-function-url.md
index 5bce1b38ac..dac5d76970 100644
--- a/docs/reference/modules/terraform-aws-lambda/lambda-function-url/lambda-function-url.md
+++ b/docs/reference/modules/terraform-aws-lambda/lambda-function-url/lambda-function-url.md
@@ -9,11 +9,11 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Lambda Function URL Module
-View Source
+View Source
Release Notes
@@ -30,7 +30,7 @@ https://.lambda-url..on.aws
## Background info
For more information on AWS Lambda, how it works, and how to configure your functions, check out the [lambda module
-documentation](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/lambda).
+documentation](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/lambda).
## Sample Usage
@@ -45,7 +45,7 @@ documentation](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/
module "lambda_function_url" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-function-url?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-function-url?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -110,7 +110,7 @@ module "lambda_function_url" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-function-url?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-function-url?ref=v1.2.0"
}
inputs = {
@@ -319,11 +319,11 @@ A generated ID for the endpoint.
diff --git a/docs/reference/modules/terraform-aws-lambda/lambda-http-api-gateway/lambda-http-api-gateway.md b/docs/reference/modules/terraform-aws-lambda/lambda-http-api-gateway/lambda-http-api-gateway.md
index e5d3e592f8..021c1350ec 100644
--- a/docs/reference/modules/terraform-aws-lambda/lambda-http-api-gateway/lambda-http-api-gateway.md
+++ b/docs/reference/modules/terraform-aws-lambda/lambda-http-api-gateway/lambda-http-api-gateway.md
@@ -9,7 +9,7 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
-View Source
+View Source
Release Notes
@@ -39,7 +39,7 @@ they can be invoked on HTTP calls.
:::note
If you are looking for a simple proxy to route all requests to a Lambda function, refer to the
-[api-gateway-proxy](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/api-gateway-proxy) module.
+[api-gateway-proxy](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/api-gateway-proxy) module.
:::
@@ -70,7 +70,7 @@ If you’ve never used the Gruntwork Modules before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/lambda-http-api-gateway](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/examples/lambda-http-api-gateway): This example contains sample code that uses
+* [examples/lambda-http-api-gateway](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/examples/lambda-http-api-gateway): This example contains sample code that uses
this module to route two different requests to two different Lambda functions.
## Manage
@@ -94,7 +94,7 @@ information on route syntax that API Gateway expects.
module "lambda_http_api_gateway" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-http-api-gateway?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-http-api-gateway?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -215,7 +215,7 @@ module "lambda_http_api_gateway" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-http-api-gateway?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda-http-api-gateway?ref=v1.2.0"
}
inputs = {
@@ -728,11 +728,11 @@ A map from the route keys to the IDs of the corresponding API Gateway V2 Route r
diff --git a/docs/reference/modules/terraform-aws-lambda/lambda/lambda.md b/docs/reference/modules/terraform-aws-lambda/lambda/lambda.md
index 9f4a7b27e7..792ed36003 100644
--- a/docs/reference/modules/terraform-aws-lambda/lambda/lambda.md
+++ b/docs/reference/modules/terraform-aws-lambda/lambda/lambda.md
@@ -9,13 +9,13 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Lambda Function Module
-View Source
+View Source
-Release Notes
+Release Notes
This module makes it easy to deploy and manage an [AWS Lambda](https://aws.amazon.com/lambda/) function. Lambda gives
you a way to run code on-demand in AWS without having to manage servers.
@@ -49,6 +49,42 @@ resource "aws_lambda_permission" "with_sns" {
}
```
+## How do you enhance IAM role security?
+
+**RECOMMENDED SECURITY PRACTICE**: By default, the IAM role created by this module can be assumed by any Lambda function
+in your AWS account. For enhanced security, you can enable the `enforce_source_arn_condition` parameter to restrict
+the role so that only the specific Lambda function created by this module can assume it.
+
+```hcl
+module "my_lambda_function" {
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda?ref=v1.0.8"
+
+ # Enable enhanced IAM role security
+ enforce_source_arn_condition = true
+
+ # (other params omitted)
+}
+```
+
+**Important Notes:**
+
+* **Backward Compatibility**: This feature is currently **opt-in** (defaults to `false`) to maintain backward compatibility
+* **Breaking Change**: Enabling this on existing deployments will immediately restrict the role and may break non-standard setups where:
+ * Multiple Lambda functions share the same role
+ * External tools or scripts assume the role for testing purposes
+* **Migration Path**: Test thoroughly before enabling in production environments. In future releases, this will default to `true`
+* **Not Applicable**: This setting has no effect if you provide an existing role via `existing_role_arn`
+
+**When to Enable:**
+
+* ✅ New Lambda functions (recommended)
+* ✅ Single-purpose Lambda functions with dedicated roles
+* ❌ Shared roles across multiple Lambda functions
+* ❌ Roles used by external testing tools
+
+This security enhancement ensures that only your specific Lambda function can assume its IAM role, following the
+principle of least privilege.
+
## How do you give the lambda function access to a VPC?
By default, your Lambda functions do not have access to your VPCs or subnets. If the lambda function needs to be able
@@ -105,7 +141,7 @@ Lambda function are still in use. If necessary, the variable `enable_eni_cleanup
of the function from the VPC during `terraform destroy` and unblock the Security Group for destruction. Note: this
requires the [`aws` cli tool](https://aws.amazon.com/cli/) to be installed.
-Check out the [lambda-vpc example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/examples/lambda-vpc) for working sample code. Make sure to note the Known Issues
+Check out the [lambda-vpc example](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/examples/lambda-vpc) for working sample code. Make sure to note the Known Issues
section in that example's README.
## How do you share Lambda functions across multiple AWS accounts?
@@ -153,7 +189,7 @@ If you want to have a central S3 bucket that you use as a repository for your La
module "lambda" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -258,6 +294,13 @@ module "lambda" {
# in multiple environments is to version your Terraform code.
enable_versioning = false
+ # Flag to add a condition to the trust relationship of the IAM role to enforce that only the Lambda
+ # function created by this module can assume the role. This is generally a good idea for security, but if you are
+ # using the created role across multiple Lambda functions, you may want to set this to false. In a future release,
+ # this will default to true.
+ #
+ enforce_source_arn_condition = false
+
# The ENTRYPOINT for the docker image. Only used if you specify a Docker image
# via image_uri.
entry_point = []
@@ -396,6 +439,15 @@ module "lambda" {
# points to a pregenerated zip archive.
skip_zip = false
+ # Whether to enable Lambda SnapStart and on which conditions. SnapStart can
+ # improve cold start performance by up to 10x for Java 11+, Python 3.12+, and
+ # .NET 8+ runtimes. Valid values are 'PublishedVersions' (enable SnapStart) or
+ # 'None' (disable SnapStart). When set to 'PublishedVersions', requires
+ # enable_versioning = true. Not supported for container images (image_uri),
+ # Lambda@Edge, or when using provisioned concurrency. When null (default),
+ # SnapStart is not configured.
+ snap_start_apply_on = null
+
# The path to the directory that contains your Lambda function source code.
# This code will be zipped up and uploaded to Lambda as your deployment
# package. If var.skip_zip is set to true, then this is assumed to be the path
@@ -456,7 +508,7 @@ module "lambda" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/lambda?ref=v1.2.0"
}
inputs = {
@@ -564,6 +616,13 @@ inputs = {
# in multiple environments is to version your Terraform code.
enable_versioning = false
+ # Flag to add a condition to the trust relationship of the IAM role to enforce that only the Lambda
+ # function created by this module can assume the role. This is generally a good idea for security, but if you are
+ # using the created role across multiple Lambda functions, you may want to set this to false. In a future release,
+ # this will default to true.
+ #
+ enforce_source_arn_condition = false
+
# The ENTRYPOINT for the docker image. Only used if you specify a Docker image
# via image_uri.
entry_point = []
@@ -702,6 +761,15 @@ inputs = {
# points to a pregenerated zip archive.
skip_zip = false
+ # Whether to enable Lambda SnapStart and on which conditions. SnapStart can
+ # improve cold start performance by up to 10x for Java 11+, Python 3.12+, and
+ # .NET 8+ runtimes. Valid values are 'PublishedVersions' (enable SnapStart) or
+ # 'None' (disable SnapStart). When set to 'PublishedVersions', requires
+ # enable_versioning = true. Not supported for container images (image_uri),
+ # Lambda@Edge, or when using provisioned concurrency. When null (default),
+ # SnapStart is not configured.
+ snap_start_apply_on = null
+
# The path to the directory that contains your Lambda function source code.
# This code will be zipped up and uploaded to Lambda as your deployment
# package. If var.skip_zip is set to true, then this is assumed to be the path
@@ -931,6 +999,19 @@ When true, this will force the detachment of the Lambda from the VPC, if
+
+
+
+
+
+
+Flag to add a condition to the trust relationship of the IAM role to enforce that only the Lambda
+function created by this module can assume the role. This is generally a good idea for security, but if you are
+using the created role across multiple Lambda functions, you may want to set this to false. In a future release,
+this will default to true.
+
+
@@ -1220,6 +1301,15 @@ Set to true to skip zip archive creation and assume that
+
+
+
+Whether to enable Lambda SnapStart and on which conditions. SnapStart can improve cold start performance by up to 10x for Java 11+, Python 3.12+, and .NET 8+ runtimes. Valid values are 'PublishedVersions' (enable SnapStart) or 'None' (disable SnapStart). When set to 'PublishedVersions', requires enable_versioning = true. Not supported for container images (image_uri), Lambda@Edge, or when using provisioned concurrency. When null (default), SnapStart is not configured.
+
+
+
+
+
@@ -1333,6 +1423,14 @@ Name of the (optionally) created CloudWatch log group for the lambda function.
+
+
+
+Optimization status of Lambda SnapStart. Possible values: 'On' (SnapStart is activated and optimized), 'Off' (SnapStart is deactivated), or null (SnapStart is not configured).
+
+
+
+
@@ -1342,11 +1440,11 @@ Name of the (optionally) created CloudWatch log group for the lambda function.
diff --git a/docs/reference/modules/terraform-aws-lambda/run-lambda-entrypoint/run-lambda-entrypoint.md b/docs/reference/modules/terraform-aws-lambda/run-lambda-entrypoint/run-lambda-entrypoint.md
index cea8e53a98..8a21af4f44 100644
--- a/docs/reference/modules/terraform-aws-lambda/run-lambda-entrypoint/run-lambda-entrypoint.md
+++ b/docs/reference/modules/terraform-aws-lambda/run-lambda-entrypoint/run-lambda-entrypoint.md
@@ -9,7 +9,7 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
-View Source
+View Source
Release Notes
@@ -34,7 +34,7 @@ to the lambda runtime. This entrypoint will pull the provided secrets manager en
secrets manager entry to environment variables that are injected into the lambda runtime.
This module only includes an entrypoint CLI. If you are looking for a module to deploy container based Lambda functions,
-refer to the [lambda](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/lambda) module.
+refer to the [lambda](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/lambda) module.
## Motivation
@@ -78,7 +78,7 @@ If you’ve never used the Gruntwork Modules before, make sure to read
If you just want to try this repo out for experimenting and learning, check out the following resources:
-* [examples/lambda-docker](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/examples/lambda-docker): This example contains a sample `Dockerfile` that uses this
+* [examples/lambda-docker](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/examples/lambda-docker): This example contains a sample `Dockerfile` that uses this
entrypoint to expose secrets to a python based Lambda function.
## Manage
@@ -133,7 +133,7 @@ To support this use case, the `run-lambda-entrypoint` CLI includes the ability t
is not running in a Lambda environment. When `run-lambda-entrypoint` is invoked with the arg `--rie-path`, it will wrap
the provided entrypoint script with the RIE when running in local mode.
-Refer to the [secret-reflector-go](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/examples/lambda-docker/secret-reflector-go) example for an example of how to set
+Refer to the [secret-reflector-go](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/examples/lambda-docker/secret-reflector-go) example for an example of how to set
this up with a Go based Lambda function.
### How do I pass in Secrets Manager ARNs for environment variable lookup?
@@ -183,11 +183,11 @@ will assume it is the name of a Secrets Manager entry in the same region as the
diff --git a/docs/reference/modules/terraform-aws-lambda/scheduled-lambda-job/scheduled-lambda-job.md b/docs/reference/modules/terraform-aws-lambda/scheduled-lambda-job/scheduled-lambda-job.md
index bd5d4fe1e5..c84e9812c3 100644
--- a/docs/reference/modules/terraform-aws-lambda/scheduled-lambda-job/scheduled-lambda-job.md
+++ b/docs/reference/modules/terraform-aws-lambda/scheduled-lambda-job/scheduled-lambda-job.md
@@ -9,22 +9,22 @@ import VersionBadge from '../../../../../src/components/VersionBadge.tsx';
import { HclListItem, HclListItemDescription, HclListItemTypeDetails, HclListItemDefaultValue, HclGeneralListItem } from '../../../../../src/components/HclListItem.tsx';
import { ModuleUsage } from "../../../../../src/components/ModuleUsage";
-
+
# Scheduled Lambda Job Module
-View Source
+View Source
Release Notes
This module makes it easy to run an [AWS Lambda](https://aws.amazon.com/lambda/) function (such as one created with the
-[lambda module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/lambda)) on a scheduled basis. This is useful for periodic background jobs, such as taking a
+[lambda module](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/lambda)) on a scheduled basis. This is useful for periodic background jobs, such as taking a
daily snapshot of your servers.
## Background info
For more information on AWS Lambda, how it works, and how to configure your functions, check out the [lambda module
-documentation](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/modules/lambda).
+documentation](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.2.0/modules/lambda).
## Sample Usage
@@ -39,7 +39,7 @@ documentation](https://github.com/gruntwork-io/terraform-aws-lambda/tree/v1.1.0/
module "scheduled_lambda_job" {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/scheduled-lambda-job?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/scheduled-lambda-job?ref=v1.2.0"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
@@ -90,7 +90,7 @@ module "scheduled_lambda_job" {
# ------------------------------------------------------------------------------------------------------
terraform {
- source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/scheduled-lambda-job?ref=v1.1.0"
+ source = "git::git@github.com:gruntwork-io/terraform-aws-lambda.git//modules/scheduled-lambda-job?ref=v1.2.0"
}
inputs = {
@@ -234,11 +234,11 @@ Cloudwatch Event Rule schedule expression