Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit c239f9d

Browse files
authored
feat: Add support for Lambda Function URL resource (#308)
1 parent 4bc9ef2 commit c239f9d

File tree

10 files changed

+104
-8
lines changed

10 files changed

+104
-8
lines changed

‎.pre-commit-config.yaml‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
repos:
22
- repo: https://github.com/antonbabenko/pre-commit-terraform
3-
rev: v1.62.3
3+
rev: v1.69.0
44
hooks:
55
- id: terraform_fmt
66
- id: terraform_validate
@@ -23,7 +23,7 @@ repos:
2323
- '--args=--only=terraform_standard_module_structure'
2424
- '--args=--only=terraform_workspace_remote'
2525
- repo: https://github.com/pre-commit/pre-commit-hooks
26-
rev: v4.1.0
26+
rev: v4.2.0
2727
hooks:
2828
- id: check-merge-conflict
2929
- id: end-of-file-fixer

‎README.md‎

Lines changed: 9 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -602,7 +602,7 @@ Q4: What does this error mean - `"We currently do not support adding policies fo
602602
| Name | Version |
603603
|------|---------|
604604
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
605-
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.8 |
605+
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.9 |
606606
| <a name="requirement_external"></a> [external](#requirement\_external) | >= 1.0 |
607607
| <a name="requirement_local"></a> [local](#requirement\_local) | >= 1.0 |
608608
| <a name="requirement_null"></a> [null](#requirement\_null) | >= 2.0 |
@@ -611,7 +611,7 @@ Q4: What does this error mean - `"We currently do not support adding policies fo
611611

612612
| Name | Version |
613613
|------|---------|
614-
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.8 |
614+
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.9 |
615615
| <a name="provider_external"></a> [external](#provider\_external) | >= 1.0 |
616616
| <a name="provider_local"></a> [local](#provider\_local) | >= 1.0 |
617617
| <a name="provider_null"></a> [null](#provider\_null) | >= 2.0 |
@@ -647,6 +647,7 @@ No modules.
647647
| [aws_lambda_event_source_mapping.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_event_source_mapping) | resource |
648648
| [aws_lambda_function.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
649649
| [aws_lambda_function_event_invoke_config.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_event_invoke_config) | resource |
650+
| [aws_lambda_function_url.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_url) | resource |
650651
| [aws_lambda_layer_version.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_layer_version) | resource |
651652
| [aws_lambda_permission.current_version_triggers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
652653
| [aws_lambda_permission.unqualified_alias_triggers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
@@ -684,22 +685,26 @@ No modules.
684685
| <a name="input_attach_policy_jsons"></a> [attach\_policy\_jsons](#input\_attach\_policy\_jsons) | Controls whether policy\_jsons should be added to IAM role for Lambda Function | `bool` | `false` | no |
685686
| <a name="input_attach_policy_statements"></a> [attach\_policy\_statements](#input\_attach\_policy\_statements) | Controls whether policy\_statements should be added to IAM role for Lambda Function | `bool` | `false` | no |
686687
| <a name="input_attach_tracing_policy"></a> [attach\_tracing\_policy](#input\_attach\_tracing\_policy) | Controls whether X-Ray tracing policy should be added to IAM role for Lambda Function | `bool` | `false` | no |
688+
| <a name="input_authorization_type"></a> [authorization\_type](#input\_authorization\_type) | The type of authentication that the Lambda Function URL uses. Set to 'AWS\_IAM' to restrict access to authenticated IAM users only. Set to 'NONE' to bypass IAM authentication and create a public endpoint. | `string` | `"NONE"` | no |
687689
| <a name="input_build_in_docker"></a> [build\_in\_docker](#input\_build\_in\_docker) | Whether to build dependencies in Docker | `bool` | `false` | no |
688690
| <a name="input_cloudwatch_logs_kms_key_id"></a> [cloudwatch\_logs\_kms\_key\_id](#input\_cloudwatch\_logs\_kms\_key\_id) | The ARN of the KMS Key to use when encrypting log data. | `string` | `null` | no |
689691
| <a name="input_cloudwatch_logs_retention_in_days"></a> [cloudwatch\_logs\_retention\_in\_days](#input\_cloudwatch\_logs\_retention\_in\_days) | Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | `number` | `null` | no |
690692
| <a name="input_cloudwatch_logs_tags"></a> [cloudwatch\_logs\_tags](#input\_cloudwatch\_logs\_tags) | A map of tags to assign to the resource. | `map(string)` | `{}` | no |
691693
| <a name="input_compatible_architectures"></a> [compatible\_architectures](#input\_compatible\_architectures) | A list of Architectures Lambda layer is compatible with. Currently x86\_64 and arm64 can be specified. | `list(string)` | `null` | no |
692694
| <a name="input_compatible_runtimes"></a> [compatible\_runtimes](#input\_compatible\_runtimes) | A list of Runtimes this layer is compatible with. Up to 5 runtimes can be specified. | `list(string)` | `[]` | no |
695+
| <a name="input_cors"></a> [cors](#input\_cors) | CORS settings to be used by the Lambda Function URL | `any` | `{}` | no |
693696
| <a name="input_create"></a> [create](#input\_create) | Controls whether resources should be created | `bool` | `true` | no |
694697
| <a name="input_create_async_event_config"></a> [create\_async\_event\_config](#input\_create\_async\_event\_config) | Controls whether async event configuration for Lambda Function/Alias should be created | `bool` | `false` | no |
695698
| <a name="input_create_current_version_allowed_triggers"></a> [create\_current\_version\_allowed\_triggers](#input\_create\_current\_version\_allowed\_triggers) | Whether to allow triggers on current version of Lambda Function (this will revoke permissions from previous version because Terraform manages only current resources) | `bool` | `true` | no |
696699
| <a name="input_create_current_version_async_event_config"></a> [create\_current\_version\_async\_event\_config](#input\_create\_current\_version\_async\_event\_config) | Whether to allow async event configuration on current version of Lambda Function (this will revoke permissions from previous version because Terraform manages only current resources) | `bool` | `true` | no |
697700
| <a name="input_create_function"></a> [create\_function](#input\_create\_function) | Controls whether Lambda Function resource should be created | `bool` | `true` | no |
701+
| <a name="input_create_lambda_function_url"></a> [create\_lambda\_function\_url](#input\_create\_lambda\_function\_url) | Controls whether the Lambda Function URL resource should be created | `bool` | `false` | no |
698702
| <a name="input_create_layer"></a> [create\_layer](#input\_create\_layer) | Controls whether Lambda Layer resource should be created | `bool` | `false` | no |
699703
| <a name="input_create_package"></a> [create\_package](#input\_create\_package) | Controls whether Lambda package should be created | `bool` | `true` | no |
700704
| <a name="input_create_role"></a> [create\_role](#input\_create\_role) | Controls whether IAM role for Lambda Function should be created | `bool` | `true` | no |
701705
| <a name="input_create_unqualified_alias_allowed_triggers"></a> [create\_unqualified\_alias\_allowed\_triggers](#input\_create\_unqualified\_alias\_allowed\_triggers) | Whether to allow triggers on unqualified alias pointing to $LATEST version | `bool` | `true` | no |
702706
| <a name="input_create_unqualified_alias_async_event_config"></a> [create\_unqualified\_alias\_async\_event\_config](#input\_create\_unqualified\_alias\_async\_event\_config) | Whether to allow async event configuration on unqualified alias pointing to $LATEST version | `bool` | `true` | no |
707+
| <a name="input_create_unqualified_alias_lambda_function_url"></a> [create\_unqualified\_alias\_lambda\_function\_url](#input\_create\_unqualified\_alias\_lambda\_function\_url) | Whether to use unqualified alias pointing to $LATEST version in Lambda Function URL | `bool` | `true` | no |
703708
| <a name="input_dead_letter_target_arn"></a> [dead\_letter\_target\_arn](#input\_dead\_letter\_target\_arn) | The ARN of an SNS topic or SQS queue to notify when an invocation fails. | `string` | `null` | no |
704709
| <a name="input_description"></a> [description](#input\_description) | Description of your Lambda Function (or Layer) | `string` | `""` | no |
705710
| <a name="input_destination_on_failure"></a> [destination\_on\_failure](#input\_destination\_on\_failure) | Amazon Resource Name (ARN) of the destination resource for failed asynchronous invocations | `string` | `null` | no |
@@ -790,6 +795,8 @@ No modules.
790795
| <a name="output_lambda_function_qualified_arn"></a> [lambda\_function\_qualified\_arn](#output\_lambda\_function\_qualified\_arn) | The ARN identifying your Lambda Function Version |
791796
| <a name="output_lambda_function_source_code_hash"></a> [lambda\_function\_source\_code\_hash](#output\_lambda\_function\_source\_code\_hash) | Base64-encoded representation of raw SHA-256 sum of the zip file |
792797
| <a name="output_lambda_function_source_code_size"></a> [lambda\_function\_source\_code\_size](#output\_lambda\_function\_source\_code\_size) | The size in bytes of the function .zip file |
798+
| <a name="output_lambda_function_url"></a> [lambda\_function\_url](#output\_lambda\_function\_url) | The URL of the Lambda Function URL |
799+
| <a name="output_lambda_function_url_id"></a> [lambda\_function\_url\_id](#output\_lambda\_function\_url\_id) | The Lambda Function URL generated id |
793800
| <a name="output_lambda_function_version"></a> [lambda\_function\_version](#output\_lambda\_function\_version) | Latest published version of Lambda Function |
794801
| <a name="output_lambda_layer_arn"></a> [lambda\_layer\_arn](#output\_lambda\_layer\_arn) | The ARN of the Lambda Layer with version |
795802
| <a name="output_lambda_layer_created_date"></a> [lambda\_layer\_created\_date](#output\_lambda\_layer\_created\_date) | The date Lambda Layer resource was created |

‎examples/complete/README.md‎

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,14 +21,14 @@ Note that this example may create resources which cost money. Run `terraform des
2121
| Name | Version |
2222
|------|---------|
2323
| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
24-
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.8 |
24+
| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.9 |
2525
| <a name="requirement_random"></a> [random](#requirement\_random) | >= 2.0 |
2626

2727
## Providers
2828

2929
| Name | Version |
3030
|------|---------|
31-
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.8 |
31+
| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.9 |
3232
| <a name="provider_random"></a> [random](#provider\_random) | >= 2.0 |
3333

3434
## Modules
@@ -73,6 +73,8 @@ No inputs.
7373
| <a name="output_lambda_function_qualified_arn"></a> [lambda\_function\_qualified\_arn](#output\_lambda\_function\_qualified\_arn) | The ARN identifying your Lambda Function Version |
7474
| <a name="output_lambda_function_source_code_hash"></a> [lambda\_function\_source\_code\_hash](#output\_lambda\_function\_source\_code\_hash) | Base64-encoded representation of raw SHA-256 sum of the zip file |
7575
| <a name="output_lambda_function_source_code_size"></a> [lambda\_function\_source\_code\_size](#output\_lambda\_function\_source\_code\_size) | The size in bytes of the function .zip file |
76+
| <a name="output_lambda_function_url"></a> [lambda\_function\_url](#output\_lambda\_function\_url) | The URL of the Lambda Function URL |
77+
| <a name="output_lambda_function_url_id"></a> [lambda\_function\_url\_id](#output\_lambda\_function\_url\_id) | The Lambda Function URL generated id |
7678
| <a name="output_lambda_function_version"></a> [lambda\_function\_version](#output\_lambda\_function\_version) | Latest published version of Lambda Function |
7779
| <a name="output_lambda_layer_arn"></a> [lambda\_layer\_arn](#output\_lambda\_layer\_arn) | The ARN of the Lambda Layer with version |
7880
| <a name="output_lambda_layer_created_date"></a> [lambda\_layer\_created\_date](#output\_lambda\_layer\_created\_date) | The date Lambda Layer resource was created |

‎examples/complete/main.tf‎

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,20 @@ module "lambda_function" {
6666
}
6767
}
6868

69+
######################
70+
# Lambda Function URL
71+
######################
72+
create_lambda_function_url = true
73+
authorization_type = "AWS_IAM"
74+
cors = {
75+
allow_credentials = true
76+
allow_origins = ["*"]
77+
allow_methods = ["*"]
78+
allow_headers = ["date", "keep-alive"]
79+
expose_headers = ["keep-alive", "date"]
80+
max_age = 86400
81+
}
82+
6983
######################
7084
# Additional policies
7185
######################

‎examples/complete/outputs.tf‎

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,17 @@ output "lambda_function_source_code_size" {
4444
value = module.lambda_function.lambda_function_source_code_size
4545
}
4646

47+
# Lambda Function URL
48+
output "lambda_function_url" {
49+
description = "The URL of the Lambda Function URL"
50+
value = module.lambda_function.lambda_function_url
51+
}
52+
53+
output "lambda_function_url_id" {
54+
description = "The Lambda Function URL generated id"
55+
value = module.lambda_function.lambda_function_url_id
56+
}
57+
4758
# Lambda Layer
4859
output "lambda_layer_arn" {
4960
description = "The ARN of the Lambda Layer with version"

‎examples/complete/versions.tf‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ terraform {
44
required_providers {
55
aws = {
66
source = "hashicorp/aws"
7-
version = ">= 4.8"
7+
version = ">= 4.9"
88
}
99
random = {
1010
source = "hashicorp/random"

‎main.tf‎

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -285,3 +285,26 @@ resource "aws_lambda_event_source_mapping" "this" {
285285
}
286286
}
287287
}
288+
289+
resource "aws_lambda_function_url" "this" {
290+
count = local.create && var.create_function && !var.create_layer && var.create_lambda_function_url ? 1 : 0
291+
292+
function_name = aws_lambda_function.this[0].function_name
293+
294+
# Error: error creating Lambda Function URL: ValidationException
295+
qualifier = var.create_unqualified_alias_lambda_function_url ? null : aws_lambda_function.this[0].version
296+
authorization_type = var.authorization_type
297+
298+
dynamic "cors" {
299+
for_each = length(keys(var.cors)) == 0 ? [] : [var.cors]
300+
301+
content {
302+
allow_credentials = try(cors.value.allow_credentials, null)
303+
allow_headers = try(cors.value.allow_headers, null)
304+
allow_methods = try(cors.value.allow_methods, null)
305+
allow_origins = try(cors.value.allow_origins, null)
306+
expose_headers = try(cors.value.expose_headers, null)
307+
max_age = try(cors.value.max_age, null)
308+
}
309+
}
310+
}

‎outputs.tf‎

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,17 @@ output "lambda_function_source_code_size" {
4444
value = try(aws_lambda_function.this[0].source_code_size, "")
4545
}
4646

47+
# Lambda Function URL
48+
output "lambda_function_url" {
49+
description = "The URL of the Lambda Function URL"
50+
value = try(aws_lambda_function_url.this[0].function_url, "")
51+
}
52+
53+
output "lambda_function_url_id" {
54+
description = "The Lambda Function URL generated id"
55+
value = try(aws_lambda_function_url.this[0].url_id, "")
56+
}
57+
4758
# Lambda Layer
4859
output "lambda_layer_arn" {
4960
description = "The ARN of the Lambda Layer with version"

‎variables.tf‎

Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,12 @@ variable "create_role" {
2828
default = true
2929
}
3030

31+
variable "create_lambda_function_url" {
32+
description = "Controls whether the Lambda Function URL resource should be created"
33+
type = bool
34+
default = false
35+
}
36+
3137
variable "putin_khuylo" {
3238
description = "Do you agree that Putin doesn't respect Ukrainian sovereignty and territorial integrity? More info: https://en.wikipedia.org/wiki/Putin_khuylo!"
3339
type = bool
@@ -205,6 +211,28 @@ variable "image_config_working_directory" {
205211
default = null
206212
}
207213

214+
###############
215+
# Function URL
216+
###############
217+
218+
variable "create_unqualified_alias_lambda_function_url" {
219+
description = "Whether to use unqualified alias pointing to $LATEST version in Lambda Function URL"
220+
type = bool
221+
default = true
222+
}
223+
224+
variable "authorization_type" {
225+
description = "The type of authentication that the Lambda Function URL uses. Set to 'AWS_IAM' to restrict access to authenticated IAM users only. Set to 'NONE' to bypass IAM authentication and create a public endpoint."
226+
type = string
227+
default = "NONE"
228+
}
229+
230+
variable "cors" {
231+
description = "CORS settings to be used by the Lambda Function URL"
232+
type = any
233+
default = {}
234+
}
235+
208236
########
209237
# Layer
210238
########

‎versions.tf‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ terraform {
44
required_providers {
55
aws = {
66
source = "hashicorp/aws"
7-
version = ">= 4.8"
7+
version = ">= 4.9"
88
}
99
external = {
1010
source = "hashicorp/external"

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /