terraform-aws-lambda-application-module/variables.tf at master · hyprnz/terraform-aws-lambda-application-module · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
variable "application_name" {
  type        = string
  description = "Repo name of the lambda application."
}

variable "application_runtime" {
  type        = string
  description = "Lambda runtime for the application, only required for Zip package type."
  default     = ""
}

variable "application_version" {
  type        = string
  description = "The version of the zip package or container image tag to be deployed."
}

variable "application_package_type" {
  type        = string
  description = "The package Type of the Lambda Application, either `Zip` or `Image`. Defaults to `Zip`"
  default     = "Zip"
  validation {
    condition     = contains(["Zip", "Image"], var.application_package_type)
    error_message = "The application_package_type must be either `Zip` or `Image`"
  }
}

variable "lambda_functions_config" {
  type = map(object({
    description           = optional(string)
    handler               = string
    enable_vpc            = bool
    function_memory       = optional(string)
    function_timeout      = optional(number)
    log_format            = optional(string, "JSON")
    application_log_level = optional(string)
    system_log_level      = optional(string)
    s3_key                = optional(string)
    enable_snap_start     = optional(bool, false)

    function_concurrency_limit = optional(number)
  }))
  description = "Map of functions and associated configurations."
}

variable "internal_entrypoint_config" {
  type = map(set(object({
    name                = string
    description         = optional(string, null)
    event_pattern_json  = optional(string, "")
    schedule_expression = optional(string, "")
  })))
  description = "Map of > 0 internal entrypoint configuration triggers."
  default     = {}
}

variable "external_entrypoint_config" {
  type = map(set(object({
    name                = string
    description         = optional(string, null)
    event_pattern_json  = optional(string, "")
    schedule_expression = optional(string, "")
    event_bus_name      = string
    source_account      = optional(string, null)
  })))
  description = "Map of > 0 external entrypoint configuration triggers."
  default     = {}
}

variable "event_bus_config" {
  type        = map(string)
  description = "Map of external event bus names that Lambda functions need access to. Allowed keys are 'org_event_bus_name' and 'domain_event_bus_name'. Values should be the actual event bus names. This configuration creates IAM permissions for PutEvents action and sets corresponding environment variables (ORG_EVENT_BUS and DOMAIN_EVENT_BUS) in Lambda functions."
  default     = {}
  validation {
    condition = alltrue([
      for k in keys(var.event_bus_config) : contains(["org_event_bus_name", "domain_event_bus_name"], k)
    ])
    error_message = "Keys can only be 'org_event_bus_name' or 'domain_event_bus_name'."
  }
}

variable "artifact_bucket" {
  type        = string
  description = "Bucket that stores function artifacts and layer dependencies if using zip based deployment."
  default     = ""
}

variable "artifact_bucket_key" {
  type        = string
  description = "File name key of the artifact to load if using zip based deployment."
  default     = ""
}

variable "container_image_uri" {
  type        = string
  description = "ECR image URI if using container based deployment."
  default     = ""
}

variable "application_env_vars" {
  type        = map(any)
  description = "Map of environment variables required by any function in the application."
  default     = {}
}

variable "application_memory" {
  type        = number
  description = "Memory allocated to all functions in the application. Defaults to `128`."
  default     = 128
}

variable "application_timeout" {
  type        = number
  description = "Timeout in seconds for all functions in the application. Defaults to `3`."
  default     = 3
}

variable "vpc_subnet_ids" {
  type        = list(string)
  description = "List of subnet IDs associated with the Lambda function"
  default     = []
}

variable "vpc_security_group_ids" {
  type        = list(string)
  description = "List of security group IDs associated with the Lambda function"
  default     = []
}

variable "layer_artifact_key" {
  type        = string
  description = "File name key of the layer artifact to load if using zip based deployment for the Lambda layer."
  default     = ""
}

variable "aws_cloudwatch_log_group_retention_in_days" {
  type        = number
  description = "The retention period in days of all log group created for each function. Defaults to `30`."
  default     = 30
}

variable "parameter_store_path" {
  type        = string
  description = "SSM parameter path"
  default     = ""
}

variable "ssm_kms_key_arn" {
  type        = string
  description = "Either he customer managed KMS or AWS manages key arn used for encrypting `SecureSting` parameters"
  default     = ""
}

variable "alias_name" {
  type        = string
  description = "Name of the alias being created"
  default     = "live"
}

variable "alias_description" {
  type        = string
  description = "Name of the alias being created"
  default     = "Default alias"
}

variable "iam_resource_path" {
  type        = string
  description = "The path for IAM roles and policies"
  default     = "/"
}

variable "custom_policy_document" {
  type        = string
  description = "A valid policy json string that defines additional actions required by the execution role of the Lambda function"
  default     = ""
}

variable "custom_policy_description" {
  type        = string
  description = "Allows to override the custom Lambda policy's description"
  default     = ""
}

variable "additional_layers" {
  type        = list(string)
  description = "A list of layer ARN's (with or without aliases) to add to all functions within the Lambda application. Provides the ability to add dependencies for additional functionality such as monitoring and observability."
  default     = []
}

variable "tags" {
  type        = map(any)
  description = "Additional tags that are added to all resources in this module."
  default     = {}
}

variable "tracking_config" {
  type        = string
  default     = "PassThrough"
  description = "Sets the passing of sample and tracing of calls, possible values are `Passthrough`(default) or `Active`"
  validation {
    condition     = contains(["PassThrough", "Active"], var.tracking_config)
    error_message = "The tracking_config must be either 'PassThrough' or 'Active'"
  }
}