Currently we are requiring a duplicate of the custom_lambda_policy to be passed into both the assume_role module and the sqs_lambda module.
To prevent errors and promote DRY code, we should figure out a way to have this declared once and passed into both modules.
An example of this duplication can be found here:
https://github.com/reflexivesecurity/reflex-aws-s3-bucket-not-encrypted/blob/master/terraform/assume_role/assume_role.tf
https://github.com/reflexivesecurity/reflex-aws-s3-bucket-not-encrypted/blob/master/terraform/sqs_lambda/sqs_lambda.tf
Currently we are requiring a duplicate of the custom_lambda_policy to be passed into both the assume_role module and the sqs_lambda module.
To prevent errors and promote DRY code, we should figure out a way to have this declared once and passed into both modules.
An example of this duplication can be found here:
https://github.com/reflexivesecurity/reflex-aws-s3-bucket-not-encrypted/blob/master/terraform/assume_role/assume_role.tf
https://github.com/reflexivesecurity/reflex-aws-s3-bucket-not-encrypted/blob/master/terraform/sqs_lambda/sqs_lambda.tf