This module makes it easy to deploy and manage an AWS Lambda@Edge function.
Lambda@Edge gives you a way to run code on-demand in AWS Edge locations without having to manage servers.
Lambda@Edge has the following limitations compared to regular Lambda (see
the CloudFront Developer Guide
for the full details):
The functions must not have any environment variables.
The execution timeout must not be higher than 30 seconds.
The function must be versioned in order to be a target for Cloudfront events.
The function must be deployed in the us-east-1 region.
The function runtime must be nodejs6.10 or nodejs8.10.
How do you use this module?
See the root README for instructions on using Terraform modules.
See vars.tf for all the variables you can set on this module.
The general idea is to:
Create a folder that contains your source code in one of the supported languages: Python, JavaScript, Java, etc (see
Lambda programming model for the complete
list).
Use this lambda-edge module to automatically zip that folder, upload it to AWS, and configure it as a Lambda function.
Trigger your Lambda function using one of the following options:
AWS Lambda lets you run code without provisioning or managing servers. You define a
function in a supported language (currently: Python, JavaScript, Java, and C#), upload the code to Lambda, specify how
that function can be triggered, and then AWS Lambda takes care of all the details of deploying and scaling the
infrastructure to run that code.
How do you add additional IAM policies and permissions?
By default, the lambda-edge module configures your lambda function with an IAM role that allows it to write logs to
CloudWatch Logs. The ID of the IAM role is exported as the output iam_role_id and the ID of the lambda function is
exported as the output function_arn, so you can add custom rules using the aws_iam_role_policy or
aws_lambda_permission resources, respectively. For example, to allow your lambda function to be triggered by SNS:
{"treedata":{"name":"root","toggled":true,"children":[{"name":".circleci","children":[{"name":"config.yml","path":".circleci/config.yml","sha":"392e09417e23cd1470f1d5eb3aceaee6024892a3"}]},{"name":".gitignore","path":".gitignore","sha":"aa837f97f0d43541ff287f4159f56665a06053a9"},{"name":"CODEOWNERS","path":"CODEOWNERS","sha":"6bddb3ff6e1b3dfaba7cf180e56bca12c245be56"},{"name":"LICENSE.txt","path":"LICENSE.txt","sha":"f4e3d9bd4717a044ed31ad847a300eee74371a78"},{"name":"README.md","path":"README.md","sha":"07394364624f37f623214a30173ce117abb2ef40"},{"name":"examples","children":[{"name":"lambda-build","children":[{"name":"README.md","path":"examples/lambda-build/README.md","sha":"922fd81fe36879d68d3b4d850ae131100590379c"},{"name":"main.tf","path":"examples/lambda-build/main.tf","sha":"a0f82b70e5c7562ea13b458f8acbeed1bf833303"},{"name":"outputs.tf","path":"examples/lambda-build/outputs.tf","sha":"28fc5ab8cc109b761b4697e68067f4eefc6ee0dd"},{"name":"python","children":[{"name":"Dockerfile","path":"examples/lambda-build/python/Dockerfile","sha":"733d628db3e066d8d23076d035fdd3a26ca80bf8"},{"name":"build.sh","path":"examples/lambda-build/python/build.sh","sha":"bf53f2bdde463e8bd2f1a4f93009ecb1c6c0c206"},{"name":"requirements.txt","path":"examples/lambda-build/python/requirements.txt","sha":"451185f2d13849f778627a85aab7238efdb8e228"},{"name":"src","children":[{"name":"__init.py__","path":"examples/lambda-build/python/src/__init.py__","sha":"1b58820b01935d58928ad905427bd838c5e80123"},{"name":"index.py","path":"examples/lambda-build/python/src/index.py","sha":"d0233c21dc7572caead57e7e60c8d75a13312ea0"},{"name":"test_harness.py","path":"examples/lambda-build/python/src/test_harness.py","sha":"73edf34edf789e6f57b0d8288cedb22ec9d37bc3"}]}]},{"name":"vars.tf","path":"examples/lambda-build/vars.tf","sha":"710180fdf863e29404fa186f217fd704be46060e"}]},{"name":"lambda-edge","children":[{"name":"README.md","path":"examples/lambda-edge/README.md","sha":"3d5f9863348407a5a11d00240a5dc92e84a8e3df"},{"name":"main.tf","path":"examples/lambda-edge/main.tf","sha":"520f934e44e37d513669e43717f2977cd8236e3e"},{"name":"nodejs","children":[{"name":"index.js","path":"examples/lambda-edge/nodejs/index.js","sha":"927b0d194260ca2517369f584a0b49513433f8e9"}]},{"name":"outputs.tf","path":"examples/lambda-edge/outputs.tf","sha":"f26239ec90f6ceca5165be5d5b9f9fb26635120e"},{"name":"vars.tf","path":"examples/lambda-edge/vars.tf","sha":"696c7c319ca3c2d4b6ca10e79ca6ce8efbf57b51"}]},{"name":"lambda-keep-warm","children":[{"name":"README.md","path":"examples/lambda-keep-warm/README.md","sha":"d9828b74307b72a59f9c62c5578adc9a3dd7ae59"},{"name":"main.tf","path":"examples/lambda-keep-warm/main.tf","sha":"520623beb4453747b06d00bf887517aff5e2fc77"},{"name":"outputs.tf","path":"examples/lambda-keep-warm/outputs.tf","sha":"62a79ed810f3cde44b54d91505647e358752ff4a"},{"name":"src","children":[{"name":"index.js","path":"examples/lambda-keep-warm/src/index.js","sha":"a06e3ce1dddfe2692eeb5b2606873affc975bb76"}]},{"name":"vars.tf","path":"examples/lambda-keep-warm/vars.tf","sha":"1409b361ac77a8a5c64868de4dc06c716f2dcf66"}]},{"name":"lambda-s3-deployment-package","children":[{"name":"README.md","path":"examples/lambda-s3-deployment-package/README.md","sha":"a4adf84621831cdc686ad125a567957a8f8967c7"},{"name":"main.tf","path":"examples/lambda-s3-deployment-package/main.tf","sha":"bce242e70983fd5ea801d64a6e7b2c93f29642a6"},{"name":"outputs.tf","path":"examples/lambda-s3-deployment-package/outputs.tf","sha":"28fc5ab8cc109b761b4697e68067f4eefc6ee0dd"},{"name":"python","children":[{"name":"index.py","path":"examples/lambda-s3-deployment-package/python/index.py","sha":"eaa4418c2160ad4c4d3af22db1486792e6fee11f"},{"name":"test_harness.py","path":"examples/lambda-s3-deployment-package/python/test_harness.py","sha":"6c8f8c4c4a9ac1aedd12a5e0babae588565d22b4"}]},{"name":"vars.tf","path":"examples/lambda-s3-deployment-package/vars.tf","sha":"c21f2df459e0775158faa1dd9e86cb0666d688c4"}]},{"name":"lambda-s3","children":[{"name":"README.md","path":"examples/lambda-s3/README.md","sha":"037fbac52c44915b0fc66c47b0337441a64495ce"},{"name":"images","children":[{"name":"gruntwork-logo.png","path":"examples/lambda-s3/images/gruntwork-logo.png","sha":"a351cbef55bb12a9aa2652469416a388e9e276de"}]},{"name":"main.tf","path":"examples/lambda-s3/main.tf","sha":"f69a3fe08ee5190b6ebc5e5473175a8742369ce2"},{"name":"outputs.tf","path":"examples/lambda-s3/outputs.tf","sha":"729892970d1ffc9122cef114133614945b9c7853"},{"name":"python","children":[{"name":"index.py","path":"examples/lambda-s3/python/index.py","sha":"9382fa2e2c3956f1c5ae1467de0f3942cad5bf34"},{"name":"test_harness.py","path":"examples/lambda-s3/python/test_harness.py","sha":"723f97fdacc7155bac0a3d9e12715a7bd6ba6c41"}]},{"name":"vars.tf","path":"examples/lambda-s3/vars.tf","sha":"78e462f4afb85041b84eda68b51e147923331c1c"}]},{"name":"lambda-vpc","children":[{"name":"README.md","path":"examples/lambda-vpc/README.md","sha":"af08d793ac3a6c5d5251cbe88ab2358c56616a84"},{"name":"javascript","children":[{"name":"index.js","path":"examples/lambda-vpc/javascript/index.js","sha":"1c4d37c47144c12acaa1306952c6e8512b201744"}]},{"name":"main.tf","path":"examples/lambda-vpc/main.tf","sha":"975de2493c5e75c69b5d59b4dcc20e36717d8dad"},{"name":"outputs.tf","path":"examples/lambda-vpc/outputs.tf","sha":"eb9cbc764168459df0fa63742281ef87b5919f2e"},{"name":"vars.tf","path":"examples/lambda-vpc/vars.tf","sha":"a704360ae723cf0ef89bdb731cf2c44a4ad8f5ad"}]},{"name":"scheduled-lambda-job","children":[{"name":"README.md","path":"examples/scheduled-lambda-job/README.md","sha":"d757b26ae306a94fc854fbbaaebedc1ae26d82b6"},{"name":"javascript","children":[{"name":"index.js","path":"examples/scheduled-lambda-job/javascript/index.js","sha":"92e0906a7d45397aedbda160a61f50321f7c23e4"}]},{"name":"main.tf","path":"examples/scheduled-lambda-job/main.tf","sha":"fda3f3127c852555b1b20024af2f066e5d3e3ea0"},{"name":"outputs.tf","path":"examples/scheduled-lambda-job/outputs.tf","sha":"eb9cbc764168459df0fa63742281ef87b5919f2e"},{"name":"vars.tf","path":"examples/scheduled-lambda-job/vars.tf","sha":"e500f45cd0dbbf3ef186246770f12487c5a93b5c"}]}]},{"name":"modules","children":[{"name":"keep-warm","children":[{"name":"README.md","path":"modules/keep-warm/README.md","sha":"a8a9f0ee146ec91086c0eea811c50b64cd452673"},{"name":"main.tf","path":"modules/keep-warm/main.tf","sha":"2377ad49f1e5710f11603fb48ae6dda0c4444f5f"},{"name":"outputs.tf","path":"modules/keep-warm/outputs.tf","sha":"5fc4667c38e2694986e16b9808e9957ec0ad5d5b"},{"name":"src","children":[{"name":"index.js","path":"modules/keep-warm/src/index.js","sha":"16c923525b669ef04cfb039349ad6dd906720caa"}]},{"name":"vars.tf","path":"modules/keep-warm/vars.tf","sha":"af0fe8836a6bfd5f929a9534290c6e8f5943037a"}]},{"name":"lambda-edge","children":[{"name":"README.md","path":"modules/lambda-edge/README.md","sha":"49ef6d03e583881ffb51d47173dc7eff07aea90e","toggled":true},{"name":"main.tf","path":"modules/lambda-edge/main.tf","sha":"8f33ef3cfd1fecb99caf84a9e7774174defaa201"},{"name":"outputs.tf","path":"modules/lambda-edge/outputs.tf","sha":"275b9eda581185081ec7b34ba330d9204c4789dd"},{"name":"vars.tf","path":"modules/lambda-edge/vars.tf","sha":"3e6657c61a7e2b374581ca4c084e119895e18e1e"}],"toggled":true},{"name":"lambda","children":[{"name":"README.md","path":"modules/lambda/README.md","sha":"8ea73cfb7ef91fb4ce57f2350fd0e74fd3e7cc6e"},{"name":"main.tf","path":"modules/lambda/main.tf","sha":"7a17f4075f7097df24946abb9d6a450aa57ee099"},{"name":"outputs.tf","path":"modules/lambda/outputs.tf","sha":"b6b8dccc8b9829f62d735bedbcc8b5e81bc337e5"},{"name":"vars.tf","path":"modules/lambda/vars.tf","sha":"6a67014760509853494ebb279300c3c2fc608e73"}]},{"name":"scheduled-lambda-job","children":[{"name":"README.md","path":"modules/scheduled-lambda-job/README.md","sha":"ea9c111f016d8e6546d8608dd7fc25433a1fc7d0"},{"name":"main.tf","path":"modules/scheduled-lambda-job/main.tf","sha":"088a73a76e8b2abbb861d1f1f38b228ed2b1fbf4"},{"name":"vars.tf","path":"modules/scheduled-lambda-job/vars.tf","sha":"21c26194408239aa982948c517d69ebd60d180db"}]}],"toggled":true},{"name":"owners.txt","path":"owners.txt","sha":"bc3c9b6136485d9fa12b39f55b2ebbdeaa03583f"},{"name":"test","children":[{"name":"Gopkg.lock","path":"test/Gopkg.lock","sha":"2972444da33e1fef91ef8759c3d125a87ad44372"},{"name":"Gopkg.toml","path":"test/Gopkg.toml","sha":"a3a33a05db583af65f76ba9bf604c5d31f3f2df3"},{"name":"README.md","path":"test/README.md","sha":"ef26d3851db2fff0b36dfa61379724c0db9ff281"},{"name":"gruntwork-logo.base64.txt","path":"test/gruntwork-logo.base64.txt","sha":"e94e107e3a8ea8c875a4489071137a38d279dc10"},{"name":"helpers_test.go","path":"test/helpers_test.go","sha":"16d4ce0e35669ce6e25506fa4b14460843ceeac6"},{"name":"lambda_build_test.go","path":"test/lambda_build_test.go","sha":"edd62e9debc38e14e1d968e732c6d11a8215fb78"},{"name":"lambda_edge_test.go","path":"test/lambda_edge_test.go","sha":"25b0659f4defc830cb26ea26dca2fbcb508c2399"},{"name":"lambda_keep_warm_test.go","path":"test/lambda_keep_warm_test.go","sha":"a1dbfe5f233d7b29e5e8aced6e0c407394253fb9"},{"name":"lambda_s3_deployment_package_test.go","path":"test/lambda_s3_deployment_package_test.go","sha":"bd4e5beba70a429179fc9adf5d9853c85c9b3288"},{"name":"lambda_s3_test.go","path":"test/lambda_s3_test.go","sha":"cacdc85d92552d95d4a6cb3197ba2f9156c08ff4"},{"name":"lambda_vpc_test.go","path":"test/lambda_vpc_test.go","sha":"aaddcfd890ebc2c9e407cfd2e668d1c6894ee749"},{"name":"scheduled_lambda_job_test.go","path":"test/scheduled_lambda_job_test.go","sha":"124e63f7b9ec477503a881192f860e9c87d016c8"}]}]},"detailsContent":"<h1 class=\"preview__body--title\" id=\"lambda-edge-function-module\">Lambda@Edge Function Module</h1><div class=\"preview__body--border\"></div><p>This module makes it easy to deploy and manage an <a href=\"https://aws.amazon.com/lambda/edge/\" class=\"preview__body--description--blue\" target=\"_blank\">AWS Lambda@Edge</a> function.\nLambda@Edge gives you a way to run code on-demand in AWS Edge locations without having to manage servers.</p>\n<p>Lambda@Edge has the following limitations compared to regular Lambda (see\n<a href=\"https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-requirements-limits.html\" class=\"preview__body--description--blue\" target=\"_blank\">the CloudFront Developer Guide</a>\nfor the full details):</p>\n<ul>\n<li>The functions must not have any environment variables.</li>\n<li>The execution timeout must not be higher than 30 seconds.</li>\n<li>The function must be versioned in order to be a target for Cloudfront events.</li>\n<li>The function must be deployed in the <code>us-east-1</code> region.</li>\n<li>The function runtime must be <code>nodejs6.10</code> or <code>nodejs8.10</code>.</li>\n</ul>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-use-this-module\">How do you use this module?</h2>\n<ul>\n<li>See the <a href=\"/repos/v0.7.1/package-lambda/README.md\" class=\"preview__body--description--blue\">root README</a> for instructions on using Terraform modules.</li>\n<li>See the <a href=\"/repos/v0.7.1/package-lambda/examples/lambda-edge\" class=\"preview__body--description--blue\">lambda-edge example</a> folder for sample usage.</li>\n<li>See <a href=\"/repos/v0.7.1/package-lambda/modules/lambda-edge/vars.tf\" class=\"preview__body--description--blue\">vars.tf</a> for all the variables you can set on this module.</li>\n</ul>\n<p>The general idea is to:</p>\n<ol>\n<li>Create a folder that contains your source code in one of the supported languages: Python, JavaScript, Java, etc (see\n<a href=\"https://docs.aws.amazon.com/lambda/latest/dg/programming-model-v2.html\" class=\"preview__body--description--blue\" target=\"_blank\">Lambda programming model</a> for the complete\nlist).</li>\n<li>Use this <code>lambda-edge</code> module to automatically zip that folder, upload it to AWS, and configure it as a Lambda function.</li>\n<li>Trigger your Lambda function using one of the following options:\n<ol>\n<li><a href=\"https://console.aws.amazon.com/lambda/home\" class=\"preview__body--description--blue\" target=\"_blank\">AWS Console UI</a>.</li>\n<li><a href=\"http://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html\" class=\"preview__body--description--blue\" target=\"_blank\">AWS API</a>.</li>\n<li><a href=\"http://docs.aws.amazon.com/cli/latest/reference/lambda/invoke.html\" class=\"preview__body--description--blue\" target=\"_blank\">AWS CLI</a>.</li>\n<li><a href=\"http://docs.aws.amazon.com/apigateway/latest/developerguide/getting-started.html\" class=\"preview__body--description--blue\" target=\"_blank\">API Gateway</a> API you expose.</li>\n<li>An <a href=\"http://docs.aws.amazon.com/lambda/latest/dg/invoking-lambda-function.html\" class=\"preview__body--description--blue\" target=\"_blank\">event source</a>, such as a new\nCloudfront event.</li>\n</ol>\n</li>\n</ol>\n<h2 class=\"preview__body--subtitle\" id=\"what-is-aws-lambda\">What is AWS Lambda?</h2>\n<p><a href=\"https://aws.amazon.com/lambda/\" class=\"preview__body--description--blue\" target=\"_blank\">AWS Lambda</a> lets you run code without provisioning or managing servers. You define a\nfunction in a supported language (currently: Python, JavaScript, Java, and C#), upload the code to Lambda, specify how\nthat function can be triggered, and then AWS Lambda takes care of all the details of deploying and scaling the\ninfrastructure to run that code.</p>\n<h2 class=\"preview__body--subtitle\" id=\"how-do-you-add-additional-iam-policies-and-permissions\">How do you add additional IAM policies and permissions?</h2>\n<p>By default, the <code>lambda-edge</code> module configures your lambda function with an IAM role that allows it to write logs to\nCloudWatch Logs. The ID of the IAM role is exported as the output <code>iam_role_id</code> and the ID of the lambda function is\nexported as the output <code>function_arn</code>, so you can add custom rules using the <code>aws_iam_role_policy</code> or\n<code>aws_lambda_permission</code> resources, respectively. For example, to allow your lambda function to be triggered by SNS:</p>\n<pre><span class=\"hljs-keyword\">module</span> <span class=\"hljs-string\">\"my_lambda_function\"</span> {\n source = <span class=\"hljs-string\">\"git::git@github.com:gruntwork-io/package-lambda.git//modules/lambda-edge?ref=v1.0.8\"</span>\n <span class=\"hljs-comment\"># (params omitted)</span>\n}\n\n<span class=\"hljs-keyword\">resource</span> <span class=\"hljs-string\">\"aws_lambda_permission\"</span> <span class=\"hljs-string\">\"with_sns\"</span> {\n statement_id = <span class=\"hljs-string\">\"AllowExecutionFromSNS\"</span>\n action = <span class=\"hljs-string\">\"lambda:InvokeFunction\"</span>\n function_name = <span class=\"hljs-string\">\"<span class=\"hljs-variable\">${module.my_lambda_function.function_arn}</span>\"</span>\n principal = <span class=\"hljs-string\">\"sns.amazonaws.com\"</span>\n source_arn = <span class=\"hljs-string\">\"<span class=\"hljs-variable\">${aws_sns_topic.default.arn}</span>\"</span>\n}\n</pre>\n<h2 class=\"preview__body--subtitle\" id=\"how-to-trigger-this-lambda-function-from-cloudfront\">How to trigger this Lambda function from Cloudfront</h2>\n<p>This module deploys the Lambda function but doesn't create any CloudFront trigger. There are two ways to create those\ntriggers:</p>\n<ol>\n<li>Using terraform (but support for this is currently not available in the CloudFront module).</li>\n<li>Manually from the AWS Console as described in the\n<a href=\"https://docs.aws.amazon.com/lambda/latest/dg/lambda-edge.html#lambda-edge-add-triggers\" class=\"preview__body--description--blue\" target=\"_blank\">Lambda@Edge documentation</a></li>\n</ol>\n","repoName":"package-lambda","repoRef":"v0.7.1","serviceDescriptor":{"serviceName":"AWS Lambda","serviceRepoName":"package-lambda","serviceRepoOrg":"gruntwork-io","cloudProviders":["aws"],"description":"Deploy Lambda functions with Terraform. Supports uploading deployment packages, configuring environment variables, and scheduled functions.","imageUrl":"lambda.png","licenseType":"subscriber","technologies":["Terraform","Bash"],"compliance":[],"tags":[""]},"serviceCategoryName":"Serverless","fileName":"README.md","filePath":"/modules/lambda-edge","title":"Repo Browser: AWS Lambda","description":"Browse the repos in the Gruntwork Infrastructure as Code Library."}