terraform_aws_lambda_with_iam_role_and_zip_archive.tf

1data "aws_iam_policy_document" "assume_role" {
2  statement {
3    effect = "Allow"
4
5    principals {
6      type        = "Service"
7      identifiers = ["lambda.amazonaws.com"]
8    }
9
10    actions = ["sts:AssumeRole"]
11  }
12}
13
14resource "aws_iam_role" "iam_for_lambda" {
15  name               = "iam_for_lambda"
16  assume_role_policy = data.aws_iam_policy_document.assume_role.json
17}
18
19data "archive_file" "lambda" {
20  type        = "zip"
21  source_file = "lambda.js"
22  output_path = "lambda_function_payload.zip"
23}
24
25resource "aws_lambda_function" "test_lambda" {
26  # If the file is not in the current working directory you will need to use a 
27  # full path.
28  filename      = "lambda_function_payload.zip"
29  function_name = "lambda_function_name"
30  role          = aws_iam_role.iam_for_lambda.arn
31  handler       = "index.test"
32
33  source_code_hash = data.archive_file.lambda.output_base64sha256
34
35  runtime = "nodejs18.x"
36
37  environment {
38    variables = {
39      foo = "bar"
40    }
41  }
42}