nulib
diff --git a/‎README.md
Lines changed: 1 addition & 0 deletions b/‎README.md
Lines changed: 1 addition & 0 deletions
diff --git a/‎examples/multiple-regions/.gitignore
Lines changed: 1 addition & 0 deletions b/‎examples/multiple-regions/.gitignore
Lines changed: 1 addition & 0 deletions
diff --git a/‎examples/multiple-regions/README.md
Lines changed: 63 additions & 0 deletions b/‎examples/multiple-regions/README.md
Lines changed: 63 additions & 0 deletions
diff --git a/‎examples/multiple-regions/main.tf
Lines changed: 223 additions & 0 deletions b/‎examples/multiple-regions/main.tf
Lines changed: 223 additions & 0 deletions
diff --git a/‎examples/multiple-regions/outputs.tf
Lines changed: 99 additions & 0 deletions b/‎examples/multiple-regions/outputs.tf
Lines changed: 99 additions & 0 deletions
diff --git a/‎examples/multiple-regions/variables.tf b/‎examples/multiple-regions/variables.tf
@@ -549,6 +549,7 @@ Q4: What does this error mean - `"We currently do not support adding policies fo
 * [Async Invocations](https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/async) - Create Lambda Function with async event configuration (with SQS and SNS integration).
 * [With VPC](https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/with-vpc) - Create Lambda Function with VPC.
 * [With EFS](https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/with-efs) - Create Lambda Function with Elastic File System attached (Terraform 0.13+ is recommended).
+* [Multiple regions](https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/multiple-regions) - Create the same Lambda Function in multiple regions with non-conflicting IAM roles and policies.
 
 
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
@@ -0,0 +1 @@
+builds/*
@@ -0,0 +1,63 @@
+# AWS Lambda Functions in several regions
+
+Configuration in this directory creates AWS Lambda Functions in several regions with non-conflicting IAM roles and policies.
+
+
+## Usage
+
+To run this example you need to execute:
+
+```bash
+$ terraform init
+$ terraform plan
+$ terraform apply
+```
+
+Note that this example may create resources which cost money. Run `terraform destroy` when you don't need these resources.
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Requirements
+
+| Name | Version |
+|------|---------|
+| terraform | >= 0.12.6 |
+| aws | >= 2.67 |
+| random | >= 2 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| aws | >= 2.67 |
+| aws.us-east-1 | >= 2.67 |
+| random | >= 2 |
+
+## Inputs
+
+No input.
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| lambda\_cloudwatch\_log\_group\_arn | The ARN of the Cloudwatch Log Group |
+| lambda\_role\_arn | The ARN of the IAM role created for the Lambda Function |
+| lambda\_role\_name | The name of the IAM role created for the Lambda Function |
+| local\_filename | The filename of zip archive deployed (if deployment was from local) |
+| s3\_object | The map with S3 object data of zip archive deployed (if deployment was from S3) |
+| this\_lambda\_function\_arn | The ARN of the Lambda Function |
+| this\_lambda\_function\_invoke\_arn | The Invoke ARN of the Lambda Function |
+| this\_lambda\_function\_kms\_key\_arn | The ARN for the KMS encryption key of Lambda Function |
+| this\_lambda\_function\_last\_modified | The date Lambda Function resource was last modified |
+| this\_lambda\_function\_name | The name of the Lambda Function |
+| this\_lambda\_function\_qualified\_arn | The ARN identifying your Lambda Function Version |
+| this\_lambda\_function\_source\_code\_hash | Base64-encoded representation of raw SHA-256 sum of the zip file |
+| this\_lambda\_function\_source\_code\_size | The size in bytes of the function .zip file |
+| this\_lambda\_function\_version | Latest published version of Lambda Function |
+| this\_lambda\_layer\_arn | The ARN of the Lambda Layer with version |
+| this\_lambda\_layer\_created\_date | The date Lambda Layer resource was created |
+| this\_lambda\_layer\_layer\_arn | The ARN of the Lambda Layer without version |
+| this\_lambda\_layer\_source\_code\_size | The size in bytes of the Lambda Layer .zip file |
+| this\_lambda\_layer\_version | The Lambda Layer version |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
@@ -0,0 +1,223 @@
+provider "aws" {
+  region = "eu-west-1"
+
+  # Make it faster by skipping something
+  skip_get_ec2_platforms      = true
+  skip_metadata_api_check     = true
+  skip_region_validation      = true
+  skip_credentials_validation = true
+  skip_requesting_account_id  = true
+}
+
+provider "aws" {
+  region = "us-east-1"
+  alias  = "us-east-1"
+
+  # Make it faster by skipping something
+  skip_get_ec2_platforms      = true
+  skip_metadata_api_check     = true
+  skip_region_validation      = true
+  skip_credentials_validation = true
+  skip_requesting_account_id  = true
+}
+
+################################
+# Lambda Function in one region
+################################
+
+module "lambda_function" {
+  source = "../../"
+
+  function_name = "${random_pet.this.id}-lambda1"
+  description   = "My awesome lambda function"
+  handler       = "index.lambda_handler"
+  runtime       = "python3.8"
+  publish       = true
+
+  source_path = "${path.module}/../fixtures/python3.8-app1"
+
+  attach_dead_letter_policy = true
+  dead_letter_target_arn    = aws_sqs_queue.dlq.arn
+
+  ######################
+  # Additional policies
+  ######################
+
+  attach_policy_json = true
+  policy_json        = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "xray:GetSamplingStatisticSummaries"
+            ],
+            "Resource": ["*"]
+        }
+    ]
+}
+EOF
+
+  attach_policy_jsons = true
+  policy_jsons = [<<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "xray:*"
+            ],
+            "Resource": ["*"]
+        }
+    ]
+}
+EOF
+  ]
+  number_of_policy_jsons = 1
+
+  attach_policy = true
+  policy        = "arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess"
+
+  attach_policies    = true
+  policies           = ["arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess"]
+  number_of_policies = 1
+
+  attach_policy_statements = true
+  policy_statements = {
+    dynamodb = {
+      effect    = "Allow",
+      actions   = ["dynamodb:BatchWriteItem"],
+      resources = ["arn:aws:dynamodb:eu-west-1:052212379155:table/Test"]
+    },
+    s3_read = {
+      effect    = "Deny",
+      actions   = ["s3:HeadObject", "s3:GetObject"],
+      resources = ["arn:aws:s3:::my-bucket/*"]
+    }
+  }
+
+  ###########################
+  # END: Additional policies
+  ###########################
+
+  tags = {
+    Module = "lambda1"
+  }
+}
+
+##################################################
+# Same Lambda Function but in another region
+# (used to verify conflicting IAM resource names)
+##################################################
+
+module "lambda_function_another_region" {
+  source = "../../"
+
+  ###########################################################
+  # Using different region and IAM role name (policy prefix)
+  ###########################################################
+  providers = {
+    aws = aws.us-east-1
+  }
+
+  role_name = "another-one-us-east-1"
+  ###########################################################
+
+  function_name = "${random_pet.this.id}-lambda1"
+  description   = "Copy of my awesome lambda function"
+  handler       = "index.lambda_handler"
+  runtime       = "python3.8"
+  publish       = true
+
+  source_path = "${path.module}/../fixtures/python3.8-app1"
+
+  attach_dead_letter_policy = true
+  dead_letter_target_arn    = aws_sqs_queue.dlq_us_east_1.arn
+
+  ######################
+  # Additional policies
+  ######################
+
+  attach_policy_json = true
+  policy_json        = <<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "xray:GetSamplingStatisticSummaries"
+            ],
+            "Resource": ["*"]
+        }
+    ]
+}
+EOF
+
+  attach_policy_jsons = true
+  policy_jsons = [<<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "xray:*"
+            ],
+            "Resource": ["*"]
+        }
+    ]
+}
+EOF
+  ]
+  number_of_policy_jsons = 1
+
+  attach_policy = true
+  policy        = "arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess"
+
+  attach_policies    = true
+  policies           = ["arn:aws:iam::aws:policy/AWSXrayReadOnlyAccess"]
+  number_of_policies = 1
+
+  attach_policy_statements = true
+  policy_statements = {
+    dynamodb = {
+      effect    = "Allow",
+      actions   = ["dynamodb:BatchWriteItem"],
+      resources = ["arn:aws:dynamodb:eu-west-1:052212379155:table/Test"]
+    },
+    s3_read = {
+      effect    = "Deny",
+      actions   = ["s3:HeadObject", "s3:GetObject"],
+      resources = ["arn:aws:s3:::my-bucket/*"]
+    }
+  }
+
+  ###########################
+  # END: Additional policies
+  ###########################
+
+  tags = {
+    Module = "lambda_function_in_another_region"
+  }
+}
+
+##################
+# Extra resources
+##################
+
+resource "random_pet" "this" {
+  length = 2
+}
+
+resource "aws_sqs_queue" "dlq" {
+  name = random_pet.this.id
+}
+
+resource "aws_sqs_queue" "dlq_us_east_1" {
+  name = random_pet.this.id
+
+  provider = aws.us-east-1
+}
@@ -0,0 +1,99 @@
+# Lambda Function
+output "this_lambda_function_arn" {
+  description = "The ARN of the Lambda Function"
+  value       = module.lambda_function.this_lambda_function_arn
+}
+
+output "this_lambda_function_invoke_arn" {
+  description = "The Invoke ARN of the Lambda Function"
+  value       = module.lambda_function.this_lambda_function_invoke_arn
+}
+
+output "this_lambda_function_name" {
+  description = "The name of the Lambda Function"
+  value       = module.lambda_function.this_lambda_function_name
+}
+
+output "this_lambda_function_qualified_arn" {
+  description = "The ARN identifying your Lambda Function Version"
+  value       = module.lambda_function.this_lambda_function_qualified_arn
+}
+
+output "this_lambda_function_version" {
+  description = "Latest published version of Lambda Function"
+  value       = module.lambda_function.this_lambda_function_version
+}
+
+output "this_lambda_function_last_modified" {
+  description = "The date Lambda Function resource was last modified"
+  value       = module.lambda_function.this_lambda_function_last_modified
+}
+
+output "this_lambda_function_kms_key_arn" {
+  description = "The ARN for the KMS encryption key of Lambda Function"
+  value       = module.lambda_function.this_lambda_function_kms_key_arn
+}
+
+output "this_lambda_function_source_code_hash" {
+  description = "Base64-encoded representation of raw SHA-256 sum of the zip file"
+  value       = module.lambda_function.this_lambda_function_source_code_hash
+}
+
+output "this_lambda_function_source_code_size" {
+  description = "The size in bytes of the function .zip file"
+  value       = module.lambda_function.this_lambda_function_source_code_size
+}
+
+# Lambda Layer
+output "this_lambda_layer_arn" {
+  description = "The ARN of the Lambda Layer with version"
+  value       = module.lambda_function.this_lambda_layer_arn
+}
+
+output "this_lambda_layer_layer_arn" {
+  description = "The ARN of the Lambda Layer without version"
+  value       = module.lambda_function.this_lambda_layer_layer_arn
+}
+
+output "this_lambda_layer_created_date" {
+  description = "The date Lambda Layer resource was created"
+  value       = module.lambda_function.this_lambda_layer_created_date
+}
+
+output "this_lambda_layer_source_code_size" {
+  description = "The size in bytes of the Lambda Layer .zip file"
+  value       = module.lambda_function.this_lambda_layer_source_code_size
+}
+
+output "this_lambda_layer_version" {
+  description = "The Lambda Layer version"
+  value       = module.lambda_function.this_lambda_layer_version
+}
+
+# IAM Role
+output "lambda_role_arn" {
+  description = "The ARN of the IAM role created for the Lambda Function"
+  value       = module.lambda_function.lambda_role_arn
+}
+
+output "lambda_role_name" {
+  description = "The name of the IAM role created for the Lambda Function"
+  value       = module.lambda_function.lambda_role_name
+}
+
+# CloudWatch Log Group
+output "lambda_cloudwatch_log_group_arn" {
+  description = "The ARN of the Cloudwatch Log Group"
+  value       = module.lambda_function.lambda_cloudwatch_log_group_arn
+}
+
+# Deployment package
+output "local_filename" {
+  description = "The filename of zip archive deployed (if deployment was from local)"
+  value       = module.lambda_function.local_filename
+}
+
+output "s3_object" {
+  description = "The map with S3 object data of zip archive deployed (if deployment was from S3)"
+  value       = module.lambda_function.s3_object
+}