Encrypt Lambda source code using `aws_lambda_function`

david.gard · January 21, 2025, 5:10pm

I am deploying a Lambda Function using Terraform, but I can’t find a way to encrypt the source code. Is this possible using Terraform, or will I instead have to use CloudFormation?

AWS provide the SourceKMSKeyArn property for the CloudFormation resource AWS::Lambda::Function Code object, but I can’t find any equivilent for the Terraform aws_lambda_function resource.

The only KMS argument that appears to exist is kms_key_arn which mirrors the CloudFormation property KmsKeyArn, and this is used to encrypt environment variables rather that the source code.

Hopefully I’m missing something and this is entirely possible?

Thanks

mashihimasha · March 19, 2025, 10:03am

I got the same issue while trying to encrypt the lambda code. It seems they have not yet added a feature in terraform to encrypt lambda code using cmk. Did you find any solution for this ?

system · September 15, 2025, 10:03am

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to encrypt lambda environment with KMS AWS	0	1305	April 22, 2022
Encrypt CloudWatch loggroup using CMK Terraform Providers	0	55	January 13, 2025
Lambda source_code_hash Terraform	0	1002	October 7, 2021
Advanced logging controls for AWS Lambda functions Terraform Providers	0	305	December 14, 2023
Use Terraform to create lambda function and serverless to deploy code Terraform	1	653	January 9, 2020

Encrypt Lambda source code using `aws_lambda_function`

Related topics