Encrypt Lambda source code using `aws_lambda_function`

david.gard · January 21, 2025, 5:10pm

I am deploying a Lambda Function using Terraform, but I can’t find a way to encrypt the source code. Is this possible using Terraform, or will I instead have to use CloudFormation?

AWS provide the SourceKMSKeyArn property for the CloudFormation resource AWS::Lambda::Function Code object, but I can’t find any equivilent for the Terraform aws_lambda_function resource.

The only KMS argument that appears to exist is kms_key_arn which mirrors the CloudFormation property KmsKeyArn, and this is used to encrypt environment variables rather that the source code.

Hopefully I’m missing something and this is entirely possible?

Thanks

mashihimasha · March 19, 2025, 10:03am

I got the same issue while trying to encrypt the lambda code. It seems they have not yet added a feature in terraform to encrypt lambda code using cmk. Did you find any solution for this ?

Topic		Replies	Views
How to encrypt lambda environment with KMS AWS	0	1250	April 22, 2022
Encrypt CloudWatch loggroup using CMK Terraform Providers	0	15	January 13, 2025
How to mark as sensitive external modifications? Terraform	2	1150	January 18, 2022
Lambda source_code_hash Terraform	0	867	October 7, 2021
S3 replication with encryption help Terraform	1	1394	March 16, 2021

Encrypt Lambda source code using `aws_lambda_function`

Related topics