Hello ,
I have workspace with below script -
IAM POLICY FOR EC2
resource "aws_iam_policy" "lambda_stop_start_policy" {
provider = aws.Ireland
name = "Lambda_stop_start"
description = "Policy for EC2"
policy = jsonencode({
Version = "2012-10-17",
Statement = [
{
Effect = "Allow",
Action = [
"ec2:StartInstances",
"ec2:StopInstances",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
Resource = "*"
}
]
})
}
##IAM ROLE FOR EC2 ###
resource "aws_iam_role" "lambda_execution_role" {
provider = aws.Ireland
name = "Lambda_stop_start"
assume_role_policy = jsonencode({
Version = "2012-10-17",
Statement = [
{
Effect = "Allow",
Principal = {
Service = "lambda.amazonaws.com"
},
Action = "sts:AssumeRole"
}
]
})
}
#Attach policy for IAM role- lambda_execution_role
resource "aws_iam_role_policy_attachment" "lambda_execution_role_policy_attachment" {
provider = aws.Ireland
role = aws_iam_role.lambda_execution_role.name
policy_arn = aws_iam_policy.lambda_stop_start_policy.arn
}
Here the OUTPUT IAM role lambda_execution_role ARN in same workspace —
output "lambda-execution-role-arn" {
value = aws_iam_role.lambda_execution_role.arn
description = "role name of lambda_execution_role"
}
& LAMBDA in INFRA WORKSPACE —
LAMBDA lambdaforec2
resource "aws_lambda_function" "lambdaforec2" {
provider = aws.Ireland
function_name = "lambdaforec2"
role = "${data.tfe_outputs.security.lambda-execution-role-arn}"
runtime = "python3.8"
handler = "lambdaforec2.handler"
filename = "lambdaforec2.zip" # Replace with your Lambda code
source_code_hash = filebase64sha256("lambdaforec2.zip")
}
here the error :
How to define roles in LAMBDA here? did both ways by adding roles in this workspace, but unable to resolve.
role = "${data.tfe_outputs.security.lambda-execution-role-arn}"
role = data.tfe_outputs.security.lambda-execution-role-arn