I am using teraform-aws-lambda module and terraform-aws-iam module, follwing these examples, however i have getting validation exception error (output below)
https://github.com/terraform-aws-modules/terraform-aws-lambda/tree/master/examples/simple https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/examples/iam-assumable-role
resource "random_pet" "this" {
length = 2
}
module "lambda_function" {
source = "../../modules/terraform-aws-lambda"
publish = true
# function_name = "${random_pet.this.id}-copyAMI"
function_name = "Test-copyAMI"
handler = "index.lambda_handler"
runtime = "python3.8"
create_role = false
lambda_role = module.iam_assumable_role_custom.iam_role_name
attach_policy = true
policy = module.iam_policy.arn
timeout = 600
source_path = [
"${path.module}/../../src/copy_ami.py",
]
}
provider "aws" {
region = "eu-west-1"
}
module "iam_assumable_role_custom" {
source = "../../modules/iam-assumable-role"
trusted_role_services = [
"lambda.amazonaws.com"
]
create_role = true
role_name = "LambdaFunction-1"
role_requires_mfa = false
custom_role_policy_arns = [
module.iam_policy.arn
]
role_permissions_boundary_arn = "arn:aws:iam::xxxxxxxxx:policy/BasePolicy"
}
module "iam_policy" {
source = "../../modules/iam-policy"
name = "LambdaFunction-1"
path = "/"
description = "AMI Copy IAM Policy"
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ec2:Describe*",
"ec2:ModifySnapshotAttribute",
"sts:*",
"ec2:CopyImage",
"ec2:ModifyImageAttribute"
],
"Resource": "*"
}
]
}
EOF
}
module.lambda_function.aws_lambda_function.this[0]: Creating...
╷
│ Error: error creating Lambda Function (1): ValidationException:
│ status code: 400, request id: ecf44929-bfa5-4058-89aa-f6ecdacf359e
│
│ with module.lambda_function.aws_lambda_function.this[0],
│ on ../../modules/terraform-aws-lambda/main.tf line 19, in resource "aws_lambda_function" "this":
│ 19: resource "aws_lambda_function" "this" {
│
