Try SpotterManage AWS Lambda functions
| "added in version" 1.0.0 of community.aws"
Authors: Steyn Huizinga (@steynovich)
Install with ansible-galaxy collection install community.aws:==3.4.0
collections:
- name: community.aws
version: 3.4.0Allows for the management of Lambda functions.
# Create Lambda functions
- name: looped creation
community.aws.lambda:
name: '{{ item.name }}'
state: present
zip_file: '{{ item.zip_file }}'
runtime: 'python2.7'
role: 'arn:aws:iam::987654321012:role/lambda_basic_execution'
handler: 'hello_python.my_handler'
vpc_subnet_ids:
- subnet-123abcde
- subnet-edcba321
vpc_security_group_ids:
- sg-123abcde
- sg-edcba321
environment_variables: '{{ item.env_vars }}'
tags:
key1: 'value1'
loop:
- name: HelloWorld
zip_file: hello-code.zip
env_vars:
key1: "first"
key2: "second"
- name: ByeBye
zip_file: bye-code.zip
env_vars:
key1: "1"
key2: "2"
# To remove previously added tags pass an empty dict
- name: remove tags
community.aws.lambda:
name: 'Lambda function'
state: present
zip_file: 'code.zip'
runtime: 'python2.7'
role: 'arn:aws:iam::987654321012:role/lambda_basic_execution'
handler: 'hello_python.my_handler'
tags: {}
# Basic Lambda function deletion
- name: Delete Lambda functions HelloWorld and ByeBye
community.aws.lambda:
name: '{{ item }}'
state: absent
loop:
- HelloWorld
- ByeBye
name:
description:
- The name you want to assign to the function you are uploading. Cannot be changed.
required: true
type: str
role:
description:
- The Amazon Resource Name (ARN) of the IAM role that Lambda assumes when it executes
your function to access any other Amazon Web Services (AWS) resources. You may use
the bare ARN if the role belongs to the same AWS account.
- Required when I(state=present).
type: str
tags:
description:
- Tag dict to apply to the function.
type: dict
state:
choices:
- present
- absent
default: present
description:
- Create or delete Lambda function.
type: str
region:
aliases:
- aws_region
- ec2_region
description:
- The AWS region to use. If not specified then the value of the AWS_REGION or EC2_REGION
environment variable, if any, is used. See U(http://docs.aws.amazon.com/general/latest/gr/rande.html#ec2_region)
type: str
s3_key:
description:
- The Amazon S3 object (the deployment package) key name you want to upload.
- I(s3_bucket) and I(s3_key) are required together.
type: str
ec2_url:
aliases:
- aws_endpoint_url
- endpoint_url
description:
- URL to use to connect to EC2 or your Eucalyptus cloud (by default the module will
use EC2 endpoints). Ignored for modules where region is required. Must be specified
for all other modules if region is not used. If not set then the value of the EC2_URL
environment variable, if any, is used.
type: str
handler:
description:
- The function within your code that Lambda calls to begin execution.
type: str
profile:
aliases:
- aws_profile
description:
- Using I(profile) will override I(aws_access_key), I(aws_secret_key) and I(security_token)
and support for passing them at the same time as I(profile) has been deprecated.
- I(aws_access_key), I(aws_secret_key) and I(security_token) will be made mutually
exclusive with I(profile) after 2022-06-01.
type: str
runtime:
description:
- The runtime environment for the Lambda function you are uploading.
- Required when creating a function. Uses parameters as described in boto3 docs.
- Required when I(state=present).
- For supported list of runtimes, see U(https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).
type: str
timeout:
default: 3
description:
- The function maximum execution time in seconds after which Lambda should terminate
the function.
type: int
zip_file:
aliases:
- src
description:
- A .zip file containing your deployment package
- If I(state=present) then either I(zip_file) or I(s3_bucket) must be present.
type: str
s3_bucket:
description:
- Amazon S3 bucket name where the .zip file containing your deployment package is
stored.
- If I(state=present) then either I(zip_file) or I(s3_bucket) must be present.
- I(s3_bucket) and I(s3_key) are required together.
type: str
aws_config:
description:
- A dictionary to modify the botocore configuration.
- Parameters can be found at U(https://botocore.amazonaws.com/v1/documentation/api/latest/reference/config.html#botocore.config.Config).
- Only the 'user_agent' key is used for boto modules. See U(http://boto.cloudhackers.com/en/latest/boto_config_tut.html#boto)
for more boto configuration.
type: dict
description:
description:
- A short, user-defined function description. Lambda does not use this value. Assign
a meaningful description as you see fit.
type: str
kms_key_arn:
description:
- The KMS key ARN used to encrypt the function's environment variables.
type: str
version_added: 3.3.0
version_added_collection: community.aws
memory_size:
default: 128
description:
- The amount of memory, in MB, your Lambda function is given.
type: int
tracing_mode:
choices:
- Active
- PassThrough
description:
- Set mode to 'Active' to sample and trace incoming requests with AWS X-Ray. Turned
off (set to 'PassThrough') by default.
type: str
aws_ca_bundle:
description:
- The location of a CA Bundle to use when validating SSL certificates.
- Not used by boto 2 based modules.
- 'Note: The CA Bundle is read ''module'' side and may need to be explicitly copied
from the controller if not run locally.'
type: path
aws_access_key:
aliases:
- ec2_access_key
- access_key
description:
- C(AWS access key). If not set then the value of the C(AWS_ACCESS_KEY_ID), C(AWS_ACCESS_KEY)
or C(EC2_ACCESS_KEY) environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(aws_access_key) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
aws_secret_key:
aliases:
- ec2_secret_key
- secret_key
description:
- C(AWS secret key). If not set then the value of the C(AWS_SECRET_ACCESS_KEY), C(AWS_SECRET_KEY),
or C(EC2_SECRET_KEY) environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(aws_secret_key) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
security_token:
aliases:
- aws_security_token
- access_token
description:
- C(AWS STS security token). If not set then the value of the C(AWS_SECURITY_TOKEN)
or C(EC2_SECURITY_TOKEN) environment variable is used.
- If I(profile) is set this parameter is ignored.
- Passing the I(security_token) and I(profile) options at the same time has been deprecated
and the options will be made mutually exclusive after 2022-06-01.
type: str
validate_certs:
default: true
description:
- When set to "no", SSL certificates will not be validated for communication with
the AWS APIs.
type: bool
vpc_subnet_ids:
description:
- List of subnet IDs to run Lambda function in.
- Use this option if you need to access resources in your VPC. Leave empty if you
don't want to run the function in a VPC.
- If set, I(vpc_security_group_ids) must also be set.
elements: str
type: list
dead_letter_arn:
description:
- The parent object that contains the target Amazon Resource Name (ARN) of an Amazon
SQS queue or Amazon SNS topic.
type: str
s3_object_version:
description:
- The Amazon S3 object (the deployment package) version you want to upload.
type: str
environment_variables:
description:
- A dictionary of environment variables the Lambda function is given.
type: dict
vpc_security_group_ids:
description:
- List of VPC security group IDs to associate with the Lambda function.
- Required when I(vpc_subnet_ids) is used.
elements: str
type: list
debug_botocore_endpoint_logs:
default: 'no'
description:
- Use a botocore.endpoint logger to parse the unique (rather than total) "resource:action"
API calls made during a task, outputing the set to the resource_actions key in the
task results. Use the aws_resource_action callback to output to total list made
during a playbook. The ANSIBLE_DEBUG_BOTOCORE_LOGS environment variable may also
be used.
type: bool
code:
contains:
location:
description:
- The presigned URL you can use to download the function's .zip file that you
previously uploaded.
- The URL is valid for up to 10 minutes.
returned: success
sample: https://prod-04-2014-tasks.s3.us-east-1.amazonaws.com/snapshots/sample
type: str
repository_type:
description: The repository from which you can download the function.
returned: success
sample: S3
type: str
description: The lambda function's code returned by get_function in boto3.
returned: success
type: dict
configuration:
contains:
code_sha256:
description: The SHA256 hash of the function's deployment package.
returned: success
sample: zOAGfF5JLFuzZoSNirUtOrQp+S341IOA3BcoXXoaIaU=
type: str
code_size:
description: The size of the function's deployment package in bytes.
returned: success
sample: 123
type: int
dead_letter_config:
contains:
target_arn:
description: The ARN of an SQS queue or SNS topic.
returned: when the function has a dead letter queue configured
sample: arn:aws:lambda:us-east-1:123456789012:function:myFunction:1
type: str
description: The function's dead letter queue.
returned: when the function has a dead letter queue configured
sample:
target_arn: arn:aws:lambda:us-east-1:123456789012:function:myFunction:1
type: dict
description:
description: The function's description.
returned: success
sample: My function
type: str
environment:
contains:
error:
contains:
error_code:
description: The error code.
returned: when there is an error applying environment variables
type: str
message:
description: The error message.
returned: when there is an error applying environment variables
type: str
description: Error message for environment variables that could not be applied.
returned: when there is an error applying environment variables
type: dict
variables:
description: Environment variable key-value pairs.
returned: when environment variables exist
sample:
key: value
type: dict
description: The function's environment variables.
returned: when environment variables exist
type: dict
function_arn:
description: The function's Amazon Resource Name (ARN).
returned: on success
sample: arn:aws:lambda:us-east-1:123456789012:function:myFunction:1
type: str
function_name:
description: The function's name.
returned: on success
sample: myFunction
type: str
handler:
description: The function Lambda calls to begin executing your function.
returned: on success
sample: index.handler
type: str
last_modified:
description: The date and time that the function was last updated, in ISO-8601
format (YYYY-MM-DDThh:mm:ssTZD).
returned: on success
sample: 2017-08-01T00:00:00.000+0000
type: str
memory_size:
description: The memory allocated to the function.
returned: on success
sample: 128
type: int
revision_id:
description: The latest updated revision of the function or alias.
returned: on success
sample: a2x9886d-d48a-4a0c-ab64-82abc005x80c
type: str
role:
description: The function's execution role.
returned: on success
sample: arn:aws:iam::123456789012:role/lambda_basic_execution
type: str
runtime:
description: The funtime environment for the Lambda function.
returned: on success
sample: nodejs6.10
type: str
timeout:
description: The amount of time that Lambda allows a function to run before
terminating it.
returned: on success
sample: 3
type: int
tracing_config:
contains:
mode:
description: The tracing mode.
returned: on success
sample: Active
type: str
description: The function's AWS X-Ray tracing configuration.
returned: on success
sample:
mode: Active
type: dict
version:
description: The version of the Lambda function.
returned: on success
sample: '1'
type: str
vpc_config:
description: The function's networking configuration.
returned: on success
sample:
security_group_ids: []
subnet_ids: []
vpc_id: '123'
type: dict
description: the lambda function's configuration metadata returned by get_function
in boto3
returned: success
type: dict