From 73de947317a79b35069c7371b88d8a0afec72b1e Mon Sep 17 00:00:00 2001 From: Jack Plowman Date: Fri, 20 Oct 2023 13:50:13 +0100 Subject: [PATCH] Use KMS Arn for lambda environment variables --- infrastructure/stacks/application/lambda.tf | 98 ++++++++++----------- 1 file changed, 49 insertions(+), 49 deletions(-) diff --git a/infrastructure/stacks/application/lambda.tf b/infrastructure/stacks/application/lambda.tf index 516a4edb3..0935230f4 100644 --- a/infrastructure/stacks/application/lambda.tf +++ b/infrastructure/stacks/application/lambda.tf @@ -5,13 +5,13 @@ module "change_event_dlq_handler_lambda" { function_name = var.change_event_dlq_handler_lambda description = "Change Event DLQ Handler lambda" - create_package = false - image_uri = "${var.docker_registry}/${var.change_event_dlq_handler}:${var.change_event_dlq_handler_version}" - package_type = "Image" - timeout = 30 - memory_size = 128 - architectures = ["arm64"] - # kms_key_arn = data.aws_kms_key.signing_key.arn + create_package = false + image_uri = "${var.docker_registry}/${var.change_event_dlq_handler}:${var.change_event_dlq_handler_version}" + package_type = "Image" + timeout = 30 + memory_size = 128 + architectures = ["arm64"] + kms_key_arn = data.aws_kms_key.signing_key.arn tracing_mode = "Active" maximum_retry_attempts = 0 @@ -42,13 +42,13 @@ module "dos_db_handler_lambda" { function_name = var.dos_db_handler_lambda description = "DoS DB Handler lambda" - create_package = false - image_uri = "${var.docker_registry}/${var.dos_db_handler}:${var.dos_db_handler_version}" - package_type = "Image" - timeout = 30 - memory_size = 128 - architectures = ["arm64"] - # kms_key_arn = data.aws_kms_key.signing_key.arn + create_package = false + image_uri = "${var.docker_registry}/${var.dos_db_handler}:${var.dos_db_handler_version}" + package_type = "Image" + timeout = 30 + memory_size = 128 + architectures = ["arm64"] + kms_key_arn = data.aws_kms_key.signing_key.arn tracing_mode = "Active" maximum_retry_attempts = 0 @@ -94,13 +94,13 @@ module "dos_db_update_dlq_handler_lambda" { function_name = var.dos_db_update_dlq_handler_lambda description = "Change Event DLQ Handler lambda" - create_package = false - image_uri = "${var.docker_registry}/${var.dos_db_update_dlq_handler}:${var.change_event_dlq_handler_version}" - package_type = "Image" - timeout = 30 - memory_size = 128 - architectures = ["arm64"] - # kms_key_arn = data.aws_kms_key.signing_key.arn + create_package = false + image_uri = "${var.docker_registry}/${var.dos_db_update_dlq_handler}:${var.change_event_dlq_handler_version}" + package_type = "Image" + timeout = 30 + memory_size = 128 + architectures = ["arm64"] + kms_key_arn = data.aws_kms_key.signing_key.arn tracing_mode = "Active" maximum_retry_attempts = 0 @@ -130,13 +130,13 @@ module "event_replay_lambda" { function_name = var.event_replay_lambda description = "Event Replay lambda" - create_package = false - image_uri = "${var.docker_registry}/${var.event_replay}:${var.event_replay_version}" - package_type = "Image" - timeout = 30 - memory_size = 128 - architectures = ["arm64"] - # kms_key_arn = data.aws_kms_key.signing_key.arn + create_package = false + image_uri = "${var.docker_registry}/${var.event_replay}:${var.event_replay_version}" + package_type = "Image" + timeout = 30 + memory_size = 128 + architectures = ["arm64"] + kms_key_arn = data.aws_kms_key.signing_key.arn tracing_mode = "Active" maximum_retry_attempts = 0 @@ -169,13 +169,13 @@ module "ingest_change_event_lambda" { function_name = var.ingest_change_event_lambda description = "Ingest Change Event lambda" - create_package = false - image_uri = "${var.docker_registry}/${var.ingest_change_event}:${var.ingest_change_event_version}" - package_type = "Image" - timeout = 30 - memory_size = 128 - architectures = ["arm64"] - # kms_key_arn = data.aws_kms_key.signing_key.arn + create_package = false + image_uri = "${var.docker_registry}/${var.ingest_change_event}:${var.ingest_change_event_version}" + package_type = "Image" + timeout = 30 + memory_size = 128 + architectures = ["arm64"] + kms_key_arn = data.aws_kms_key.signing_key.arn tracing_mode = "Active" maximum_retry_attempts = 0 @@ -207,13 +207,13 @@ module "send_email_lambda" { function_name = var.send_email_lambda description = "Send Email lambda" - create_package = false - image_uri = "${var.docker_registry}/${var.send_email}:${var.send_email_version}" - package_type = "Image" - timeout = 30 - memory_size = 128 - architectures = ["arm64"] - # kms_key_arn = data.aws_kms_key.signing_key.arn + create_package = false + image_uri = "${var.docker_registry}/${var.send_email}:${var.send_email_version}" + package_type = "Image" + timeout = 30 + memory_size = 128 + architectures = ["arm64"] + kms_key_arn = data.aws_kms_key.signing_key.arn tracing_mode = "Active" maximum_retry_attempts = 2 @@ -393,13 +393,13 @@ module "quality_checker_lambda" { function_name = var.quality_checker_lambda description = "Quality Checker lambda" - create_package = false - image_uri = "${var.docker_registry}/${var.quality_checker}:${var.quality_checker_version}" - package_type = "Image" - timeout = 900 - memory_size = 512 - architectures = ["arm64"] - # kms_key_arn = data.aws_kms_key.signing_key.arn + create_package = false + image_uri = "${var.docker_registry}/${var.quality_checker}:${var.quality_checker_version}" + package_type = "Image" + timeout = 900 + memory_size = 512 + architectures = ["arm64"] + kms_key_arn = data.aws_kms_key.signing_key.arn tracing_mode = "Active" maximum_retry_attempts = 0