https://github.com/psypherpunk/tf-aws-lambda-exec-wrapper

Terraform to deploy an AWS Lambda layer containing aws-lambda-secrets-wrapper-rs.
https://github.com/psypherpunk/tf-aws-lambda-exec-wrapper

Last synced: 4 months ago
JSON representation

Terraform to deploy an AWS Lambda layer containing aws-lambda-secrets-wrapper-rs.

• Host: GitHub
• URL: https://github.com/psypherpunk/tf-aws-lambda-exec-wrapper
• Owner: PsypherPunk
• License: apache-2.0
• Created: 2022-08-22T15:20:37.000Z (almost 4 years ago)
• Default Branch: main
• Last Pushed: 2022-08-22T17:55:57.000Z (almost 4 years ago)
• Last Synced: 2025-09-03T08:15:15.892Z (10 months ago)
• Language: HCL
• Size: 13.7 KB
• Stars: 0
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# `tf-aws-lambda-exec-wrapper`

Deploys an AWS Lambda layer containing

[`aws-lambda-secrets-wrapper-rs`](https://github.com/PsypherPunk/aws-lambda-secrets-wrapper-rs).

See that repo. for more details but fundamentally this allows the ARN of an

AWS Secrets Manager secret to be passed to an AWS Lambda, having the ARN

resolved to the actual Secret value and passed into the AWS Lambda as an

environment variable:

```hcl

module "lambda_exec_wrapper" {

  source = "github.com/psypherpunk/tf-aws-lambda-exec-wrapper"

  lambda_exec_wrapper_version = "0.2.3"

}

resource "aws_lambda_function" "this" {

  layers = [

    module.lambda_exec_wrapper.lambda_exec_wrapper_layer_arn

  ]

  environment {

    variables = {

      AWS_LAMBDA_EXEC_WRAPPER      = "/opt/secrets-wrapper"

      DATABASE_PASSWORD_SECRET_ARN = "arn:aws:secretsmanager:…:…:secret:…"  # pragma: allowlist secret

    }

  }

}

```

## Requirements

No requirements.

## Providers

| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | n/a |

|  [null](#provider\_null) | n/a |

## Modules

No modules.

## Resources

| Name | Type |

|------|------|

| [aws_lambda_layer_version.lambda_exec_wrapper](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_layer_version) | resource |

| [null_resource.lambda_exec_wrapper](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [lambda\_exec\_wrapper\_version](#input\_lambda\_exec\_wrapper\_version) | Semantic version of the AWS Lambda wrapper to be included. | `string` | n/a | yes |

|  [tags](#input\_tags) | Tags to be included with all appropriate resources. | `map(string)` | `{}` | no |

## Outputs

| Name | Description |

|------|-------------|

|  [lambda\_exec\_wrapper\_layer\_arn](#output\_lambda\_exec\_wrapper\_layer\_arn) | ARN of the AWS Lambda Layer containing the wrapper script. |