hervekhg/lambda.tf

## lambda.tf
resource "aws_lambda_layer_version" "dep" {
  layer_name = "force_bucket_encryption"
  s3_bucket  = var.lambda_s3_bucket
  s3_key     = "force_bucket_encryption/lib.zip"

  compatible_runtimes = ["python3.6"]
}

resource "aws_lambda_function" "force_bucket_encryption" {
  s3_bucket     = var.lambda_s3_bucket
  s3_key        = "force_bucket_encryption/lambdacode.zip"
  function_name = "force_bucket_encryption"
  role          = aws_iam_role.force_bucket_encryption.arn
  handler       = "force_bucket_encryption.lambda_handler"
  runtime       = "python3.6"
  memory_size   = 128
  timeout       = 300

  layers = [
    aws_lambda_layer_version.dep.arn,
  ]
  environment{
    variables = {
      KMSMasterKeyID = var.kms_key_id
    }
  }
}

resource "aws_iam_role" "force_bucket_encryption" {
  name        = "lambda_force_bucket_encryption"
  assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json
}
	resource "aws_lambda_layer_version" "dep" {
	layer_name = "force_bucket_encryption"
	s3_bucket = var.lambda_s3_bucket
	s3_key = "force_bucket_encryption/lib.zip"

	compatible_runtimes = ["python3.6"]
	}

	resource "aws_lambda_function" "force_bucket_encryption" {
	s3_bucket = var.lambda_s3_bucket
	s3_key = "force_bucket_encryption/lambdacode.zip"
	function_name = "force_bucket_encryption"
	role = aws_iam_role.force_bucket_encryption.arn
	handler = "force_bucket_encryption.lambda_handler"
	runtime = "python3.6"
	memory_size = 128
	timeout = 300

	layers = [
	aws_lambda_layer_version.dep.arn,
	]
	environment{
	variables = {
	KMSMasterKeyID = var.kms_key_id
	}
	}
	}

	resource "aws_iam_role" "force_bucket_encryption" {
	name = "lambda_force_bucket_encryption"
	assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json
	}