// the find
terraform-aws-modules/terraform-aws-lambda
Terraform module, which takes care of a lot of AWS Lambda/serverless tasks (build dependencies, packages, updates, deployments) in countless combinations 🇺🇦
A Terraform module that handles the full lifecycle of AWS Lambda functions and layers — building dependencies, packaging, deploying, and managing aliases and CodeDeploy rollouts. It's for teams that want to manage Lambda infrastructure in Terraform without wiring together a dozen separate resources by hand. The scope is genuinely wide: pip/npm/poetry/uv installs, Docker builds, S3-backed packages, VPC, EFS, provisioned concurrency, event source mappings, and CodeDeploy canary/rolling deployments are all covered.
The dependency build system (package.py) is the standout feature — it computes a content hash of your source, skips rebuilds when nothing changed, and handles pip/npm/poetry/uv installs locally or in Docker without you touching a Makefile. The CodeDeploy deploy submodule supports real canary and linear traffic shifting with automatic rollback hooks, which most teams cobble together manually. IAM policy attachment has six distinct modes (inline JSON, ARN list, policy_statements map, etc.), so you can match whatever your org's IAM conventions are without fighting the module. SAM CLI integration via sam_metadata null resources means local `sam local invoke` works against the same Terraform-managed function definition.
The packaging step relies on a Python script (package.py) invoked via null_resource, which means Python 3.6+ must be present on whatever machine runs terraform apply — this silently breaks on Terraform Cloud's default runners and the README buries the workaround. The concurrent-execution zip-corruption issue (two modules writing the same archive simultaneously) is real and the fix (hash_extra) is a footgun waiting to happen in monorepos. The module has so many input variables that choosing the right combination for a non-trivial setup requires reading the complete example rather than the variable descriptions — the conditional-creation flags alone (create, create_package, create_function, create_layer, create_role) interact in ways that aren't obvious from the README. There's no built-in support for Lambda response streaming, which is now widely used for web-facing functions and requires manual resource additions outside the module.