Creates an AWS Lambda function to update Trusted Advisor on a scheduled interval using truss-aws-tools.
Creates the following resources:
- IAM role for Lambda function to access Trusted Advisor.
- CloudWatch Event to trigger function on a schedule.
- AWS Lambda function to actually call Trusted Advisor APIs.
module "trusted-advisor-refresh" {
source = "trussworks/trusted-advisor-refresh/aws"
version = "1.0.0"
environment = "prod"
interval_minutes = "5"
s3_bucket = "lambda-builds-us-east-1"
version_to_deploy = "1.0"
}| Name | Version |
|---|---|
| terraform | >= 1.0 |
| aws | >= 3.0 |
| Name | Version |
|---|---|
| aws | >= 3.0 |
No modules.
| Name | Type |
|---|---|
| aws_cloudwatch_event_rule.main | resource |
| aws_cloudwatch_event_target.main | resource |
| aws_cloudwatch_log_group.main | resource |
| aws_iam_role.main | resource |
| aws_iam_role_policy.main | resource |
| aws_lambda_function.main | resource |
| aws_lambda_permission.main | resource |
| aws_caller_identity.current | data source |
| aws_iam_policy_document.assume_role | data source |
| aws_iam_policy_document.main | data source |
| aws_partition.current | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cloudwatch_encryption_key_arn | The arn of the encryption key to be used for the cloudwatch logs | string |
"" |
no |
| cloudwatch_logs_retention_days | Number of days to keep logs in AWS CloudWatch. | string |
90 |
no |
| environment | Environment tag, e.g prod. | any |
n/a | yes |
| interval_minutes | How often to update Trusted Advisor. | string |
60 |
no |
| s3_bucket | The name of the S3 bucket used to store the Lambda builds. | string |
n/a | yes |
| version_to_deploy | The version the Lambda function to deploy. | string |
n/a | yes |
No outputs.