Lambda Execution Role

Step 1: Define Trust Policy

data "aws_iam_policy_document" "lambda_assume" {
  statement {
    actions = ["sts:AssumeRole"]
    principals {
      type        = "Service"
      identifiers = ["lambda.amazonaws.com"]
    }
  }
}

Step 2: Create the Role

module "lambda_role" {
  source  = "registry.patterneddesigns.ca/patterneddesigns/iam-role/aws"
  version = "2.0.0"

  name               = "lambda-execution-role"
  assume_role_policy = data.aws_iam_policy_document.lambda_assume.json
  managed_policy_arns = [
    "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
  ]
}

Step 3: Verify the Role

Check the role was created with the correct permissions in the AWS Console.