Added Lambda Skeleton

master.tf

@@ -33,10 +33,10 @@ resource "aws_s3_bucket_ownership_controls" "s3_standout_ownership" {
 resource "aws_s3_bucket_public_access_block" "s3_standout_public_access" {
   bucket = aws_s3_bucket.s3_standout.id
 
-  block_public_acls       = false
-  block_public_policy     = false
-  ignore_public_acls      = false
-  restrict_public_buckets = false
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
 }
 
 resource "aws_s3_bucket_acl" "s3_standout_public_acl" {
@@ -75,5 +75,48 @@ data "aws_iam_policy_document" "s3_standout_allow_lambda" {
 
 # create a redirect lambda function
 
+data "aws_iam_policy_document" "lambda_role" {
+  statement {
+    effect = "Allow"
+
+    principals {
+      type        = "Service"
+      identifiers = ["lambda.amazonaws.com"]
+    }
+
+    actions = ["sts:AssumeRole"]
+  }
+}
+
+resource "aws_iam_role" "iam_for_lambda" {
+  name               = "iam_for_lambda"
+  assume_role_policy = data.aws_iam_policy_document.lambda_role.json
+}
+
+data "archive_file" "lambda_standout_code" {
+  type        = "zip"
+  source_file = "./lambda_redirect/lambda_redirect.py"
+  output_path = "standout_lambda_function.zip"
+}
+
+resource "aws_lambda_function" "lambda_standout_redirect" {
+  # If the file is not in the current working directory you will need to include a
+  # path.module in the filename.
+  filename      = "standout_lambda_function.zip"
+  function_name = "standout-redirect"
+  role          = aws_iam_role.iam_for_lambda.arn
+  handler       = "lambda_handler"
+
+  source_code_hash = data.archive_file.lambda_standout_code.output_base64sha256
+
+  runtime = "python3.10"
+
+  #environment {
+  #  variables = {
+  #    foo = "bar"
+  #  }
+  #}
+}
+
 # create a route 53 configuration