From 4984d2b45c6baa99ce182b8ed8638e8aad355f70 Mon Sep 17 00:00:00 2001
From: david tjokroaminoto <david_tjokroaminoto@tech.gov.sg>
Date: Fri, 22 Nov 2024 11:26:12 +0800
Subject: [PATCH] chore: added lambda extra allowed triggers to allow other
 principal to execute this SNS topic

---
 main.tf      | 4 ++--
 variables.tf | 6 ++++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/main.tf b/main.tf
index 5cce7bb..fc7a0ba 100644
--- a/main.tf
+++ b/main.tf
@@ -141,12 +141,12 @@ module "lambda" {
   dead_letter_target_arn    = var.lambda_dead_letter_target_arn
   attach_dead_letter_policy = var.lambda_attach_dead_letter_policy
 
-  allowed_triggers = {
+  allowed_triggers = merge({
     AllowExecutionFromSNS = {
       principal  = "sns.amazonaws.com"
       source_arn = local.sns_topic_arn
     }
-  }
+  }, var.lambda_extra_allowed_triggers)
 
   store_on_s3 = var.lambda_function_store_on_s3
   s3_bucket   = var.lambda_function_s3_bucket
diff --git a/variables.tf b/variables.tf
index 57922dc..b8545dd 100644
--- a/variables.tf
+++ b/variables.tf
@@ -264,6 +264,12 @@ variable "lambda_function_ephemeral_storage_size" {
   default     = 512
 }
 
+variable "lambda_extra_allowed_triggers" {
+  description = "To allow other resources to trigger this lambda"
+  type        = map(any)
+  default     = {}
+}
+
 variable "sns_topic_tags" {
   description = "Additional tags for the SNS topic"
   type        = map(string)