<!-- This readme file is generated with terraform-docs -->
## Example

```hcl
module "TrustedAccess" {
  source    = "../"
  role_name = "TrustedAccess"
}
```

# LambdaAccessKey

Module to create a lambda function, which assumes to a certain role and
get temporary access credentials. The lambda function url is protected
by cloudfront and origin access control. Credentials are encrypted. Once
resources are deployed, run client.py to send http request and decrypt
the response

Cloudfront fixed-rate pricing cannot be controlled by terraform or awscli
at time of writing. Change to the free plan on aws console.

To destroy the cloudfront distribution, you need to cancel the fixed rate plan

## Requirements

No requirements.

## Providers

| Name | Version |
| ---- | ------- |
| archive | n/a |
| aws | n/a |
| local | n/a |
| random | n/a |

## Modules

| Name | Source | Version |
| ---- | ------ | ------- |
| LambdaExecRole | ../iam-role-v2 | n/a |
| TargetIam | ../iam-role-v2 | n/a |

## Resources

| Name | Type |
| ---- | ---- |
| [aws_cloudfront_distribution.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution) | resource |
| [aws_cloudfront_origin_access_control.CloudfrontOac](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_origin_access_control) | resource |
| [aws_iam_policy.LamdaExecRole](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
| [aws_lambda_function.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
| [aws_lambda_function_url.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_url) | resource |
| [aws_lambda_permission.AllowCloudFrontServicePrincipal](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
| [aws_lambda_permission.AllowCloudFrontServicePrincipalInvokeFunction](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
| [local_file.FunctionCode](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
| [local_file.client](https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file) | resource |
| [random_password.this](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
| [random_uuid.ExternalId](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/uuid) | resource |
| [archive_file.LambdaZip](https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/file) | data source |
| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
| [aws_cloudfront_cache_policy.NoCache](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_cache_policy) | data source |
| [aws_cloudfront_origin_request_policy.AllButHost](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/cloudfront_origin_request_policy) | data source |

## Inputs

| Name | Description | Type | Default | Required |
| ---- | ----------- | ---- | ------- | :------: |
| role\_name | Name of target role | `string` | n/a | yes |

## Outputs

| Name | Description |
| ---- | ----------- |
| CloudFrontDist | n/a |
| LambdaFunctionArn | n/a |
| TargetRole | n/a |
 
---
## Authorship
This module was developed by UPDATE_THIS.