Merge pull request #2799 from kakakakakku/apigw-lambda-dynamodb-terraform

bfreiberg · web-flow · commit 9d31f9dd502c · 2025-09-12T13:21:15.000+02:00
apigw-lambda-dynamodb-terraform: Update runtime to python3.13
diff --git a/apigw-lambda-dynamodb-terraform/.gitignore b/apigw-lambda-dynamodb-terraform/.gitignore
@@ -0,0 +1 @@
+src.zip
diff --git a/apigw-lambda-dynamodb-terraform/main.tf b/apigw-lambda-dynamodb-terraform/main.tf
@@ -2,7 +2,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = "~> 4.0.0"
+      version = "~> 5.0"
     }
     random = {
       source  = "hashicorp/random"
@@ -56,9 +56,13 @@ resource "aws_s3_bucket" "lambda_bucket" {
   force_destroy = true
 }
 
-resource "aws_s3_bucket_acl" "private_bucket" {
+resource "aws_s3_bucket_public_access_block" "private_bucket" {
   bucket = aws_s3_bucket.lambda_bucket.id
-  acl    = "private"
+
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
 }
 
 data "archive_file" "lambda_zip" {
@@ -85,7 +89,7 @@ resource "aws_lambda_function" "apigw_lambda_ddb" {
   s3_bucket = aws_s3_bucket.lambda_bucket.id
   s3_key    = aws_s3_object.this.key
 
-  runtime = "python3.8"
+  runtime = "python3.13"
   handler = "app.lambda_handler"
 
   source_code_hash = data.archive_file.lambda_zip.output_base64sha256
@@ -222,4 +226,4 @@ resource "aws_lambda_permission" "api_gw" {
   principal     = "apigateway.amazonaws.com"
 
   source_arn = "${aws_apigatewayv2_api.http_lambda.execution_arn}/*/*"
-}
+}
