Terraform: How to trigger a Lambda function on resource creation

Updated: February 4, 2024 By: Guest Contributor Post a comment


Integrating AWS Lambda with Terraform can lead to efficient and scalable cloud infrastructure, managing resources and executing serverless operations effectively. This tutorial dives into the specifics of triggering an AWS Lambda function upon the creation of a resource using Terraform, allowing for automated workflows and operations in response to changes in your infrastructure.


  • AWS Account: An active AWS account is required.
  • Terraform Installed: Ensure Terraform is installed and configured on your machine.
  • Basic Knowledge: Familiarity with AWS Lambda and Terraform is helpful.

Step 1: Setting up AWS Lambda

Let’s start by setting up the AWS Lambda function that you want to trigger.

resource "aws_lambda_function" "example" {
  function_name = "exampleFunction"
  filename         = "path/to/your/lambda/deployment/package.zip"
  source_code_hash = filebase64sha256("path/to/your/lambda/deployment/package.zip")
  handler          = "index.handler"
  runtime          = "nodejs12.x"
  role             = aws_iam_role.lambda_exec.arn

Create an IAM role with the necessary permissions for your Lambda function to execute. Here’s an example:

resource "aws_iam_role" "lambda_exec" {
  name = "lambda_execution_role"
  assume_role_policy = <

Step 2: Configuring the Trigger with Terraform

To configure Terraform to trigger the Lambda function upon a specific event, such as the creation of a new AWS resource, you utilize the aws_lambda_permission resource and a Custom Resource implemented through AWS CloudFormation, initiated by Terraform.

This permits the Lambda function to be invoked by an AWS service or resource directly. For example, to have Lambda be triggered on creation of an S3 bucket:

resource "aws_lambda_permission" "example_lambda_permission" {
  statement_id  = "AllowExecutionFromS3"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.example.function_name
  principal     = "s3.amazonaws.com"
  source_arn    = "arn:aws:s3:::${aws_s3_bucket.example.bucket}"

Next, define a custom resource that will act as the trigger:

resource "aws_cloudformation_stack" "s3_notification" {
  name = "S3NotificationToLambda"
  template_body = <<TEMPLATE
  "Resources": {
    "CustomResource": {
      "Type": "Custom::TestResource",
      "Properties": {
        "ServiceToken": aws_lambda_function.example.arn,

Step 3: Terraform Apply

With configurations set, apply your Terraform plan to provision the resources and set up the trigger:

terraform apply

This command creates the specified AWS Lambda function and configures it to be triggered under the defined condition. Make sure you review the proposed changes before applying them.

Testing Your Setup

Once everything is deployed, you can test the trigger by creating the source resource (e.g., an S3 bucket). If the setup is correct, creating the bucket should automatically call the Lambda function.

Remember, this tutorial only covers a specific scenario. AWS Lambda and Terraform can interact in many ways, depending on your requirements. Experiment with different resources and triggers to best meet your needs.


Integrating Terraform and AWS Lambda enables powerful, automated serverless architectures. Using Terraform to trigger Lambda functions adds a layer of dynamism to your cloud infrastructure, allowing for automatic execution of functions in response to events. With the steps outlined in this tutorial, you’re well on your way to leveraging this capability in your AWS environment.

Exploring further will reveal even greater potentials for automation and efficiency in your cloud operations. Happy codings!