How to add Account Condition to AWS Lambda Permissions in Terraform

Andrew • Dec 2, 2021 • AWS , Terraform

0 min read 102 words

If you need to lock an AWS Lambda function down to a source account for security reasons (PCI.Lambda.1) then you can do so by using the source_account option of the aws_lambda_permission Terraform resource type.

resource "aws_lambda_permission" "do_something_with_bucket" {
  statement_id   = "AllowExecutionFromS3Bucket"
  action         = "lambda:InvokeFunction"
  function_name  = module.do_something_with_bucket.arn
  principal      = "s3.amazonaws.com"
  source_arn     = var.source_bucket_arn
  source_account = var.account_id # <---------- here
}

We have stored the account_id in a variable so that it can be updated when we initialize our Terraform context:

<meta charset="utf-8">source_account = var.account_id

This will allow the Condition to be populated as below:

"Condition": {
  "StringEquals": {
    "AWS:SourceAccount": "xxxxxxxxxxxx"
  },
}

Tags: AWS Terraform

Andrew

Andrew is a visionary software engineer and DevOps expert with a proven track record of delivering cutting-edge solutions that drive innovation at Ataiva.com. As a leader on numerous high-profile projects, Andrew brings his exceptional technical expertise and collaborative leadership skills to the table, fostering a culture of agility and excellence within the team. With a passion for architecting scalable systems, automating workflows, and empowering teams, Andrew is a sought-after authority in the field of software development and DevOps.

How to add Account Condition to AWS Lambda Permissions in Terraform

Andrew

Tags

Recent Posts

AI Governance Frameworks: Building Responsible AI Systems

Microservices Monitoring Strategies: Observability in Distributed Systems

Rust's Standard Library: Essential Tools for Every Project

Quantum Computing in Distributed Systems: Preparing for the Quantum Future

Incident Management for SRE: Building Resilient Response Systems

Building Fault-Tolerant Distributed Systems: Strategies and Patterns

Macros in Rust: Metaprogramming Made Simple

Rust for Blockchain in 2025: Libraries, Tools, and Best Practices

API Security Best Practices: Protecting Your Digital Interfaces

Cloud Performance Tuning Tips: Optimizing for Speed, Scale, and Cost

Rust's Memory Safety Guarantees: How the Compiler Protects Your Code

LLM Production Deployment: Architectures, Strategies, and Best Practices

Rust for Robotics in 2025: Libraries, Tools, and Best Practices

Concurrency in Rust: Fearless Parallelism

Data Partitioning Strategies in Distributed Systems

Case Study: How We Cut Cloud Costs by 30% Without Sacrificing Performance

Lifetimes in Rust: Managing References Safely

Rust for Computer Vision in 2025: Libraries, Tools, and Best Practices

Blockchain in Enterprise Distributed Systems: Beyond Cryptocurrencies

Infrastructure as Code Best Practices: Beyond the Basics

How to add Account Condition to AWS Lambda Permissions in Terraform

Share this article:

Related Articles

Tags

Recent Posts