add terraform lambda layers sample

Author: HarshCasper

lambda-layers/terraform/.gitignore

@@ -0,0 +1,6 @@
+.terraform
+.venv
+build
+.terraform.lock.hcl
+output.json
+terraform.*

lambda-layers/terraform/Makefile

@@ -0,0 +1,52 @@
+export AWS_ACCESS_KEY_ID ?= test
+export AWS_SECRET_ACCESS_KEY ?= test
+export AWS_DEFAULT_REGION = us-east-1
+SHELL := /bin/bash
+PYTHON_BIN ?= $(shell which python3 || which python)
+
+usage:       ## Show this help
+	@fgrep -h "##" $(MAKEFILE_LIST) | fgrep -v fgrep | sed -e 's/\\$$//' | sed -e 's/##//'
+
+start:
+	localstack start -d
+
+install:    ## Install dependencies
+	@which localstack || pip install localstack
+	@which awslocal || pip install awscli-local
+	@which terraform || (\
+	echo 'Terraform was not found, installing locally' && \
+	wget https://releases.hashicorp.com/terraform/1.0.8/terraform_1.0.8_linux_amd64.zip && \
+	unzip terraform_*.zip && \
+	rm terraform_*.zip)
+	@test -e .venv || ($(PYTHON_BIN) -m venv .venv; source .venv/bin/activate; pip3 install terraform-local;)
+
+package:
+	source .venv/bin/activate; pip install \
+	--platform manylinux2014_x86_64 \
+	--target=package \
+	--implementation cp \
+	--only-binary=:all: \
+	--upgrade \
+	--requirement requirements.txt \
+	--target build/my-lambda-layer/python
+
+init:
+	tflocal init
+
+deploy:
+	tflocal apply --auto-approve
+
+invoke:
+	awslocal lambda invoke \
+    --function-name my-lambda-function \
+    output.json
+	cat output.json
+
+run: start install init deploy invoke
+
+clean:
+	rm -rf build
+	rm -rf .terraform
+	rf -f output.json
+
+.PHONY: start install init deploy invoke clean

lambda-layers/terraform/main.tf

@@ -0,0 +1,100 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+  }
+}
+
+provider "aws" {
+  region = "us-east-1"  # Replace with your preferred region
+}
+
+# Lambda Layer
+data "archive_file" "lambda_layer_zip" {
+  type        = "zip"
+  source_dir  = "${path.module}/build/my-lambda-layer"  # Path to your Python dependencies directory
+  output_path = "${path.module}/build/lambda_layer.zip"
+}
+
+# Layer bucket
+resource "aws_s3_bucket" "lambda_layer_bucket" {
+  bucket = "my-lambda-layer-bucket"
+}
+
+# Layer ZIP upload
+resource "aws_s3_object" "lambda_layer" {
+  bucket     = aws_s3_bucket.lambda_layer_bucket.id
+  key        = "lambda_layer.zip"
+  source     = data.archive_file.lambda_layer_zip.output_path
+  depends_on = [data.archive_file.lambda_layer_zip]  # Triggered only if the zip file is created
+}
+
+# Lambda Layer from S3
+resource "aws_lambda_layer_version" "dependencies" {
+  s3_bucket           = aws_s3_bucket.lambda_layer_bucket.id
+  s3_key              = aws_s3_object.lambda_layer.key
+  layer_name          = "my-lambda-layer"
+  compatible_runtimes = ["python3.12"]
+  depends_on          = [aws_s3_object.lambda_layer]  # Triggered only if the zip file is uploaded to the bucket
+}
+
+# Lambda Function
+data "archive_file" "lambda_function" {
+  type        = "zip"
+  source_file = "${path.module}/src/lambda_function.py"
+  output_path = "${path.module}/build/lambda_function.zip"
+}
+
+resource "aws_lambda_function" "my_lambda" {
+  filename         = data.archive_file.lambda_function.output_path
+  function_name    = "my-lambda-function" 
+  role             = aws_iam_role.lambda_role.arn  # See IAM Role below
+  handler          = "lambda_function.handler" 
+  runtime          = "python3.12" 
+
+  layers = [aws_lambda_layer_version.dependencies.arn] 
+}
+
+# IAM Role for Lambda
+resource "aws_iam_role" "lambda_role" {
+  name = "lambda_basic_execution"
+
+  assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "lambda.amazonaws.com"
+      },
+      "Effect": "Allow"
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy" "lambda_logs_policy" {
+  name = "lambda_logs_policy"
+  role = aws_iam_role.lambda_role.id
+
+  policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": [
+        "logs:CreateLogGroup",
+        "logs:CreateLogStream",
+        "logs:PutLogEvents"
+      ],
+      "Resource": "arn:aws:logs:*:*:*",
+      "Effect": "Allow"
+    }
+  ]
+}
+EOF
+}

lambda-layers/terraform/requirements.txt

@@ -0,0 +1 @@
+PyYAML==6.0.1

lambda-layers/terraform/src/lambda_function.py

@@ -0,0 +1,8 @@
+import yaml
+
+def handler(event, context):
+    status_yaml = """
+    status: success
+    """
+    status = yaml.safe_load(status_yaml)
+    return status