diff --git a/.circleci/config.yml b/.circleci/config.yml
new file mode 100644
index 0000000..7570935
--- /dev/null
+++ b/.circleci/config.yml
@@ -0,0 +1,158 @@
+orbs:
+ terraform-orb: bankrate/terraform@1.2.0
+
+version: 2.1
+
+workflows:
+ pipeline:
+ jobs:
+ - terraform-orb/init:
+ name: example-with-cloudwatch-scheduled-event-init
+ checkout: true
+ save-workspace: true
+ infrastructure_dir: "./examples/example-with-cloudwatch-scheduled-event"
+ terraform_version: 1.0.3
+ context: qa-environment
+ - terraform-orb/plan:
+ name: example-with-cloudwatch-scheduled-event-plan
+ environment: qa
+ infrastructure_dir: "./examples/example-with-cloudwatch-scheduled-event"
+ terraform_version: 1.0.3
+ attach-workspace: true
+ save-workspace: false
+ context: qa-environment
+ requires:
+ - example-with-cloudwatch-scheduled-event-init
+
+
+ - terraform-orb/init:
+ name: example-with-dynamo-event-init
+ checkout: true
+ save-workspace: true
+ infrastructure_dir: "./examples/example-with-dynamo-event"
+ terraform_version: 1.0.3
+ context: qa-terraform-modules-alternate-provider-testing
+ - terraform-orb/plan:
+ name: example-with-dynamo-event-plan
+ environment: qa
+ infrastructure_dir: "./examples/example-with-dynamo-event"
+ terraform_version: 1.0.3
+ attach-workspace: true
+ save-workspace: false
+ context: qa-terraform-modules-alternate-provider-testing
+ requires:
+ - example-with-dynamo-event-init
+
+
+ - terraform-orb/init:
+ name: example-with-functionurl-init
+ checkout: true
+ save-workspace: true
+ infrastructure_dir: "./examples/example-with-functionurl"
+ terraform_version: 1.0.3
+ context: qa-terraform-modules-alternate-provider-testing
+ - terraform-orb/plan:
+ name: example-with-functionurl-plan
+ environment: qa
+ infrastructure_dir: "./examples/example-with-functionurl"
+ terraform_version: 1.0.3
+ attach-workspace: true
+ save-workspace: false
+ context: qa-terraform-modules-alternate-provider-testing
+ requires:
+ - example-with-functionurl-init
+
+
+ - terraform-orb/init:
+ name: example-with-kinesis-event-init
+ checkout: true
+ save-workspace: true
+ infrastructure_dir: "./examples/example-with-kinesis-event"
+ terraform_version: 1.0.3
+ context: qa-terraform-modules-alternate-provider-testing
+ - terraform-orb/plan:
+ name: example-with-kinesis-event-plan
+ environment: qa
+ infrastructure_dir: "./examples/example-with-kinesis-event"
+ terraform_version: 1.0.3
+ attach-workspace: true
+ save-workspace: false
+ context: qa-terraform-modules-alternate-provider-testing
+ requires:
+ - example-with-kinesis-event-init
+
+
+ - terraform-orb/init:
+ name: example-with-s3-event-init
+ checkout: true
+ save-workspace: true
+ infrastructure_dir: "./examples/example-with-s3-event"
+ terraform_version: 1.0.3
+ context: qa-terraform-modules-alternate-provider-testing
+ - terraform-orb/plan:
+ name: example-with-s3-event-plan
+ environment: qa
+ infrastructure_dir: "./examples/example-with-s3-event"
+ terraform_version: 1.0.3
+ attach-workspace: true
+ save-workspace: false
+ context: qa-terraform-modules-alternate-provider-testing
+ requires:
+ - example-with-s3-event-init
+
+
+ - terraform-orb/init:
+ name: example-with-sqs-event-init
+ checkout: true
+ save-workspace: true
+ infrastructure_dir: "./examples/example-with-sqs-event"
+ terraform_version: 1.0.3
+ context: qa-terraform-modules-alternate-provider-testing
+ - terraform-orb/plan:
+ name: example-with-sqs-event-plan
+ environment: qa
+ infrastructure_dir: "./examples/example-with-sqs-event"
+ terraform_version: 1.0.3
+ attach-workspace: true
+ save-workspace: false
+ context: qa-terraform-modules-alternate-provider-testing
+ requires:
+ - example-with-sqs-event-init
+
+
+ - terraform-orb/init:
+ name: example-with-vpc-init
+ checkout: true
+ save-workspace: true
+ infrastructure_dir: "./examples/example-with-vpc"
+ terraform_version: 1.0.3
+ context: qa-terraform-modules-alternate-provider-testing
+ - terraform-orb/plan:
+ name: example-with-sqs-event-plan
+ environment: qa
+ infrastructure_dir: "./examples/example-with-vpc"
+ terraform_version: 1.0.3
+ attach-workspace: true
+ save-workspace: false
+ context: qa-terraform-modules-alternate-provider-testing
+ requires:
+ - example-with-vpc-init
+
+
+ - terraform-orb/init:
+ name: example-without-event-init
+ checkout: true
+ save-workspace: true
+ infrastructure_dir: "./examples/example-without-event"
+ terraform_version: 1.0.3
+ context: qa-terraform-modules-alternate-provider-testing
+ - terraform-orb/plan:
+ name: example-without-event-plan
+ environment: qa
+ infrastructure_dir: "./examples/example-without-event"
+ terraform_version: 1.0.3
+ attach-workspace: true
+ save-workspace: false
+ context: qa-terraform-modules-alternate-provider-testing
+ requires:
+ - example-without-event-init
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..2bf6254
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,5 @@
+# These owners will be the default owners for everything in
+# the repo. Unless a later match takes precedence,
+# the owners listed below will be requested for
+# review when someone opens a pull request.
+* @bankrate/platform-engineering
diff --git a/.github/workflows/workflow.yaml b/.github/workflows/workflow.yaml
deleted file mode 100644
index 1fa45ad..0000000
--- a/.github/workflows/workflow.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-name: Terraform CI
-
-on:
- pull_request:
- branches:
- - master
- push:
- branches:
- - master
-
-jobs:
- validate:
- name: Validate
- runs-on: ubuntu-latest
- steps:
- - name: Check out code
- uses: actions/checkout@v1
-
- - name: Run a Terraform init
- uses: docker://hashicorp/terraform:0.12.13
- with:
- entrypoint: terraform
- args: init
-
- - name: Run a Terraform fmt
- uses: docker://hashicorp/terraform:0.12.13
- with:
- entrypoint: terraform
- args: fmt -check=true
-
- - name: Run a Terraform validate
- uses: docker://hashicorp/terraform:0.12.13
- env:
- AWS_REGION: eu-west-1
- with:
- entrypoint: terraform
- args: validate
diff --git a/.gitignore b/.gitignore
index 0acb32f..5258b41 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,4 +2,5 @@
terraform.tfstate
terraform.tfstate.backup
-bin/
\ No newline at end of file
+bin/
+*.DS_Store
\ No newline at end of file
diff --git a/README.md b/README.md
index 7f56f7d..aa77c13 100644
--- a/README.md
+++ b/README.md
@@ -1,96 +1,86 @@
-# AWS Lambda Terraform module
-
- [](https://registry.terraform.io/modules/spring-media/lambda/aws/4.3.0)  [](https://opensource.org/licenses/MIT)
-
-Terraform module to create AWS [Lambda](https://www.terraform.io/docs/providers/aws/r/lambda_function.html) resources with configurable event sources, IAM configuration (following the [principal of least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege)), VPC as well as SSM/KMS and log streaming support.
-
-The following [event sources](https://docs.aws.amazon.com/lambda/latest/dg/invoking-lambda-function.html) are supported (see [examples](#examples)):
-
-- [cloudwatch-scheduled-event](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-cloudwatch-scheduled-event): configures a [CloudWatch Event Rule](https://www.terraform.io/docs/providers/aws/r/cloudwatch_event_rule.html) to trigger the Lambda on a regular, scheduled basis
-- [dynamodb](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-dynamodb-event): configures an [Event Source Mapping](https://www.terraform.io/docs/providers/aws/r/lambda_event_source_mapping.html) to trigger the Lambda by DynamoDb events
-- [s3](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-s3-event): configures permission to trigger the Lambda by S3
-- [sns](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-sns-event): to trigger Lambda by [SNS Topic Subscription](https://www.terraform.io/docs/providers/aws/r/sns_topic_subscription.html)
-
-Furthermore this module supports:
-
-- reading configuration and secrets from [AWS Systems Manager Parameter Store](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-paramstore.html) including decryption of [SecureString](https://docs.aws.amazon.com/kms/latest/developerguide/services-parameter-store.html) parameters
-- [CloudWatch](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html) Log group configuration including retention time and [subscription filters](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/SubscriptionFilters.html) e.g. to stream logs via Lambda to Elasticsearch
-
-## Terraform version compatibility
-
-| module | terraform | branch |
-| :----: | :-------: | :-------------: |
-| 4.x.x | 0.12.x | master |
-| 3.x.x | 0.11.x | terraform_0.11x |
-
-## How do I use this module?
-
-The module can be used for all [runtimes](https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html) supported by AWS Lambda (defaults to `go1.x`).
-
-In general configure the Lambda function with all required variables and add an (optional) event source (see [variables.tf](https://github.com/spring-media/terraform-aws-lambda/blob/master/variables.tf) for all available options).
-
-```
-provider "aws" {
- region = "eu-west-1"
-}
-
-module "lambda" {
- source = "spring-media/lambda/aws"
- version = "4.3.0"
- filename = "my-package.zip"
- function_name = "my-function"
- handler = "my-handler"
- runtime = "go1.x"
-
- // configurable event trigger, see examples
- event = {
- type = "cloudwatch-scheduled-event"
- schedule_expression = "rate(1 minute)"
- }
-
- // optionally set environment configuration
- environment = {
- variables {
- loglevel = "INFO"
- }
- }
-
- // optionally enable VPC access
- vpc_config = {
- security_group_ids = ["sg-1"]
- subnet_ids = ["subnet-1", "subnet-2"]
- }
-
- # optionally configure Parameter Store access with decryption
- ssm_parameter_names = ["some/config/root/*"]
- kms_key_arn = "arn:aws:kms:eu-west-1:647379381847:key/f79f2b-04684-4ad9-f9de8a-79d72f"
-
- # optionally create a log subscription for streaming log events from CloudWatch to ElasticSearch
- logfilter_destination_arn = "arn:aws:lambda:eu-west-1:647379381847:function:cloudwatch_logs_to_es_production"
-}
-```
-
-### Examples
-
-- [example-with-cloudwatch-scheduled-event](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-cloudwatch-scheduled-event)
-- [example-with-dynamodb-event-source](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-dynamodb-event)
-- [example-with-s3-event](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-s3-event)
-- [example-with-sns-event](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-sns-event)
-- [example-with-vpc](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-vpc)
-- [example-without-event](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-without-event)
-
-### bootstrap with func
-
-In case you are using [go](https://golang.org/) for developing your Lambda functions, you can also use [func](https://github.com/spring-media/func) to bootstrap your project and get started quickly.
-
-## How do I contribute to this module?
-
-Contributions are very welcome! Check out the [Contribution Guidelines](https://github.com/spring-media/terraform-aws-lambda/blob/master/CONTRIBUTING.md) for instructions.
-
-## How is this module versioned?
-
-This Module follows the principles of [Semantic Versioning](http://semver.org/). You can find each new release in the [releases page](../../releases).
-
-During initial development, the major version will be 0 (e.g., `0.x.y`), which indicates the code does not yet have a
-stable API. Once we hit `1.0.0`, we will make every effort to maintain a backwards compatible API and use the MAJOR,
-MINOR, and PATCH versions on each release to indicate any incompatibilities.
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| [terraform](#requirement\_terraform) | >= 0.12 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| [aws](#provider\_aws) | 4.12.1 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| [lambda](#module\_lambda) | app.terraform.io/bankrate/lambda-function/aws | ~> 4.0.0 |
+| [lambda\_cloudwatch\_trigger](#module\_lambda\_cloudwatch\_trigger) | app.terraform.io/bankrate/lambda-cloudwatch-trigger/aws | ~> 4.0.0 |
+| [lambda\_ddb\_trigger](#module\_lambda\_ddb\_trigger) | app.terraform.io/bankrate/lambda-event-source/aws | 2.3.0 |
+| [lambda\_s3\_trigger](#module\_lambda\_s3\_trigger) | app.terraform.io/bankrate/lambda-s3-trigger/aws | ~> 1.0.0 |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_cloudwatch_log_group.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |
+| [aws_cloudwatch_log_subscription_filter.cloudwatch_logs_to_es](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_subscription_filter) | resource |
+| [aws_iam_policy.kms_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_policy.ssm_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
+| [aws_iam_role.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
+| [aws_iam_role_policy_attachment.cloudwatch_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.kms_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_iam_role_policy_attachment.ssm_policy_attachment](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
+| [aws_lambda_permission.cloudwatch_logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
+| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
+| [aws_iam_policy_document.assume_role_policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.kms_policy_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_iam_policy_document.ssm_policy_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
+| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| [architecture](#input\_architecture) | Triggers are not required. Chose one trigger, if any, to use with lambda. If one is true, all others must be false. | object({
cloudwatch_trigger = bool
s3_trigger = bool
ddb_trigger = bool
}) | {
"cloudwatch_trigger": false,
"ddb_trigger": false,
"s3_trigger": false
} | no |
+| [bucket\_arn](#input\_bucket\_arn) | value | `string` | `""` | no |
+| [bucket\_id](#input\_bucket\_id) | value | `string` | `""` | no |
+| [create\_default\_sg](#input\_create\_default\_sg) | By default creates a security group that's unique to your lambda, meaning that every lambda you create with this module will use its own set of ENIs | `bool` | `false` | no |
+| [create\_in\_vpc](#input\_create\_in\_vpc) | By default this is set to true. If you don't want to create the lambda in a VPC then this should be set to false | `bool` | `true` | no |
+| [description](#input\_description) | Description of what your Lambda Function does. | `string` | `""` | no |
+| [enable](#input\_enable) | is a trigger enables true or false | `bool` | `true` | no |
+| [enable\_newrelic](#input\_enable\_newrelic) | (optional) describe your variable | `bool` | `false` | no |
+| [env\_vars](#input\_env\_vars) | Environment variables in map(map(string)) | `map(map(string))` | `{}` | no |
+| [environment](#input\_environment) | Environment for the resouces | `string` | n/a | yes |
+| [event\_source\_arn](#input\_event\_source\_arn) | value | `string` | `""` | no |
+| [filename](#input\_filename) | The path to the function's deployment package within the local filesystem. Default is an empty string to satisfy the underlying interface. | `any` | `""` | no |
+| [handler](#input\_handler) | The function entrypoint in your code. | `any` | n/a | yes |
+| [kms\_key\_arn](#input\_kms\_key\_arn) | The Amazon Resource Name (ARN) of the KMS key to decrypt AWS Systems Manager parameters. | `string` | `""` | no |
+| [layers](#input\_layers) | List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html) | `list(string)` | `[]` | no |
+| [log\_retention\_in\_days](#input\_log\_retention\_in\_days) | Specifies the number of days you want to retain log events in the specified log group. Defaults to 14. | `number` | `14` | no |
+| [logfilter\_destination\_arn](#input\_logfilter\_destination\_arn) | The ARN of the destination to deliver matching log events to. Kinesis stream or Lambda function ARN. | `string` | `""` | no |
+| [memory\_size](#input\_memory\_size) | Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128. | `number` | `128` | no |
+| [name](#input\_name) | A unique name for your Lambda Function. | `any` | n/a | yes |
+| [owner](#input\_owner) | Name of the owner or vertical this belongs to. | `any` | n/a | yes |
+| [project](#input\_project) | Name of the project this falls under. | `any` | n/a | yes |
+| [publish](#input\_publish) | Whether to publish creation/change as new Lambda Function Version. Defaults to true. | `bool` | `true` | no |
+| [reserved\_concurrent\_executions](#input\_reserved\_concurrent\_executions) | The amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. | `string` | `"-1"` | no |
+| [resource\_allocation](#input\_resource\_allocation) | Name of the project this falls under. | `string` | `"low"` | no |
+| [runtime](#input\_runtime) | The runtime environment for the Lambda function you are uploading. Defaults to go1.x | `string` | `"go1.x"` | no |
+| [schedule\_expression](#input\_schedule\_expression) | value | `string` | `"rate(1 minute)"` | no |
+| [security\_groups](#input\_security\_groups) | security groups | `list(string)` | `[]` | no |
+| [service](#input\_service) | Name of the service this is used in. | `any` | n/a | yes |
+| [ssm\_parameter\_names](#input\_ssm\_parameter\_names) | List of AWS Systems Manager Parameter Store parameters this Lambda will have access to. In order to decrypt secure parameters, a kms\_key\_arn needs to be provided as well. | `list` | `[]` | no |
+| [table\_name](#input\_table\_name) | value | `string` | `""` | no |
+| [tags](#input\_tags) | A mapping of tags to assign to the Lambda function. | `map(string)` | `{}` | no |
+| [team\_name](#input\_team\_name) | Name of the team this belongs to. | `any` | n/a | yes |
+| [timeout](#input\_timeout) | The amount of time your Lambda Function has to run in seconds. Defaults to 3. | `number` | `3` | no |
+| [vpc\_tag\_key\_override](#input\_vpc\_tag\_key\_override) | override of vpc tag | `string` | `"PrimaryVPC"` | no |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| [arn](#output\_arn) | The Amazon Resource Name (ARN) identifying your Lambda Function. |
+
\ No newline at end of file
diff --git a/examples/example-with-cloudwatch-scheduled-event/.terraform.lock.hcl b/examples/example-with-cloudwatch-scheduled-event/.terraform.lock.hcl
new file mode 100644
index 0000000..33faa73
--- /dev/null
+++ b/examples/example-with-cloudwatch-scheduled-event/.terraform.lock.hcl
@@ -0,0 +1,21 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+ version = "4.11.0"
+ hashes = [
+ "h1:CjsO4gz0OBv5KHDm/F2vFxK8dmYmjIo5WwL6X2HkHwQ=",
+ "zh:3e4634f4babcef402160ffb97f9f37e3e781313ceb7b7858fe4b7fc0e2e33e99",
+ "zh:3ff647aa88e71419480e3f51a4b40e3b0e2d66482bea97c0b4e75f37aa5ad1f1",
+ "zh:4680d16fbb85663034dc3677b402e9e78ab1d4040dd80603052817a96ec08911",
+ "zh:5190d03f43f7ad56dae0a7f0441a0f5b2590f42f6e07a724fe11dd50c42a12e4",
+ "zh:622426fcdbb927e7c198fe4b890a01a5aa312e462cd82ae1e302186eeac1d071",
+ "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+ "zh:b0b766a835c79f8dd58b93d25df8f37749f33cca2297ac088d402d718baddd9c",
+ "zh:b293cf26a02992b2167ed3f63711dc01221c4a5e2984b6c7c0c04a6155ab0526",
+ "zh:ca8e1f5c58fc838edb5fe7528aec3f2fcbaeabf808add0f401aee5073b61f17f",
+ "zh:e0d2ad2767c0134841d52394d180f8f3315c238949c8d11be39a214630e8d50e",
+ "zh:ece0d11c35a8537b662287e00af4d27a27eb9558353b133674af90ec11c818d3",
+ "zh:f7e1cd07ae883d3be01942dc2b0d516b9736a74e6037287ab19f616725c8f7e8",
+ ]
+}
diff --git a/examples/example-with-cloudwatch-scheduled-event/main.tf b/examples/example-with-cloudwatch-scheduled-event/main.tf
index b15a220..c17c300 100644
--- a/examples/example-with-cloudwatch-scheduled-event/main.tf
+++ b/examples/example-with-cloudwatch-scheduled-event/main.tf
@@ -1,27 +1,36 @@
provider "aws" {
- region = "eu-west-1"
+ region = "us-east-1"
+ version = "4.11.0"
}
+data "aws_region" "current" {}
+data "aws_caller_identity" "current" {}
+
+
module "lambda" {
- source = "../../"
- description = "Example AWS Lambda using go with cloudwatch scheduled event trigger"
- filename = "${path.module}/test_function.zip"
- function_name = "tf-example-go-basic"
- handler = "example-lambda-func"
- runtime = "go1.x"
+ source = "../../"
+ description = "Example AWS Lambda using go with cloudwatch scheduled event trigger"
+ name = "tf-example-go-basic"
+ handler = "example-lambda-func"
+ filename = ""
+ runtime = "go1.x"
+ service = "example"
+ project = "example"
+ environment = "qa"
+ team_name = "example"
+ owner = "example"
- event = {
- type = "cloudwatch-scheduled-event"
- schedule_expression = "rate(1 minute)"
+ architecture = {
+ cloudwatch_trigger = true
+ s3_trigger = false
+ ddb_trigger = false
+ function_url = false
+ kinesis_trigger = false
+ sqs_trigger = false
}
+ schedule_expression = "rate(1 minute)"
tags = {
key = "value"
}
-
- environment = {
- variables = {
- key = "value"
- }
- }
}
diff --git a/examples/example-with-cloudwatch-scheduled-event/versions.tf b/examples/example-with-cloudwatch-scheduled-event/versions.tf
index ac97c6a..0d15f94 100644
--- a/examples/example-with-cloudwatch-scheduled-event/versions.tf
+++ b/examples/example-with-cloudwatch-scheduled-event/versions.tf
@@ -1,4 +1,4 @@
terraform {
- required_version = ">= 0.12"
+ required_version = ">= 1.0"
}
diff --git a/examples/example-with-dynamo-event/.terraform.lock.hcl b/examples/example-with-dynamo-event/.terraform.lock.hcl
new file mode 100644
index 0000000..d899613
--- /dev/null
+++ b/examples/example-with-dynamo-event/.terraform.lock.hcl
@@ -0,0 +1,22 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+ version = "4.11.0"
+ constraints = ">= 4.0.0, 4.11.0"
+ hashes = [
+ "h1:CjsO4gz0OBv5KHDm/F2vFxK8dmYmjIo5WwL6X2HkHwQ=",
+ "zh:3e4634f4babcef402160ffb97f9f37e3e781313ceb7b7858fe4b7fc0e2e33e99",
+ "zh:3ff647aa88e71419480e3f51a4b40e3b0e2d66482bea97c0b4e75f37aa5ad1f1",
+ "zh:4680d16fbb85663034dc3677b402e9e78ab1d4040dd80603052817a96ec08911",
+ "zh:5190d03f43f7ad56dae0a7f0441a0f5b2590f42f6e07a724fe11dd50c42a12e4",
+ "zh:622426fcdbb927e7c198fe4b890a01a5aa312e462cd82ae1e302186eeac1d071",
+ "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+ "zh:b0b766a835c79f8dd58b93d25df8f37749f33cca2297ac088d402d718baddd9c",
+ "zh:b293cf26a02992b2167ed3f63711dc01221c4a5e2984b6c7c0c04a6155ab0526",
+ "zh:ca8e1f5c58fc838edb5fe7528aec3f2fcbaeabf808add0f401aee5073b61f17f",
+ "zh:e0d2ad2767c0134841d52394d180f8f3315c238949c8d11be39a214630e8d50e",
+ "zh:ece0d11c35a8537b662287e00af4d27a27eb9558353b133674af90ec11c818d3",
+ "zh:f7e1cd07ae883d3be01942dc2b0d516b9736a74e6037287ab19f616725c8f7e8",
+ ]
+}
diff --git a/examples/example-with-dynamodb-event/README.md b/examples/example-with-dynamo-event/README.md
similarity index 100%
rename from examples/example-with-dynamodb-event/README.md
rename to examples/example-with-dynamo-event/README.md
diff --git a/examples/example-with-dynamo-event/main.tf b/examples/example-with-dynamo-event/main.tf
new file mode 100644
index 0000000..ed15e9b
--- /dev/null
+++ b/examples/example-with-dynamo-event/main.tf
@@ -0,0 +1,34 @@
+provider "aws" {
+ region = "us-east-1"
+ version = "4.11.0"
+}
+
+data "aws_region" "current" {}
+data "aws_caller_identity" "current" {}
+
+module "lambda" {
+ source = "../../"
+ description = "Example AWS Lambda using go with dynamodb event trigger"
+ name = "tf-example-go-basic"
+ handler = "example-lambda-func"
+ runtime = "go1.x"
+ service = "example"
+ project = "example"
+ environment = "qa"
+ team_name = "example"
+ owner = "example"
+
+ architecture = {
+ cloudwatch_trigger = false
+ s3_trigger = false
+ ddb_trigger = true
+ function_url = false
+ kinesis_trigger = false
+ sqs_trigger = false
+ }
+
+ tags = {
+ key = "value"
+ }
+}
+
diff --git a/examples/example-with-dynamo-event/versions.tf b/examples/example-with-dynamo-event/versions.tf
new file mode 100644
index 0000000..0d15f94
--- /dev/null
+++ b/examples/example-with-dynamo-event/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+ required_version = ">= 1.0"
+}
diff --git a/examples/example-with-dynamodb-event/main.tf b/examples/example-with-dynamodb-event/main.tf
deleted file mode 100644
index bfc093c..0000000
--- a/examples/example-with-dynamodb-event/main.tf
+++ /dev/null
@@ -1,28 +0,0 @@
-provider "aws" {
- region = "eu-west-1"
-}
-
-module "lambda" {
- source = "../../"
- filename = "${path.module}/test_function.zip"
- function_name = "my-function"
- handler = "my-handler"
-
- event = {
- type = "dynamodb"
- stream_event_source_arn = "arn:aws:dynamodb:eu-west-1:647379381847:table/some-table/stream/some-identifier"
- table_name = "some-table"
- }
-
- # optionally configure Parameter Store access with decryption
- ssm_parameter_names = ["some/config/root/*"]
- kms_key_arn = "arn:aws:kms:eu-west-1:647379381847:key/f79f2b-04684-4ad9-f9de8a-79d72f"
-
- # optionally create a log subscription for streaming log events
- logfilter_destination_arn = "arn:aws:lambda:eu-west-1:647379381847:function:cloudwatch_logs_to_es_production"
-
- tags = {
- key = "value"
- }
-}
-
diff --git a/examples/example-with-dynamodb-event/test_function.zip b/examples/example-with-dynamodb-event/test_function.zip
deleted file mode 100644
index e69de29..0000000
diff --git a/examples/example-with-dynamodb-event/versions.tf b/examples/example-with-dynamodb-event/versions.tf
deleted file mode 100644
index ac97c6a..0000000
--- a/examples/example-with-dynamodb-event/versions.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-
-terraform {
- required_version = ">= 0.12"
-}
diff --git a/examples/example-with-functionurl/.terraform.lock.hcl b/examples/example-with-functionurl/.terraform.lock.hcl
new file mode 100644
index 0000000..d899613
--- /dev/null
+++ b/examples/example-with-functionurl/.terraform.lock.hcl
@@ -0,0 +1,22 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+ version = "4.11.0"
+ constraints = ">= 4.0.0, 4.11.0"
+ hashes = [
+ "h1:CjsO4gz0OBv5KHDm/F2vFxK8dmYmjIo5WwL6X2HkHwQ=",
+ "zh:3e4634f4babcef402160ffb97f9f37e3e781313ceb7b7858fe4b7fc0e2e33e99",
+ "zh:3ff647aa88e71419480e3f51a4b40e3b0e2d66482bea97c0b4e75f37aa5ad1f1",
+ "zh:4680d16fbb85663034dc3677b402e9e78ab1d4040dd80603052817a96ec08911",
+ "zh:5190d03f43f7ad56dae0a7f0441a0f5b2590f42f6e07a724fe11dd50c42a12e4",
+ "zh:622426fcdbb927e7c198fe4b890a01a5aa312e462cd82ae1e302186eeac1d071",
+ "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+ "zh:b0b766a835c79f8dd58b93d25df8f37749f33cca2297ac088d402d718baddd9c",
+ "zh:b293cf26a02992b2167ed3f63711dc01221c4a5e2984b6c7c0c04a6155ab0526",
+ "zh:ca8e1f5c58fc838edb5fe7528aec3f2fcbaeabf808add0f401aee5073b61f17f",
+ "zh:e0d2ad2767c0134841d52394d180f8f3315c238949c8d11be39a214630e8d50e",
+ "zh:ece0d11c35a8537b662287e00af4d27a27eb9558353b133674af90ec11c818d3",
+ "zh:f7e1cd07ae883d3be01942dc2b0d516b9736a74e6037287ab19f616725c8f7e8",
+ ]
+}
diff --git a/examples/example-with-functionurl/README.md b/examples/example-with-functionurl/README.md
new file mode 100644
index 0000000..6edee9a
--- /dev/null
+++ b/examples/example-with-functionurl/README.md
@@ -0,0 +1,17 @@
+# Example with function url
+
+Creates an AWS Lambda function with function url to invoke your lambda
+
+## requirements
+
+- [Terraform 0.12+](https://www.terraform.io/)
+- authentication configuration for the [aws provider](https://www.terraform.io/docs/providers/aws/)
+
+## usage
+
+To generate and show the execution plan run
+
+```
+terraform init
+terraform plan
+```
diff --git a/examples/example-with-functionurl/main.tf b/examples/example-with-functionurl/main.tf
new file mode 100644
index 0000000..ede92f0
--- /dev/null
+++ b/examples/example-with-functionurl/main.tf
@@ -0,0 +1,30 @@
+provider "aws" {
+ region = "us-east-1"
+ version = "4.11.0"
+}
+
+data "aws_region" "current" {}
+data "aws_caller_identity" "current" {}
+
+
+module "lambda" {
+ source = "../../"
+ description = "Example AWS Lambda using go with functionurl"
+ name = "tf-example-go-basic"
+ handler = "example-lambda-func"
+ runtime = "go1.x"
+ service = "example"
+ project = "example"
+ environment = "qa"
+ team_name = "example"
+ owner = "example"
+
+ architecture = {
+ cloudwatch_trigger = false
+ s3_trigger = false
+ ddb_trigger = false
+ function_url = true
+ kinesis_trigger = false
+ sqs_trigger = false
+ }
+}
diff --git a/examples/example-with-functionurl/versions.tf b/examples/example-with-functionurl/versions.tf
new file mode 100644
index 0000000..0d15f94
--- /dev/null
+++ b/examples/example-with-functionurl/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+ required_version = ">= 1.0"
+}
diff --git a/examples/example-with-kinesis-event/.terraform.lock.hcl b/examples/example-with-kinesis-event/.terraform.lock.hcl
new file mode 100644
index 0000000..d899613
--- /dev/null
+++ b/examples/example-with-kinesis-event/.terraform.lock.hcl
@@ -0,0 +1,22 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+ version = "4.11.0"
+ constraints = ">= 4.0.0, 4.11.0"
+ hashes = [
+ "h1:CjsO4gz0OBv5KHDm/F2vFxK8dmYmjIo5WwL6X2HkHwQ=",
+ "zh:3e4634f4babcef402160ffb97f9f37e3e781313ceb7b7858fe4b7fc0e2e33e99",
+ "zh:3ff647aa88e71419480e3f51a4b40e3b0e2d66482bea97c0b4e75f37aa5ad1f1",
+ "zh:4680d16fbb85663034dc3677b402e9e78ab1d4040dd80603052817a96ec08911",
+ "zh:5190d03f43f7ad56dae0a7f0441a0f5b2590f42f6e07a724fe11dd50c42a12e4",
+ "zh:622426fcdbb927e7c198fe4b890a01a5aa312e462cd82ae1e302186eeac1d071",
+ "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+ "zh:b0b766a835c79f8dd58b93d25df8f37749f33cca2297ac088d402d718baddd9c",
+ "zh:b293cf26a02992b2167ed3f63711dc01221c4a5e2984b6c7c0c04a6155ab0526",
+ "zh:ca8e1f5c58fc838edb5fe7528aec3f2fcbaeabf808add0f401aee5073b61f17f",
+ "zh:e0d2ad2767c0134841d52394d180f8f3315c238949c8d11be39a214630e8d50e",
+ "zh:ece0d11c35a8537b662287e00af4d27a27eb9558353b133674af90ec11c818d3",
+ "zh:f7e1cd07ae883d3be01942dc2b0d516b9736a74e6037287ab19f616725c8f7e8",
+ ]
+}
diff --git a/examples/example-with-kinesis-event/README.md b/examples/example-with-kinesis-event/README.md
new file mode 100644
index 0000000..aa457ad
--- /dev/null
+++ b/examples/example-with-kinesis-event/README.md
@@ -0,0 +1,24 @@
+# Example with Kinesis event
+
+Creates an AWS Lambda function triggered by a Kinesis [event](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html).
+
+## requirements
+
+- [Terraform 0.12+](https://www.terraform.io/)
+- authentication configuration for the [aws provider](https://www.terraform.io/docs/providers/aws/)
+
+## usage
+
+```
+$ terraform init
+$ terraform plan
+```
+
+## bootstrap with func
+
+In case you are using [go](https://golang.org/) for developing your Lambda functions, you can also use [func](https://github.com/spring-media/func) to bootstrap your project and get started quickly:
+
+```
+$ func new example-with-kinesis -e kinesis
+$ cd example-with-kinesis && make init package plan
+```
diff --git a/examples/example-with-kinesis-event/main.tf b/examples/example-with-kinesis-event/main.tf
new file mode 100644
index 0000000..7846693
--- /dev/null
+++ b/examples/example-with-kinesis-event/main.tf
@@ -0,0 +1,34 @@
+provider "aws" {
+ region = "us-east-1"
+ version = "4.11.0"
+}
+
+data "aws_region" "current" {}
+data "aws_caller_identity" "current"{}
+
+module "lambda" {
+ source = "../../"
+ description = "Example AWS Lambda using go with cloudwatch scheduled event trigger"
+ name = "tf-example-go-basic"
+ handler = "example-lambda-func"
+ runtime = "go1.x"
+ service = "example"
+ project = "example"
+ environment = "qa"
+ team_name = "example"
+ owner = "example"
+
+ architecture = {
+ cloudwatch_trigger = false
+ s3_trigger = false
+ ddb_trigger = false
+ sqs_trigger = false
+ kinesis_trigger = true
+ function_url = false
+ }
+
+ tags = {
+ key = "value"
+ }
+}
+
diff --git a/examples/example-with-cloudwatch-scheduled-event/test_function.zip b/examples/example-with-kinesis-event/test_function.zip
similarity index 100%
rename from examples/example-with-cloudwatch-scheduled-event/test_function.zip
rename to examples/example-with-kinesis-event/test_function.zip
diff --git a/examples/example-with-kinesis-event/versions.tf b/examples/example-with-kinesis-event/versions.tf
new file mode 100644
index 0000000..0d15f94
--- /dev/null
+++ b/examples/example-with-kinesis-event/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+ required_version = ">= 1.0"
+}
diff --git a/examples/example-with-s3-event/.terraform.lock.hcl b/examples/example-with-s3-event/.terraform.lock.hcl
new file mode 100644
index 0000000..33faa73
--- /dev/null
+++ b/examples/example-with-s3-event/.terraform.lock.hcl
@@ -0,0 +1,21 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+ version = "4.11.0"
+ hashes = [
+ "h1:CjsO4gz0OBv5KHDm/F2vFxK8dmYmjIo5WwL6X2HkHwQ=",
+ "zh:3e4634f4babcef402160ffb97f9f37e3e781313ceb7b7858fe4b7fc0e2e33e99",
+ "zh:3ff647aa88e71419480e3f51a4b40e3b0e2d66482bea97c0b4e75f37aa5ad1f1",
+ "zh:4680d16fbb85663034dc3677b402e9e78ab1d4040dd80603052817a96ec08911",
+ "zh:5190d03f43f7ad56dae0a7f0441a0f5b2590f42f6e07a724fe11dd50c42a12e4",
+ "zh:622426fcdbb927e7c198fe4b890a01a5aa312e462cd82ae1e302186eeac1d071",
+ "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+ "zh:b0b766a835c79f8dd58b93d25df8f37749f33cca2297ac088d402d718baddd9c",
+ "zh:b293cf26a02992b2167ed3f63711dc01221c4a5e2984b6c7c0c04a6155ab0526",
+ "zh:ca8e1f5c58fc838edb5fe7528aec3f2fcbaeabf808add0f401aee5073b61f17f",
+ "zh:e0d2ad2767c0134841d52394d180f8f3315c238949c8d11be39a214630e8d50e",
+ "zh:ece0d11c35a8537b662287e00af4d27a27eb9558353b133674af90ec11c818d3",
+ "zh:f7e1cd07ae883d3be01942dc2b0d516b9736a74e6037287ab19f616725c8f7e8",
+ ]
+}
diff --git a/examples/example-with-s3-event/graph.svg b/examples/example-with-s3-event/graph.svg
new file mode 100644
index 0000000..9dd8cf8
--- /dev/null
+++ b/examples/example-with-s3-event/graph.svg
@@ -0,0 +1,3828 @@
+
+
+
+
+
diff --git a/examples/example-with-s3-event/main.tf b/examples/example-with-s3-event/main.tf
index fa48f91..db7be44 100644
--- a/examples/example-with-s3-event/main.tf
+++ b/examples/example-with-s3-event/main.tf
@@ -1,7 +1,11 @@
provider "aws" {
- region = "eu-west-1"
+ region = "us-east-1"
+ version = "4.11.0"
}
+data "aws_region" "current" {}
+data "aws_caller_identity" "current" {}
+
resource "aws_s3_bucket_notification" "bucket_notification" {
bucket = "bucketname"
@@ -12,27 +16,33 @@ resource "aws_s3_bucket_notification" "bucket_notification" {
}
module "lambda" {
- source = "../../"
- description = "Example AWS Lambda using go with S3 trigger"
- filename = "${path.module}/test_function.zip"
- function_name = "tf-example-go-s3"
- handler = "example-lambda-func"
- runtime = "go1.x"
-
- event = {
- type = "s3"
- s3_bucket_arn = "arn:aws:s3:::bucketname"
- s3_bucket_id = "bucketname"
+ source = "../../"
+ description = "Example AWS Lambda using go with s3 event trigger"
+ name = "tf-example-go-basic"
+ handler = "example-lambda-func"
+ runtime = "go1.x"
+ service = "example"
+ project = "example"
+ environment = "qa"
+ team_name = "example"
+ owner = "example"
+
+ architecture = {
+ cloudwatch_trigger = false
+ s3_trigger = true
+ ddb_trigger = false
+ function_url = false
+ kinesis_trigger = false
+ sqs_trigger = false
}
+ bucket_arn = "arn:aws:s3:::bucketname"
+ bucket_id = "bucketname"
tags = {
key = "value"
}
- environment = {
- variables = {
- key = "value"
- }
- }
+
+
}
diff --git a/examples/example-with-s3-event/test_function.zip b/examples/example-with-s3-event/test_function.zip
deleted file mode 100644
index e69de29..0000000
diff --git a/examples/example-with-s3-event/versions.tf b/examples/example-with-s3-event/versions.tf
index ac97c6a..0d15f94 100644
--- a/examples/example-with-s3-event/versions.tf
+++ b/examples/example-with-s3-event/versions.tf
@@ -1,4 +1,4 @@
terraform {
- required_version = ">= 0.12"
+ required_version = ">= 1.0"
}
diff --git a/examples/example-with-sns-event/main.tf b/examples/example-with-sns-event/main.tf
deleted file mode 100644
index 748a002..0000000
--- a/examples/example-with-sns-event/main.tf
+++ /dev/null
@@ -1,28 +0,0 @@
-provider "aws" {
- region = "eu-west-1"
-}
-
-module "lambda" {
- source = "../../"
- description = "Example AWS Lambda using go with sns trigger"
- filename = "${path.module}/test_function.zip"
- function_name = "tf-example-go-sns"
- handler = "example-lambda-func"
- runtime = "go1.x"
-
- event = {
- type = "sns"
- topic_arn = "arn:aws:sns:eu-west-1:123456789123:test-topic"
- }
-
- tags = {
- key = "value"
- }
-
- environment = {
- variables = {
- key = "value"
- }
- }
-}
-
diff --git a/examples/example-with-sns-event/test_function.zip b/examples/example-with-sns-event/test_function.zip
deleted file mode 100644
index e69de29..0000000
diff --git a/examples/example-with-sns-event/versions.tf b/examples/example-with-sns-event/versions.tf
deleted file mode 100644
index ac97c6a..0000000
--- a/examples/example-with-sns-event/versions.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-
-terraform {
- required_version = ">= 0.12"
-}
diff --git a/examples/example-with-sqs-event/.terraform.lock.hcl b/examples/example-with-sqs-event/.terraform.lock.hcl
new file mode 100644
index 0000000..d899613
--- /dev/null
+++ b/examples/example-with-sqs-event/.terraform.lock.hcl
@@ -0,0 +1,22 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+ version = "4.11.0"
+ constraints = ">= 4.0.0, 4.11.0"
+ hashes = [
+ "h1:CjsO4gz0OBv5KHDm/F2vFxK8dmYmjIo5WwL6X2HkHwQ=",
+ "zh:3e4634f4babcef402160ffb97f9f37e3e781313ceb7b7858fe4b7fc0e2e33e99",
+ "zh:3ff647aa88e71419480e3f51a4b40e3b0e2d66482bea97c0b4e75f37aa5ad1f1",
+ "zh:4680d16fbb85663034dc3677b402e9e78ab1d4040dd80603052817a96ec08911",
+ "zh:5190d03f43f7ad56dae0a7f0441a0f5b2590f42f6e07a724fe11dd50c42a12e4",
+ "zh:622426fcdbb927e7c198fe4b890a01a5aa312e462cd82ae1e302186eeac1d071",
+ "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+ "zh:b0b766a835c79f8dd58b93d25df8f37749f33cca2297ac088d402d718baddd9c",
+ "zh:b293cf26a02992b2167ed3f63711dc01221c4a5e2984b6c7c0c04a6155ab0526",
+ "zh:ca8e1f5c58fc838edb5fe7528aec3f2fcbaeabf808add0f401aee5073b61f17f",
+ "zh:e0d2ad2767c0134841d52394d180f8f3315c238949c8d11be39a214630e8d50e",
+ "zh:ece0d11c35a8537b662287e00af4d27a27eb9558353b133674af90ec11c818d3",
+ "zh:f7e1cd07ae883d3be01942dc2b0d516b9736a74e6037287ab19f616725c8f7e8",
+ ]
+}
diff --git a/examples/example-with-sns-event/README.md b/examples/example-with-sqs-event/README.md
similarity index 61%
rename from examples/example-with-sns-event/README.md
rename to examples/example-with-sqs-event/README.md
index ffabcad..e8a8ed7 100644
--- a/examples/example-with-sns-event/README.md
+++ b/examples/example-with-sqs-event/README.md
@@ -1,6 +1,6 @@
-# Example with SNS event
+# Example with SQS event
-Creates an AWS Lambda function subscribed to a SNS topic.
+Creates an AWS Lambda function triggered by a SQS [event](https://docs.aws.amazon.com/lambda/latest/dg/with-sqs.html).
## requirements
@@ -10,8 +10,8 @@ Creates an AWS Lambda function subscribed to a SNS topic.
## usage
```
-terraform init
-terraform plan
+$ terraform init
+$ terraform plan
```
## bootstrap with func
@@ -19,6 +19,6 @@ terraform plan
In case you are using [go](https://golang.org/) for developing your Lambda functions, you can also use [func](https://github.com/spring-media/func) to bootstrap your project and get started quickly:
```
-$ func new example-with-sns -e sns
-$ cd example-with-sns && make init package plan
+$ func new example-with-sqs -e sqs
+$ cd example-with-sqs && make init package plan
```
diff --git a/examples/example-with-sqs-event/main.tf b/examples/example-with-sqs-event/main.tf
new file mode 100644
index 0000000..cfa0ce3
--- /dev/null
+++ b/examples/example-with-sqs-event/main.tf
@@ -0,0 +1,35 @@
+provider "aws" {
+ region = "us-east-1"
+ version = "4.11.0"
+}
+
+data "aws_region" "current" {}
+data "aws_caller_identity" "current"{}
+
+module "lambda" {
+ source = "../../"
+ description = "Example AWS Lambda using go with cloudwatch scheduled event trigger"
+ name = "tf-example-go-basic"
+ handler = "example-lambda-func"
+ runtime = "go1.x"
+ service = "example"
+ project = "example"
+ environment = "qa"
+ team_name = "example"
+ owner = "example"
+
+ architecture = {
+ cloudwatch_trigger = false
+ s3_trigger = false
+ ddb_trigger = false
+ sqs_trigger = true
+ kinesis_trigger = false
+ function_url = false
+ }
+
+
+ tags = {
+ key = "value"
+ }
+}
+
diff --git a/examples/example-with-sqs-event/versions.tf b/examples/example-with-sqs-event/versions.tf
new file mode 100644
index 0000000..0d15f94
--- /dev/null
+++ b/examples/example-with-sqs-event/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+ required_version = ">= 1.0"
+}
diff --git a/examples/example-with-vpc/.terraform.lock.hcl b/examples/example-with-vpc/.terraform.lock.hcl
new file mode 100644
index 0000000..d899613
--- /dev/null
+++ b/examples/example-with-vpc/.terraform.lock.hcl
@@ -0,0 +1,22 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+ version = "4.11.0"
+ constraints = ">= 4.0.0, 4.11.0"
+ hashes = [
+ "h1:CjsO4gz0OBv5KHDm/F2vFxK8dmYmjIo5WwL6X2HkHwQ=",
+ "zh:3e4634f4babcef402160ffb97f9f37e3e781313ceb7b7858fe4b7fc0e2e33e99",
+ "zh:3ff647aa88e71419480e3f51a4b40e3b0e2d66482bea97c0b4e75f37aa5ad1f1",
+ "zh:4680d16fbb85663034dc3677b402e9e78ab1d4040dd80603052817a96ec08911",
+ "zh:5190d03f43f7ad56dae0a7f0441a0f5b2590f42f6e07a724fe11dd50c42a12e4",
+ "zh:622426fcdbb927e7c198fe4b890a01a5aa312e462cd82ae1e302186eeac1d071",
+ "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+ "zh:b0b766a835c79f8dd58b93d25df8f37749f33cca2297ac088d402d718baddd9c",
+ "zh:b293cf26a02992b2167ed3f63711dc01221c4a5e2984b6c7c0c04a6155ab0526",
+ "zh:ca8e1f5c58fc838edb5fe7528aec3f2fcbaeabf808add0f401aee5073b61f17f",
+ "zh:e0d2ad2767c0134841d52394d180f8f3315c238949c8d11be39a214630e8d50e",
+ "zh:ece0d11c35a8537b662287e00af4d27a27eb9558353b133674af90ec11c818d3",
+ "zh:f7e1cd07ae883d3be01942dc2b0d516b9736a74e6037287ab19f616725c8f7e8",
+ ]
+}
diff --git a/examples/example-with-vpc/main.tf b/examples/example-with-vpc/main.tf
index 4302a31..5855d62 100644
--- a/examples/example-with-vpc/main.tf
+++ b/examples/example-with-vpc/main.tf
@@ -1,33 +1,55 @@
provider "aws" {
- region = "eu-west-1"
+ region = "us-east-1"
+ version = "4.11.0"
+}
+
+data "aws_region" "current" {}
+data "aws_caller_identity" "current" {}
+
+resource "aws_security_group" "lambda_egress" {
+ name = "lambda-egress-qa"
+ description = "Allow egress from Lambda functions"
+ vpc_id = "PrimaryVPC"
+}
+
+resource "aws_security_group_rule" "lambda_egress" {
+ type = "egress"
+ from_port = 0
+ to_port = 0
+ protocol = "-1"
+
+ security_group_id = aws_security_group.lambda_egress.id
+ cidr_blocks = ["0.0.0.0/0"]
}
module "lambda" {
- source = "../../"
- description = "Example AWS Lambda inside a VPC using go with cloudwatch scheduled event trigger"
- filename = "${path.module}/test_function.zip"
- function_name = "tf-example-go-basic-vpc"
- handler = "example-lambda-func"
- runtime = "go1.x"
-
- vpc_config = {
- subnet_ids = ["subnet-123456", "subnet-123457"]
- security_group_ids = ["sg-123456"]
- }
+ source = "../../"
+ description = "Example AWS Lambda inside a VPC using go with cloudwatch scheduled event trigger"
+ name = "tf-example-go-basic"
+ handler = "example-lambda-func"
+ runtime = "go1.x"
+ service = "example"
+ project = "example"
+ environment = "qa"
+ team_name = "example"
+ owner = "example"
- event = {
- type = "cloudwatch-scheduled-event"
- schedule_expression = "rate(1 minute)"
+ architecture = {
+ cloudwatch_trigger = true
+ s3_trigger = false
+ ddb_trigger = false
+ function_url = false
+ kinesis_trigger = false
+ sqs_trigger = false
}
+
+ schedule_expression = "rate(1 minute)"
+ create_in_vpc = true
+ create_default_sg = false
+ security_groups = [aws_security_group.lambda_egress.id]
tags = {
key = "value"
}
-
- environment = {
- variables = {
- key = "value"
- }
- }
}
diff --git a/examples/example-with-vpc/test_function.zip b/examples/example-with-vpc/test_function.zip
deleted file mode 100644
index e69de29..0000000
diff --git a/examples/example-with-vpc/versions.tf b/examples/example-with-vpc/versions.tf
index ac97c6a..0d15f94 100644
--- a/examples/example-with-vpc/versions.tf
+++ b/examples/example-with-vpc/versions.tf
@@ -1,4 +1,4 @@
terraform {
- required_version = ">= 0.12"
+ required_version = ">= 1.0"
}
diff --git a/examples/example-without-event/.terraform.lock.hcl b/examples/example-without-event/.terraform.lock.hcl
new file mode 100644
index 0000000..33faa73
--- /dev/null
+++ b/examples/example-without-event/.terraform.lock.hcl
@@ -0,0 +1,21 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+ version = "4.11.0"
+ hashes = [
+ "h1:CjsO4gz0OBv5KHDm/F2vFxK8dmYmjIo5WwL6X2HkHwQ=",
+ "zh:3e4634f4babcef402160ffb97f9f37e3e781313ceb7b7858fe4b7fc0e2e33e99",
+ "zh:3ff647aa88e71419480e3f51a4b40e3b0e2d66482bea97c0b4e75f37aa5ad1f1",
+ "zh:4680d16fbb85663034dc3677b402e9e78ab1d4040dd80603052817a96ec08911",
+ "zh:5190d03f43f7ad56dae0a7f0441a0f5b2590f42f6e07a724fe11dd50c42a12e4",
+ "zh:622426fcdbb927e7c198fe4b890a01a5aa312e462cd82ae1e302186eeac1d071",
+ "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+ "zh:b0b766a835c79f8dd58b93d25df8f37749f33cca2297ac088d402d718baddd9c",
+ "zh:b293cf26a02992b2167ed3f63711dc01221c4a5e2984b6c7c0c04a6155ab0526",
+ "zh:ca8e1f5c58fc838edb5fe7528aec3f2fcbaeabf808add0f401aee5073b61f17f",
+ "zh:e0d2ad2767c0134841d52394d180f8f3315c238949c8d11be39a214630e8d50e",
+ "zh:ece0d11c35a8537b662287e00af4d27a27eb9558353b133674af90ec11c818d3",
+ "zh:f7e1cd07ae883d3be01942dc2b0d516b9736a74e6037287ab19f616725c8f7e8",
+ ]
+}
diff --git a/examples/example-without-event/main.tf b/examples/example-without-event/main.tf
index f266a79..c71fa0e 100644
--- a/examples/example-without-event/main.tf
+++ b/examples/example-without-event/main.tf
@@ -1,12 +1,21 @@
provider "aws" {
- region = "eu-west-1"
+ region = "us-east-1"
+ version = "4.11.0"
}
+data "aws_region" "current" {}
+data "aws_caller_identity" "current"{}
+
+
module "lambda" {
source = "../../"
description = "Example AWS Lambda using go with cloudwatch scheduled event trigger"
- filename = "${path.module}/test_function.zip"
- function_name = "tf-example-go-basic"
+ name = "tf-example-go-basic"
handler = "example-lambda-func"
runtime = "go1.x"
-}
+ service = "example"
+ project = "example"
+ environment = "qa"
+ team_name = "example"
+ owner = "example"
+}
diff --git a/examples/example-without-event/test_function.zip b/examples/example-without-event/test_function.zip
deleted file mode 100644
index e69de29..0000000
diff --git a/examples/example-without-event/versions.tf b/examples/example-without-event/versions.tf
index ac97c6a..0d15f94 100644
--- a/examples/example-without-event/versions.tf
+++ b/examples/example-without-event/versions.tf
@@ -1,4 +1,4 @@
terraform {
- required_version = ">= 0.12"
+ required_version = ">= 1.0"
}
diff --git a/main.tf b/main.tf
index e0f2330..d1ef9b7 100644
--- a/main.tf
+++ b/main.tf
@@ -1,57 +1,84 @@
module "lambda" {
- source = "./modules/lambda"
- description = var.description
- environment = var.environment
- filename = var.filename
- function_name = var.function_name
+ source = "app.terraform.io/bankrate/lambda-function/aws"
+ version = "~> 4.0.0"
handler = var.handler
- memory_size = var.memory_size
publish = var.publish
reserved_concurrent_executions = var.reserved_concurrent_executions
runtime = var.runtime
timeout = var.timeout
tags = var.tags
- vpc_config = var.vpc_config
+ layers = var.layers
+ resource_allocation = var.resource_allocation
+ vpc_tag = var.vpc_tag_key_override
+ name = var.name
+ team_name = var.team_name
+ environment = var.environment
}
-module "event-cloudwatch-scheduled-event" {
- source = "./modules/event/cloudwatch-scheduled-event"
- enable = lookup(var.event, "type", "") == "cloudwatch-scheduled-event" ? true : false
+data "aws_iam_policy_document" "assume_role_policy" {
+ statement {
+ actions = ["sts:AssumeRole"]
- lambda_function_arn = module.lambda.arn
- schedule_expression = lookup(var.event, "schedule_expression", "")
+ principals {
+ type = "Service"
+ identifiers = ["lambda.amazonaws.com"]
+ }
+ }
}
-module "event-dynamodb" {
- source = "./modules/event/dynamodb"
- enable = lookup(var.event, "type", "") == "dynamodb" ? true : false
+data "aws_region" "current" {}
+data "aws_caller_identity" "current" {}
- function_name = module.lambda.function_name
- iam_role_name = module.lambda.role_name
- stream_event_source_arn = lookup(var.event, "stream_event_source_arn", "")
- table_name = lookup(var.event, "table_name", "")
+resource "aws_iam_role" "lambda" {
+ name = var.name
+ assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json
}
-module "event-sns" {
- source = "./modules/event/sns"
- enable = lookup(var.event, "type", "") == "sns" ? true : false
+resource "aws_iam_role_policy_attachment" "cloudwatch_logs" {
+ role = aws_iam_role.lambda.name
+ policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+}
+
+module "lambda_cloudwatch_trigger" {
+ source = "app.terraform.io/bankrate/lambda-cloudwatch-trigger/aws"
+ version = "~> 4.0.0"
+
+ # Enablement
+ enable = var.enable && lookup(var.architecture, "cloudwatch_trigger", false)
- endpoint = module.lambda.arn
- function_name = module.lambda.function_name
- topic_arn = lookup(var.event, "topic_arn", "")
+ lambda_function_arn = module.lambda.arn
+ schedule_expression = var.schedule_expression
+ environment = var.environment
+ project = var.project
+ owner = var.owner
}
-module "event-s3" {
- source = "./modules/event/s3"
- enable = lookup(var.event, "type", "") == "s3" ? true : false
+module "lambda_s3_trigger" {
+ source = "app.terraform.io/bankrate/lambda-s3-trigger/aws"
+ version = "~> 1.0.0"
+
+ # Enablement
+ enable = var.enable && lookup(var.architecture, "s3_trigger", false)
+ bucket_name = var.bucket_id
lambda_function_arn = module.lambda.arn
- s3_bucket_arn = lookup(var.event, "s3_bucket_arn", "")
- s3_bucket_id = lookup(var.event, "s3_bucket_id", "")
+}
+
+module "lambda_event_source" {
+ source = "app.terraform.io/bankrate/lambda-event-source/aws"
+ version = "~> 2.0"
+
+ # Enablement
+ enable = var.enable && (lookup(var.architecture, "ddb_trigger", false) || lookup(var.architecture, "sqs_trigger", false) || lookup(var.architecture, "kinesis_trigger", false))
+
+ lambda_function_arn = module.lambda.arn
+ lambda_role_name = module.lambda.iam_role_name
+ event_source_arn = var.event_source_arn
+ event_source_type = var.event_trigger_type
}
resource "aws_cloudwatch_log_group" "lambda" {
- name = "/aws/lambda/${module.lambda.function_name}"
+ name = "/aws/lambda/${module.lambda.name}"
retention_in_days = var.log_retention_in_days
}
@@ -73,12 +100,6 @@ resource "aws_cloudwatch_log_subscription_filter" "cloudwatch_logs_to_es" {
distribution = "ByLogStream"
}
-data "aws_region" "current" {
-}
-
-data "aws_caller_identity" "current" {
-}
-
data "aws_iam_policy_document" "ssm_policy_document" {
count = length(var.ssm_parameter_names)
@@ -96,14 +117,14 @@ data "aws_iam_policy_document" "ssm_policy_document" {
resource "aws_iam_policy" "ssm_policy" {
count = length(var.ssm_parameter_names)
- name = "${module.lambda.function_name}-ssm-${count.index}"
- description = "Provides minimum Parameter Store permissions for ${module.lambda.function_name}."
+ name = "${module.lambda.name}-ssm-${count.index}"
+ description = "Provides minimum Parameter Store permissions for ${module.lambda.name}."
policy = data.aws_iam_policy_document.ssm_policy_document[count.index].json
}
resource "aws_iam_role_policy_attachment" "ssm_policy_attachment" {
count = length(var.ssm_parameter_names)
- role = module.lambda.role_name
+ role = module.lambda.iam_role_name
policy_arn = aws_iam_policy.ssm_policy[count.index].arn
}
@@ -121,14 +142,19 @@ data "aws_iam_policy_document" "kms_policy_document" {
resource "aws_iam_policy" "kms_policy" {
count = var.kms_key_arn != "" ? 1 : 0
- name = "${module.lambda.function_name}-kms"
- description = "Provides minimum KMS permissions for ${module.lambda.function_name}."
+ name = "${module.lambda.name}-kms"
+ description = "Provides minimum KMS permissions for ${module.lambda.name}."
policy = data.aws_iam_policy_document.kms_policy_document.json
}
resource "aws_iam_role_policy_attachment" "kms_policy_attachment" {
count = var.kms_key_arn != "" ? 1 : 0
- role = module.lambda.role_name
+ role = module.lambda.iam_role_name
policy_arn = aws_iam_policy.kms_policy[count.index].arn
}
+resource "aws_lambda_function_url" "lambda_url" {
+ count = var.enable && lookup(var.architecture, "function_url", false) ? 1 : 0
+ function_name = module.lambda.arn
+ authorization_type = var.authorization_type
+}
\ No newline at end of file
diff --git a/modules/event/cloudwatch-scheduled-event/main.tf b/modules/event/cloudwatch-scheduled-event/main.tf
deleted file mode 100644
index 14f260a..0000000
--- a/modules/event/cloudwatch-scheduled-event/main.tf
+++ /dev/null
@@ -1,20 +0,0 @@
-resource "aws_lambda_permission" "cloudwatch" {
- count = var.enable ? 1 : 0
- statement_id = "AllowExecutionFromCloudWatch"
- action = "lambda:InvokeFunction"
- function_name = var.lambda_function_arn
- principal = "events.amazonaws.com"
- source_arn = aws_cloudwatch_event_rule.lambda[count.index].arn
-}
-
-resource "aws_cloudwatch_event_rule" "lambda" {
- count = var.enable ? 1 : 0
- schedule_expression = var.schedule_expression
-}
-
-resource "aws_cloudwatch_event_target" "lambda" {
- count = var.enable ? 1 : 0
- rule = aws_cloudwatch_event_rule.lambda[count.index].name
- arn = var.lambda_function_arn
-}
-
diff --git a/modules/event/cloudwatch-scheduled-event/variables.tf b/modules/event/cloudwatch-scheduled-event/variables.tf
deleted file mode 100644
index 73b962e..0000000
--- a/modules/event/cloudwatch-scheduled-event/variables.tf
+++ /dev/null
@@ -1,14 +0,0 @@
-variable "enable" {
- description = "Conditionally enables this module (and all it's ressources)."
- type = bool
- default = false
-}
-
-variable "lambda_function_arn" {
- description = "The Amazon Resource Name (ARN) identifying the Lambda Function trigger by CloudWatch"
-}
-
-variable "schedule_expression" {
- description = "Scheduling expression for triggering the Lambda Function using CloudWatch events. For example, cron(0 20 * * ? *) or rate(5 minutes)."
-}
-
diff --git a/modules/event/cloudwatch-scheduled-event/versions.tf b/modules/event/cloudwatch-scheduled-event/versions.tf
deleted file mode 100644
index ac97c6a..0000000
--- a/modules/event/cloudwatch-scheduled-event/versions.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-
-terraform {
- required_version = ">= 0.12"
-}
diff --git a/modules/event/dynamodb/main.tf b/modules/event/dynamodb/main.tf
deleted file mode 100644
index 0077b1c..0000000
--- a/modules/event/dynamodb/main.tf
+++ /dev/null
@@ -1,41 +0,0 @@
-data "aws_region" "current" {
-}
-
-data "aws_caller_identity" "current" {
-}
-
-resource "aws_lambda_event_source_mapping" "stream_source" {
- count = var.enable ? 1 : 0
- event_source_arn = var.stream_event_source_arn
- function_name = var.function_name
- starting_position = var.stream_starting_position
-}
-
-data "aws_iam_policy_document" "stream_policy_document" {
- statement {
- actions = [
- "dynamodb:DescribeStream",
- "dynamodb:GetShardIterator",
- "dynamodb:GetRecords",
- "dynamodb:ListStreams",
- ]
-
- resources = [
- "arn:aws:dynamodb:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:table/${var.table_name}/stream/*",
- ]
- }
-}
-
-resource "aws_iam_policy" "stream_policy" {
- count = var.enable ? 1 : 0
- name = "${var.function_name}-stream-consumer"
- description = "Provides minimum DynamoDb stream processing permissions for ${var.function_name}."
- policy = data.aws_iam_policy_document.stream_policy_document.json
-}
-
-resource "aws_iam_role_policy_attachment" "stream_policy_attachment" {
- count = var.enable ? 1 : 0
- role = var.iam_role_name
- policy_arn = aws_iam_policy.stream_policy[count.index].arn
-}
-
diff --git a/modules/event/dynamodb/variables.tf b/modules/event/dynamodb/variables.tf
deleted file mode 100644
index d8fac6d..0000000
--- a/modules/event/dynamodb/variables.tf
+++ /dev/null
@@ -1,31 +0,0 @@
-variable "enable" {
- description = "Conditionally enables this module (and all it's ressources)."
- type = bool
- default = false
-}
-
-variable "iam_role_name" {
- description = "The name of the IAM role to attach stream policy configuration."
- default = ""
-}
-
-variable "function_name" {
- description = "The name or the ARN of the Lambda function that will be subscribing to events. "
- default = ""
-}
-
-variable "stream_event_source_arn" {
- description = "Event source ARN of a DynamoDB stream."
- default = ""
-}
-
-variable "stream_starting_position" {
- description = "The position in the stream where AWS Lambda should start reading. Must be one of either TRIM_HORIZON or LATEST. Defaults to TRIM_HORIZON."
- default = "TRIM_HORIZON"
-}
-
-variable "table_name" {
- description = "The name of the DynamoDb table providing the stream."
- default = ""
-}
-
diff --git a/modules/event/dynamodb/versions.tf b/modules/event/dynamodb/versions.tf
deleted file mode 100644
index ac97c6a..0000000
--- a/modules/event/dynamodb/versions.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-
-terraform {
- required_version = ">= 0.12"
-}
diff --git a/modules/event/s3/main.tf b/modules/event/s3/main.tf
deleted file mode 100644
index 8ee0176..0000000
--- a/modules/event/s3/main.tf
+++ /dev/null
@@ -1,8 +0,0 @@
-resource "aws_lambda_permission" "allow_bucket" {
- count = var.enable ? 1 : 0
- action = "lambda:InvokeFunction"
- function_name = var.lambda_function_arn
- principal = "s3.amazonaws.com"
- statement_id = "AllowExecutionFromS3Bucket"
- source_arn = var.s3_bucket_arn
-}
diff --git a/modules/event/s3/variables.tf b/modules/event/s3/variables.tf
deleted file mode 100644
index b5ed117..0000000
--- a/modules/event/s3/variables.tf
+++ /dev/null
@@ -1,27 +0,0 @@
-# ---------------------------------------------------------------------------------------------------------------------
-# REQUIRED PARAMETERS
-# You must provide a value for each of these parameters.
-# ---------------------------------------------------------------------------------------------------------------------
-
-variable "lambda_function_arn" {
- description = "The Amazon Resource Name (ARN) identifying the Lambda Function triggered by S3"
-}
-
-variable "s3_bucket_arn" {
- description = "The ARN of the bucket."
-}
-
-variable "s3_bucket_id" {
- description = "The name of the bucket."
-}
-
-# ---------------------------------------------------------------------------------------------------------------------
-# OPTIONAL PARAMETERS
-# These parameters have reasonable defaults.
-# ---------------------------------------------------------------------------------------------------------------------
-
-variable "enable" {
- description = "Conditionally enables this module (and all it's ressources)."
- type = bool
- default = false
-}
diff --git a/modules/event/s3/versions.tf b/modules/event/s3/versions.tf
deleted file mode 100644
index ac97c6a..0000000
--- a/modules/event/s3/versions.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-
-terraform {
- required_version = ">= 0.12"
-}
diff --git a/modules/event/sns/main.tf b/modules/event/sns/main.tf
deleted file mode 100644
index c0a4e31..0000000
--- a/modules/event/sns/main.tf
+++ /dev/null
@@ -1,15 +0,0 @@
-resource "aws_lambda_permission" "sns" {
- count = var.enable ? 1 : 0
- action = "lambda:InvokeFunction"
- function_name = var.function_name
- principal = "sns.amazonaws.com"
- statement_id = "AllowSubscriptionToSNS"
- source_arn = var.topic_arn
-}
-
-resource "aws_sns_topic_subscription" "subscription" {
- count = var.enable ? 1 : 0
- endpoint = var.endpoint
- protocol = "lambda"
- topic_arn = var.topic_arn
-}
diff --git a/modules/event/sns/variables.tf b/modules/event/sns/variables.tf
deleted file mode 100644
index 8702771..0000000
--- a/modules/event/sns/variables.tf
+++ /dev/null
@@ -1,18 +0,0 @@
-variable "enable" {
- description = "Conditionally enables this module (and all it's ressources)."
- type = bool
- default = false
-}
-
-variable "endpoint" {
- description = "The endpoint to send data to (ARN of the Lambda function)"
-}
-
-variable "function_name" {
- description = "Name of the Lambda function whose resource policy should be allowed to subscribe to SNS topics."
-}
-
-variable "topic_arn" {
- description = "The ARN of the SNS topic to subscribe to"
-}
-
diff --git a/modules/event/sns/versions.tf b/modules/event/sns/versions.tf
deleted file mode 100644
index ac97c6a..0000000
--- a/modules/event/sns/versions.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-
-terraform {
- required_version = ">= 0.12"
-}
diff --git a/modules/lambda/README.md b/modules/lambda/README.md
deleted file mode 100644
index 303135b..0000000
--- a/modules/lambda/README.md
+++ /dev/null
@@ -1,21 +0,0 @@
-# Lambda Module
-
-Terraform module to create AWS [Lambda](https://www.terraform.io/docs/providers/aws/r/lambda_function.html) resources with IAM role configuration and VPC support.
-
-## How to use this module
-
-Configure the Lambda function with all required variables:
-
-```
-provider "aws" {
- region = "eu-west-1"
-}
-
-module "lambda" {
- source = "spring-media/lambda/aws//modules/lambda"
- filename = "my-package.zip"
- function_name = "my-function"
- handler = "my-handler"
- runtime = "go1.x"
-}
-```
diff --git a/modules/lambda/main.tf b/modules/lambda/main.tf
deleted file mode 100644
index 05213c9..0000000
--- a/modules/lambda/main.tf
+++ /dev/null
@@ -1,57 +0,0 @@
-resource "aws_lambda_function" "lambda" {
- description = var.description
- dynamic "environment" {
- for_each = length(var.environment) < 1 ? [] : [var.environment]
- content {
- variables = environment.value.variables
- }
- }
- filename = var.filename
- function_name = var.function_name
- handler = var.handler
- memory_size = var.memory_size
- publish = var.publish
- reserved_concurrent_executions = var.reserved_concurrent_executions
- role = aws_iam_role.lambda.arn
- runtime = var.runtime
- source_code_hash = filebase64sha256(var.filename)
- tags = var.tags
- timeout = var.timeout
-
- dynamic "vpc_config" {
- for_each = length(var.vpc_config) < 1 ? [] : [var.vpc_config]
- content {
- security_group_ids = vpc_config.value.security_group_ids
- subnet_ids = vpc_config.value.subnet_ids
- }
- }
-}
-
-data "aws_iam_policy_document" "assume_role_policy" {
- statement {
- actions = ["sts:AssumeRole"]
-
- principals {
- type = "Service"
- identifiers = ["lambda.amazonaws.com"]
- }
- }
-}
-
-resource "aws_iam_role" "lambda" {
- name = var.function_name
- assume_role_policy = data.aws_iam_policy_document.assume_role_policy.json
-}
-
-resource "aws_iam_role_policy_attachment" "cloudwatch_logs" {
- role = aws_iam_role.lambda.name
- policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
-}
-
-resource "aws_iam_role_policy_attachment" "vpc_attachment" {
- count = length(var.vpc_config) < 1 ? 0 : 1
- role = aws_iam_role.lambda.name
-
- // see https://docs.aws.amazon.com/lambda/latest/dg/vpc.html
- policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
-}
diff --git a/modules/lambda/outputs.tf b/modules/lambda/outputs.tf
deleted file mode 100644
index d27f64b..0000000
--- a/modules/lambda/outputs.tf
+++ /dev/null
@@ -1,20 +0,0 @@
-output "arn" {
- description = "The Amazon Resource Name (ARN) identifying your Lambda Function."
- value = aws_lambda_function.lambda.arn
-}
-
-output "function_name" {
- description = "The unique name of your Lambda Function."
- value = aws_lambda_function.lambda.function_name
-}
-
-output "invoke_arn" {
- description = "The ARN to be used for invoking Lambda Function from API Gateway - to be used in aws_api_gateway_integration's uri"
- value = aws_lambda_function.lambda.invoke_arn
-}
-
-output "role_name" {
- description = "The name of the IAM attached to the Lambda Function."
- value = aws_iam_role.lambda.name
-}
-
diff --git a/modules/lambda/variables.tf b/modules/lambda/variables.tf
deleted file mode 100644
index dfca659..0000000
--- a/modules/lambda/variables.tf
+++ /dev/null
@@ -1,69 +0,0 @@
-# ---------------------------------------------------------------------------------------------------------------------
-# REQUIRED PARAMETERS
-# You must provide a value for each of these parameters.
-# ---------------------------------------------------------------------------------------------------------------------
-
-variable "filename" {
- description = "The path to the function's deployment package within the local filesystem."
-}
-
-variable "function_name" {
- description = "A unique name for your Lambda Function."
-}
-
-variable "handler" {
- description = "The function entrypoint in your code."
-}
-
-variable "runtime" {
- description = "The runtime environment for the Lambda function you are uploading."
-}
-
-# ---------------------------------------------------------------------------------------------------------------------
-# OPTIONAL PARAMETERS
-# These parameters have reasonable defaults.
-# ---------------------------------------------------------------------------------------------------------------------
-
-variable "description" {
- description = "Description of what your Lambda Function does."
- default = ""
-}
-
-variable "environment" {
- description = "Environment (e.g. env variables) configuration for the Lambda function enable you to dynamically pass settings to your function code and libraries"
- type = map(map(string))
- default = {}
-}
-
-variable "memory_size" {
- description = "Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128."
- default = 128
-}
-
-variable "publish" {
- description = "Whether to publish creation/change as new Lambda Function Version. Defaults to false."
- default = false
-}
-
-variable "reserved_concurrent_executions" {
- description = "The amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1."
- default = "-1"
-}
-
-variable "tags" {
- description = "A mapping of tags to assign to the Lambda function."
- type = map(string)
- default = {}
-}
-
-variable "timeout" {
- description = "The amount of time your Lambda Function has to run in seconds. Defaults to 3."
- default = 3
-}
-
-variable "vpc_config" {
- description = "Provide this to allow your function to access your VPC (if both 'subnet_ids' and 'security_group_ids' are empty then vpc_config is considered to be empty or unset, see https://docs.aws.amazon.com/lambda/latest/dg/vpc.html for details)."
- type = map(list(string))
- default = {}
-}
-
diff --git a/modules/lambda/versions.tf b/modules/lambda/versions.tf
deleted file mode 100644
index ac97c6a..0000000
--- a/modules/lambda/versions.tf
+++ /dev/null
@@ -1,4 +0,0 @@
-
-terraform {
- required_version = ">= 0.12"
-}
diff --git a/outputs.tf b/outputs.tf
index 8eff1b9..d2533a8 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -1,8 +1,13 @@
+
output "arn" {
description = "The Amazon Resource Name (ARN) identifying your Lambda Function."
value = module.lambda.arn
}
-
+output "aws_lambda_function_url" {
+ description = "The unique url to invoke your lambda function"
+ value = var.enable && lookup(var.architecture, "function_url", false) ? aws_lambda_function_url.lambda_url[0].function_url : null
+}
+/*
output "function_name" {
description = "The unique name of your Lambda Function."
value = module.lambda.function_name
@@ -12,9 +17,8 @@ output "invoke_arn" {
description = "The ARN to be used for invoking Lambda Function from API Gateway - to be used in aws_api_gateway_integration's uri"
value = module.lambda.invoke_arn
}
-
+*/
output "role_name" {
description = "The name of the IAM role attached to the Lambda Function."
- value = module.lambda.role_name
-}
-
+ value = aws_iam_role.lambda.name
+}
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index 16c8626..33d1afd 100644
--- a/variables.tf
+++ b/variables.tf
@@ -1,13 +1,57 @@
+## optional vars for RV modules should default but be exposed
+variable "enable_newrelic" {
+ type = bool
+ description = "(optional) describe your variable"
+ default = false
+}
+
+#
+## Enablement and Architecture Toggles
+###
+variable "enable" {
+ description = "is a trigger enables true or false"
+ type = bool
+ default = true
+}
+
+variable architecture {
+ description = "Triggers are not required. Chose one trigger, if any, to use with lambda. If one is true, all others must be false."
+ type = object({
+ cloudwatch_trigger = bool
+ s3_trigger = bool
+ ddb_trigger = bool
+ function_url = bool
+ sqs_trigger = bool
+ kinesis_trigger = bool
+ })
+
+ default = {
+ cloudwatch_trigger = false
+ s3_trigger = false
+ ddb_trigger = false
+ function_url = false
+ sqs_trigger = false
+ kinesis_trigger = false
+ }
+}
+
+variable "event_trigger_type" {
+ default = "dynamodb"
+ description = ""
+ type = string
+
+ validation {
+ condition = contains(["dynamodb", "sqs", "kinesis"], var.event_trigger_type)
+ error_message = "Must be a dynamodb, sqs and or a kinesis event."
+ }
+}
+
# ---------------------------------------------------------------------------------------------------------------------
# REQUIRED PARAMETERS
# You must provide a value for each of these parameters.
# ---------------------------------------------------------------------------------------------------------------------
-variable "filename" {
- description = "The path to the function's deployment package within the local filesystem."
-}
-
-variable "function_name" {
+variable "name" {
description = "A unique name for your Lambda Function."
}
@@ -15,26 +59,85 @@ variable "handler" {
description = "The function entrypoint in your code."
}
+variable "project" {
+ description = "Name of the project this falls under."
+}
+
+variable "service" {
+ description = "Name of the service this is used in."
+}
+
+variable "owner" {
+ description = "Name of the owner or vertical this belongs to."
+}
+
+variable "team_name" {
+ description = "Name of the team this belongs to."
+}
+
+variable "resource_allocation" {
+ description = "Name of the project this falls under."
+ default = "low"
+}
+
+variable "vpc_tag_key_override" {
+ description = "override of vpc tag"
+ type = string
+ default = "PrimaryVPC"
+}
# ---------------------------------------------------------------------------------------------------------------------
# OPTIONAL PARAMETERS
# These parameters have reasonable defaults.
# ---------------------------------------------------------------------------------------------------------------------
+variable "filename" {
+ description = "The path to the function's deployment package within the local filesystem. Empty string (psuedo-null) is here to satisfy the underlying interface."
+ default = ""
+}
+
variable "description" {
description = "Description of what your Lambda Function does."
default = ""
}
variable "environment" {
- description = "Environment (e.g. env variables) configuration for the Lambda function enable you to dynamically pass settings to your function code and libraries"
+ description = "Environment for the resouces"
+ type = string
+}
+
+variable "env_vars" {
+ description = "Environment variables in map(map(string))"
type = map(map(string))
default = {}
}
+variable "schedule_expression" {
+ description = "value"
+ type = string
+ default = "rate(1 minute)"
+}
-variable "event" {
- description = "Event source configuration which triggers the Lambda function. Supported events: cloudwatch-scheduled-event, dynamodb, s3, sns"
- type = map(string)
- default = {}
+variable "bucket_arn" {
+ description = "value"
+ type = string
+ default = ""
+}
+
+variable "bucket_id" {
+ description = "value"
+ type = string
+ default = ""
+}
+
+variable "event_source_arn" {
+ description = "value"
+ type = string
+ default = ""
+}
+
+variable "table_name" {
+ description = "value"
+ type = string
+ default = ""
}
variable "kms_key_arn" {
@@ -88,8 +191,36 @@ variable "timeout" {
default = 3
}
-variable "vpc_config" {
- description = "Provide this to allow your function to access your VPC (if both 'subnet_ids' and 'security_group_ids' are empty then vpc_config is considered to be empty or unset, see https://docs.aws.amazon.com/lambda/latest/dg/vpc.html for details)."
- type = map(list(string))
- default = {}
+variable "create_in_vpc" {
+ description = "By default this is set to true. If you don't want to create the lambda in a VPC then this should be set to false"
+ type = bool
+ default = true
+}
+
+variable "create_default_sg" {
+ description = "By default creates a security group that's unique to your lambda, meaning that every lambda you create with this module will use its own set of ENIs"
+ type = bool
+ default = false
}
+variable "security_groups" {
+ description = "security groups"
+ type = list(string)
+ default = []
+}
+
+variable "layers" {
+ description = "List of Lambda Layer Version ARNs (maximum of 5) to attach to your Lambda Function. See [Lambda Layers](https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)"
+ type = list(string)
+ default = []
+}
+
+variable "authorization_type" {
+ description = "The type of authentication that the function URL uses. Defaults to AWS_IAM which restricts access to authenticated users. Use NONE to allow public unauthenticated users invoke your lambda"
+ type = string
+ default = "AWS_IAM"
+
+ validation {
+ condition = contains(["AWS_IAM", "NONE"], var.authorization_type)
+ error_message = "Authorization type must be either `AWS_IAM` || `NONE`."
+ }
+}
\ No newline at end of file
diff --git a/versions.tf b/versions.tf
index ac97c6a..efc72f7 100644
--- a/versions.tf
+++ b/versions.tf
@@ -1,4 +1,9 @@
-
terraform {
- required_version = ">= 0.12"
+ required_version = ">= 1.0"
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = ">=4.0"
+ }
+ }
}