v0.6.4

albumprinter · May 3, 2017 · cd257ab · cd257ab
1 parent 10d4ab6
commit cd257ab
Show file tree

Hide file tree

Showing 13 changed files with 216 additions and 16 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,6 +6,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 
 ## [Unreleased]
 
+## [0.6.4] - 2017-05-03
+### Changed
+- Renamed improperly named file in the elasticache_redis module
+- Updated main.tf in all modules to follow the same structure
+- Added iam role arn output for all the lambda modules
+#### Added
+- added plain lambda function module
+
 ## [0.6.3] - 2017-04-21
 ### Added
 - Added variable for overriding the destruction of the rds resource flag protection
@@ -131,7 +139,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
 ### Added
 - Initial commit
 
-[Unreleased]: https://github.com/albumprinter/eops_tf_modules/compare/v0.6.3..HEAD
+[Unreleased]: https://github.com/albumprinter/eops_tf_modules/compare/v0.6.4..HEAD
+[0.6.3]: https://github.com/albumprinter/eops_tf_modules/compare/v0.6.3...v0.6.4
 [0.6.3]: https://github.com/albumprinter/eops_tf_modules/compare/v0.6.2...v0.6.3
 [0.6.2]: https://github.com/albumprinter/eops_tf_modules/compare/v0.6.1...v0.6.2
 [0.6.1]: https://github.com/albumprinter/eops_tf_modules/compare/v0.6.0...v0.6.1

diff --git a/apps/elasticache_redis/ecs.tf → apps/elasticache_redis/redis.tf b/apps/elasticache_redis/ecs.tf → apps/elasticache_redis/redis.tf
diff --git a/apps/lambda_function/README.md b/apps/lambda_function/README.md
@@ -0,0 +1,22 @@
+# Description
+An example terraform module to build simple application as aws lambda function triggered by cloudwatch event scheduleder.
+
+## Code Example
+
+```hcl-terraform
+module "lambda_app" {
+  source = "git@github.com:albumprinter/eops_tf_modules.git//apps/lambda_function_scheduled??ref={TAG_VERSION}" # for eg. {TAG_VERSION} = v0.3.0
+  app_name = "sample_lambda_app_name"
+  description = "Description for this sample app"
+  handler = "myHandler"
+  filename = "filename.zip"
+  schedule_expression = "rate(5 minutes)" // optional For example, "rate(5 minutes)" or "cron(0 20 * * ? *)"
+  environment = ""
+  variables = "" // optional
+  runtime = "dotnetcore1.0" // optional default:nodejs | nodejs4.3 | java8 | python2.7 | dotnetcore1.0 | nodejs4.3-edge
+  memory_size = "128" //optional
+  timeout = "3" // optional 
+  enabled = 1 // optional avail options: 1 | 0
+  private = false // optional
+}
+```
diff --git a/apps/lambda_function/lambda.tf b/apps/lambda_function/lambda.tf
@@ -0,0 +1,41 @@
+resource "aws_lambda_function" "app" {
+  function_name = "${var.app_name}"
+  description = "${var.description}"
+  role = "${aws_iam_role.iam_for_app.arn}"
+  s3_bucket = "cd-pipeline-${var.tags_team}-${var.account_type}"
+  s3_key = "builds/lambda/${var.app_name}.zip"
+  //  s3_object_version = "$LATEST"
+  handler = "${var.handler}"
+  runtime = "${var.runtime}"
+  memory_size = "${var.memory_size}"
+  timeout = "${var.timeout}"
+  environment {
+    variables = "${var.variables}"
+  }
+  count            = "${var.enabled}"
+}
+
+resource "aws_iam_role" "iam_for_app" {
+  name = "${var.app_name}"
+  assume_role_policy = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "lambda.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy" "iam_policy_for_app" {
+  name = "${var.app_name}"
+  role = "${aws_iam_role.iam_for_app.id}"
+  policy = "${var.iam_policy_document}"
+}
diff --git a/apps/lambda_function/main.tf b/apps/lambda_function/main.tf
@@ -0,0 +1,10 @@
+provider "aws" {
+  region = "${var.region}"
+//  profile = "eops-sandbox"
+}
+
+module "aws_core_data" {
+  source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
+  // For local development use instead:
+  //  source = "../../data_providers/aws_account_core_data"
+}
diff --git a/apps/lambda_function/outputs.tf b/apps/lambda_function/outputs.tf
@@ -0,0 +1,7 @@
+output "lambda_arn" {
+  value = "${aws_lambda_function.app.arn}"
+}
+
+output "iam_role_arn" {
+  value = "${aws_iam_role.iam_for_app.arn}"
+}
diff --git a/apps/lambda_function/variables.tf b/apps/lambda_function/variables.tf
@@ -0,0 +1,111 @@
+variable "region" {
+  default = "eu-west-1"
+}
+variable "account_type" {
+  default = "sandbox"
+}
+variable "tags_business_unit" {
+  default = "Albumprinter"
+}
+variable "tags_cost_center" {
+  default = "CC443100"
+}
+variable "tags_team" {}
+variable "tags_purpose" {
+  default = ""
+}
+variable "description" {}
+variable "app_name" {}
+
+variable "runtime" {
+  default = "nodejs4.3"
+}
+variable "handler" {
+  default = "exports.handler"
+}
+variable "environment" {}
+variable "variables" {
+  type = "map"
+  default = {
+    ENCODING="utf-8"
+//    SUMO_ENDPOINT=""
+//    SOURCE_CATEGORY_OVERRIDE=""
+//    SOURCE_HOST_OVERRIDE=""
+//    SOURCE_NAME_OVERRIDE=""
+  }
+}
+
+variable "memory_size" {
+  default = "128"
+}
+variable "timeout" {
+  default = "3"
+}
+variable "enabled" {
+  default = 1
+}
+
+variable "iam_policy_document" {
+  default =<<EOF
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "logs:CreateLogGroup",
+                "logs:CreateLogStream",
+                "logs:PutLogEvents",
+                "ec2:CreateNetworkInterface",
+                "ec2:DescribeNetworkInterfaces",
+                "ec2:DeleteNetworkInterface",
+                "cloudwatch:*",
+                "cognito-identity:ListIdentityPools",
+                "cognito-sync:GetCognitoEvents",
+                "cognito-sync:SetCognitoEvents",
+                "dynamodb:*",
+                "events:*",
+                "iam:ListAttachedRolePolicies",
+                "iam:ListRolePolicies",
+                "iam:ListRoles",
+                "iam:PassRole",
+                "kinesis:DescribeStream",
+                "kinesis:ListStreams",
+                "kinesis:PutRecord",
+                "lambda:*",
+                "logs:*",
+                "s3:*",
+                "sns:ListSubscriptions",
+                "sns:ListSubscriptionsByTopic",
+                "sns:ListTopics",
+                "sns:Subscribe",
+                "sns:Unsubscribe",
+                "sns:Publish",
+                "sqs:ListQueues",
+                "sqs:SendMessage",
+                "kms:ListAliases",
+                "ec2:DescribeVpcs",
+                "ec2:DescribeSubnets",
+                "ec2:DescribeSecurityGroups",
+                "iot:GetTopicRule",
+                "iot:ListTopicRules",
+                "iot:CreateTopicRule",
+                "iot:ReplaceTopicRule",
+                "iot:AttachPrincipalPolicy",
+                "iot:AttachThingPrincipal",
+                "iot:CreateKeysAndCertificate",
+                "iot:CreatePolicy",
+                "iot:CreateThing",
+                "iot:ListPolicies",
+                "iot:ListThings",
+                "iot:DescribeEndpoint",
+                "ec2:CreateNetworkInterface",
+                "ec2:DescribeNetworkInterfaces",
+                "ec2:DeleteNetworkInterface"
+            ],
+            "Resource": "*"
+        }
+    ]
+}
+EOF
+}
diff --git a/apps/lambda_function_api_gateway_all_methods_passthrough/main.tf b/apps/lambda_function_api_gateway_all_methods_passthrough/main.tf
@@ -6,5 +6,4 @@ module "aws_core_data" {
   source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
   // For local development use instead:
   //  source = "../../data_providers/aws_account_core_data"
-
 }
diff --git a/apps/lambda_function_api_gateway_all_methods_passthrough/outputs.tf b/apps/lambda_function_api_gateway_all_methods_passthrough/outputs.tf
@@ -15,4 +15,7 @@ output "lambda_kms_key_arn" {
 }
 output "proxy_api_lambda_passthru_gateway_endpoint" {
   value = "https://${aws_api_gateway_deployment.app.rest_api_id}.execute-api.${var.region}.amazonaws.com/${aws_api_gateway_deployment.app.stage_name}"
+}
+output "iam_role_arn" {
+  value = "${aws_iam_role.iam_for_app.arn}"
 }
diff --git a/apps/lambda_function_scheduled/main.tf b/apps/lambda_function_scheduled/main.tf
@@ -3,13 +3,8 @@ provider "aws" {
 //  profile = "eops-sandbox"
 }
 
-//module "aws_core_data" {
-//  source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
-//}
-
-// For local development use instead:
 module "aws_core_data" {
-    source = "../../data_providers/aws_account_core_data"
-  aws_profile = "eops-sandbox"
-  terraform_bucket = "eops-sandbox"
-}
+  source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
+  // For local development use instead:
+  //  source = "../../data_providers/aws_account_core_data"
+}
diff --git a/apps/lambda_function_scheduled/outputs.tf b/apps/lambda_function_scheduled/outputs.tf
@@ -1,3 +1,6 @@
 output "lambda_arn" {
   value = "${aws_lambda_function.app.arn}"
+}
+output "iam_role_arn" {
+  value = "${aws_iam_role.iam_for_app.arn}"
 }
diff --git a/apps/lambda_function_scheduled_vpc/main.tf b/apps/lambda_function_scheduled_vpc/main.tf
@@ -4,9 +4,6 @@ provider "aws" {
 
 module "aws_core_data" {
   source = "git@github.com:albumprinter/eops_tf_modules.git//data_providers/aws_account_core_data"
+  // For local development use instead:
+  //  source = "../../data_providers/aws_account_core_data"
 }
-
-// For local development use instead:
-//module "aws_core_data" {
-//    source = "../../data_providers/aws_account_core_data"
-//}
diff --git a/apps/lambda_function_scheduled_vpc/outputs.tf b/apps/lambda_function_scheduled_vpc/outputs.tf
@@ -1,3 +1,6 @@
 output "lambda_arn" {
   value = "${aws_lambda_function.app.arn}"
+}
+output "iam_role_arn" {
+  value = "${aws_iam_role.iam_for_app.arn}"
 }