configure lambda function

easyawslearn · Jul 12, 2022 · 6027c9d · 6027c9d
1 parent f0b14c3
commit 6027c9d
Show file tree

Hide file tree

Showing 5 changed files with 101 additions and 1 deletion.
diff --git a/terraform-aws-sns/example/.terraform.lock.hcl b/terraform-aws-sns/example/.terraform.lock.hcl
diff --git a/terraform-aws-sns/example/example.tf b/terraform-aws-sns/example/example.tf
@@ -8,4 +8,6 @@ module "sns_cloudwatch" {
   description = "Capture each AWS Console Sign In"
   sns_name = "mysns"
   sns_display_name = "demosns"
+  lambda_function_name = "S3cloudHub_Test_Lambda_Function"
+  lambda_function_runtime = "python3.8"
 }
diff --git a/terraform-aws-sns/main.tf b/terraform-aws-sns/main.tf
@@ -43,7 +43,7 @@ resource "aws_sns_topic_subscription" "this" {
 
   topic_arn              = join("", aws_sns_topic.this.*.arn)
   protocol               = var.subscribers[each.key].protocol
-  endpoint               = var.subscribers[each.key].endpoint
+  endpoint               = aws_lambda_function.terraform_lambda_func.arn
   endpoint_auto_confirms = var.subscribers[each.key].endpoint_auto_confirms
   raw_message_delivery   = var.subscribers[each.key].raw_message_delivery
 }
@@ -68,4 +68,65 @@ data "aws_iam_policy_document" "sns_topic_policy" {
 
     resources = [aws_sns_topic.this[count.index].arn]
   }
+}
+
+resource "aws_iam_role" "lambda_role" {
+  name               = "S3cloudHub_Test_Lambda_Function_Role"
+  assume_role_policy = <<EOF
+{
+ "Version": "2012-10-17",
+ "Statement": [
+   {
+     "Action": "sts:AssumeRole",
+     "Principal": {
+       "Service": "lambda.amazonaws.com"
+     },
+     "Effect": "Allow",
+     "Sid": ""
+   }
+ ]
+}
+EOF
+}
+resource "aws_iam_policy" "iam_policy_for_lambda" {
+
+  name        = "aws_iam_policy_for_terraform_aws_lambda_role"
+  path        = "/"
+  description = "AWS IAM Policy for managing aws lambda role"
+  policy      = <<EOF
+{
+ "Version": "2012-10-17",
+ "Statement": [
+   {
+     "Action": [
+       "logs:CreateLogGroup",
+       "logs:CreateLogStream",
+       "logs:PutLogEvents"
+     ],
+     "Resource": "arn:aws:logs:*:*:*",
+     "Effect": "Allow"
+   }
+ ]
+}
+EOF
+}
+
+resource "aws_iam_role_policy_attachment" "attach_iam_policy_to_iam_role" {
+  role       = aws_iam_role.lambda_role.name
+  policy_arn = aws_iam_policy.iam_policy_for_lambda.arn
+}
+
+data "archive_file" "zip_the_python_code" {
+  type        = "zip"
+  source_dir  = "${path.module}/python/"
+  output_path = "${path.module}/python/hello-python.zip"
+}
+
+resource "aws_lambda_function" "terraform_lambda_func" {
+  filename      = "${path.module}/python/hello-python.zip"
+  function_name = var.lambda_function_name
+  role          = aws_iam_role.lambda_role.arn
+  handler       = "index.lambda_handler"
+  runtime       = var.lambda_function_runtime
+  depends_on    = [aws_iam_role_policy_attachment.attach_iam_policy_to_iam_role]
 }
diff --git a/terraform-aws-sns/python/hello-python.py b/terraform-aws-sns/python/hello-python.py
@@ -0,0 +1,5 @@
+def lambda_handler(event, context):
+   message = 'Hello {} !'.format(event['key1'])
+   return {
+       'message' : message
+   }
diff --git a/terraform-aws-sns/variable.tf b/terraform-aws-sns/variable.tf
@@ -13,6 +13,16 @@ variable "sns_topic_policy_enabled" {
   default = true
 }
 
+variable "lambda_function_name" {
+  type = string
+  default = ""
+}
+
+variable "lambda_function_runtime" {
+  type = string
+  default = ""
+}
+
 variable "sns_display_name" {
   type    = string
   default = ""