feat: added lambda function routes

clouddrove · Jul 11, 2023 · b3b36f7 · b3b36f7
1 parent 5d2ef92
commit b3b36f7
Show file tree

Hide file tree

Showing 7 changed files with 196 additions and 103 deletions.
diff --git a/_example/example.tf b/_example/example.tf
@@ -50,6 +50,42 @@ module "security_group" {
   allowed_ports = [3306]
 }
 
+module "iam-role" {
+  source  = "clouddrove/iam-role/aws"
+  version = "1.3.0"
+
+  name               = "iam-role"
+  environment        = "test"
+  label_order        = ["name", "environment"]
+  assume_role_policy = data.aws_iam_policy_document.default.json
+  policy_enabled     = true
+  policy             = data.aws_iam_policy_document.iam-policy.json
+}
+
+data "aws_iam_policy_document" "default" {
+  statement {
+    effect  = "Allow"
+    actions = ["sts:AssumeRole"]
+    principals {
+      type        = "Service"
+      identifiers = ["ec2.amazonaws.com"]
+    }
+  }
+}
+
+data "aws_iam_policy_document" "iam-policy" {
+  statement {
+    actions = [
+      "ssm:UpdateInstanceInformation",
+      "ssmmessages:CreateControlChannel",
+      "ssmmessages:CreateDataChannel",
+      "ssmmessages:OpenControlChannel",
+    "ssmmessages:OpenDataChannel"]
+    effect    = "Allow"
+    resources = ["*"]
+  }
+}
+
 module "acm" {
   source  = "clouddrove/acm/aws"
   version = "1.3.0"
@@ -59,12 +95,51 @@ module "acm" {
   label_order = ["name", "environment"]
 
   enable_aws_certificate    = true
-  domain_name               = "test-clouddrove.com"
-  subject_alternative_names = ["www.test-clouddrove.com"]
+  domain_name               = "example.cam"
+  subject_alternative_names = ["*.example.cam"]
   validation_method         = "DNS"
   enable_dns_validation     = false
 }
 
+module "lambda" {
+  source  = "clouddrove/lambda/aws"
+  version = "1.3.0"
+
+  name        = "lambda"
+  environment = "test"
+  label_order = ["name", "environment"]
+
+  enabled  = true
+  timeout  = 60
+  filename = "./lambda_packages"
+  handler  = "index.lambda_handler"
+  runtime  = "python3.8"
+  iam_actions = [
+    "logs:CreateLogStream",
+    "logs:CreateLogGroup",
+    "logs:PutLogEvents"
+  ]
+  names = [
+    "python_layer"
+  ]
+  layer_filenames = ["./lambda-test.zip"]
+  compatible_runtimes = [
+    ["python3.8"]
+  ]
+  statement_ids = [
+    "AllowExecutionFromCloudWatch"
+  ]
+  actions = [
+    "lambda:InvokeFunction"
+  ]
+  principals = [
+    "events.amazonaws.com"
+  ]
+  source_arns = [module.iam-role.arn]
+  variables = {
+    foo = "bar"
+  }
+}
 module "api_gateway" {
   source = "./../"
 
@@ -73,10 +148,41 @@ module "api_gateway" {
   label_order = ["environment", "name"]
 
   protocol_type                = "HTTP"
-  domain_name                  = "test-clouddrove.com"
+  domain_name                  = "example.cam"
   domain_name_certificate_arn  = module.acm.arn
   subnet_ids                   = tolist(module.public_subnets.public_subnet_id)
   security_group_ids           = [module.security_group.security_group_ids]
   route_selection_expression   = "$request.method $request.path"
   api_key_selection_expression = "$request.header.x-api-key"
+  cors_configuration = {
+    allow_credentials = true
+    allow_headers     = []
+    allow_methods     = ["GET", "OPTIONS", "POST"]
+    allow_origins     = []
+    expose_headers    = []
+    max_age           = 5
+  }
+  integrations = {
+
+    "ANY /" = {
+      lambda_arn             = module.lambda.arn
+      payload_format_version = "2.0"
+      timeout_milliseconds   = 12000
+    }
+
+    "GET /some-route-with-authorizer" = {
+      lambda_arn             = module.lambda.arn
+      payload_format_version = "2.0"
+      authorizer_key         = "cognito"
+    }
+    "POST /start-step-function" = {
+      lambda_arn             = module.lambda.arn
+      payload_format_version = "2.0"
+      authorizer_key         = "cognito"
+
+    }
+  }
+  iam_arns        = module.iam-role.arn
+  integration_uri = module.lambda.arn
+  zone_id         = "1233xxxxxxxxxxxxxxxx"
 }
diff --git a/_example/lambda-test.zip b/_example/lambda-test.zip
diff --git a/_example/lambda_packages/index.py b/_example/lambda_packages/index.py
@@ -0,0 +1,14 @@
+import os
+import json
+
+def lambda_handler(event, context):
+    json_region = os.environ['AWS_REGION']
+    return {
+        "statusCode": 200,
+        "headers": {
+            "Content-Type": "application/json"
+        },
+        "body": json.dumps({
+            "Region ": json_region
+        })
+    }
diff --git a/_example/outputs.tf b/_example/outputs.tf
@@ -13,7 +13,7 @@ output "invoke_url" {
   description = "URL to invoke the API pointing to the stage"
 }
 
-output "integration_response_selection_expression" {
-  value =  join("", module.api_gateway.*.integration_response_selection_expression)
-  description = "The integration response selection expression for the integration."
-}
+#output "integration_response_selection_expression" {
+#  value =  module.api_gateway.*.integration_response_selection_expression
+#  description = "The integration response selection expression for the integration."
+#}