Snow Storm DanielDaCosta

## private_ec2.tf
resource "aws_instance" "private_server" {
  ami                         = var.image_ami
  associate_public_ip_address = false
  disable_api_termination     = true
  instance_type               = var.instance_type
  key_name                    = var.key_name
  vpc_security_group_ids      = [aws_security_group.private_sg.id]
  subnet_id                   = element(tolist(data.aws_subnet_ids.private.ids), 0)
  iam_instance_profile        = aws_iam_instance_profile.ec2_instance_profile.name

## lambda_alarm.py
import sys
sys.path.insert(0, 'package/')
import json
import requests
import os
import logging
logger = logging.getLogger()
logger.setLevel(logging.INFO)


## sns.tf
resource "aws_sns_topic" "sns_alarms" {
  name = "${local.name_dash}-sns-alarms"

  tags = {
    Product = local.name_dash
  }
}

resource "aws_sns_topic_subscription" "lambda_alarm" {
  topic_arn = aws_sns_topic.sns_alarms.arn

## local_dimensions.tf
locals {
  name_dash = "${var.name}-${var.environment}"
  # Lambda with Alarms
  alarms_dimensions = {
    "${var.name}-${var.environment}-lambda-1" = {
      FunctionName = "${var.name}-${var.environment}-lambda-1"
    },
    "lambda-2" = {
      FunctionName = "lambda-y"
    },

## cloudwatch_alarms.tf
resource "aws_cloudwatch_metric_alarm" "lambda_alarm" {
  for_each = length(keys(local.alarms_dimensions)) > 0 ? local.alarms_dimensions : {}

  alarm_name                = "${each.key}-alarm"
  comparison_operator       = "GreaterThanThreshold"
  evaluation_periods        = 1
  metric_name               = "Errors"
  namespace                 = "AWS/Lambda"
  period                    = "60"
  statistic                 = "Sum"

## gitlab_deploy.json
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "VisualEditor0",
            "Effect": "Allow",
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::lambda-zip-code/*"
        }
    ]

## .gitlab-ci.yml
image: "python:3.7"

.packages: &package
  stage: deploy
  before_script:
    - apt-get update -y
    - apt-get install zip
    - pip install awscli
    - pip install -r lambda/requirements.txt -t /lambda/package

## lambda_sms.tf
data "aws_s3_bucket_object" "lambda_sms" {
  bucket = var.s3_bucket
  key    = "lambda-sms.zip"
}

module "lambda_sms" {
  source = "git@github.com:DanielDaCosta/lambda-module.git" # Path to your lambda-module

  lambda_name             = var.lambda_sms
  s3_bucket               = var.s3_bucket

## lambda_sqs.tf
resource "aws_lambda_permission" "allows_sqs_to_trigger_lambda" {
  statement_id  = "AllowExecutionFromSQS"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.lambda_sqs.function_name
  principal     = "sqs.amazonaws.com"
  source_arn    = aws_sqs_queue.queue.arn
}

# Trigger lambda on message to SQS
resource "aws_lambda_event_source_mapping" "event_source_mapping" {

## lambda.tf
data "archive_file" "lambda_with_dependencies" {
  source_dir  = "lambda/"
  output_path = "lambda/${local.app_name}-${var.lambda_name}.zip"
  type        = "zip"
}

resource "aws_lambda_function" "lambda_sqs" {
  function_name    = "${local.app_name}-${var.lambda_name}"
  handler          = "handler.lambda_handler"
  role             = aws_iam_role.lambda_exec_role.arn
	resource "aws_instance" "private_server" {
	ami = var.image_ami
	associate_public_ip_address = false
	disable_api_termination = true
	instance_type = var.instance_type
	key_name = var.key_name
	vpc_security_group_ids = [aws_security_group.private_sg.id]
	subnet_id = element(tolist(data.aws_subnet_ids.private.ids), 0)
	iam_instance_profile = aws_iam_instance_profile.ec2_instance_profile.name
	import sys
	sys.path.insert(0, 'package/')
	import json
	import requests
	import os
	import logging
	logger = logging.getLogger()
	logger.setLevel(logging.INFO)
	resource "aws_sns_topic" "sns_alarms" {
	name = "${local.name_dash}-sns-alarms"

	tags = {
	Product = local.name_dash
	}
	}

	resource "aws_sns_topic_subscription" "lambda_alarm" {
	topic_arn = aws_sns_topic.sns_alarms.arn
	locals {
	name_dash = "${var.name}-${var.environment}"
	# Lambda with Alarms
	alarms_dimensions = {
	"${var.name}-${var.environment}-lambda-1" = {
	FunctionName = "${var.name}-${var.environment}-lambda-1"
	},
	"lambda-2" = {
	FunctionName = "lambda-y"
	},
	resource "aws_cloudwatch_metric_alarm" "lambda_alarm" {
	for_each = length(keys(local.alarms_dimensions)) > 0 ? local.alarms_dimensions : {}

	alarm_name = "${each.key}-alarm"
	comparison_operator = "GreaterThanThreshold"
	evaluation_periods = 1
	metric_name = "Errors"
	namespace = "AWS/Lambda"
	period = "60"
	statistic = "Sum"
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Sid": "VisualEditor0",
	"Effect": "Allow",
	"Action": "s3:PutObject",
	"Resource": "arn:aws:s3:::lambda-zip-code/*"
	}
	]
	image: "python:3.7"

	.packages: &package
	stage: deploy
	before_script:
	- apt-get update -y
	- apt-get install zip
	- pip install awscli
	- pip install -r lambda/requirements.txt -t /lambda/package
	data "aws_s3_bucket_object" "lambda_sms" {
	bucket = var.s3_bucket
	key = "lambda-sms.zip"
	}

	module "lambda_sms" {
	source = "git@github.com:DanielDaCosta/lambda-module.git" # Path to your lambda-module

	lambda_name = var.lambda_sms
	s3_bucket = var.s3_bucket
	resource "aws_lambda_permission" "allows_sqs_to_trigger_lambda" {
	statement_id = "AllowExecutionFromSQS"
	action = "lambda:InvokeFunction"
	function_name = aws_lambda_function.lambda_sqs.function_name
	principal = "sqs.amazonaws.com"
	source_arn = aws_sqs_queue.queue.arn
	}

	# Trigger lambda on message to SQS
	resource "aws_lambda_event_source_mapping" "event_source_mapping" {
	data "archive_file" "lambda_with_dependencies" {
	source_dir = "lambda/"
	output_path = "lambda/${local.app_name}-${var.lambda_name}.zip"
	type = "zip"
	}

	resource "aws_lambda_function" "lambda_sqs" {
	function_name = "${local.app_name}-${var.lambda_name}"
	handler = "handler.lambda_handler"
	role = aws_iam_role.lambda_exec_role.arn