harlow/lambda.tf

## lambda.tf
# AWS
provider "aws" {
  region   = "us-west-2"
  profile  = "myAWSProfile"
}

# IAM

## IAM Role
resource "aws_iam_role" "iam_for_lambda" {
  name = "lambda-basic-execution"

  assume_role_policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": "lambda.amazonaws.com"
      },
      "Effect": "Allow",
      "Sid": ""
    }
  ]
}
EOF
}

# Lambda

## Lambda Function
resource "aws_lambda_function" "lambda_func" {
  function_name = "analytics-ingest"
  filename = "function.zip"
  role = aws_iam_role.iam_for_lambda.arn
  handler = "main"
  runtime = "go1.x"
}

## Lambda Basic Exectution Role
resource "aws_iam_role_policy_attachment" "basic_execution" {
  role = aws_iam_role.iam_for_lambda.id
  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
}

## Lambda Kinesis Policy
resource "aws_iam_role_policy_attachment" "kinesis_execution" {
  role = aws_iam_role.iam_for_lambda.id
  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole"
}

## Lambda DynamoDB Policy
resource "aws_iam_role_policy_attachment" "dynamodb_execution" {
  role = aws_iam_role.iam_for_lambda.id
  policy_arn = "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess"
}

## Lambda Kinesis Source Mapping
resource "aws_lambda_event_source_mapping" "kinesis_lambda_event_mapping" {
  batch_size = 100
  enabled = true
  event_source_arn = aws_kinesis_stream.kinesis_stream.arn
  function_name = aws_lambda_function.lambda_func.arn
  starting_position = "TRIM_HORIZON"
}

# Kinesis

## Kinesis Streams
resource "aws_kinesis_stream" "kinesis_stream" {
  name = "analytics-stream"
  shard_count = 1
  retention_period = 24
  shard_level_metrics = [
      "IncomingBytes",
      "OutgoingBytes"
  ]
}

# DynamoDB

## DynamoDB Table
resource "aws_dynamodb_table" "dynamodb_table" {
  name = "analytics"
  billing_mode = "PAY_PER_REQUEST"
  hash_key = "pk"
  range_key = "sk"

  attribute {
    name = "pk"
    type = "S"
  }

  attribute {
    name = "sk"
    type = "S"
  }
}
	# AWS
	provider "aws" {
	region = "us-west-2"
	profile = "myAWSProfile"
	}

	# IAM

	## IAM Role
	resource "aws_iam_role" "iam_for_lambda" {
	name = "lambda-basic-execution"

	assume_role_policy = <<EOF
	{
	"Version": "2012-10-17",
	"Statement": [
	{
	"Action": "sts:AssumeRole",
	"Principal": {
	"Service": "lambda.amazonaws.com"
	},
	"Effect": "Allow",
	"Sid": ""
	}
	]
	}
	EOF
	}

	# Lambda

	## Lambda Function
	resource "aws_lambda_function" "lambda_func" {
	function_name = "analytics-ingest"
	filename = "function.zip"
	role = aws_iam_role.iam_for_lambda.arn
	handler = "main"
	runtime = "go1.x"
	}

	## Lambda Basic Exectution Role
	resource "aws_iam_role_policy_attachment" "basic_execution" {
	role = aws_iam_role.iam_for_lambda.id
	policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
	}

	## Lambda Kinesis Policy
	resource "aws_iam_role_policy_attachment" "kinesis_execution" {
	role = aws_iam_role.iam_for_lambda.id
	policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole"
	}

	## Lambda DynamoDB Policy
	resource "aws_iam_role_policy_attachment" "dynamodb_execution" {
	role = aws_iam_role.iam_for_lambda.id
	policy_arn = "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess"
	}

	## Lambda Kinesis Source Mapping
	resource "aws_lambda_event_source_mapping" "kinesis_lambda_event_mapping" {
	batch_size = 100
	enabled = true
	event_source_arn = aws_kinesis_stream.kinesis_stream.arn
	function_name = aws_lambda_function.lambda_func.arn
	starting_position = "TRIM_HORIZON"
	}

	# Kinesis

	## Kinesis Streams
	resource "aws_kinesis_stream" "kinesis_stream" {
	name = "analytics-stream"
	shard_count = 1
	retention_period = 24
	shard_level_metrics = [
	"IncomingBytes",
	"OutgoingBytes"
	]
	}

	# DynamoDB

	## DynamoDB Table
	resource "aws_dynamodb_table" "dynamodb_table" {
	name = "analytics"
	billing_mode = "PAY_PER_REQUEST"
	hash_key = "pk"
	range_key = "sk"

	attribute {
	name = "pk"
	type = "S"
	}

	attribute {
	name = "sk"
	type = "S"
	}
	}