Skip to content

Instantly share code, notes, and snippets.

@justinsoliz

justinsoliz/resources.tf

Created August 30, 2016 15:26
Show Gist options
  • Star 12 You must be signed in to star a gist
  • Fork 4 You must be signed in to fork a gist
  • Save justinsoliz/8fe711039a76d8261c15f9199c0b29ea to your computer and use it in GitHub Desktop.
Save justinsoliz/8fe711039a76d8261c15f9199c0b29ea to your computer and use it in GitHub Desktop.
Download ZIP
Terraform S3 to Lambda notification
Raw
resources.tf
provider "aws" {
access_key = "${var.access_key}"
secret_key = "${var.secret_key}"
region = "${var.region}"
}
resource "aws_iam_role" "iam_for_terraform_lambda" {
name = "app_${var.app_env}_lambda"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Action": "sts:AssumeRole",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Effect": "Allow"
}
]
}
EOF
}
resource "aws_iam_role_policy_attachment" "terraform_lambda_iam_policy_basic_execution" {
role = "${aws_iam_role.iam_for_terraform_lambda.id}"
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
}
resource "aws_lambda_permission" "allow_terraform_bucket" {
statement_id = "AllowExecutionFromS3Bucket"
action = "lambda:InvokeFunction"
function_name = "${aws_lambda_function.terraform_func.arn}"
principal = "s3.amazonaws.com"
source_arn = "${aws_s3_bucket.terraform_bucket.arn}"
}
resource "aws_lambda_function" "terraform_func" {
filename = "helloworld_2.zip"
function_name = "playbook_lambda_name_${var.app_env}"
role = "${aws_iam_role.iam_for_terraform_lambda.arn}"
handler = "helloworld.handler"
runtime = "nodejs4.3"
}
resource "aws_s3_bucket" "terraform_bucket" {
bucket = "app-terraform-${var.app_env}"
}
resource "aws_s3_bucket_notification" "bucket_terraform_notification" {
bucket = "${aws_s3_bucket.terraform_bucket.id}"
lambda_function {
lambda_function_arn = "${aws_lambda_function.terraform_func.arn}"
events = ["s3:ObjectCreated:*"]
filter_prefix = "content-packages/"
/* filter_suffix = ".json" */
}
}
Raw
run_deploy.sh
#!/bin/bash
# configure remote s3 state
terraform remote config \
-backend=s3 \
-backend-config="bucket=app-terraform-deployments" \
-backend-config="key=deployment_states/app.staging.tfstate" \
-backend-config="region=us-west-2"
# up new infra
terraform plan -var-file=./staging.tfvars
terraform apply -var-file=./staging.tfvars
Raw
staging.tfvars
app_env = "staging"
Raw
variables.tf
variable "app_env" { }
variable "access_key" {
default = "access_key"
}
variable "secret_key" {
default = "secret_key"
}
variable "region" {
default = "us-west-2"
}
@unacceptable
Copy link

Shouldn't line 33 of resources.tf be the following?

    function_name = "${aws_lambda_function.terraform_func.function_name}"

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment