Terraform with lambda and kinesis

lambda_kinesis_handler.js

// applications/kinesis_streamer/lib/handler.js

import AWS from 'aws-sdk';
const kinesis = new AWS.Kinesis();

export function receiveEvent(event, context, callback) {
  console.log('demoHandler');
  console.log(`Event: ${JSON.stringify(event, null, 2)}`);
  console.log(`Context: ${JSON.stringify(context, null, 2)}`);
  const base64Data = event.Records[0].kinesis.data;
  const base64Decoded = new Buffer(base64Data, 'base64').toString()
  console.log(base64Decoded);
  return callback();
}

export function publishEvent(event, context, callback) {
  console.log('demoHandler');
  console.log(`Event: ${JSON.stringify(event, null, 2)}`);
  console.log(`Context: ${JSON.stringify(context, null, 2)}`);

  const params = {
    Data: '{ sample: "json-object" }',
    PartitionKey: 'resource-1',
    StreamName: 'terraform-kinesis-streamer-demo-stream'
  };

  console.log('putting kinesis record');
  kinesis.putRecord(params, (err, data) => {
    if (err) {
      console.error('error putting kinesis record');
      console.error(err);
      return callback(err);
    }

    console.log('kinesis put success');
    console.log(JSON.stringify(data, null, 2));
    return callback();
  });
}

terraform_lambda_kinesis.tf

provider "aws" {
  region = "${var.aws_region}"
}

# IAM

## IAM Role
resource "aws_iam_role" "iam_for_terraform_lambda" {
    name = "kinesis_streamer_iam_role"
    assume_role_policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": "lambda.amazonaws.com"
      },
      "Effect": "Allow"
    }
  ]
}
EOF
}

## IAM Role Policies

resource "aws_iam_role_policy_attachment" "terraform_lambda_iam_policy_basic_execution" {
  role = "${aws_iam_role.iam_for_terraform_lambda.id}"
  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
}

resource "aws_iam_role_policy_attachment" "terraform_lambda_iam_policy_kinesis_execution" {
  role = "${aws_iam_role.iam_for_terraform_lambda.id}"
  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaKinesisExecutionRole"
}

# Lambda

resource "aws_lambda_function" "terraform_kinesis_streamer_func" {
    filename = "lambda_code.zip"
    function_name = "kinesis_streamer_demo_lambda_function"
    role = "${aws_iam_role.iam_for_terraform_lambda.arn}"
    handler = "lib/handler.demoHandler"
    runtime = "nodejs4.3"
    source_code_hash = "${base64sha256(file("lambda_code.zip"))}"
}

resource "aws_lambda_event_source_mapping" "kinesis_lambda_event_mapping" {
    batch_size = 100
    event_source_arn = "${aws_kinesis_stream.kinesis_streamer_demo_stream.arn}"
    enabled = true
    function_name = "${aws_lambda_function.terraform_kinesis_streamer_func.arn}"
    starting_position = "TRIM_HORIZON"
}

# Kinesis

## Kinesis Streams
resource "aws_kinesis_stream" "kinesis_streamer_demo_stream" {
    name = "terraform-kinesis-streamer-demo-stream"
    shard_count = 1
    retention_period = 24
    shard_level_metrics = [
        "IncomingBytes",
        "OutgoingBytes"
    ]
    tags {
        Environment = "terraform-kinesis-streamer-test"
    }
}

I don't understand the "EOF" can you explain please ?

assume_role_policy = <<EOF terraform_lambda_kinesis.tf l.11 and l.24

I don't understand the "EOF" can you explain please ?

assume_role_policy = <<EOF terraform_lambda_kinesis.tf l.11 and l.24

It's a 'heredoc' syntax, often used to provide longer or unescaped strings as inputs.
https://stackoverflow.com/a/2500451