sscovil/http_lambda.py

## http_lambda.py
#!/usr/bin/env python
import os

from cdktf import AssetType, TerraformAsset
from cdktf_cdktf_provider_aws.iam_role import IamRole
from cdktf_cdktf_provider_aws.iam_role_policy_attachment import IamRolePolicyAttachment
from cdktf_cdktf_provider_aws.lambda_function import LambdaFunction, LambdaFunctionEnvironment
from cdktf_cdktf_provider_aws.lambda_function_url import LambdaFunctionUrl, LambdaFunctionUrlCors
from constructs import Construct


class HttpLambda(Construct):
    function_name: str
    function_url: str
    iam_role_name: str

    def __init__(
            self,
            scope: Construct,
            ns: str,
            path: str,
            runtime: str,
            cors: LambdaFunctionUrlCors | None = None,
            env: dict | None = None,
            function_name: str | None = None,
            handler: str = "index.lambda_handler",
            iam_role_name: str | None = None,
    ):
        super().__init__(scope, ns)

        if env is None:
            env = {}

        if cors is None:
            cors = LambdaFunctionUrlCors(
                allow_headers=["*"],
                allow_methods=["*"],
                allow_origins=["*"],
            )

        role = IamRole(
            self,
            "lambda-exec-role",
            name=iam_role_name,
            assume_role_policy=json.dumps({
                "Version": "2012-10-17",
                "Statement":
                    {
                        "Action": "sts:AssumeRole",
                        "Principal": {
                            "Service": "lambda.amazonaws.com",
                        },
                        "Effect": "Allow",
                        "Sid": "",
                    },
            }),
        )
        self.iam_role_name = role.name

        IamRolePolicyAttachment(
            self,
            "lambda-managed-policy",
            policy_arn="arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
            role=role.name,
        )

        asset = TerraformAsset(
            self,
            "lambda-asset",
            path=os.path.join(os.getcwd(), path),
            type=AssetType.ARCHIVE,
        )

        lambda_fn = LambdaFunction(
            self,
            "lambda-fn",
            function_name=function_name,
            handler=handler,
            runtime=runtime,
            role=role.arn,
            filename=asset.path,
            source_code_hash=asset.asset_hash,
            environment=LambdaFunctionEnvironment(variables=env) if env else None
        )
        self.function_name = lambda_fn.function_name

        http = LambdaFunctionUrl(
            self,
            "lambda-fn-url",
            authorization_type="NONE",
            cors=cors,
            function_name=lambda_fn.arn,
        )
        self.function_url = http.function_url
	#!/usr/bin/env python
	import os

	from cdktf import AssetType, TerraformAsset
	from cdktf_cdktf_provider_aws.iam_role import IamRole
	from cdktf_cdktf_provider_aws.iam_role_policy_attachment import IamRolePolicyAttachment
	from cdktf_cdktf_provider_aws.lambda_function import LambdaFunction, LambdaFunctionEnvironment
	from cdktf_cdktf_provider_aws.lambda_function_url import LambdaFunctionUrl, LambdaFunctionUrlCors
	from constructs import Construct


	class HttpLambda(Construct):
	function_name: str
	function_url: str
	iam_role_name: str

	def __init__(
	self,
	scope: Construct,
	ns: str,
	path: str,
	runtime: str,
	cors: LambdaFunctionUrlCors \| None = None,
	env: dict \| None = None,
	function_name: str \| None = None,
	handler: str = "index.lambda_handler",
	iam_role_name: str \| None = None,
	):
	super().__init__(scope, ns)

	if env is None:
	env = {}

	if cors is None:
	cors = LambdaFunctionUrlCors(
	allow_headers=["*"],
	allow_methods=["*"],
	allow_origins=["*"],
	)

	role = IamRole(
	self,
	"lambda-exec-role",
	name=iam_role_name,
	assume_role_policy=json.dumps({
	"Version": "2012-10-17",
	"Statement":
	{
	"Action": "sts:AssumeRole",
	"Principal": {
	"Service": "lambda.amazonaws.com",
	},
	"Effect": "Allow",
	"Sid": "",
	},
	}),
	)
	self.iam_role_name = role.name

	IamRolePolicyAttachment(
	self,
	"lambda-managed-policy",
	policy_arn="arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole",
	role=role.name,
	)

	asset = TerraformAsset(
	self,
	"lambda-asset",
	path=os.path.join(os.getcwd(), path),
	type=AssetType.ARCHIVE,
	)

	lambda_fn = LambdaFunction(
	self,
	"lambda-fn",
	function_name=function_name,
	handler=handler,
	runtime=runtime,
	role=role.arn,
	filename=asset.path,
	source_code_hash=asset.asset_hash,
	environment=LambdaFunctionEnvironment(variables=env) if env else None
	)
	self.function_name = lambda_fn.function_name

	http = LambdaFunctionUrl(
	self,
	"lambda-fn-url",
	authorization_type="NONE",
	cors=cors,
	function_name=lambda_fn.arn,
	)
	self.function_url = http.function_url