Last active
December 11, 2019 00:32
-
-
Save ultim8k/5707b31d02b2c965e8d4522bc33d88af to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "aws" { | |
| region = "eu-west-1" | |
| } | |
| # Lambda | |
| resource "aws_lambda_function" "tf-example" { | |
| function_name = "ServerlessExample" | |
| # The bucket name as created earlier with "aws s3api create-bucket" | |
| s3_bucket = "tf-example-store" | |
| s3_key = "v1.0.0/tf-example.zip" | |
| # "main" is the filename within the zip file (main.js) and "handler" | |
| # is the name of the property under which the handler function was | |
| # exported in that file. | |
| handler = "main.handler" | |
| runtime = "nodejs10.x" | |
| role = aws_iam_role.lambda_exec.arn | |
| } | |
| # IAM role which dictates what other AWS services the Lambda function | |
| # may access. | |
| resource "aws_iam_role" "lambda_exec" { | |
| name = "serverless_example_lambda" | |
| assume_role_policy = <<EOF | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Action": "sts:AssumeRole", | |
| "Principal": { | |
| "Service": "lambda.amazonaws.com" | |
| }, | |
| "Effect": "Allow", | |
| "Sid": "" | |
| } | |
| ] | |
| } | |
| EOF | |
| } | |
| # API Gateway | |
| resource "aws_api_gateway_rest_api" "tf-example" { | |
| name = "ServerlessExample" | |
| description = "Terraform Serverless Application Example" | |
| } | |
| resource "aws_api_gateway_resource" "proxy" { | |
| rest_api_id = aws_api_gateway_rest_api.tf-example.id | |
| parent_id = aws_api_gateway_rest_api.tf-example.root_resource_id | |
| path_part = "{proxy+}" | |
| } | |
| resource "aws_api_gateway_method" "proxy" { | |
| rest_api_id = aws_api_gateway_rest_api.tf-example.id | |
| resource_id = aws_api_gateway_resource.proxy.id | |
| http_method = "ANY" | |
| authorization = "NONE" | |
| } | |
| resource "aws_api_gateway_integration" "lambda" { | |
| rest_api_id = aws_api_gateway_rest_api.tf-example.id | |
| resource_id = aws_api_gateway_method.proxy.resource_id | |
| http_method = aws_api_gateway_method.proxy.http_method | |
| integration_http_method = "POST" | |
| type = "AWS_PROXY" | |
| uri = aws_lambda_function.tf-example.invoke_arn | |
| } | |
| resource "aws_api_gateway_method" "proxy_root" { | |
| rest_api_id = aws_api_gateway_rest_api.tf-example.id | |
| resource_id = aws_api_gateway_rest_api.tf-example.root_resource_id | |
| http_method = "ANY" | |
| authorization = "NONE" | |
| } | |
| resource "aws_api_gateway_integration" "lambda_root" { | |
| rest_api_id = aws_api_gateway_rest_api.tf-example.id | |
| resource_id = aws_api_gateway_method.proxy_root.resource_id | |
| http_method = aws_api_gateway_method.proxy_root.http_method | |
| integration_http_method = "POST" | |
| type = "AWS_PROXY" | |
| uri = aws_lambda_function.tf-example.invoke_arn | |
| } | |
| resource "aws_api_gateway_deployment" "tf-example" { | |
| depends_on = [ | |
| aws_api_gateway_integration.lambda, | |
| aws_api_gateway_integration.lambda_root, | |
| ] | |
| rest_api_id = aws_api_gateway_rest_api.tf-example.id | |
| stage_name = "test" | |
| } | |
| # Permission for API to run lambda | |
| resource "aws_lambda_permission" "apigw" { | |
| statement_id = "AllowAPIGatewayInvoke" | |
| action = "lambda:InvokeFunction" | |
| function_name = aws_lambda_function.tf-example.function_name | |
| principal = "apigateway.amazonaws.com" | |
| # The "/*/*" portion grants access from any method on any resource | |
| # within the API Gateway REST API. | |
| source_arn = "${aws_api_gateway_rest_api.tf-example.execution_arn}/*/*" | |
| } | |
| output "base_url" { | |
| value = aws_api_gateway_deployment.tf-example.invoke_url | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # resource "aws_ses_email_identity" "sender_address" { | |
| # email = "email@example.com" | |
| # } | |
| # resource "aws_ses_email_identity" "recepient_address" { | |
| # email = "email@example.com" | |
| # } | |
| provider "aws" { | |
| region = "eu-west-1" | |
| } | |
| # Lambda | |
| resource "aws_lambda_function" "darth_mailer" { | |
| function_name = "DarthMailer" | |
| # The bucket name as created earlier with "aws s3api create-bucket" | |
| s3_bucket = "tf-example-store" | |
| s3_key = "v1.0.1/tf-example.zip" | |
| # "main" is the filename within the zip file (main.js) and "handler" | |
| # is the name of the property under which the handler function was | |
| # exported in that file. | |
| handler = "main.handler" | |
| runtime = "nodejs12.x" | |
| role = aws_iam_role.lambda_exec.arn | |
| } | |
| # IAM role which dictates what other AWS services the Lambda function | |
| # may access. | |
| resource "aws_iam_role" "lambda_exec" { | |
| name = "serverless_example_lambda" | |
| assume_role_policy = <<EOF | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Action": "sts:AssumeRole", | |
| "Principal": { | |
| "Service": "lambda.amazonaws.com" | |
| }, | |
| "Effect": "Allow", | |
| "Sid": "" | |
| } | |
| ] | |
| } | |
| EOF | |
| } | |
| # Use SES iam policy | |
| resource "aws_iam_role_policy" "ses_policy" { | |
| name = "ses-policy" | |
| role = aws_iam_role.lambda_exec.id | |
| # description = "Give access to SES" | |
| policy = <<EOF | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "ses:SendEmail" | |
| ], | |
| "Resource": "*" | |
| } | |
| ] | |
| } | |
| EOF | |
| } | |
| # Use logs iam policy | |
| resource "aws_iam_role_policy" "logs_policy" { | |
| name = "logs-policy" | |
| role = aws_iam_role.lambda_exec.id | |
| # description = "Give access to logs" | |
| policy = <<EOF | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Effect": "Allow", | |
| "Action": [ | |
| "logs:CreateLogGroup", | |
| "logs:CreateLogStream", | |
| "logs:PutLogEvents" | |
| ], | |
| "Resource": "arn:aws:logs:*:*:*" | |
| } | |
| ] | |
| } | |
| EOF | |
| } | |
| # API Gateway | |
| resource "aws_api_gateway_rest_api" "darth_mailer" { | |
| name = "DarthMailer" | |
| description = "A Serverless Application for Email Forms" | |
| } | |
| # resource "aws_api_gateway_resource" "root" { | |
| # rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| # parent_id = aws_api_gateway_rest_api.darth_mailer.root_resource_id | |
| # path_part = "" | |
| # } | |
| # resource "aws_api_gateway_resource" "proxy" { | |
| # rest_api_id = aws_api_gateway_rest_api.tf-example.id | |
| # parent_id = aws_api_gateway_rest_api.tf-example.root_resource_id | |
| # path_part = "{proxy+}" | |
| # } | |
| # resource "aws_api_gateway_method" "proxy" { | |
| # rest_api_id = aws_api_gateway_rest_api.tf-example.id | |
| # resource_id = aws_api_gateway_resource.proxy.id | |
| # http_method = "ANY" | |
| # authorization = "NONE" | |
| # } | |
| # resource "aws_api_gateway_integration" "lambda" { | |
| # rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| # resource_id = aws_api_gateway_method.proxy.resource_id | |
| # http_method = aws_api_gateway_method.proxy.http_method | |
| # integration_http_method = "POST" | |
| # type = "AWS_PROXY" | |
| # uri = aws_lambda_function.darth_mailer.invoke_arn | |
| # } | |
| resource "aws_api_gateway_method" "method_request_post_root" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_rest_api.darth_mailer.root_resource_id | |
| http_method = "POST" | |
| authorization = "NONE" | |
| } | |
| resource "aws_api_gateway_method" "method_request_options_root" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_rest_api.darth_mailer.root_resource_id | |
| http_method = "OPTIONS" | |
| authorization = "NONE" | |
| } | |
| resource "aws_api_gateway_integration" "integration_request_options_lambda_root" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_options_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_options_root.http_method | |
| integration_http_method = "OPTIONS" | |
| type = "MOCK" | |
| passthrough_behavior = "WHEN_NO_MATCH" | |
| } | |
| resource "aws_api_gateway_integration" "integration_request_post_lambda_root" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| integration_http_method = "POST" | |
| type = "AWS" | |
| uri = aws_lambda_function.darth_mailer.invoke_arn | |
| content_handling = "CONVERT_TO_TEXT" | |
| passthrough_behavior = "WHEN_NO_TEMPLATES" | |
| request_templates = { | |
| "application/json" = <<EOF | |
| { | |
| "grecaptcha" : $input.json('$.g-recaptcha-response'), | |
| "senderName" : $input.json('$.name'), | |
| "senderAddress": $input.json('$.email'), | |
| "apiKey" : $input.json('$.key'), | |
| "message" : $input.json('$.message') | |
| } | |
| EOF | |
| } | |
| } | |
| resource "aws_api_gateway_method_response" "method_response_options_200" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_options_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_options_root.http_method | |
| status_code = "200" | |
| response_models = { "application/json" = "Empty" } | |
| response_parameters = { | |
| "method.response.header.Access-Control-Allow-Origin" = true, | |
| "method.response.header.Access-Control-Allow-Methods" = true, | |
| "method.response.header.Access-Control-Allow-Headers" = true, | |
| } | |
| } | |
| resource "aws_api_gateway_method_response" "method_response_post_200" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "200" | |
| response_models = { "application/json" = "Empty" } | |
| response_parameters = { | |
| "method.response.header.Access-Control-Allow-Origin" = true | |
| } | |
| } | |
| resource "aws_api_gateway_method_response" "method_response_post_400" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "400" | |
| } | |
| resource "aws_api_gateway_method_response" "method_response_post_401" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "401" | |
| } | |
| resource "aws_api_gateway_method_response" "method_response_post_422" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "422" | |
| } | |
| resource "aws_api_gateway_method_response" "method_response_post_500" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "500" | |
| } | |
| resource "aws_api_gateway_integration_response" "integration_response_root_options_200" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_options_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_options_root.http_method | |
| status_code = "200" | |
| depends_on = [ | |
| aws_api_gateway_integration.integration_request_options_lambda_root, | |
| aws_api_gateway_method_response.method_response_options_200 | |
| ] | |
| selection_pattern = "-" | |
| response_parameters = { | |
| "method.response.header.Access-Control-Allow-Methods" = "'POST,OPTIONS'", | |
| "method.response.header.Access-Control-Allow-Headers" = "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'", | |
| "method.response.header.Access-Control-Allow-Origin" = "'*'" | |
| } | |
| } | |
| resource "aws_api_gateway_integration_response" "integration_response_root_post_200" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "200" | |
| depends_on = [ | |
| aws_api_gateway_integration.integration_request_post_lambda_root, | |
| aws_api_gateway_method_response.method_response_post_200 | |
| ] | |
| selection_pattern = "-" | |
| response_parameters = { | |
| "method.response.header.Access-Control-Allow-Origin" = "'*'" | |
| } | |
| } | |
| resource "aws_api_gateway_integration_response" "integration_response_root_post_400" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "400" | |
| depends_on = [ | |
| aws_api_gateway_integration.integration_request_post_lambda_root, | |
| aws_api_gateway_method_response.method_response_post_400 | |
| ] | |
| selection_pattern = ".*400.*" | |
| } | |
| resource "aws_api_gateway_integration_response" "integration_response_root_post_401" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "401" | |
| depends_on = [ | |
| aws_api_gateway_integration.integration_request_post_lambda_root, | |
| aws_api_gateway_method_response.method_response_post_401 | |
| ] | |
| selection_pattern = ".*401.*" | |
| } | |
| resource "aws_api_gateway_integration_response" "integration_response_root_post_422" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "422" | |
| depends_on = [ | |
| aws_api_gateway_integration.integration_request_post_lambda_root, | |
| aws_api_gateway_method_response.method_response_post_422 | |
| ] | |
| selection_pattern = ".*422.*" | |
| } | |
| resource "aws_api_gateway_integration_response" "integration_response_root_post_500" { | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| resource_id = aws_api_gateway_method.method_request_post_root.resource_id | |
| http_method = aws_api_gateway_method.method_request_post_root.http_method | |
| status_code = "500" | |
| depends_on = [ | |
| aws_api_gateway_integration.integration_request_post_lambda_root, | |
| aws_api_gateway_method_response.method_response_post_500 | |
| ] | |
| selection_pattern = ".*500.*" | |
| } | |
| resource "aws_api_gateway_deployment" "darth_mailer" { | |
| depends_on = [ | |
| # aws_api_gateway_integration.lambda, | |
| # aws_api_gateway_integration.integration_request_options_lambda_root, | |
| # aws_api_gateway_integration.integration_request_post_lambda_root, | |
| aws_api_gateway_integration_response.integration_response_root_options_200, | |
| aws_api_gateway_integration_response.integration_response_root_post_200, | |
| aws_api_gateway_integration_response.integration_response_root_post_400, | |
| aws_api_gateway_integration_response.integration_response_root_post_401, | |
| aws_api_gateway_integration_response.integration_response_root_post_422, | |
| aws_api_gateway_integration_response.integration_response_root_post_500, | |
| ] | |
| rest_api_id = aws_api_gateway_rest_api.darth_mailer.id | |
| stage_name = "dev" | |
| } | |
| # Permission for API to run lambda | |
| resource "aws_lambda_permission" "apigw" { | |
| statement_id = "AllowAPIGatewayInvoke" | |
| action = "lambda:InvokeFunction" | |
| function_name = aws_lambda_function.darth_mailer.function_name | |
| principal = "apigateway.amazonaws.com" | |
| # The "/*/*" portion grants access from any method on any resource | |
| # within the API Gateway REST API. | |
| source_arn = "${aws_api_gateway_rest_api.darth_mailer.execution_arn}/*/*" | |
| } | |
| output "base_url" { | |
| value = aws_api_gateway_deployment.darth_mailer.invoke_url | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment