This is an opinionated setup that uses Terraform to manage an AWS Lambda function.
This is a Terraform configuration that manages the an AWS EKS stack. It will create the following resources:
- AWS Lambda Function: Lambda function using a Docker image to run code
- AWS S3 Bucket: Used to store the attachments for the Lambda Function
- AWS Policy: Allows the Lambda Function to access the S3 Bucket
- AWS ECR Repository: Used to store the Docker image for the Lambda Function
- Docker Image Build and Push to AWS ECR repository
This setup the Terraform CLI to manage the IllumiDesk stack using Terraform Workspaces.
Ensure you have the following installed on your local machine:
You must have an AWS account and provide your AWS Access Key ID and AWS Secret Access Key.
The values for AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY should be saved as environment variables on your workspace or they can be provided as variables in the *.tfvars file.
Copy the example.tfvars file to <environment>.tfvars and update the values with your AWS credentials.
cp example.tfvars dev.tfvarsCreate and/or select a Terraform workspace.
terraform workspace new devInitialize the Terraform configuration.
terraform initPlan the Terraform configuration (replace <environment> with the name of your environment):
terraform plan -var-file=<environment>.tfvarsFor the development environment:
terraform plan -var-file=dev.tfvarsFor the production environment:
terraform plan -var-file=prod.tfvarsApply the Terraform configuration.
terraform apply -var-file=dev.tfvarsFrom the tests/lambda_function directory, run the following command to test the Lambda function with Boto3. Ensure that the ARN value is exported with the LAMBDA_FUNCTION_ARN environment variable before executing the test:
# example for development environment lambda function
export LAMBDA_FUNCTION_ARN=arn:aws:lambda:us-east-1:860100747351:function:app-dev-docker-lambda_handler
python test_lambda_with_arn.pyThis should output a result similar to the following:
{'statusCode': 200, 'body': '{"result": {"a": 5, "b": 20}}'}| Name | Version |
|---|---|
| terraform | >= 0.13.1 |
| aws | >= 3.19 |
| docker | >= 2.12 |
| random | >= 2.0 |
| Name | Version |
|---|---|
| aws | >= 3.19 |
| random | >= 2.0 |
| Name | Source | Version |
|---|---|---|
| docker_image | ./docker-build | n/a |
| lambda_function_from_container_image | terraform-aws-modules/lambda/aws | ~> 4.13 |
| Name | Type |
|---|---|
| random_pet.this | resource |
| aws_caller_identity.this | data source |
| aws_ecr_authorization_token.token | data source |
| aws_region.current | data source |
No inputs.
| Name | Description |
|---|---|
| docker_image_uri | The ECR Docker image URI used to deploy Lambda Function |
| lambda_cloudwatch_log_group_arn | The ARN of the Cloudwatch Log Group |
| lambda_function_arn | The ARN of the Lambda Function |
| lambda_function_arn_static | The static ARN of the Lambda Function. Use this to avoid cycle errors between resources (e.g., Step Functions) |
| lambda_function_invoke_arn | The Invoke ARN of the Lambda Function |
| lambda_function_kms_key_arn | The ARN for the KMS encryption key of Lambda Function |
| lambda_function_last_modified | The date Lambda Function resource was last modified |
| lambda_function_name | The name of the Lambda Function |
| lambda_function_qualified_arn | The ARN identifying your Lambda Function Version |
| lambda_function_region | The region of the Lambda Function |
| lambda_function_source_code_hash | Base64-encoded representation of raw SHA-256 sum of the zip file |
| lambda_function_source_code_size | The size in bytes of the function .zip file |
| lambda_function_version | Latest published version of Lambda Function |
| lambda_layer_arn | The ARN of the Lambda Layer with version |
| lambda_layer_created_date | The date Lambda Layer resource was created |
| lambda_layer_layer_arn | The ARN of the Lambda Layer without version |
| lambda_layer_source_code_size | The size in bytes of the Lambda Layer .zip file |
| lambda_layer_version | The Lambda Layer version |
| lambda_role_arn | The ARN of the IAM role created for the Lambda Function |
| lambda_role_name | The name of the IAM role created for the Lambda Function |