Support for AWS Serverless Application Model and Repository #3981
Comments
ghost
mentioned this issue
bflad
added
new-resource
|
This needs some love. |
|
I'll work on a data source for serverless applications. The current API is a little lacking, especially for searching the public repositories. |
|
@obierlaire, @cornfeedhobo & everyone else, what are your usecases for the Serverless Application Repo? I'm starting with using applications from the public repo, since that's my current need. Does anyone need other cases? |
|
@gdavison the next few weeks will be tight with conferences. I'll do my best to put together a solid example use case, as my current repo has just worked around this. |
|
This has gotten a little more complicated. I've created the data source, but I can't use the template to create a Cloud Formation stack because |
|
This looks related to #132 |
|
I've figured it out. I can now spin up an application from the Repo. It needs more config, more outputs, and update functionality |
|
It would be great to see this, I need to deploy the same "Serverless Application" from the repository in many many regions |
|
Would love to be able to setup Lambdas by specifying a source in the Serverless Application Repository. |
|
We are using GuardDuty SumoLogic app (https://serverlessrepo.aws.amazon.com/applications/arn:aws:serverlessrepo:us-east-1:956882708938:applications~sumologic-guardduty-events-processor) and I am tasked to decide how to include it in out terraform repo. |
|
@stepps I'm trying to do the same thing. Do you end up finding a solution? |
|
@nealharris No, this item is stuck in my backlog for the time being. |
|
Still no SAM Data Source Resource for terraform 12.0??? |
|
Any luck on this issue?? :keep-watching: |
|
Adding another voice that is looking for this...any updates? |
|
Any update on this one. This could be really helpful +1 |
|
@gdavison my use case is trying to follow these instructions from Datadog:
https://docs.datadoghq.com/integrations/amazon_rds/#create-your-lambda-function |
|
Ok, I'm finally picking this back up. When I last worked on it, I had it set up so that you could specify a version, or it would use the latest version if not specified. The version could be updated if it was specified. I stalled out with a number of refinement decisions and not needing it for my day job. I'll rebase onto the current codebase and verify that it works. @bflad any comments/feedback on how version updates should work? |
|
Could I get a quick thumbs-up/thumbs-down poll in the reactions below this comment? @bflad your guidance would be good here. I have the resource created to create and deploy an application from the Serverless Application Repository. The hold-up is I'm fairly confident that this is doable, but I need to learn the internals of Terraform a whole lot better. The drawback with adding So I see the options as:
|
|
Ok, the results are pretty clear :) |
|
Any updates on this? 😊 |
|
👋 Many of us are finding this issue as they are following the Datadog RDS enhanced monitoring guide. I have the following stored in ##############################################################################
# KMS key for Datadog Agent & Lambda
##############################################################################
resource "aws_kms_key" "datadog_lambda" {
description = "Used by Lambda pushing data to Datadog"
deletion_window_in_days = 30
enable_key_rotation = true
}
resource "aws_kms_alias" "datadog_lambda" {
name = "alias/${var.namespace}-${var.stage}-datadog"
target_key_id = aws_kms_key.datadog_lambda.key_id
}
#################################################
# Archive Lambda script & Create Lambda Function
#################################################
data "archive_file" "lambda_zip" {
type = "zip"
source_dir = "${path.module}/python"
output_path = "${path.module}/python/rds_enhanced_monitoring.zip"
}
resource "aws_lambda_function" "datadog_postresql" {
function_name = "${var.namespace}-${var.stage}-datadog-rds-enhanced-monitoring"
description = "Pushes RDS Enhanced metrics to Datadog"
role = aws_iam_role.datadog_lambda.arn
runtime = "python2.7"
handler = "rds_enhanced_monitoring.lambda_handler"
filename = data.archive_file.lambda_zip.output_path
source_code_hash = data.archive_file.lambda_zip.output_base64sha256
publish = true
timeout = 10
kms_key_arn = aws_kms_key.datadog_lambda.arn
memory_size = 128
environment {
variables = {
kmsEncryptedKeys = jsonencode({ "api_key" = var.datadog_api_key, "app_key" = var.datadog_app_key })
}
}
}
##############################################################################
# Lambda IAM Execution Role
##############################################################################
resource "aws_iam_role" "datadog_lambda" {
name = "${var.namespace}-${var.stage}-datadog-rds-lambda"
path = "/"
assume_role_policy = data.aws_iam_policy_document.datadog_lambda_assume_role.json
}
data "aws_iam_policy_document" "datadog_lambda_assume_role" {
statement {
effect = "Allow"
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = ["lambda.amazonaws.com"]
}
}
}
data "aws_iam_policy_document" "datadog_lambda" {
statement {
sid = "KMS"
effect = "Allow"
resources = [aws_kms_key.datadog_lambda.arn]
actions = [
"kms:Decrypt"
]
}
}
resource "aws_iam_policy" "datadog_lambda" {
name = "${var.namespace}-${var.stage}-datadog-rds-lambda"
path = "/"
policy = data.aws_iam_policy_document.datadog_lambda.json
}
resource "aws_iam_role_policy_attachment" "datadog_lambda" {
role = aws_iam_role.datadog_lambda.name
policy_arn = aws_iam_policy.datadog_lambda.arn
} |
|
in absence of a native tf resource for SAR, one can always create an |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked as resolved and limited conversation to collaborators
This issue was originally opened by @obierlaire as hashicorp/terraform#17729. It was migrated here as a result of the provider split. The original body of the issue is below.
AWS offers now a repository of serverless applications.
Basically, it's a SAM (Serverless Application Model) repository, where anybody can publish or use serverless application templates (similar as Cloudformation templates)
Terraform supports Cloudformation Data sources and Cloudformation Resources, but no SAM Data source/resource.
The API supports publishing SAM to SAR and consuming SAM from SAR (https://docs.aws.amazon.com/serverlessrepo/latest/devguide/resources.html)
The text was updated successfully, but these errors were encountered: