· 6 years ago · Feb 19, 2019, 09:52 AM
1provider "aws" {
2 access_key = "${var.access_key}"
3 secret_key = "${var.secret_key}"
4 region = "${var.region}"
5}
6
7resource "aws_iam_role" "iam_for_terraform_lambda" {
8 name = "app_${var.app_env}_lambda"
9 assume_role_policy = <<EOF
10{
11 "Version": "2012-10-17",
12 "Statement": [
13 {
14 "Action": "sts:AssumeRole",
15 "Principal": {
16 "Service": "lambda.amazonaws.com"
17 },
18 "Effect": "Allow"
19 }
20 ]
21}
22EOF
23}
24
25resource "aws_iam_role_policy_attachment" "terraform_lambda_iam_policy_basic_execution" {
26 role = "${aws_iam_role.iam_for_terraform_lambda.id}"
27 policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
28}
29
30resource "aws_lambda_permission" "allow_terraform_bucket" {
31 statement_id = "AllowExecutionFromS3Bucket"
32 action = "lambda:InvokeFunction"
33 function_name = "${aws_lambda_function.terraform_func.arn}"
34 principal = "s3.amazonaws.com"
35 source_arn = "${aws_s3_bucket.terraform_bucket.arn}"
36}
37
38resource "aws_lambda_function" "terraform_func" {
39 filename = "helloworld_2.zip"
40 function_name = "playbook_lambda_name_${var.app_env}"
41 role = "${aws_iam_role.iam_for_terraform_lambda.arn}"
42 handler = "helloworld.handler"
43 runtime = "nodejs4.3"
44}
45
46resource "aws_s3_bucket" "terraform_bucket" {
47 bucket = "app-terraform-${var.app_env}"
48}
49
50resource "aws_s3_bucket_notification" "bucket_terraform_notification" {
51 bucket = "${aws_s3_bucket.terraform_bucket.id}"
52 lambda_function {
53 lambda_function_arn = "${aws_lambda_function.terraform_func.arn}"
54 events = ["s3:ObjectCreated:*"]
55 filter_prefix = "content-packages/"
56 /* filter_suffix = ".json" */
57 }
58}