Skip to content

kunstkomputer/tf-coding-challenge

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.terraform.lock.hcl
.terraform.lock.hcl
 
 
README.md
README.md
 
 
data.tf
data.tf
 
 
main.tf
main.tf
 
 

Repository files navigation

tf-coding-challenge

Sample terraform config providing a lambda function, which is triggered via a cron expression.

Usage

The configuration files can be sourced without creating resources by setting the create_resources var to False This can be done on module level via a .tfvars or on cli level e.g.:

❯ terraform apply -var create_resources=false

The lambda source code is deployed via a zip file of the code. To package the code use:

❯ zip -r deployment_package.zip function_code/*.py

The zipfile creation and uploading of code to an S3 Bucket is something that may be automated using a CI pipeline like github actions. For brevity of this challenge, a zipfile is included in the repo.

How to use this config

This config is intended to be sourced from a root module. Sample Code:

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 3.55.0"
    }
  }

  required_version = ">= 0.14.9"
}

provider "aws" {
  region = "eu-central-1"
}

module "tf-coding-challenge" {
  source = "git@github.com:kunstkomputer/tf-coding-challenge.git?ref=after_submission"
}

You may specify the git ref of this module by changing the ref querystring parameter of the github URL to a desired value (e.g. main,develop).

In case you omit the parameter terraform will source the default branch (main in this case).

NOTE: Caution, you may run terraform init prior to any other command, to fetch the module under the git ref. If the ref in the repo is changing, a re-init of your local tf workdir is required, to pull the changes.

read the region from the config

If the config is sourced via a root module as described above under How to use this config. One may retrieve the region it was applied to via:

rootmodule/main.tf
...
module "tf-coding-challenge" {
  source = "git@github.com:kunstkomputer/tf-coding-challenge.git?ref=after_submission"
}
output "region_from_module" {
  value = "${module.tf-coding-challenge.deployed_region}"
}
...

fetch the output from cli

❯ tf refresh && tf output region_from_module

Prerequesites

  • Setup your aws CLI and username either as environment vars or via ~/.aws/credentials

  • the IAM user executing terraform requires the following capabilities to apply this configuration successfully:

    • iam:CreateRole
    • iam:GetInstanceProfile
    • iam:CreateRole
    • iam:PutRolePolicy
    • iam:AttachRolePolicy
    • lambda:CreateFunction
    • lambda:InvokeAsync
    • lambda:InvokeFunction
    • iam:PassRole
    • lambda:UpdateAlias
    • lambda:CreateAlias
    • lambda:GetFunctionConfiguration
    • lambda:AddPermissio
    • events:PutRule

Caveates

If this configuration is applied, the lambda automatically creates a loggroup in CloudWatch for this function. The loggroup is not managed by Terraform, thus the it won't be removed in case this plan is destroyed.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages