James Bland
729ecaae1c
All checks were successful
kinec.tech/airun-pathfinder-crud-pricing/pipeline/head This commit looks good
- Updated main.tf with infrastructure changes - Updated outputs configuration
186 lines
4.8 KiB
HCL
186 lines
4.8 KiB
HCL
terraform {
|
|
required_version = ">= 1.0"
|
|
|
|
required_providers {
|
|
aws = {
|
|
source = "hashicorp/aws"
|
|
version = "~> 6.23"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider "aws" {
|
|
region = var.aws_region
|
|
|
|
default_tags {
|
|
tags = {
|
|
Project = "airun-pathfinder"
|
|
Component = "crud"
|
|
Service = "pricing"
|
|
Environment = var.environment
|
|
ManagedBy = "terraform"
|
|
}
|
|
}
|
|
}
|
|
|
|
# Data source: Get Gateway ID from platform-core
|
|
data "aws_ssm_parameter" "gateway_id" {
|
|
name = "/airun-pathfinder/${var.environment}/gateway-id"
|
|
}
|
|
|
|
# Get current AWS account ID
|
|
data "aws_caller_identity" "current" {}
|
|
|
|
# Lambda function
|
|
resource "aws_lambda_function" "crud_pricing" {
|
|
filename = "../target/lambda/bootstrap/bootstrap.zip"
|
|
function_name = "airun-pathfinder-crud-pricing-${var.environment}"
|
|
role = aws_iam_role.lambda.arn
|
|
handler = "bootstrap"
|
|
runtime = "provided.al2023"
|
|
architectures = ["arm64"]
|
|
timeout = var.lambda_timeout
|
|
memory_size = var.lambda_memory
|
|
|
|
source_code_hash = filebase64sha256("../target/lambda/bootstrap/bootstrap.zip")
|
|
|
|
environment {
|
|
variables = {
|
|
RUST_LOG = var.log_level
|
|
TABLE_NAME = local.table_name
|
|
ENVIRONMENT = var.environment
|
|
}
|
|
}
|
|
|
|
# Enable X-Ray tracing for observability
|
|
tracing_config {
|
|
mode = "Active"
|
|
}
|
|
|
|
tags = {
|
|
Name = "airun-pathfinder-crud-pricing"
|
|
}
|
|
}
|
|
|
|
# CloudWatch Log Group
|
|
resource "aws_cloudwatch_log_group" "crud_pricing" {
|
|
name = "/aws/lambda/${aws_lambda_function.crud_pricing.function_name}"
|
|
retention_in_days = var.log_retention_days
|
|
|
|
tags = {
|
|
Name = "crud-pricing-logs"
|
|
}
|
|
}
|
|
|
|
# IAM Role for Lambda
|
|
resource "aws_iam_role" "lambda" {
|
|
name = "airun-pathfinder-crud-pricing-role-${var.environment}"
|
|
|
|
assume_role_policy = jsonencode({
|
|
Version = "2012-10-17"
|
|
Statement = [{
|
|
Action = "sts:AssumeRole"
|
|
Effect = "Allow"
|
|
Principal = {
|
|
Service = "lambda.amazonaws.com"
|
|
}
|
|
}]
|
|
})
|
|
|
|
tags = {
|
|
Name = "airun-pathfinder-crud-pricing-role"
|
|
}
|
|
}
|
|
|
|
# Basic Lambda execution policy
|
|
resource "aws_iam_role_policy_attachment" "lambda_basic" {
|
|
role = aws_iam_role.lambda.name
|
|
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
|
|
}
|
|
|
|
# X-Ray permissions for tracing
|
|
resource "aws_iam_role_policy_attachment" "lambda_xray" {
|
|
role = aws_iam_role.lambda.name
|
|
policy_arn = "arn:aws:iam::aws:policy/AWSXRayDaemonWriteAccess"
|
|
}
|
|
|
|
# DynamoDB access policy
|
|
resource "aws_iam_role_policy" "dynamodb_access" {
|
|
name = "airun-pathfinder-crud-pricing-dynamodb-policy"
|
|
role = aws_iam_role.lambda.id
|
|
|
|
policy = jsonencode({
|
|
Version = "2012-10-17"
|
|
Statement = [
|
|
{
|
|
Effect = "Allow"
|
|
Action = [
|
|
"dynamodb:GetItem",
|
|
"dynamodb:PutItem",
|
|
"dynamodb:UpdateItem",
|
|
"dynamodb:Query"
|
|
]
|
|
Resource = [
|
|
"arn:aws:dynamodb:${var.aws_region}:${data.aws_caller_identity.current.account_id}:table/${local.table_name}",
|
|
"arn:aws:dynamodb:${var.aws_region}:${data.aws_caller_identity.current.account_id}:table/${local.table_name}/index/AccessCountIndex"
|
|
]
|
|
}
|
|
]
|
|
})
|
|
}
|
|
|
|
# Local variables
|
|
locals {
|
|
table_name = var.table_name != "" ? var.table_name : "pathfinder-${var.environment}-pricing"
|
|
}
|
|
|
|
# API Gateway HTTP API
|
|
resource "aws_apigatewayv2_api" "crud_pricing_api" {
|
|
name = "airun-pathfinder-crud-pricing-${var.environment}"
|
|
protocol_type = "HTTP"
|
|
|
|
cors_configuration {
|
|
allow_origins = ["*"]
|
|
allow_methods = ["GET", "POST", "PUT", "OPTIONS"]
|
|
allow_headers = ["*"]
|
|
}
|
|
|
|
tags = {
|
|
Name = "crud-pricing-api"
|
|
}
|
|
}
|
|
|
|
resource "aws_apigatewayv2_stage" "default" {
|
|
api_id = aws_apigatewayv2_api.crud_pricing_api.id
|
|
name = "$default"
|
|
auto_deploy = true
|
|
}
|
|
|
|
resource "aws_apigatewayv2_integration" "lambda" {
|
|
api_id = aws_apigatewayv2_api.crud_pricing_api.id
|
|
integration_type = "AWS_PROXY"
|
|
integration_uri = aws_lambda_function.crud_pricing.invoke_arn
|
|
integration_method = "POST"
|
|
payload_format_version = "2.0"
|
|
}
|
|
|
|
resource "aws_apigatewayv2_route" "pricing_instance" {
|
|
api_id = aws_apigatewayv2_api.crud_pricing_api.id
|
|
route_key = "GET /pricing/{instanceType}"
|
|
target = "integrations/${aws_apigatewayv2_integration.lambda.id}"
|
|
}
|
|
|
|
resource "aws_apigatewayv2_route" "pricing_list" {
|
|
api_id = aws_apigatewayv2_api.crud_pricing_api.id
|
|
route_key = "GET /pricing"
|
|
target = "integrations/${aws_apigatewayv2_integration.lambda.id}"
|
|
}
|
|
|
|
resource "aws_lambda_permission" "api_gateway" {
|
|
statement_id = "AllowAPIGatewayInvoke"
|
|
action = "lambda:InvokeFunction"
|
|
function_name = aws_lambda_function.crud_pricing.function_name
|
|
principal = "apigateway.amazonaws.com"
|
|
source_arn = "${aws_apigatewayv2_api.crud_pricing_api.execution_arn}/*/*"
|
|
}
|