From 4c85bbeb9059444683af6dc9328af51ced5d3a6c Mon Sep 17 00:00:00 2001
From: Emanuele <ema.trabattoni@gmail.com>
Date: Wed, 17 Apr 2024 19:35:55 +0200
Subject: [PATCH] Added Lambda Skeleton

---
 .terraform.lock.hcl                |  19 +++++++++++
 lambda_redirect/lambda_redirect.py |  13 ++++++++
 master.tf                          |  51 ++++++++++++++++++++++++++---
 s3_policy.json                     |   0
 standout_lambda_function.zip       | Bin 0 -> 435 bytes
 5 files changed, 79 insertions(+), 4 deletions(-)
 create mode 100644 lambda_redirect/lambda_redirect.py
 delete mode 100644 s3_policy.json
 create mode 100644 standout_lambda_function.zip

diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
index 996d3a0..e22665b 100644
--- a/.terraform.lock.hcl
+++ b/.terraform.lock.hcl
@@ -1,6 +1,25 @@
 # This file is maintained automatically by "terraform init".
 # Manual edits may be lost in future updates.
 
+provider "registry.terraform.io/hashicorp/archive" {
+  version = "2.4.2"
+  hashes = [
+    "h1:G4v6F6Lhqlo3EKGBKEK/kJRhNcQiRrhEdUiVpBHKHOA=",
+    "zh:08faed7c9f42d82bc3d406d0d9d4971e2d1c2d34eae268ad211b8aca57b7f758",
+    "zh:3564112ed2d097d7e0672378044a69b06642c326f6f1584d81c7cdd32ebf3a08",
+    "zh:53cd9afd223c15828c1916e68cb728d2be1cbccb9545568d6c2b122d0bac5102",
+    "zh:5ae4e41e3a1ce9d40b6458218a85bbde44f21723943982bca4a3b8bb7c103670",
+    "zh:5b65499218b315b96e95c5d3463ea6d7c66245b59461217c99eaa1611891cd2c",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:7f45b35a8330bebd184c2545a41782ff58240ed6ba947274d9881dd5da44b02e",
+    "zh:87e67891033214e55cfead1391d68e6a3bf37993b7607753237e82aa3250bb71",
+    "zh:de3590d14037ad81fc5cedf7cfa44614a92452d7b39676289b704a962050bc5e",
+    "zh:e7e6f2ea567f2dbb3baa81c6203be69f9cd6aeeb01204fd93e3cf181e099b610",
+    "zh:fd24d03c89a7702628c2e5a3c732c0dede56fa75a08da4a1efe17b5f881c88e2",
+    "zh:febf4b7b5f3ff2adff0573ef6361f09b6638105111644bdebc0e4f575373935f",
+  ]
+}
+
 provider "registry.terraform.io/hashicorp/aws" {
   version     = "5.45.0"
   constraints = "~> 5.0"
diff --git a/lambda_redirect/lambda_redirect.py b/lambda_redirect/lambda_redirect.py
new file mode 100644
index 0000000..d4ef20b
--- /dev/null
+++ b/lambda_redirect/lambda_redirect.py
@@ -0,0 +1,13 @@
+
+def lambda_handler(event, context):
+
+    return {
+        "statusCode": 301,
+        "headers": {
+          "Cache-Control": "no-cache", 
+          #"Location": "https://standout-data.s3.eu-west-1.amazonaws.com/funnel-rotation-circles.jpg"
+          #"Location": "https://www.instagram.com/cosebrutteimpaginatebelle/?e=ec081328-9f83-4745-b6b7-aed1e87963df&g=5"
+          #"Location": "https://standout-data.s3.eu-west-1.amazonaws.com/Meter-Seneca.pdf"
+          #"Location": "https://standout-data.s3.eu-west-1.amazonaws.com/Lisa+Varano.vcf"
+          }
+    }
diff --git a/master.tf b/master.tf
index 268bd46..0b5465f 100644
--- a/master.tf
+++ b/master.tf
@@ -33,10 +33,10 @@ resource "aws_s3_bucket_ownership_controls" "s3_standout_ownership" {
 resource "aws_s3_bucket_public_access_block" "s3_standout_public_access" {
   bucket = aws_s3_bucket.s3_standout.id
 
-  block_public_acls       = false
-  block_public_policy     = false
-  ignore_public_acls      = false
-  restrict_public_buckets = false
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
 }
 
 resource "aws_s3_bucket_acl" "s3_standout_public_acl" {
@@ -75,5 +75,48 @@ data "aws_iam_policy_document" "s3_standout_allow_lambda" {
 
 # create a redirect lambda function
 
+data "aws_iam_policy_document" "lambda_role" {
+  statement {
+    effect = "Allow"
+
+    principals {
+      type        = "Service"
+      identifiers = ["lambda.amazonaws.com"]
+    }
+
+    actions = ["sts:AssumeRole"]
+  }
+}
+
+resource "aws_iam_role" "iam_for_lambda" {
+  name               = "iam_for_lambda"
+  assume_role_policy = data.aws_iam_policy_document.lambda_role.json
+}
+
+data "archive_file" "lambda_standout_code" {
+  type        = "zip"
+  source_file = "./lambda_redirect/lambda_redirect.py"
+  output_path = "standout_lambda_function.zip"
+}
+
+resource "aws_lambda_function" "lambda_standout_redirect" {
+  # If the file is not in the current working directory you will need to include a
+  # path.module in the filename.
+  filename      = "standout_lambda_function.zip"
+  function_name = "standout-redirect"
+  role          = aws_iam_role.iam_for_lambda.arn
+  handler       = "lambda_handler"
+
+  source_code_hash = data.archive_file.lambda_standout_code.output_base64sha256
+
+  runtime = "python3.10"
+
+  #environment {
+  #  variables = {
+  #    foo = "bar"
+  #  }
+  #}
+}
+
 # create a route 53 configuration 
 
diff --git a/s3_policy.json b/s3_policy.json
deleted file mode 100644
index e69de29..0000000
diff --git a/standout_lambda_function.zip b/standout_lambda_function.zip
new file mode 100644
index 0000000000000000000000000000000000000000..e3fa2646bb94538f4dd28122d833636707c63bed
GIT binary patch
literal 435
zcmWIWW@Zs#-~d7f2E{HQ0S7`rR!(AWQc7ZcQEEzNQEGCDUP0xWeqZmy4gziOe~O;w
zT6E*C$ujxO1r;y0&SP0`baQUai8Qk}eo}#d-e0QPFz?ktOP(`l4u3Z4JQ`*3LYrG(
zcS5N|-iL-G#)&qD`#$E*RB_@EoN(OX(PI-CZ#Oo%$LFG_EIsl3=9}kNlp=Tnr={-^
zC}Lmcy7lvsgVvE;o^dlD`<*)?S+4s19z*%OKA+PzM~r-xnIr8tZ91?Zd0k<Muv^&7
zHo1GY2Sv7itc~h-c@grVrby#5>tlmg*B4F{4_=meN!GPZ&7uC1r2IxMW#h8H48HCM
zA{G|UuzMhOcF&1VznyYlDTQ}`O<K7sbZc0H+2N$Ukx#en%iDJP^uhYN_kxnmRZdRK
zRU5wAulgR_vOAr_Ax{2`{^#^hclR?fF#P`?;LXml&hovtEF%MhAy6d1n~_O`84<k5
ga-iUafhCO~7G_`vc(byBWEg?a0Z7LJ&1GN!0Hb`T00000

literal 0
HcmV?d00001