Obbart/StandOut
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
4c85bbeb9059444683af6dc9328af51ced5d3a6c
StandOut/master.tf
Emanuele 4c85bbeb90 Added Lambda Skeleton
2024-04-17 19:35:55 +02:00

123 lines
2.6 KiB
HCL
Raw Blame History

terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}
# Configure the AWS Provider
provider "aws" {
region = "eu-west-1"
}
# Create a VPC
resource "aws_vpc" "vpc_standout" {
cidr_block = "10.0.0.0/16"
}
# create an s3 bucket for data
resource "aws_s3_bucket" "s3_standout" {
bucket = "standout-data"
force_destroy = true
}
resource "aws_s3_bucket_ownership_controls" "s3_standout_ownership" {
bucket = aws_s3_bucket.s3_standout.id
rule {
object_ownership = "BucketOwnerPreferred"
}
}
resource "aws_s3_bucket_public_access_block" "s3_standout_public_access" {
bucket = aws_s3_bucket.s3_standout.id
block_public_acls = true
block_public_policy = true
ignore_public_acls = true
restrict_public_buckets = true
}
resource "aws_s3_bucket_acl" "s3_standout_public_acl" {
depends_on = [
aws_s3_bucket_ownership_controls.s3_standout_ownership,
aws_s3_bucket_public_access_block.s3_standout_public_access,
]
bucket = aws_s3_bucket.s3_standout.id
acl = "public-read"
}
resource "aws_s3_bucket_policy" "s3_standout_policy" {
bucket = aws_s3_bucket.s3_standout.id
policy = data.aws_iam_policy_document.s3_standout_allow_lambda.json
}
data "aws_iam_policy_document" "s3_standout_allow_lambda" {
statement {
principals {
type = "AWS"
identifiers = ["*"]
}
actions = [
"s3:Get*",
"s3:List*",
"s3:Put*"
]
resources = [
"${aws_s3_bucket.s3_standout.arn}/*",
]
}
}
# create a redirect lambda function
data "aws_iam_policy_document" "lambda_role" {
statement {
effect = "Allow"
principals {
type = "Service"
identifiers = ["lambda.amazonaws.com"]
}
actions = ["sts:AssumeRole"]
}
}
resource "aws_iam_role" "iam_for_lambda" {
name = "iam_for_lambda"
assume_role_policy = data.aws_iam_policy_document.lambda_role.json
}
data "archive_file" "lambda_standout_code" {
type = "zip"
source_file = "./lambda_redirect/lambda_redirect.py"
output_path = "standout_lambda_function.zip"
}
resource "aws_lambda_function" "lambda_standout_redirect" {
# If the file is not in the current working directory you will need to include a
# path.module in the filename.
filename = "standout_lambda_function.zip"
function_name = "standout-redirect"
role = aws_iam_role.iam_for_lambda.arn
handler = "lambda_handler"
source_code_hash = data.archive_file.lambda_standout_code.output_base64sha256
runtime = "python3.10"
#environment {
# variables = {
# foo = "bar"
# }
#}
}
# create a route 53 configuration
Reference in New Issue View Git Blame Copy Permalink