Merge branch 'development' into feature/test-extract-lambda

4 files changed, 132 insertions, 87 deletions

diff --git a/terraform/lambda.tf b/terraform/lambda.tf
index 72d1306..e33bc79 100644
--- a/terraform/lambda.tf
+++ b/terraform/lambda.tf
@@ -12,12 +12,14 @@ resource "aws_s3_object" "extract_lambda_code" {
 }
 
 resource "aws_lambda_function" "extract_lambda" {
-  function_name = var.extract_lambda_name
-  s3_bucket     = aws_s3_bucket.lambda_code_bucket.bucket
-  s3_key        = aws_s3_object.extract_lambda_code.key
-  role          = aws_iam_role.multi_service_role.arn
-  handler       = "extract_lambda.extract"
-  runtime       = "python3.11"
+  function_name    = var.extract_lambda_name
+  s3_bucket        = aws_s3_bucket.lambda_code_bucket.bucket
+  s3_key           = aws_s3_object.extract_lambda_code.key
+  layers           = [aws_lambda_layer_version.lambda_layer.arn]
+  role             = aws_iam_role.multi_service_role.arn
+  handler          = "extract_lambda.lambda_handler"
+  runtime          = "python3.11"
+  source_code_hash = data.archive_file.extract_lambda_zip.output_base64sha256
 
   lifecycle {
     create_before_destroy = true
@@ -40,12 +42,14 @@ resource "aws_s3_object" "transform_lambda_code" {
 }
 
 resource "aws_lambda_function" "transform_lambda" {
-  function_name = var.transform_lambda_name
-  s3_bucket     = aws_s3_bucket.lambda_code_bucket.bucket
-  s3_key        = aws_s3_object.transform_lambda_code.key
-  role          = aws_iam_role.multi_service_role.arn
-  handler       = "transform_lambda.transform"
-  runtime       = "python3.11"
+  function_name    = var.transform_lambda_name
+  s3_bucket        = aws_s3_bucket.lambda_code_bucket.bucket
+  s3_key           = aws_s3_object.transform_lambda_code.key
+  layers           = [aws_lambda_layer_version.lambda_layer.arn]
+  role             = aws_iam_role.multi_service_role.arn
+  handler          = "transform_lambda.lambda_handler"
+  runtime          = "python3.11"
+  source_code_hash = data.archive_file.transform_lambda_zip.output_base64sha256
 
   lifecycle {
     create_before_destroy = true
@@ -68,12 +72,14 @@ resource "aws_s3_object" "load_lambda_code" {
 }
 
 resource "aws_lambda_function" "load_lambda" {
-  function_name = var.load_lambda_name
-  s3_bucket     = aws_s3_bucket.lambda_code_bucket.bucket
-  s3_key        = aws_s3_object.load_lambda_code.key
-  role          = aws_iam_role.multi_service_role.arn
-  handler       = "load_lambda.load"
-  runtime       = "python3.11"
+  function_name    = var.load_lambda_name
+  s3_bucket        = aws_s3_bucket.lambda_code_bucket.bucket
+  s3_key           = aws_s3_object.load_lambda_code.key
+  layers           = [aws_lambda_layer_version.lambda_layer.arn]
+  role             = aws_iam_role.multi_service_role.arn
+  handler          = "load_lambda.lambda_handler"
+  runtime          = "python3.11"
+  source_code_hash = data.archive_file.load_lambda_zip.output_base64sha256
 
   lifecycle {
     create_before_destroy = true
@@ -81,3 +87,39 @@ resource "aws_lambda_function" "load_lambda" {
 
   depends_on = [aws_s3_object.load_lambda_code]
 }
+
+# Lambda Layer Specification
+locals {
+  layer_dir    = "lambda_layer"
+  requirements = "requirements.txt"
+  layer_zip    = "layer.zip"
+  layer_name   = "lambda_layer_dev"
+}
+
+resource "null_resource" "prepare_layer" {
+  provisioner "local-exec" {
+    command = <<EOT
+      cd ${local.layer_dir}
+      rm -rf python
+      mkdir python
+      pip3 install -r ${local.requirements} -t python/
+      zip -r ${local.layer_zip} python 
+    EOT 
+  } #removed / at the end of python in line 99
+}
+
+resource "aws_s3_object" "lambda_layer_zip" {
+  bucket     = aws_s3_bucket.lambda_code_bucket.id #bucket instead of id
+  key        = "lambda_layer/${local.layer_name}/${local.layer_zip}"
+  source     = "${local.layer_dir}/${local.layer_zip}"
+  depends_on = [null_resource.prepare_layer]
+}
+
+resource "aws_lambda_layer_version" "lambda_layer" {
+  layer_name          = local.layer_name
+  compatible_runtimes = ["python3.11"]
+  s3_bucket           = aws_s3_bucket.lambda_layer_bucket.id #bucket instead of id
+  s3_key              = aws_s3_object.lambda_layer_zip.key
+  skip_destroy        = true
+  depends_on          = [aws_s3_object.lambda_layer_zip]
+}
diff --git a/terraform/main.tf b/terraform/main.tf
index 3b06701..310a251 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -4,6 +4,14 @@ terraform {
       source  = "hashicorp/aws"
       version = "~>5.0"
     }
+    null = {
+      source  = "hashicorp/null"
+      version = "~>3.2.2"
+    }
+    archive = {
+      source  = "hashicorp/archive"
+      version = "~>2.5.0"
+    }
   }
   backend "s3" {
     bucket = "bentley-project-secrets"
diff --git a/terraform/rds.tf b/terraform/rds.tf
index 88783b7..a013fb3 100644
--- a/terraform/rds.tf
+++ b/terraform/rds.tf
@@ -1,80 +1,70 @@
-data "aws_availability_zones" "available" {}
+# data "aws_availability_zones" "available" {}
 
-module "vpc" {
-  source  = "terraform-aws-modules/vpc/aws"
-  version = "5.12.1"
+# module "vpc" {
+#   source  = "terraform-aws-modules/vpc/aws"
+#   version = "5.12.1"
 
-  name                 = var.project_name
-  cidr                 = "10.0.0.0/16"
-  azs                  = data.aws_availability_zones.available.names
-  public_subnets       = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"]
-  enable_dns_hostnames = true
-  enable_dns_support   = true
-}
+#   name                 = var.project_name
+#   cidr                 = "10.0.0.0/16"
+#   azs                  = data.aws_availability_zones.available.names
+#   public_subnets       = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"]
+#   enable_dns_hostnames = true
+#   enable_dns_support   = true
+# }
 
-resource "aws_db_subnet_group" "Terrific-Totes-sub-gr" {
-  name       = "tt-db-subnet"
-  subnet_ids = module.vpc.public_subnets
+# resource "aws_db_subnet_group" "Terrific-Totes-sub-gr" {
+#   name       = "tt-db-subnet"
+#   subnet_ids = module.vpc.public_subnets
 
-  tags = {
-    Name = "${var.project_name}"
-  }
-}
+#   tags = {
+#     Name = "${var.project_name}"
+#   }
+# }
 
-resource "aws_security_group" "rds" {
-  name   = "${var.project_name}-rds"
-  vpc_id = module.vpc.vpc_id
+# resource "aws_security_group" "rds" {
+#   name   = "${var.project_name}-rds"
+#   vpc_id = module.vpc.vpc_id
 
-  ingress {
-    from_port   = 5432
-    to_port     = 5432
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
+#   ingress {
+#     from_port   = 5432
+#     to_port     = 5432
+#     protocol    = "tcp"
+#     cidr_blocks = ["0.0.0.0/0"]
+#   }
 
-  egress {
-    from_port   = 5432
-    to_port     = 5432
-    protocol    = "tcp"
-    cidr_blocks = ["0.0.0.0/0"]
-  }
+#   egress {
+#     from_port   = 5432
+#     to_port     = 5432
+#     protocol    = "tcp"
+#     cidr_blocks = ["0.0.0.0/0"]
+#   }
 
-  tags = {
-    Name = "${var.project_name}-rds"
-  }
-}
+#   tags = {
+#     Name = "${var.project_name}-rds"
+#   }
+# }
 
-resource "aws_db_parameter_group" "Terrific-Totes-param-gr" {
-  name   = "tt-db-param"
-  family = "postgres14"
+# resource "aws_db_parameter_group" "Terrific-Totes-param-gr" {
+#   name   = "tt-db-param"
+#   family = "postgres14"
 
-  parameter {
-    name  = "log_connections"
-    value = "1"
-  }
-}
+#   parameter {
+#     name  = "log_connections"
+#     value = "1"
+#   }
+# }
 
-resource "aws_db_instance" "terrific-totes-rds" {
-  db_name           = var.project_name
-  instance_class    = "db.t3.micro"
-  allocated_storage = 5
-  engine            = "postgres"
-  engine_version    = "14.10"
-  username          = "totes"
-  password          = "totes123"
-  # username          = "user credentials for the root user" # we could use .env here
-  # password          = "user password for the root user"    # we could use .env here
-  ### alternatively to providing username nad password we can specify:
-  # resource "aws_kms_key" "example_key" {
-  #       description = "Example KMS Key"
-  # }
-  # within the resource:
-  #   manage_master_user_password   = true
-  #   master_user_secret_kms_key_id = aws_kms_key.example.key_id
-  # }
-  db_subnet_group_name   = aws_db_subnet_group.Terrific-Totes-sub-gr.name
-  vpc_security_group_ids = [aws_security_group.rds.id]
-  parameter_group_name   = aws_db_parameter_group.Terrific-Totes-param-gr.name
-  publicly_accessible    = false
-  skip_final_snapshot    = true
-}
+# resource "aws_db_instance" "terrific-totes-rds" {
+#   db_name           = var.project_name
+#   instance_class    = "db.t3.micro"
+#   allocated_storage = 5
+#   engine            = "postgres"
+#   engine_version    = "14.10"
+#   username          = ""
+#   password          = ""
+#   db_subnet_group_name   = aws_db_subnet_group.Terrific-Totes-sub-gr.name
+#   vpc_security_group_ids = [aws_security_group.rds.id]
+#   parameter_group_name   = aws_db_parameter_group.Terrific-Totes-param-gr.name
+#   publicly_accessible    = false
+#   skip_final_snapshot    = true
+# }
diff --git a/terraform/s3.tf b/terraform/s3.tf
index d5cdee3..b3a863c 100644
--- a/terraform/s3.tf
+++ b/terraform/s3.tf
@@ -12,3 +12,8 @@ resource "aws_s3_bucket" "transform_bucket" {
 resource "aws_s3_bucket" "lambda_code_bucket" {
   bucket_prefix = "${var.s3_code_bucket_name}-"
 }
+
+### LAMBDA LAYER BUCKET
+resource "aws_s3_bucket" "lambda_layer_bucket" {
+  bucket_prefix = "lambda-layer-dev-"
+}
\ No newline at end of file