[Terraform][Module/Test] EventBridge Scheduler

[Terraform][Module/Test] EventBridge Scheduler

terraform/modules/README.md

@@ -4,15 +4,15 @@
 
 TF Modules supports to deploy infra modules using [TF Datasource](../data/README.md), [TF Local](../local/README.md), [TF Resource](../resources/README.md).
 
-- [TF Audit Module](./audit/README.md)
-- [TF Compute Module](./compute/README.md)
-- [TF Database Module](./database/README.md)
-- [TF Deploy Module](./deploy/README.md)
-- [TF Domain Module](./domain/README.md)
-- [TF Iam Module worker](./iam_worker/README.md)
-- [TF Livestream Module](./livestream/README.md)
-- [TF Network Module](./network/README.md)
-- [TF Pipeline Module](./pipeline/README.md)
-- [TF Security Module](./security/README.md)
-- [TF Serverless Module](./serverless/README.md)
-- [TF Storage Module](./storage/README.md)
+- [TF Audit Module](./aws/audit/README.md)
+- [TF Compute Module](./aws/compute/README.md)
+- [TF Database Module](./aws/database/README.md)
+- [TF Deploy Module](./aws/deploy/README.md)
+- [TF Domain Module](./aws/domain/README.md)
+- [TF Iam Module worker](./aws/iam_worker/README.md)
+- [TF Livestream Module](./aws/livestream/README.md)
+- [TF Network Module](./aws/network/README.md)
+- [TF Pipeline Module](./aws/pipeline/README.md)
+- [TF Security Module](./aws/security/README.md)
+- [TF Serverless Module](./aws/serverless/README.md)
+- [TF Storage Module](./aws/storage/README.md)

terraform/modules/aws/network/README.md

@@ -1,8 +1,7 @@
-[< Backaward](../README.md)
+[< Backaward](../../README.md)
 
 # TF Network Module
 
 TF Network Modules support to deploy VPC, Subnets, IGW and so on.
 
-- [2-Tier VPC Network](./2_tier_vpc_network/README.md)
-- [3-Tier VPC Network](./3_tier_vpc_network/README.md)
+- [3-Tier VPC Network](./vpc_3_tier_network/README.md)

terraform/modules/aws/network/vpc_3_tier_network/README.md

@@ -0,0 +1,3 @@
+[< Backaward](../README.md)
+
+# VPC 3 Tier Network

terraform/modules/aws/serverless/eb_scheduler_labmda/_.provider.tf

@@ -0,0 +1,4 @@
+provider "aws" {
+  profile = var.profile
+  region  = var.region
+}

terraform/modules/aws/serverless/eb_scheduler_labmda/_.variables.tf

@@ -0,0 +1,54 @@
+# [Provider]
+variable "profile" {
+  type        = string
+  description = "aws configuration profile name"
+}
+
+variable "region" {
+  type        = string
+  description = "aws configuration region name"
+}
+
+
+# [Structure]
+variable "prefix" {
+  type        = string
+  description = <<-DESCRIPTION
+  Generally, prefix contains "service" and "stage"
+
+  - service must be 2~5, for example : "kevin"
+  - stage must be 2~5, for example : ["prod", "dev", "stage", "test"]
+  - prefix for examples : ["kevin-prod", "kevin-dev", "kevin-stage", "kevin-test"]
+  DESCRIPTION
+
+  validation {
+    condition     = can(regex("^[a-z\\-]{4,11}$", var.prefix))
+    error_message = "var.prefix must be 10 with lowercase eng"
+  }
+}
+
+variable "suffix" {
+  type        = string
+  description = <<-DESCRIPTION
+  Generally, suffix contains "region_name"
+
+  - regaion_name
+  - Best : "ap-ne-2"
+  - Worst : "ap-northeast-2"
+  DESCRIPTION
+
+  validation {
+    condition     = can(regex("^[a-z0-9\\-]{4,71}$", var.suffix))
+    error_message = "var.suffix must be 10 with lowercase eng"
+  }
+}
+
+# [Resource]
+variable "eb_sch_module_name" { type = string }
+variable "eb_sch_expression" { type = string }
+
+variable "eb_sch_labmda_vpc_id" { type = string }
+variable "eb_sch_labmda_subnet_ids" { type = list(string) }
+
+variable "eb_sch_lambda_tags" { type = map(any) }
+variable "eb_sch_lambda_sg_tags" { type = map(any) }

terraform/modules/aws/serverless/eb_scheduler_labmda/eb.sch.iam.role.tf

@@ -0,0 +1,31 @@
+module "eb_sch_iam_role" {
+  source = "../../../../resources/aws/iam/role"
+  name   = "${var.prefix}-iam-role-${var.eb_sch_module_name}-${var.suffix}"
+
+  assume_role_policy = {
+    Version = "2012-10-17",
+    Statement = [
+      {
+        Action    = ["sts:AssumeRole"],
+        Effect    = "Allow",
+        Principal = { Service = "lambda.amazonaws.com" }
+      }
+    ]
+  }
+
+  managed_policy_arns = []
+
+  inline_policy_name    = "${var.prefix}-iam-policy-${var.eb_sch_module_name}-${var.suffix}"
+  inline_policy_version = "2012-10-17"
+  inline_policy_statements = [
+    {
+      Action = [
+        "logs:CreateLogStream",
+        "logs:CreateLogGroup",
+        "logs:PutLogEvents"
+      ],
+      Effect   = "Allow",
+      Resource = ["*"]
+    }
+  ]
+}

terraform/modules/aws/serverless/eb_scheduler_labmda/eb.sch.lambda.sg.tf

@@ -0,0 +1,17 @@
+module "eb_sch_lambda_sg" {
+  source = "../../../../resources/aws/ec2/sg"
+
+  vpc_id = var.eb_sch_labmda_vpc_id
+  name   = "${var.prefix}-ec2-sg-${var.eb_sch_module_name}-${var.suffix}"
+
+  ingress_rules = []
+  egress_rules = [{
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }]
+
+  tags = var.eb_sch_lambda_sg_tags
+
+}

terraform/modules/aws/serverless/eb_scheduler_labmda/eb.sch.lambda.tf

@@ -0,0 +1,31 @@
+module "eb_sch_lambda" {
+  source = "../../../../resources/aws/lambda/function"
+
+  role = module.eb_sch_iam_role.arn
+
+  architectures = ["x86_64"]
+  function_name = "${var.prefix}-lambda-function-${var.eb_sch_module_name}-${var.suffix}"
+  handler       = "index.handler"
+
+  runtime          = "nodejs16.x"
+  filename         = "./sample-lambda.zip"
+  skip_destroy     = false
+  source_code_hash = "gp9qRIEwMBPJNVaM+zj7DBQokrdIKhLQ9HMntWNNzf8="
+  layers           = []
+
+  memory_size                    = 128
+  package_type                   = null
+  reserved_concurrent_executions = -1
+  timeout                        = 60
+  ephemeral_storage_size         = 512
+  tracing_config_mode            = "PassThrough"
+  environment                    = {}
+
+  vpc_config = {
+    ipv6_allowed_for_dual_stack = false
+    security_group_ids          = [module.eb_sch_lambda_sg.id]
+    subnet_ids                  = var.eb_sch_labmda_subnet_ids
+  }
+
+  tags = var.eb_sch_lambda_tags
+}

terraform/modules/aws/serverless/eb_scheduler_labmda/eb.sch.tf

@@ -0,0 +1,14 @@
+module "eb_sch" {
+  source = "../../../../resources/aws/eventbridge/scheduler"
+
+  name = "${var.prefix}-eb-sch-${var.eb_sch_module_name}-${var.suffix}"
+
+  group_name          = var.eb_sch_module_name
+  schedule_expression = var.eb_sch_expression
+
+  target_block = {
+    arn      = ""
+    role_arn = ""
+    input    = null
+  }
+}

terraform/modules/aws/serverless/eb_scheduler_labmda/sample.tfvars

@@ -0,0 +1,17 @@
+# [Provider]
+profile = "aws_profile"
+region  = "ap-northeast-2"
+
+# [Structure]
+prefix = "lay-prod"
+suffix = "ap-ne-2"
+
+# [Resources]
+eb_sch_module_name = "sample_module_name"
+eb_sch_expression = ""
+
+eb_sch_labmda_vpc_id = "sample_vpc_id"
+eb_sch_labmda_subnet_ids = ["sample_subnet_ids_1", "sample_subnet_ids_2"]
+
+eb_sch_lambda_tags = {}
+eb_sch_lambda_sg_tags = {}

terraform/resources/aws/iam/role/variables.tf

@@ -4,7 +4,16 @@ variable "name" {
 }
 
 variable "assume_role_policy" {
-  type = any
+  type = object({
+    Version = string
+    Statement = list(object({
+      Action = list(string)
+      Effect = string
+      Principal = object({
+        Service = string
+      })
+    }))
+  })
 }
 
 variable "managed_policy_arns" {
@@ -26,7 +35,7 @@ variable "inline_policy_statements" {
   type = list(object({
     Action   = list(string)
     Effect   = string
-    Resource = string
+    Resource = list(string)
   }))
   default = []
 }

terraform/test/modules/aws/serverless/eb_scheduler_labmda/main.serverless.eb_scheduler_lambda._test.go

@@ -0,0 +1,18 @@
+package main
+
+import (
+	"testing"
+
+	"github.com/gruntwork-io/terratest/modules/terraform"
+)
+
+func Test_Terraform_Modules_Aws_Serverless_EbSchedulerLambda(t *testing.T) {
+	tfOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
+		TerraformDir: "../../../../../modules/aws/serverless/eb_scheduler_labmda",
+		VarFiles:     []string{"./sample.tfvars"},
+	})
+
+	defer terraform.Destroy(t, tfOptions)
+
+	terraform.Init(t, tfOptions)
+}