Merge pull request #55 from pablo19sc/main

Updating Lambda configuration
aws-ia · May 20, 2024 · 376eb2a · 376eb2a
2 parents 50e177a + 8dd0721
commit 376eb2a
Show file tree

Hide file tree

Showing 16 changed files with 132 additions and 145 deletions.
diff --git a/.header.md b/.header.md
@@ -100,11 +100,12 @@ You can create more than 1 Target Groups with this module, as this variable expe
 
 The `config` attribute *- map(any) -* supports the following:
 
-- `port`             = (number) Port on which the targets are listening.
-- `protocol`         = (string) Protocol to use for routing traffic to the targets. Valid values: `HTTP` and `HTTPS`.
-- `vpc_identifier`   = (string) VPC ID.
-- `ip_address_type`  = (Optional|string) IP address type for the target group. Valid values: `IPV4` and `IPV6`. If type is set to `ALB`, this parameter should not be specified.
-- `protocol_version` = (Optional|string) Protocol version. Valid values: `HTTP1` (default), `HTTP2`, `GRPC`.
+- `port`                           = (number) Port on which the targets are listening. Not supported if type is set to `LAMBDA`.
+- `protocol`                       = (string) Protocol to use for routing traffic to the targets. Valid values: `HTTP` and `HTTPS`. Not supported if type is set to `LAMBDA`.
+- `vpc_identifier`                 = (string) VPC ID. Not supported if type is set to `LAMBDA`.
+- `ip_address_type`                = (Optional|string) IP address type for the target group. Valid values: `IPV4` and `IPV6`. Not supported if type is set to `LAMBDA` or `ALB`.
+- `protocol_version`               = (Optional|string) Protocol version. Valid values: `HTTP1` (default), `HTTP2`, `GRPC`. Not supported if type is set to `LAMBDA`.
+- `lambda_event_structure_version` = (Optional|string) The version of the event structure that the Lambda function receives. Valid values: `V1`and `V2` (default). Supported only if type is set to `LAMBDA`.
 
 The `health_check` attribute *- map(any) -* supports the following:
 
@@ -124,33 +125,15 @@ The `targets` attribute *- map(any) -* supports the following:
 - `id`   = (Required|string) The ID of the target. If the target type of the target group is INSTANCE, this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA, this is the ARN of the Lambda function. If the target type is ALB, this is the ARN of the Application Load Balancer.
 - `port` = (Optional|number) The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443. Attribute not needed with target type of `LAMBDA`.
 
-Example of a `LAMBDA` type target group:
+Example of an `LAMBDA` and `IP` type target groups:
 
 ```hcl
 target_groups = {
     lambdatarget = {
-        name = "lambdatarget"
         type = "LAMBDA"
-    }
-}
-```
-
-Example of an `INSTANCE` and `IP` type target groups (without health checks): **(TO ADD TARGETS WHEN AVAILABLE)**
-
-```hcl
-target_groups = {
-    instancetarget = {
-        type = "INSTANCE"
-        config = {
-            port            = 80
-            protocol        = "HTTP"
-            vpc_identifier  = "vpc-XXX"
-            ip_address_type = "IPV4"
-        }
-        health_check = {
-            enabled = false
+        targets = {
+          mylambda = { id = aws_lambda_function.lambda.arn }
         }
-        targets = {}
     }
 
     iptarget = {
@@ -164,7 +147,20 @@ target_groups = {
         health_check = {
             enabled = false
         }
-        targets = {}
+        targets = {
+          ip1 = {
+            id   = "10.0.0.10"
+            port = 80
+          }
+          ip2 = {
+            id   = "10.0.0.20"
+            port = 80
+          }
+          ip3 = {
+            id   = "10.0.0.30"
+            port = 80
+          }
+        }
     }
 }
 ```

diff --git a/README.md b/README.md
@@ -101,11 +101,12 @@ You can create more than 1 Target Groups with this module, as this variable expe
 
 The `config` attribute *- map(any) -* supports the following:
 
-- `port`             = (number) Port on which the targets are listening.
-- `protocol`         = (string) Protocol to use for routing traffic to the targets. Valid values: `HTTP` and `HTTPS`.
-- `vpc_identifier`   = (string) VPC ID.
-- `ip_address_type`  = (Optional|string) IP address type for the target group. Valid values: `IPV4` and `IPV6`. If type is set to `ALB`, this parameter should not be specified.
-- `protocol_version` = (Optional|string) Protocol version. Valid values: `HTTP1` (default), `HTTP2`, `GRPC`.
+- `port`                           = (number) Port on which the targets are listening. Not supported if type is set to `LAMBDA`.
+- `protocol`                       = (string) Protocol to use for routing traffic to the targets. Valid values: `HTTP` and `HTTPS`. Not supported if type is set to `LAMBDA`.
+- `vpc_identifier`                 = (string) VPC ID. Not supported if type is set to `LAMBDA`.
+- `ip_address_type`                = (Optional|string) IP address type for the target group. Valid values: `IPV4` and `IPV6`. Not supported if type is set to `LAMBDA` or `ALB`.
+- `protocol_version`               = (Optional|string) Protocol version. Valid values: `HTTP1` (default), `HTTP2`, `GRPC`. Not supported if type is set to `LAMBDA`.
+- `lambda_event_structure_version` = (Optional|string) The version of the event structure that the Lambda function receives. Valid values: `V1`and `V2` (default). Supported only if type is set to `LAMBDA`.
 
 The `health_check` attribute *- map(any) -* supports the following:
 
@@ -125,33 +126,15 @@ The `targets` attribute *- map(any) -* supports the following:
 - `id`   = (Required|string) The ID of the target. If the target type of the target group is INSTANCE, this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA, this is the ARN of the Lambda function. If the target type is ALB, this is the ARN of the Application Load Balancer.
 - `port` = (Optional|number) The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443. Attribute not needed with target type of `LAMBDA`.
 
-Example of a `LAMBDA` type target group:
+Example of an `LAMBDA` and `IP` type target groups:
 
 ```hcl
 target_groups = {
     lambdatarget = {
-        name = "lambdatarget"
         type = "LAMBDA"
-    }
-}
-```
-
-Example of an `INSTANCE` and `IP` type target groups (without health checks): **(TO ADD TARGETS WHEN AVAILABLE)**
-
-```hcl
-target_groups = {
-    instancetarget = {
-        type = "INSTANCE"
-        config = {
-            port            = 80
-            protocol        = "HTTP"
-            vpc_identifier  = "vpc-XXX"
-            ip_address_type = "IPV4"
-        }
-        health_check = {
-            enabled = false
+        targets = {
+          mylambda = { id = aws_lambda_function.lambda.arn }
         }
-        targets = {}
     }
 
     iptarget = {
@@ -165,7 +148,20 @@ target_groups = {
         health_check = {
             enabled = false
         }
-        targets = {}
+        targets = {
+          ip1 = {
+            id   = "10.0.0.10"
+            port = 80
+          }
+          ip2 = {
+            id   = "10.0.0.20"
+            port = 80
+          }
+          ip3 = {
+            id   = "10.0.0.30"
+            port = 80
+          }
+        }
     }
 }
 ```

diff --git a/VERSION b/VERSION
@@ -1 +1 @@
-v0.0.0
+v0.1.0
diff --git a/main.tf b/main.tf
@@ -87,6 +87,10 @@ resource "aws_vpclattice_target_group" "lambda_lattice_target_group" {
   name = try(each.value.name, each.key)
   type = each.value.type
 
+  config {
+    lambda_event_structure_version = try(each.value.config.lambda_event_structure_version, "V2")
+  }
+
   tags = module.tags.tags_aws
 }
 
@@ -134,13 +138,14 @@ resource "aws_vpclattice_target_group" "lattice_target_group" {
 # VPC Lattice Targets
 module "targets" {
   for_each = {
-    for k, v in var.target_groups : k => v.targets
+    for k, v in var.target_groups : k => v
     if contains(keys(v), "targets")
   }
   source = "./modules/targets"
 
-  target_group_identifier = try(aws_vpclattice_target_group.lambda_lattice_target_group[each.key].id, aws_vpclattice_target_group.lattice_target_group[each.key].id)
-  targets                 = each.value
+  target_type             = each.value.type
+  target_group_identifier = try(aws_vpclattice_target_group.lambda_lattice_target_group[each.key].arn, aws_vpclattice_target_group.lattice_target_group[each.key].arn)
+  targets                 = each.value.targets
 }
 
 # ---------- LISTENERS AND RULES ----------

diff --git a/modules/targets/main.tf b/modules/targets/main.tf
@@ -10,4 +10,18 @@ resource "aws_vpclattice_target_group_attachment" "target_attachment" {
     id   = try(each.value.id, null)
     port = try(each.value.port, null)
   }
+}
+
+# AWS Lambda permission (only if LAMDBA type)
+resource "aws_lambda_permission" "lambda_target_vpclattice" {
+  for_each = {
+    for k, v in var.targets : k => v
+    if var.target_type == "LAMBDA"
+  }
+
+  statement_id  = "AllowExecutionFromVpcLattice"
+  action        = "lambda:InvokeFunction"
+  function_name = split(":", each.value.id)[6]
+  principal     = "vpc-lattice.amazonaws.com"
+  source_arn    = var.target_group_identifier
 }
diff --git a/modules/targets/variables.tf b/modules/targets/variables.tf
@@ -1,5 +1,10 @@
 # --- modules/targets/variables.tf ---
 
+variable "target_type" {
+  type        = string
+  description = "Target type."
+}
+
 variable "target_group_identifier" {
   type        = string
   description = "Target group identifier."

diff --git a/test/examples_service_association_test.go b/test/examples_service_association_test.go
diff --git a/test/examples_service_network_test.go b/test/examples_service_network_test.go
diff --git a/test/examples_service_test.go b/test/examples_service_test.go
diff --git a/test/examples_target_groups_test.go b/test/examples_target_groups_test.go
diff --git a/test/examples_vpc_associations_test.go b/test/examples_vpc_associations_test.go
diff --git a/tests/01_mandatory.tftest.hcl b/tests/01_mandatory.tftest.hcl
@@ -6,13 +6,13 @@
 run "mandatory_plan_basic" {
   command = plan
   module {
-    source = "./examples/service"
+    source = "./examples/service_network"
   }
 }
 
 run "mandatory_apply_basic" {
   command = apply
   module {
-    source = "./examples/service"
+    source = "./examples/service_network"
   }
 }
diff --git a/tests/02_service.tftest.hcl b/tests/02_service.tftest.hcl
@@ -0,0 +1,14 @@
+
+run "plan_service" {
+  command = plan
+  module {
+    source = "./examples/service"
+  }
+}
+
+run "apply_service" {
+  command = apply
+  module {
+    source = "./examples/service"
+  }
+}
diff --git a/tests/03_service_association b/tests/03_service_association
@@ -0,0 +1,14 @@
+
+run "plan_service_association" {
+  command = plan
+  module {
+    source = "./examples/service_association"
+  }
+}
+
+run "apply_service_association" {
+  command = apply
+  module {
+    source = "./examples/service_association"
+  }
+}
diff --git a/tests/04_target_groups b/tests/04_target_groups
@@ -0,0 +1,14 @@
+
+run "plan_target_groups" {
+  command = plan
+  module {
+    source = "./examples/target_groups"
+  }
+}
+
+run "apply_target_groups" {
+  command = apply
+  module {
+    source = "./examples/target_groups"
+  }
+}
diff --git a/tests/05_vpc_associations b/tests/05_vpc_associations
@@ -0,0 +1,14 @@
+
+run "plan_vpc_associations" {
+  command = plan
+  module {
+    source = "./examples/vpc_associations"
+  }
+}
+
+run "apply_vpc_associations" {
+  command = apply
+  module {
+    source = "./examples/vpc_associations"
+  }
+}