xpk/terraform.examples
SHA256
1
0
Fork 0
Code Pull Requests Activity
Files
66ab8555d7a33a3cd974cbd44ba028b6f4d5f0618a8d6d1bb9ed46f8d698ba23
terraform.examples/LocalStack/Compute/LabLambda/main.tf
T
xpk 66ab8555d7 feat: added lambda layer
2026-02-20 10:36:38 +08:00

68 lines
2.2 KiB
Terraform
Raw Blame History

/**
* # LabLambda
*
* Download python packages and create lambda layer
* Create lambda function and allow invocation from scheduler
*
* ## Notes
* Packages need to be placed under a python/ subdirectory.
* e.g. python/pandas in the zip file
* See https://docs.aws.amazon.com/lambda/latest/dg/packaging-layers.html
*/
# build python package zip file
module "lambda_layer_archive" {
source = "../../../modules/compute/LambdaZipBuilder"
pip_packages = "pandas numpy pytz openpyxl"
upload_archive_to_s3 = false
pip_path = "/my/work/xpk-git/venv314/bin/pip3"
}
# create lambda layer
resource "aws_lambda_layer_version" "py_packages" {
description = "Python packages pandas numpy pytz openpyxl"
filename = module.lambda_layer_archive.archive_path
source_code_hash = module.lambda_layer_archive.archive_checksum
layer_name = "py_packages"
compatible_runtimes = ["python3.14"]
}
resource "archive_file" "lambda_function_archive" {
source_file = "${path.module}/helloworld.py"
output_path = "/tmp/helloworld.zip"
type = "zip"
}
resource "aws_lambda_function" "func1" {
function_name = "HelloWorldFunction"
runtime = "python3.14"
timeout = 5
role = module.lambda_role.role-arn
filename = archive_file.lambda_function_archive.output_path
source_code_hash = archive_file.lambda_function_archive.output_sha256
handler = "helloworld.lambda_handler"
layers = [aws_lambda_layer_version.py_packages.arn]
environment {
variables = {
foo = "bar"
}
}
}
# Allow invocation by eventbridge scheduler
resource "aws_lambda_permission" "func1" {
statement_id = "AllowExecutionFromScheduler"
function_name = aws_lambda_function.func1.function_name
action = "lambda:InvokeFunction"
principal = "scheduler.amazonaws.com"
}
module "lambda_role" {
source = "../../../modules/security_identity_compliance/iam-role-v2"
role-name = "LambdaFunctionRole"
description = "LambdaFunctionRole"
create-instance-profile = false
path = "/Lambda/"
trusted-entity = "lambda.amazonaws.com"
}
View Git Blame Copy Permalink