-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
25 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,3 +1,27 @@ | ||
| [](https://choosealicense.com/licenses/unlicense/) [](https://github.com/kunduso/add-aws-lambda-terraform/pulls?q=is%3Apr+is%3Aclosed) [](https://GitHub.com/kunduso/add-aws-lambda-terraform/pull/) | ||
| [](https://github.com/kunduso/add-aws-lambda-terraform/issues?q=is%3Aissue+is%3Aclosed) [](https://GitHub.com/kunduso/add-aws-lambda-terraform/issues/) | ||
| [](https://github.com/kunduso/add-aws-lambda-terraform/actions/workflows/terraform.yml) [](https://github.com/kunduso/add-aws-lambda-terraform/actions/workflows/code-scan.yml) | ||
| [](https://github.com/kunduso/add-aws-lambda-terraform/actions/workflows/terraform.yml) [](https://github.com/kunduso/add-aws-lambda-terraform/actions/workflows/code-scan.yml) | ||
|  | ||
| This repository contains the necessary files and configurations to deploy AWS cloud infrastructure resources using Terraform. For a detailed walkthrough on creating an AWS Lambda function using Terraform please check [-create-aws-lambda-using-github-actions](https://skundunotes.com/2024/06/18/automating-aws-lambda-deployment-harnessing-terraform-github-actions-and-python-for-cloudwatch-logging/). | ||
|
|
||
| Additionally, this repository includes: | ||
| </br> - a [Checkov pipeline](./.github/workflows/code-scan.yml) for scanning the Terraform code for security and compliance issues. | ||
|
|
||
| The entire setup and deployment process is automated via the GitHub Actions pipelines, eliminating the need for manual steps. | ||
|
|
||
| ## Prerequisites | ||
| For this code to function without errors, create an OpenID connect identity provider in Amazon Identity and Access Management that has a trust relationship with your GitHub repository. You can read about it [here](https://skundunotes.com/2023/02/28/securely-integrate-aws-credentials-with-github-actions-using-openid-connect/) to get a detailed explanation with steps. | ||
| <br />Store the `ARN` of the `IAM Role` as a GitHub secret which is referred in the `terraform.yml` file. | ||
| <br />For the **Infracost** integration, create an `INFRACOST_API_KEY` and store that as a GitHub Actions secret. You can manage the cost estimate process using a GitHub Actions variable `INFRACOST_SCAN_TYPE` where the value is either `hcl_code` or `tf_plan`, depending on the type of scan desired. | ||
| <br />You can read about that at - [integrate-Infracost-with-GitHub-Actions.](http://skundunotes.com/2023/07/17/estimate-aws-cloud-resource-cost-with-infracost-terraform-and-github-actions/) | ||
| ## Usage | ||
| Ensure that the policy attached to the IAM role whose credentials are being used in this configuration has permission to create and manage all the resources that are included in this repository. | ||
| <br />Review the code including the [`terraform.yml`](./.github/workflows/terraform.ymlt) to understand the steps in the GitHub Actions pipeline. Also review the terraform code to understand all the concepts associated with creating the AWS Cloud resources.. | ||
|
|
||
| <br />If you want to check the pipeline logs, click on the **Build Badges** above the image in this ReadMe. | ||
|
|
||
| ## Contributing | ||
| If you find any issues or have suggestions for improvement, feel free to open an issue or submit a pull request. Contributions are always welcome! | ||
|
|
||
| ## License | ||
| This code is released under the Unlicense License. See [LICENSE](LICENSE). |