diff --git a/README.md b/README.md index 5e0c983..7646374 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,7 @@ This module will deploy a Lambda function. - `security_group_ids` - (string) - **REQUIRED** The VPC security groups assigned to the Lambda. - `subnet_ids` - (string) - **REQUIRED** The VPC subnets in which the Lambda runs. - `timeout` (number) - The maximum time in seconds that the Lambda can run for +- `reserved_concurrent_executions` (number) - The amount of reserved concurrent executions for this lambda function. ## Usage diff --git a/main.tf b/main.tf index 7ac8ad1..05432fd 100644 --- a/main.tf +++ b/main.tf @@ -1,16 +1,17 @@ resource "aws_lambda_function" "lambda_function" { - s3_bucket = "${var.s3_bucket}" - s3_key = "${var.s3_key}" - function_name = "${var.function_name}" - role = "${aws_iam_role.iam_for_lambda.arn}" - handler = "${var.handler}" - runtime = "${var.runtime}" - timeout = "${var.timeout}" - memory_size = "${var.memory_size}" + s3_bucket = "${var.s3_bucket}" + s3_key = "${var.s3_key}" + function_name = "${var.function_name}" + role = "${aws_iam_role.iam_for_lambda.arn}" + handler = "${var.handler}" + runtime = "${var.runtime}" + timeout = "${var.timeout}" + memory_size = "${var.memory_size}" + reserved_concurrent_executions = "${var.reserved_concurrent_executions}" vpc_config { subnet_ids = "${var.subnet_ids}" - security_group_ids = ["${var.security_group_ids}"] + security_group_ids = "${var.security_group_ids}" } environment { diff --git a/test/Dockerfile b/test/Dockerfile index cbe0240..2b0d871 100644 --- a/test/Dockerfile +++ b/test/Dockerfile @@ -1,9 +1,9 @@ FROM python:3-alpine COPY requirements.txt . -ENV TERRAFORM_VERSION=0.9.5 +ENV TERRAFORM_VERSION=0.11.11 ENV TERRAFORM_ZIP=terraform_${TERRAFORM_VERSION}_linux_amd64.zip -ENV TERRAFORM_SUM=0cbb5474c76d878fbc99e7705ce6117f4ea0838175c13b2663286a207e38d783 +ENV TERRAFORM_SUM=94504f4a67bad612b5c8e3a4b7ce6ca2772b3c1559630dfd71e9c519e3d6149c RUN apk add -U ca-certificates curl && \ cd /tmp && \ diff --git a/test/infra/main.tf b/test/infra/main.tf index 230c79a..f0ef5e4 100644 --- a/test/infra/main.tf +++ b/test/infra/main.tf @@ -1,4 +1,5 @@ provider "aws" { + version = ">= 2.15" skip_credentials_validation = true skip_metadata_api_check = true skip_get_ec2_platforms = true @@ -11,15 +12,16 @@ provider "aws" { } module "lambda" { - source = "../.." - s3_bucket = "cdflow-lambda-releases" - s3_key = "s3key.zip" - function_name = "check_lambda_function" - handler = "some_handler" - runtime = "python" - lambda_env = "${var.lambda_env}" - subnet_ids = "${var.subnet_ids}" - security_group_ids = "${var.security_group_ids}" + source = "../.." + s3_bucket = "cdflow-lambda-releases" + s3_key = "s3key.zip" + function_name = "check_lambda_function" + handler = "some_handler" + runtime = "python3.7" + lambda_env = "${var.lambda_env}" + subnet_ids = "${var.subnet_ids}" + security_group_ids = "${var.security_group_ids}" + reserved_concurrent_executions = "${var.reserved_concurrent_executions}" } variable "subnet_ids" { @@ -40,6 +42,11 @@ variable "lambda_env" { default = {} } +variable "reserved_concurrent_executions" { + description = "Reserved concurrent executions for this Lambda" + default = -1 +} + output "lambda_function_arn" { value = "${module.lambda.lambda_arn}" } diff --git a/test/run b/test/run index e436084..61a69c7 100755 --- a/test/run +++ b/test/run @@ -14,6 +14,4 @@ docker run \ -w $repo_dir \ -v $repo_dir:$repo_dir \ $name \ - py.test \ - --tb=short \ - "$@" + sh -c "terraform init && py.test --tb=short "$@"" diff --git a/test/test_lambda.py b/test/test_lambda.py index 8bd7a66..d3f3b73 100644 --- a/test/test_lambda.py +++ b/test/test_lambda.py @@ -31,24 +31,28 @@ def test_create_lambda(self): ]).decode('utf-8') assert dedent(""" + module.lambda.aws_lambda_function.lambda_function - arn: "" - environment.#: "1" - function_name: "check_lambda_function" - handler: "some_handler" - invoke_arn: "" - last_modified: "" - memory_size: "128" - publish: "false" - qualified_arn: "" - role: "${aws_iam_role.iam_for_lambda.arn}" - runtime: "python" - s3_bucket: "cdflow-lambda-releases" - s3_key: "s3key.zip" - source_code_hash: "" - timeout: "3" - version: "" - vpc_config.#: "1" - vpc_config.0.vpc_id: "" + id: + arn: + environment.#: "1" + function_name: "check_lambda_function" + handler: "some_handler" + invoke_arn: + last_modified: + memory_size: "128" + publish: "false" + qualified_arn: + reserved_concurrent_executions: "-1" + role: "${aws_iam_role.iam_for_lambda.arn}" + runtime: "python3.7" + s3_bucket: "cdflow-lambda-releases" + s3_key: "s3key.zip" + source_code_hash: + source_code_size: + timeout: "3" + tracing_config.#: + version: + vpc_config.#: "1" + vpc_config.0.vpc_id: """).strip() in output def test_create_lambda_in_vpc(self): @@ -61,31 +65,35 @@ def test_create_lambda_in_vpc(self): 'test/infra' ]).decode('utf-8') assert dedent(""" - + module.lambda.aws_lambda_function.lambda_function - arn: "" - environment.#: "1" - function_name: "check_lambda_function" - handler: "some_handler" - invoke_arn: "" - last_modified: "" - memory_size: "128" - publish: "false" - qualified_arn: "" - role: "${aws_iam_role.iam_for_lambda.arn}" - runtime: "python" - s3_bucket: "cdflow-lambda-releases" - s3_key: "s3key.zip" - source_code_hash: "" - timeout: "3" - version: "" - vpc_config.#: "1" - vpc_config.0.security_group_ids.#: "1" - vpc_config.0.security_group_ids.4088798008: "4" - vpc_config.0.subnet_ids.#: "3" - vpc_config.0.subnet_ids.1842515611: "3" - vpc_config.0.subnet_ids.2212294583: "1" - vpc_config.0.subnet_ids.450215437: "2" - vpc_config.0.vpc_id: "" + + module.lambda.aws_lambda_function.lambda_function + id: + arn: + environment.#: "1" + function_name: "check_lambda_function" + handler: "some_handler" + invoke_arn: + last_modified: + memory_size: "128" + publish: "false" + qualified_arn: + reserved_concurrent_executions: "-1" + role: "${aws_iam_role.iam_for_lambda.arn}" + runtime: "python3.7" + s3_bucket: "cdflow-lambda-releases" + s3_key: "s3key.zip" + source_code_hash: + source_code_size: + timeout: "3" + tracing_config.#: + version: + vpc_config.#: "1" + vpc_config.0.security_group_ids.#: "1" + vpc_config.0.security_group_ids.4088798008: "4" + vpc_config.0.subnet_ids.#: "3" + vpc_config.0.subnet_ids.1842515611: "3" + vpc_config.0.subnet_ids.2212294583: "1" + vpc_config.0.subnet_ids.450215437: "2" + vpc_config.0.vpc_id: """).strip() in output def test_lambda_in_vpc_gets_correct_execution_role(self): @@ -99,6 +107,42 @@ def test_lambda_in_vpc_gets_correct_execution_role(self): ]).decode('utf-8') assert dedent(""" + module.lambda.aws_iam_role_policy_attachment.vpc_permissions - policy_arn: "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" - role: "${aws_iam_role.iam_for_lambda.name}" + id: + policy_arn: "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole" + role: "${aws_iam_role.iam_for_lambda.name}" + """).strip() in output + + def test_lambda_with_reserved_concurrent_executions(self): + output = check_output([ + 'terraform', + 'plan', + '-var', 'reserved_concurrent_executions=3', + '-no-color', + 'test/infra' + ]).decode('utf-8') + assert dedent(""" + + module.lambda.aws_lambda_function.lambda_function + id: + arn: + environment.#: "1" + function_name: "check_lambda_function" + handler: "some_handler" + invoke_arn: + last_modified: + memory_size: "128" + publish: "false" + qualified_arn: + reserved_concurrent_executions: "3" + role: "${aws_iam_role.iam_for_lambda.arn}" + runtime: "python3.7" + s3_bucket: "cdflow-lambda-releases" + s3_key: "s3key.zip" + source_code_hash: + source_code_size: + timeout: "3" + tracing_config.#: + version: + vpc_config.#: "1" + vpc_config.0.vpc_id: """).strip() in output + diff --git a/variables.tf b/variables.tf index 74cfb0f..568ffb5 100644 --- a/variables.tf +++ b/variables.tf @@ -73,3 +73,8 @@ variable "log_subscription_filter" { description = "Subscription filter to filter logs sent to datadog" default = "" } + +variable "reserved_concurrent_executions" { + description = "Reserved concurrent executions for this Lambda" + default = -1 +}