From 94ad4f13b5c567925e67dce8cdc0a1ae086e651a Mon Sep 17 00:00:00 2001
From: Ewa Stempel <ewa.stempel@digital.justice.gov.uk>
Date: Tue, 5 Dec 2023 18:14:03 +0000
Subject: [PATCH] Introducing destinations in lambda function

---
 README.md    |  5 +++--
 main.tf      | 22 +++++++++++++++++++++-
 variables.tf | 14 +++++++++++++-
 3 files changed, 37 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index d12e274..bbdd11d 100644
--- a/README.md
+++ b/README.md
@@ -37,8 +37,6 @@ module "lambda" {
 }
 
 ```
-<!--- BEGIN_TF_DOCS --->
-<!--- END_TF_DOCS --->
 
 ## Looking for issues?
 If you're looking to raise an issue with this module, please create a new issue in the [Modernisation Platform repository](https://github.com/ministryofjustice/modernisation-platform/issues).
@@ -70,6 +68,7 @@ No modules.
 | [aws_iam_role_policy_attachment.policy_arns](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_iam_role_policy_attachment.policy_from_json](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
 | [aws_lambda_function.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
+| [aws_lambda_function_event_invoke_config.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function_event_invoke_config) | resource |
 | [aws_lambda_permission.allowed_triggers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
 | [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.combined-assume-role-policy](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
@@ -97,6 +96,8 @@ No modules.
 | <a name="input_reserved_concurrent_executions"></a> [reserved\_concurrent\_executions](#input\_reserved\_concurrent\_executions) | The amount of reserved concurrent executions for this Lambda Function. A value of 0 disables Lambda Function from being triggered and -1 removes any concurrency limitations. Defaults to Unreserved Concurrency Limits -1. | `number` | `-1` | no |
 | <a name="input_role_description"></a> [role\_description](#input\_role\_description) | Description of IAM role to use for Lambda Function | `string` | `null` | no |
 | <a name="input_role_name"></a> [role\_name](#input\_role\_name) | Name of IAM role to use for Lambda Function | `string` | `null` | no |
+| <a name="input_sns_topic_on_failure"></a> [sns\_topic\_on\_failure](#input\_sns\_topic\_on\_failure) | A json policy document is being passed into the module | `string` | `""` | no |
+| <a name="input_sns_topic_on_success"></a> [sns\_topic\_on\_success](#input\_sns\_topic\_on\_success) | A json policy document is being passed into the module | `string` | `""` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Common tags to be used by all resources | `map(string)` | n/a | yes |
 | <a name="input_timeout"></a> [timeout](#input\_timeout) | The amount of time your Lambda Function has to run in seconds. | `number` | `3` | no |
 | <a name="input_tracing_mode"></a> [tracing\_mode](#input\_tracing\_mode) | Tracing mode of the Lambda Function. Valid value can be either PassThrough or Active. | `string` | `null` | no |
diff --git a/main.tf b/main.tf
index 22d33ad..6d8c512 100644
--- a/main.tf
+++ b/main.tf
@@ -92,4 +92,24 @@ resource "aws_lambda_permission" "allowed_triggers" {
   action       = try(each.value.action, "lambda:InvokeFunction")
   principal    = try(each.value.principal, format("%s.amazonaws.com", try(each.value.service, "")))
   source_arn   = try(each.value.source_arn, null)
-}
\ No newline at end of file
+}
+
+resource "aws_lambda_function_event_invoke_config" "this" {
+  count = var.sns_topic_on_success == "" && var.sns_topic_on_failure == "" ? 0 : 1
+  function_name = aws_lambda_function.this.function_name
+
+  destination_config {
+    dynamic "on_failure" {
+      for_each = var.sns_topic_on_failure != "" ? [1] : []
+      content {
+        destination = var.sns_topic_on_failure
+      }
+    }
+    dynamic "on_success" {
+      for_each = var.sns_topic_on_success != "" ? [1] : []
+      content {
+        destination = var.sns_topic_on_success
+      }
+    }
+  }
+}
diff --git a/variables.tf b/variables.tf
index 7e62ec8..1c24908 100644
--- a/variables.tf
+++ b/variables.tf
@@ -98,10 +98,12 @@ variable "tracing_mode" {
   type        = string
   default     = null
 }
+
 variable "tags" {
   type        = map(string)
   description = "Common tags to be used by all resources"
 }
+
 variable "application_name" {
   type        = string
   description = "Name of application"
@@ -120,9 +122,19 @@ variable "memory_size" {
 }
 
 variable "policy_json_attached" {
-
   description = "A json policy document is being passed into the module"
   type        = bool
   default     = false
+}
+
+variable "sns_topic_on_failure" {
+  description = "A json policy document is being passed into the module"
+  type        = string
+  default     = ""
+}
 
+variable "sns_topic_on_success" {
+  description = "A json policy document is being passed into the module"
+  type        = string
+  default     = ""
 }