web-development/onmyoji-deck-builder
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

adding dev deployment

Browse Source
This commit is contained in:
Daniel Tomlinson
2021-03-19 04:18:40 +00:00
parent 2ac3a940fa
commit 5728f34b3b
8 changed files with 1220 additions and 519 deletions
Download Patch File Download Diff File Expand all files Collapse all files

144
.infrastructure/main.tf
View File

@@ -36,13 +36,15 @@ module "cloudfront_s3_cdn" {
tags = local.tags
aliases = var.aliases
index_document = "index.html"
lambda_function_association = [
{
event_type : "origin-request",
lambda_arn : aws_lambda_function.directory_indexes.qualified_arn,
include_body : false
}
]
error_document = "index.html"
website_enabled = true
# lambda_function_association = [
# {
# event_type : "origin-request",
# lambda_arn : aws_lambda_function.directory_indexes.qualified_arn,
# include_body : false
# }
# ]
# this policy sets the bucket to be public for all newly created files
additional_bucket_policy = <<-EOT
@@ -61,74 +63,74 @@ module "cloudfront_s3_cdn" {
EOT
}
data "archive_file" "lambda_main" {
type = "zip"
source_file = var.source_file
output_path = "${var.source_file}.zip"
}
# data "archive_file" "lambda_main" {
# type = "zip"
# source_file = var.source_file
# output_path = "${var.source_file}.zip"
# }
resource "aws_lambda_function" "directory_indexes" {
provider = aws.us_east_1
function_name = "${var.stage}-${var.name}-directory_indexes"
filename = "${var.source_file}.zip"
source_code_hash = data.archive_file.lambda_main.output_base64sha256
# s3_bucket = aws_s3_bucket.lambda_s3.id
# s3_key = var.lambda_key
handler = var.handler
runtime = var.runtime
role = aws_iam_role.lambda_role.arn
publish = true
tags = local.tags
# resource "aws_lambda_function" "directory_indexes" {
# provider = aws.us_east_1
# function_name = "${var.stage}-${var.name}-directory_indexes"
# filename = "${var.source_file}.zip"
# source_code_hash = data.archive_file.lambda_main.output_base64sha256
# # s3_bucket = aws_s3_bucket.lambda_s3.id
# # s3_key = var.lambda_key
# handler = var.handler
# runtime = var.runtime
# role = aws_iam_role.lambda_role.arn
# publish = true
# tags = local.tags
depends_on = [aws_iam_role_policy_attachment.lambda_logging]
}
# depends_on = [aws_iam_role_policy_attachment.lambda_logging]
# }
## Lambda iam role & policies
# ## Lambda iam role & policies
resource "aws_iam_role" "lambda_role" {
name = "${var.stage}-${var.name}-lambda"
tags = local.tags
# resource "aws_iam_role" "lambda_role" {
# name = "${var.stage}-${var.name}-lambda"
# tags = local.tags
assume_role_policy = <<-EOT
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com",
"edgelambda.amazonaws.com"
]
},
"Action": "sts:AssumeRole"
}
]
}
EOT
}
# assume_role_policy = <<-EOT
# {
# "Version": "2012-10-17",
# "Statement": [
# {
# "Effect": "Allow",
# "Principal": {
# "Service": [
# "lambda.amazonaws.com",
# "edgelambda.amazonaws.com"
# ]
# },
# "Action": "sts:AssumeRole"
# }
# ]
# }
# EOT
# }
resource "aws_iam_policy" "lambda_logging" {
name = "${var.stage}-${var.name}-lambda_logging"
policy = <<-EOT
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "arn:aws:logs:*:*:*",
"Effect": "Allow"
}
]
}
EOT
}
# resource "aws_iam_policy" "lambda_logging" {
# name = "${var.stage}-${var.name}-lambda_logging"
# policy = <<-EOT
# {
# "Version": "2012-10-17",
# "Statement": [
# {
# "Action": [
# "logs:CreateLogGroup",
# "logs:CreateLogStream",
# "logs:PutLogEvents"
# ],
# "Resource": "arn:aws:logs:*:*:*",
# "Effect": "Allow"
# }
# ]
# }
# EOT
# }
resource "aws_iam_role_policy_attachment" "lambda_logging" {
role = aws_iam_role.lambda_role.name
policy_arn = aws_iam_policy.lambda_logging.arn
}
# resource "aws_iam_role_policy_attachment" "lambda_logging" {
# role = aws_iam_role.lambda_role.name
# policy_arn = aws_iam_policy.lambda_logging.arn
# }