added submodule for S3 events (#43)

Author: moritzzimmer

README.md

@@ -8,6 +8,7 @@ The following [event sources](https://docs.aws.amazon.com/lambda/latest/dg/invok
 
 - `cloudwatch-scheduled-event`: configures a [CloudWatch Event Rule](https://www.terraform.io/docs/providers/aws/r/cloudwatch_event_rule.html) to trigger the Lambda on a regular, scheduled basis
 - `dynamodb`: configures an [Event Source Mapping](https://www.terraform.io/docs/providers/aws/r/lambda_event_source_mapping.html) to trigger the Lambda by DynamoDb events
+- `s3`: configures permission to trigger the Lambda by S3
 - `sns`: to trigger Lambda by [SNS Topic Subscription](https://www.terraform.io/docs/providers/aws/r/sns_topic_subscription.html)
 
 Furthermore this module supports:
@@ -73,6 +74,7 @@ module "lambda" {
 
 - [example-with-cloudwatch-scheduled-event](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-cloudwatch-scheduled-event)
 - [example-with-dynamodb-event-source](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-dynamodb-event)
+- [example-with-s3-event](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-s3-event)
 - [example-with-sns-event](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-sns-event)
 - [example-with-vpc](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-with-vpc)
 - [example-without-event](https://github.com/spring-media/terraform-aws-lambda/tree/master/examples/example-without-event)

examples/example-with-s3-event/README.md

@@ -0,0 +1,15 @@
+# Example with S3 event
+
+Creates an AWS Lambda function triggered by a S3 [event](https://docs.aws.amazon.com/lambda/latest/dg/with-s3.html).
+
+## requirements
+
+- [Terraform 0.12+](https://www.terraform.io/)
+- authentication configuration for the [aws provider](https://www.terraform.io/docs/providers/aws/)
+
+## usage
+
+```
+terraform init
+terraform plan
+```

examples/example-with-s3-event/main.tf

@@ -0,0 +1,38 @@
+provider "aws" {
+  region = "eu-west-1"
+}
+
+resource "aws_s3_bucket_notification" "bucket_notification" {
+  bucket = "bucketname"
+
+  lambda_function {
+    lambda_function_arn = module.lambda.arn
+    events              = ["s3:ObjectCreated:*"]
+  }
+}
+
+module "lambda" {
+  source        = "../../"
+  description   = "Example AWS Lambda using go with S3 trigger"
+  filename      = "${path.module}/test_function.zip"
+  function_name = "tf-example-go-s3"
+  handler       = "example-lambda-func"
+  runtime       = "go1.x"
+
+  event = {
+    type          = "s3"
+    s3_bucket_arn = "arn:aws:s3:::bucketname"
+    s3_bucket_id  = "bucketname"
+  }
+
+  tags = {
+    key = "value"
+  }
+
+  environment = {
+    variables = {
+      key = "value"
+    }
+  }
+}
+

examples/example-with-s3-event/test_function.zip

@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}

examples/example-with-s3-event/versions.tf

@@ -40,6 +40,15 @@ module "event-sns" {
   topic_arn     = lookup(var.event, "topic_arn", "")
 }
 
+module "event-s3" {
+  source = "./modules/event/s3"
+  enable = lookup(var.event, "type", "") == "s3" ? true : false
+
+  lambda_function_arn = module.lambda.arn
+  s3_bucket_arn       = lookup(var.event, "s3_bucket_arn", "")
+  s3_bucket_id        = lookup(var.event, "s3_bucket_id", "")
+}
+
 resource "aws_cloudwatch_log_group" "lambda" {
   name              = "/aws/lambda/${module.lambda.function_name}"
   retention_in_days = var.log_retention_in_days

main.tf

@@ -0,0 +1,8 @@
+resource "aws_lambda_permission" "allow_bucket" {
+  count         = var.enable ? 1 : 0
+  action        = "lambda:InvokeFunction"
+  function_name = var.lambda_function_arn
+  principal     = "s3.amazonaws.com"
+  statement_id  = "AllowExecutionFromS3Bucket"
+  source_arn    = var.s3_bucket_arn
+}

modules/event/s3/main.tf

@@ -0,0 +1,34 @@
+# ---------------------------------------------------------------------------------------------------------------------
+# REQUIRED PARAMETERS
+# You must provide a value for each of these parameters.
+# ---------------------------------------------------------------------------------------------------------------------
+
+variable "lambda_function_arn" {
+  description = "The Amazon Resource Name (ARN) identifying the Lambda Function triggered by S3"
+}
+
+variable "s3_bucket_arn" {
+  description = "The ARN of the bucket."
+}
+
+variable "s3_bucket_id" {
+  description = "The name of the bucket."
+}
+
+# ---------------------------------------------------------------------------------------------------------------------
+# OPTIONAL PARAMETERS
+# These parameters have reasonable defaults.
+# ---------------------------------------------------------------------------------------------------------------------
+
+variable "enable" {
+  description = "Conditionally enables this module (and all it's ressources)."
+  type        = bool
+  default     = false
+}
+
+variable "lambda_function_notification" {
+  description = "(multiple) Used to configure notifications to a Lambda Function. See https://www.terraform.io/docs/providers/aws/r/s3_bucket_notification.html#lambda_function for allowed values."
+  type        = list(map(string))
+  default     = []
+}
+

modules/event/s3/variables.tf

@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}

modules/event/s3/versions.tf

@@ -32,7 +32,7 @@ variable "environment" {
 }
 
 variable "event" {
-  description = "Event source configuration which triggers the Lambda function. Supported events: Scheduled Events, DynamoDb."
+  description = "Event source configuration which triggers the Lambda function. Supported events: cloudwatch-scheduled-event, dynamodb, s3, sns"
   type        = map(string)
   default     = {}
 }