-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Basic Terraform Configuration and Version Lambda * Use the custom xeffect domain * Generic API and xeffect path
- Loading branch information
1 parent
8e33106
commit e4a9d49
Showing
8 changed files
with
345 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
# Ignore files without extensions. | ||
* | ||
!*.* | ||
!*/ | ||
|
||
*.tfstate | ||
*.tfstate.backup | ||
*.zip | ||
.terraform/ | ||
|
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,76 @@ | ||
variable "domain" { | ||
type = string | ||
default = "maxstanley.uk" | ||
} | ||
|
||
variable "subdomain" { | ||
type = string | ||
default = "api" | ||
} | ||
|
||
# Find Zone information for Cloudflare Domain. | ||
data "cloudflare_zones" "maxstanley" { | ||
filter { | ||
name = var.domain | ||
} | ||
} | ||
|
||
locals { | ||
zone_id = lookup(data.cloudflare_zones.maxstanley.zones[0], "id") | ||
} | ||
|
||
# Create DNS Validation request to create certificate. | ||
resource "aws_acm_certificate" "maxstanley" { | ||
provider = aws.us | ||
|
||
domain_name = var.domain | ||
subject_alternative_names = [ "*.${var.domain}" ] | ||
validation_method = "DNS" | ||
} | ||
|
||
# Create Cloudflare DNS Record with the DNS validation information provided. | ||
resource "cloudflare_record" "acm_maxstanley" { | ||
for_each = { | ||
for dvo in aws_acm_certificate.maxstanley.domain_validation_options : dvo.domain_name => { | ||
name = dvo.resource_record_name | ||
type = dvo.resource_record_type | ||
value = dvo.resource_record_value | ||
} if dvo.domain_name == var.domain | ||
} | ||
|
||
zone_id = local.zone_id | ||
|
||
name = each.value.name | ||
type = each.value.type | ||
value = each.value.value | ||
proxied = false | ||
ttl = 60 | ||
} | ||
|
||
# Validate the ownership of the domain to create the certificate. | ||
resource "aws_acm_certificate_validation" "maxstanley" { | ||
provider = aws.us | ||
|
||
certificate_arn = aws_acm_certificate.maxstanley.arn | ||
validation_record_fqdns = [for record in cloudflare_record.acm_maxstanley : record.hostname] | ||
|
||
timeouts { | ||
create = "2m" | ||
} | ||
} | ||
|
||
# Create an API Gateway with the desired hostname and appropriate certificate. | ||
resource "aws_api_gateway_domain_name" "api" { | ||
certificate_arn = aws_acm_certificate_validation.maxstanley.certificate_arn | ||
domain_name = "${var.subdomain}.${var.domain}" | ||
} | ||
|
||
# Create the DNS Record to point the desired hostname to the API Gateway. | ||
resource "cloudflare_record" "maxstanley" { | ||
zone_id = local.zone_id | ||
|
||
name = var.subdomain | ||
value = aws_api_gateway_domain_name.api.cloudfront_domain_name | ||
type = "CNAME" | ||
proxied = true | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
variable "lambda_zip_file" { | ||
type = string | ||
description = "The filename for the zip file to be created and upload to AWS." | ||
default = "lambda.zip" | ||
} | ||
|
||
data "archive_file" "lambda_zip" { | ||
type = "zip" | ||
source_file = "version/version" | ||
output_path = var.lambda_zip_file | ||
} | ||
|
||
resource "aws_lambda_function" "version" { | ||
function_name = "version" | ||
filename = var.lambda_zip_file | ||
handler = "version" | ||
source_code_hash = data.archive_file.lambda_zip.output_base64sha256 | ||
runtime = "go1.x" | ||
memory_size = 128 | ||
timeout = 10 | ||
role = aws_iam_role.iam_for_lambda.arn | ||
} | ||
|
||
resource "aws_iam_role" "iam_for_lambda" { | ||
name = "iam_for_lambda" | ||
assume_role_policy = <<EOF | ||
{ | ||
"Version": "2012-10-17", | ||
"Statement": [ | ||
{ | ||
"Action": "sts:AssumeRole", | ||
"Principal": { | ||
"Service": "lambda.amazonaws.com" | ||
}, | ||
"Effect": "Allow", | ||
"Sid": "" | ||
} | ||
] | ||
} | ||
EOF | ||
} | ||
|
||
resource "aws_api_gateway_rest_api" "api" { | ||
name = "version_api" | ||
} | ||
|
||
resource "aws_api_gateway_resource" "resource" { | ||
path_part = "version" | ||
parent_id = aws_api_gateway_rest_api.api.root_resource_id | ||
rest_api_id = aws_api_gateway_rest_api.api.id | ||
} | ||
|
||
resource "aws_api_gateway_method" "method" { | ||
rest_api_id = aws_api_gateway_rest_api.api.id | ||
resource_id = aws_api_gateway_resource.resource.id | ||
http_method = "GET" | ||
authorization = "NONE" | ||
} | ||
|
||
resource "aws_api_gateway_integration" "intergration" { | ||
rest_api_id = aws_api_gateway_rest_api.api.id | ||
resource_id = aws_api_gateway_resource.resource.id | ||
http_method = aws_api_gateway_method.method.http_method | ||
integration_http_method = "POST" | ||
type = "AWS_PROXY" | ||
uri = aws_lambda_function.version.invoke_arn | ||
} | ||
|
||
resource "aws_lambda_permission" "permission" { | ||
statement_id = "AllowExectionFromAPIGateway" | ||
action = "lambda:InvokeFunction" | ||
function_name = aws_lambda_function.version.function_name | ||
principal = "apigateway.amazonaws.com" | ||
|
||
source_arn = "${aws_api_gateway_rest_api.api.execution_arn}/*/*/*" | ||
} | ||
|
||
resource "aws_api_gateway_deployment" "version_deploy" { | ||
depends_on = [ aws_api_gateway_integration.intergration ] | ||
rest_api_id = aws_api_gateway_rest_api.api.id | ||
stage_name = "v1" | ||
} | ||
|
||
resource "aws_api_gateway_base_path_mapping" "api" { | ||
api_id = aws_api_gateway_rest_api.api.id | ||
domain_name = aws_api_gateway_domain_name.api.domain_name | ||
base_path = "xeffect" | ||
} | ||
|
||
output "url" { | ||
value = "${aws_api_gateway_deployment.version_deploy.invoke_url}${aws_api_gateway_resource.resource.path}" | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
variable "aws_access_key" { | ||
type = string | ||
} | ||
|
||
variable "aws_secret_key" { | ||
type = string | ||
} | ||
|
||
variable "cloudflare_email" { | ||
type = string | ||
} | ||
|
||
variable "cloudflare_api_token" { | ||
type = string | ||
} | ||
|
||
terraform { | ||
required_providers { | ||
|
||
archive = { | ||
source = "hashicorp/archive" | ||
version = "2.2.0" | ||
} | ||
|
||
aws = { | ||
source = "hashicorp/aws" | ||
version = "3.70.0" | ||
} | ||
|
||
cloudflare = { | ||
source = "cloudflare/cloudflare" | ||
version = "3.6.0" | ||
} | ||
|
||
} | ||
} | ||
|
||
provider "archive" {} | ||
|
||
provider "aws" { | ||
region = "eu-west-2" | ||
access_key = var.aws_access_key | ||
secret_key = var.aws_secret_key | ||
} | ||
|
||
provider "aws" { | ||
alias = "us" | ||
region = "us-east-1" | ||
access_key = var.aws_access_key | ||
secret_key = var.aws_secret_key | ||
} | ||
|
||
provider "cloudflare" { | ||
email = var.cloudflare_email | ||
api_token = var.cloudflare_api_token | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
module github.com/maxstanley/xeffect_backend/version | ||
|
||
go 1.17 | ||
|
||
require github.com/aws/aws-lambda-go v1.27.1 // indirect |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= | ||
github.com/aws/aws-lambda-go v1.27.1 h1:MAH6hbrsktcSr/gGQKLvHeJPeoOoaspJqh+O4g05bpA= | ||
github.com/aws/aws-lambda-go v1.27.1/go.mod h1:jJmlefzPfGnckuHdXX7/80O3BvUUi12XOkbv4w9SGLU= | ||
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= | ||
github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= | ||
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= | ||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= | ||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= | ||
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= | ||
github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= | ||
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= | ||
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= | ||
github.com/urfave/cli/v2 v2.2.0/go.mod h1:SE9GqnLQmjVa0iPEY0f1w3ygNIYcIJ0OKPMoW2caLfQ= | ||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= | ||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= | ||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= | ||
gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
package main | ||
|
||
import ( | ||
"context" | ||
|
||
"github.com/aws/aws-lambda-go/events" | ||
"github.com/aws/aws-lambda-go/lambda" | ||
) | ||
|
||
type Request events.APIGatewayProxyRequest | ||
type Response events.APIGatewayProxyResponse | ||
|
||
func handleVersionEvent(ctx context.Context, event Request) (Response, error) { | ||
return Response{ | ||
StatusCode: 200, | ||
IsBase64Encoded: false, | ||
Headers: map[string]string{ | ||
"Content-Type": "text/plain", | ||
}, | ||
Body: "0.1.0", | ||
}, nil | ||
} | ||
|
||
func main() { | ||
lambda.Start(handleVersionEvent) | ||
} |