fix- hardcoded value (#28)

* fix- hardcoded value * fix- aws-caller-identity and tflint issue * fix- aws-caller-identity and tflint issue * fix- output of lambda-function-name * fix- tflint issue
clouddrove · Nov 21, 2023 · 829161f · 829161f
1 parent 2c5df5e
commit 829161f
Show file tree

Hide file tree

Showing 7 changed files with 25 additions and 18 deletions.
diff --git a/_example/basic-function/example.tf b/_example/basic-function/example.tf
@@ -14,7 +14,7 @@ module "lambda" {
   source      = "../../"
   name        = local.name
   environment = local.environment
-  filename    = "../../lambda_packages/index.zip"
+  filename    = "../../lambda_packages/index.zip" # -- The content of index.py should be present in zip format
   handler     = "index.lambda_handler"
   runtime     = "python3.7"
   variables = {

diff --git a/_example/complete-function/data.tf b/_example/complete-function/data.tf
@@ -0,0 +1 @@
+data "aws_caller_identity" "current" {}
diff --git a/_example/complete-function/example.tf b/_example/complete-function/example.tf
@@ -16,7 +16,7 @@ module "lambda" {
   environment                       = local.environment
   create_layers                     = true
   timeout                           = 60
-  filename                          = "../../lambda_packages/index.zip"
+  filename                          = "../../lambda_packages/index.zip" # -- The content of index.py should be present in zip format
   handler                           = "index.lambda_handler"
   runtime                           = "python3.8"
   compatible_architectures          = ["arm64"]
@@ -31,7 +31,7 @@ module "lambda" {
   names = [
     "python_layer"
   ]
-  layer_filenames = ["../../lambda_packages/layer.zip"]
+  layer_filenames = ["../../lambda_packages/layer.zip"] # -- The content of layer.py should be present in zip format
   compatible_runtimes = [
     ["python3.8"]
   ]
@@ -45,7 +45,7 @@ module "lambda" {
   principals = [
     "events.amazonaws.com"
   ]
-  source_arns = ["arn:aws:iam::924144197303:role/alarm-lambda-role"]
+  source_arns = ["arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/alarm-lambda-role"]
   variables = {
     foo = "bar"
   }

diff --git a/_example/complete-function/outputs.tf b/_example/complete-function/outputs.tf
@@ -1,3 +1,12 @@
+# output "name" {
+#   value       = aws_lambda_function.default.function_name
+#   description = "The name can identifying your Lambda Function."
+# }
+output "lambda_function_name" {
+  description = "The name of the Lambda Function"
+  value       = module.lambda.name
+}
+
 output "arn" {
   value       = module.lambda[*].arn
   description = "The ID of the Hostzone."

diff --git a/main.tf b/main.tf
@@ -150,7 +150,7 @@ resource "aws_lambda_permission" "default" {
 ##-----------------------------------------------------------------------------
 resource "aws_iam_role" "default" {
   count              = var.enable && var.create_iam_role ? 1 : 0
-  name               = format("%s-testrole", module.labels.id)
+  name               = format("%s-role", module.labels.id)
   assume_role_policy = var.assume_role_policy
 }
 
@@ -159,7 +159,7 @@ resource "aws_iam_role" "default" {
 ##-----------------------------------------------------------------------------
 resource "aws_iam_policy" "default" {
   count       = var.enable && var.create_iam_role ? 1 : 0
-  name        = format("%s-testlogging", module.labels.id)
+  name        = format("%s-logging", module.labels.id)
   path        = var.aws_iam_policy_path
   description = "IAM policy for logging from a lambda"
   policy      = data.aws_iam_policy_document.default[0].json
@@ -198,13 +198,13 @@ resource "aws_kms_key" "kms" {
 
 resource "aws_kms_alias" "kms-alias" {
   count         = var.enable && var.enable_kms ? 1 : 0
-  name          = format("alias/%s-testlambda-keys", module.labels.id)
+  name          = format("alias/%s-lambda-keys", module.labels.id)
   target_key_id = aws_kms_key.kms[0].key_id
 }
 
 resource "aws_kms_alias" "kms-alias-cloudwatch" {
   count         = var.enable && var.enable_kms && !var.existing_cloudwatch_log_group ? 1 : 0
-  name          = format("alias/%s-testlambda-cloudwatch-keys", module.labels.id)
+  name          = format("alias/%s-lambda-cloudwatch-keys", module.labels.id)
   target_key_id = aws_kms_key.kms[1].key_id
 }
 
@@ -286,7 +286,7 @@ data "aws_cloudwatch_log_group" "lambda" {
 
 resource "aws_cloudwatch_log_group" "lambda" {
   count             = var.enable && !var.existing_cloudwatch_log_group ? 1 : 0
-  name              = "/aws/testlambda/${module.labels.id}"
+  name              = "/aws/lambda/${module.labels.id}"
   retention_in_days = var.cloudwatch_logs_retention_in_days
   kms_key_id        = var.enable_kms ? aws_kms_key.kms[1].arn : var.cloudwatch_logs_kms_key_arn
   tags              = module.labels.tags
@@ -307,7 +307,7 @@ data "aws_iam_policy_document" "logs" {
 
 resource "aws_iam_policy" "logs" {
   count  = var.enable && var.create_iam_role && var.attach_cloudwatch_logs_policy ? 1 : 0
-  name   = var.aws_iam_policy_logs_name
+  name   = format("%s-logs-iam-policy", module.labels.id)
   path   = var.policy_path
   policy = data.aws_iam_policy_document.logs[0].json
   tags   = module.labels.tags

diff --git a/outputs.tf b/outputs.tf
@@ -1,8 +1,8 @@
 # Module      : Lambda
 # Description : Terraform Lambda function module outputs.
 output "name" {
-  value       = module.labels.name
-  description = "The name can identifying your Lambda Function."
+  description = "The name of the Lambda Function"
+  value       = join("", aws_lambda_function.default[*].function_name)
 }
 
 output "arn" {
@@ -21,6 +21,6 @@ output "lambda_log_group_name" {
 }
 
 output "invoke_arn" {
-  value       = join("", aws_lambda_function.default.*.invoke_arn)
+  value       = join("", aws_lambda_function.default[*].invoke_arn)
   description = "Invoke ARN"
 }
diff --git a/variables.tf b/variables.tf
@@ -99,6 +99,7 @@ variable "timeout" {
 
 variable "runtime" {
   type        = string
+  default     = "python3.7"
   description = "Runtimes."
 }
 
@@ -433,11 +434,7 @@ variable "assume_role_policy" {
 }
 EOF
 }
-variable "aws_iam_policy_logs_name" {
-  type        = string
-  default     = "aws_testlambda-logs"
-  description = "IAM policy name mentioned here"
-}
+
 variable "aws_iam_policy_path" {
   type        = string
   default     = "/"