[Resolve #12] cleanup old code

cloudreach · Sep 13, 2018 · cd1abd0 · cd1abd0
1 parent 9f4cbed
commit cd1abd0
Show file tree

Hide file tree

Showing 4 changed files with 28 additions and 57 deletions.
diff --git a/terraform/README.md b/terraform/README.md
@@ -24,17 +24,19 @@ Particularly it creates:
 | sns_alert | `arn:aws:sns:eu-west-1:123456789012:sns-alert` | SNS ARN to publish any alert | | False |
 | prefix | `public-` | A prefix for the resource names, this helps create multiple instances of this stack for different environments | | False |
 | subnet_ids | `["subnet-1111111", "subnet-222222"]` | Subnet IDs you want to deploy the lambda in. Only fill this in if you want to deploy your Lambda function inside a VPC. | | False |
+| security_group_ids | `["sg-1111111", "sg-222222"]` | Addiational Security Ids to add. | | False |
 
 
 ## Example
 
 ```
 provider "aws" {
- region = "eu-central-1"
+ region = "eu-west-1"
+ version = "~> 1.35.0"
 }
 
 module "public_es_cleanup" {
- source = "github.com/cloudreach/aws-lambda-es-cleanup.git//terraform"
+ source = "github.com/cloudreach/aws-lambda-es-cleanup.git//terraform?ref=v0.7"
 
  prefix = "public_es_"
  es_endpoint = "test-es-XXXXXXX.eu-central-1.es.amazonaws.com"
@@ -43,12 +45,17 @@ module "public_es_cleanup" {
 
 
 module "vpc_es_cleanup" {
- source = "github.com/cloudreach/aws-lambda-es-cleanup.git//terraform"
-
- prefix = "vpc_es_"
- es_endpoint = "vpc-gc-demo-vpc-gloo5rzcdhyiykwdlots2hdjla.eu-central-1.es.amazonaws.com"
- index = "all"
- delete_after = 30
- subnet_ids = ["subnet-d8660da2"]
+ source = "github.com/cloudreach/aws-lambda-es-cleanup.git//terraform?ref=v0.7"
+
+ prefix = "vpc_es_"
+ es_endpoint = "vpc-gc-demo-vpc-gloo5rzcdhyiykwdlots2hdjla.eu-central-1.es.amazonaws.com"
+ index = "all"
+ delete_after = 30
+ subnet_ids = ["subnet-d8660da2"]
+ security_group_ids = ["sg-02dd3aa6da1b5"]
 }
 ```
+
+
+### Issue
+In order order to use new module version you must have `terraform-provider-aws` greated than `1.35.0`
diff --git a/terraform/cloudwatch.tf b/terraform/cloudwatch.tf
@@ -5,33 +5,15 @@ resource "aws_cloudwatch_event_rule" "schedule" {
 }
 
 resource "aws_cloudwatch_event_target" "es_cleanup" {
- count = "${length(var.subnet_ids) == 0 ? 1 : 0}"
  target_id = "${var.prefix}lambda-es-cleanup"
  rule = "${aws_cloudwatch_event_rule.schedule.name}"
  arn = "${aws_lambda_function.es_cleanup.arn}"
 }
 
 resource "aws_lambda_permission" "allow_cloudwatch" {
- count = "${length(var.subnet_ids) == 0 ? 1 : 0}"
  statement_id = "AllowExecutionFromCloudWatch"
  action = "lambda:InvokeFunction"
  function_name = "${aws_lambda_function.es_cleanup.arn}"
  principal = "events.amazonaws.com"
  source_arn = "${aws_cloudwatch_event_rule.schedule.arn}"
 }
-
-resource "aws_cloudwatch_event_target" "es_cleanup_vpc" {
- count = "${length(var.subnet_ids) > 0 ? 1 : 0}"
- target_id = "${var.prefix}lambda-es-cleanup"
- rule = "${aws_cloudwatch_event_rule.schedule.name}"
- arn = "${aws_lambda_function.es_cleanup_vpc.arn}"
-}
-
-resource "aws_lambda_permission" "allow_cloudwatch_vpc" {
- count = "${length(var.subnet_ids) > 0 ? 1 : 0}"
- statement_id = "AllowExecutionFromCloudWatch"
- action = "lambda:InvokeFunction"
- function_name = "${aws_lambda_function.es_cleanup_vpc.arn}"
- principal = "events.amazonaws.com"
- source_arn = "${aws_cloudwatch_event_rule.schedule.arn}"
-}
diff --git a/terraform/lambda.tf b/terraform/lambda.tf
@@ -4,8 +4,11 @@ data "archive_file" "es_cleanup_lambda" {
  output_path = "${path.module}/es-cleanup.zip"
 }
 
-resource "aws_lambda_function" "es_cleanup_vpc" {
- count = "${length(var.subnet_ids) > 0 ? 1 : 0}"
+locals {
+ sg_ids = ["${element(concat(aws_security_group.lambda.*.id, list("")), 0)}"]
+}
+
+resource "aws_lambda_function" "es_cleanup" {
  filename = "${path.module}/es-cleanup.zip"
  function_name = "${var.prefix}es-cleanup"
  description = "${var.prefix}es-cleanup"
@@ -33,35 +36,8 @@ resource "aws_lambda_function" "es_cleanup_vpc" {
  # When these lists are empty it will deploy the lambda without VPC support.
  vpc_config {
  subnet_ids = ["${var.subnet_ids}"]
- security_group_ids = ["${aws_security_group.lambda.*.id}"]
+ security_group_ids = ["${compact(concat(local.sg_ids, var.security_group_ids))}"]
  }
 }
 
 
-
-resource "aws_lambda_function" "es_cleanup" {
- count = "${length(var.subnet_ids) == 0 ? 1 : 0}"
- filename = "${path.module}/es-cleanup.zip"
- function_name = "${var.prefix}es-cleanup"
- description = "${var.prefix}es-cleanup"
- timeout = 300
- runtime = "python${var.python_version}"
- role = "${aws_iam_role.role.arn}"
- handler = "es-cleanup.lambda_handler"
- source_code_hash = "${data.archive_file.es_cleanup_lambda.output_base64sha256}"
-
- environment {
- variables = {
- es_endpoint = "${var.es_endpoint}"
- index = "${var.index}"
- delete_after = "${var.delete_after}"
- index_format = "${var.index_format}"
- sns_alert = "${var.sns_alert}"
- }
- }
-
- tags = "${merge(
- var.tags,
- map("Scope", "${var.prefix}lambda_function_to_elasticsearch"),
- )}"
-}
diff --git a/terraform/variables.tf b/terraform/variables.tf
@@ -38,6 +38,12 @@ variable "subnet_ids" {
  default = []
 }
 
+variable "security_group_ids" {
+ description = "Addiational Security Ids To add."
+ type = "list"
+ default = []
+}
+
 variable "tags" {
  description = "Tags to apply"
  default = {