Implement api->sqs->lambda

Co-authored-by: Ezequiel Bellver <ebellver@itba.edu.ar>
2022-10-26 13:14:09 -03:00 · 2022-10-26 13:14:09 -03:00 · e8d72f88b2
parent 21b2b019a1
commit e8d72f88b2
11 changed files with 132 additions and 40 deletions
--- a/terraform/modules/apigw/main.tf
+++ b/terraform/modules/apigw/main.tf
@ -17,7 +17,7 @@ resource "aws_api_gateway_resource" "this" {
 resource "aws_api_gateway_method" "this" {
  rest_api_id   = aws_api_gateway_rest_api.this.id
  resource_id   = aws_api_gateway_resource.this.id
-  http_method   = "GET"
+  http_method   = "POST"
  authorization = "NONE"
 }

@ -26,9 +26,32 @@ resource "aws_api_gateway_integration" "this" {
  resource_id             = aws_api_gateway_resource.this.id
  http_method             = aws_api_gateway_method.this.http_method
  integration_http_method = "POST"
-  type                    = "AWS_PROXY"
-  # uri                     = var.lambda_function_arn
+  type = "AWS"
+  credentials = var.role_arn
  uri         = var.sqs_arn
+
+  request_parameters = {
+    "integration.request.header.Content-Type" = "'application/x-www-form-urlencoded'"
+  }
+
+  request_templates = {
+    "application/json" = <<EOF
+Action=SendMessage&MessageBody={
+  "method": "$context.httpMethod",
+  "body-json" : $input.json('$'),
+  "queryParams": {
+    #foreach($param in $input.params().querystring.keySet())
+    "$param": "$util.escapeJavaScript($input.params().querystring.get($param))" #if($foreach.hasNext),#end
+  #end
+  },
+  "pathParams": {
+    #foreach($param in $input.params().path.keySet())
+    "$param": "$util.escapeJavaScript($input.params().path.get($param))" #if($foreach.hasNext),#end
+    #end
+  }
+}
+EOF
+  }
 }

 resource "aws_api_gateway_deployment" "this" {
@ -53,10 +76,17 @@ resource "aws_api_gateway_stage" "this" {
  stage_name    = "production"
 }

-resource "aws_lambda_permission" "this" {
-  statement_id  = "AllowExecutionFromAPIGateway"
-  action        = "lambda:InvokeFunction"
-  function_name = var.lambda_function_name
-  principal     = "apigateway.amazonaws.com"
-  source_arn    = "${var.lambda_source_arn}:${aws_api_gateway_rest_api.this.id}/*/${aws_api_gateway_method.this.http_method}${aws_api_gateway_resource.this.path}"
+resource "aws_api_gateway_method_response" "http200" {
+  rest_api_id = aws_api_gateway_rest_api.this.id
+  resource_id = aws_api_gateway_resource.this.id
+  http_method = aws_api_gateway_method.this.http_method
+  status_code = 200
+}
+
+resource "aws_api_gateway_integration_response" "http200" {
+  rest_api_id       = aws_api_gateway_rest_api.this.id
+  resource_id       = aws_api_gateway_resource.this.id
+  http_method       = aws_api_gateway_method.this.http_method
+  status_code       = aws_api_gateway_method_response.http200.status_code
+  selection_pattern = "^2[0-9][0-9]"
 }
--- a/terraform/modules/apigw/variables.tf
+++ b/terraform/modules/apigw/variables.tf
@ -20,6 +20,14 @@ variable "tags" {
  default     = {}
 }

+variable "sqs_arn" {
+  type = string
+}
+
+variable "role_arn" {
+  type = string
+}
+
 variable "lambda_function_arn" {
  description = "The ARN of the Lambda function."
  type        = string
--- a/terraform/modules/lambda/main.tf
+++ b/terraform/modules/lambda/main.tf
@ -9,6 +9,7 @@ resource "aws_lambda_function" "this" {
  handler       = var.handler
  runtime       = var.runtime
  tags          = var.tags
+  timeout       = 30

  dynamic "vpc_config" {
    for_each = var.vpc_subnet_ids != null && var.vpc_security_group_ids != null ? [true] : []
--- a/terraform/modules/sqs/main.tf
+++ b/terraform/modules/sqs/main.tf
@ -2,7 +2,7 @@
 # Amazon Simple Queue Service
 # ------------------------------------------------------------------------------

-resource "aws_sqs_queue" "terraform_queue" {
+resource "aws_sqs_queue" "this" {
  name                        = var.name
  delay_seconds               = var.delay_seconds
  max_message_size            = var.max_message_size
@ -13,3 +13,18 @@ resource "aws_sqs_queue" "terraform_queue" {

  tags = var.tags
 }
+
+resource "aws_lambda_permission" "allows_sqs_to_trigger_lambda" {
+  statement_id  = "AllowExecutionFromSQS"
+  action        = "lambda:InvokeFunction"
+  function_name = var.lambda_name
+  principal     = "sqs.amazonaws.com"
+  source_arn    = aws_sqs_queue.this.arn
+}
+
+resource "aws_lambda_event_source_mapping" "event_source_mapping" {
+  batch_size       = 1
+  event_source_arn =  aws_sqs_queue.this.arn
+  enabled          = true
+  function_name    =  var.lambda_name
+}
--- a/terraform/modules/sqs/outputs.tf
+++ b/terraform/modules/sqs/outputs.tf
@ -0,0 +1,8 @@
+# --------------------------------------------------------------------
+# Lambda outputs
+# --------------------------------------------------------------------
+
+output "sqs_arn" {
+  description = "The ARN of SQS"
+  value       = aws_sqs_queue.this.arn
+}
--- a/terraform/modules/sqs/variables.tf
+++ b/terraform/modules/sqs/variables.tf
@ -49,3 +49,9 @@ variable "tags" {
  type        = map(string)
  default     = {}
 }
+
+variable "lambda_name" {
+  description = "."
+  type        = string
+  default     = null
+}
--- a/terraform/organization/apigw.tf
+++ b/terraform/organization/apigw.tf
@ -11,9 +11,12 @@ module "apigw" {

  name                 = "AWSAPIGateway-g3"
  description          = "..."
-  # lambda_function_arn  = module.lambda["lambda"].lambda_function_arn
-  # lambda_function_name = module.lambda["lambda"].lambda_function_name
-  # lambda_source_arn    = "arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}"
+  lambda_function_arn  = module.lambda["lambda"].lambda_function_arn
+  lambda_function_name = module.lambda["lambda"].lambda_function_name
+  lambda_source_arn    = "arn:aws:execute-api:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}"
+  role_arn             = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole"
+  # sqs_arn              = "arn:aws:sqs:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:AWS-SQS-g3"
+  sqs_arn                = "arn:aws:apigateway:${data.aws_region.current.name}:sqs:path/AWS-SQS-g3"

  tags = {
    name = "Api Gateway"
--- a/terraform/organization/lambda.tf
+++ b/terraform/organization/lambda.tf
@ -16,7 +16,6 @@ module "lambda" {
  package       = each.value.package
  iam_role      = each.value.role

-  # vpc_subnet_ids         = module.vpc.private_subnets
  vpc_subnet_ids         = module.vpc.public_subnets
  vpc_security_group_ids = [module.vpc.default_security_group_id]
 }
--- a/terraform/organization/sqs.tf
+++ b/terraform/organization/sqs.tf
@ -6,6 +6,7 @@ module "sqs" {
  }

  name = "AWS-SQS-g3"
+  lambda_name = "AWSLambdaHandler-${replace(local.bucket_name, "-", "")}"

  tags = {
    name = "SQS"
--- a/terraform/organization/vpc.tf
+++ b/terraform/organization/vpc.tf
@ -49,7 +49,27 @@ module "vpc_endpoints" {
      service         = "dynamodb"
      service_type    = "Gateway"
      route_table_ids = flatten([module.vpc.intra_route_table_ids, module.vpc.private_route_table_ids, module.vpc.public_route_table_ids])
-      policy          = data.aws_iam_policy_document.dynamodb_endpoint_policy.json
+      policy          = data.aws_iam_policy_document.dynamodb_endpoint_policy.json # TODO: usar policy de abajo: (ahora lo estamos cargando a mano)
+#       {
+#     "Version": "2012-10-17",
+#     "Statement": [
+#         {
+#             "Principal": "*",
+#             "Effect": "Allow",
+#             "Action": [
+#                 "dynamodb:BatchGetItem",
+#                 "dynamodb:GetItem",
+#                 "dynamodb:Scan",
+#                 "dynamodb:Query",
+#                 "dynamodb:BatchWriteItem",
+#                 "dynamodb:PutItem",
+#                 "dynamodb:UpdateItem",
+#                 "dynamodb:DeleteItem"
+#             ],
+#             "Resource": "arn:aws:dynamodb:us-east-1:025685231147:table/AWSDynamoDB-g3"
+#         }
+#     ]
+# }
      tags            = { Name = "dynamodb-vpc-endpoint" }
    },
    lambda = {
@ -66,12 +86,6 @@ module "vpc_endpoints" {
  }
 }

-# module "vpc_endpoints_nocreate" {
-#   source = "terraform-aws-modules/vpc/aws//modules/vpc"
-
-#   create = false
-# }
-
 ################################################################################
 # Supporting Resources
 ################################################################################
--- a/terraform/resources/lambda/lambda_handler.py
+++ b/terraform/resources/lambda/lambda_handler.py
@ -1,28 +1,35 @@
-import boto3
 import json
-
+import boto3

 def main (event, context):
-    client = boto3.client('dynamodb')
+	payload = event
+	payload = payload["Records"][0]
+	body = payload["body"]
+	body = body.replace('\n', '')
+	print(body)
+	#body = json.dumps(body) 
+	body = json.loads(body)
+	query = body["body-json"]
+	print("payload-> " + str(query) )
 	
-    client.put_item(Item={
+	client = boto3.resource('dynamodb', region_name="us-east-1")
+	table = client.Table("AWSDynamoDB-g3")
+	
+	table.put_item(Item={
        "id": {
            "N": "1"
        },
        "stock": {
            "N": "2212"
        },
-    },
-        TableName='AWSDynamoDB-g3')
-
-    print ("In lambda handler")
+    })

 	resp = {
 		"statusCode": 200,
 		"headers": {
 			"Access-Control-Allow-Origin": "*",
 		},
-        "body": "Se cargó el elemento correctamente"
+		"body": "El lab ha sido finalizado correctamente"
 	}

 	return resp