├── README.md
├── main.tf
├── output.tf
└── variables.tf


/README.md:
--------------------------------------------------------------------------------
 1 | # Scheduled AWS Lambda function
 2 | =============================
 3 | 
 4 | This module can be used to deploy an AWS Lambda function which is scheduled to run on a recurring basis.
 5 | 
 6 | Module Input Variables
 7 | ----------------------
 8 | 
 9 | - `lambda_name` - Unique name for Lambda function
10 | - `memory_size` (optional) - Amount of memory in MB your Lambda Function can use at runtime. Defaults to 128.
11 | - `runtime` - A [valid](http://docs.aws.amazon.com/cli/latest/reference/lambda/create-function.html#options) Lambda runtime environment
12 | - `lambda_zipfile` - path to zip archive containing Lambda function
13 | - `source_code_hash` - the base64 encoded sha256 hash of the archive file - see TF [archive file provider](https://www.terraform.io/docs/providers/archive/d/archive_file.html)
14 | - `handler` - the entrypoint into your Lambda function, in the form of `filename.function_name`
15 | - `schedule_expression` - a [valid rate or cron expression](http://docs.aws.amazon.com/lambda/latest/dg/tutorial-scheduled-events-schedule-expressions.html)
16 | - `iam_policy_document` - a valid IAM policy document used for the Lambda's [execution role](http://docs.aws.amazon.com/lambda/latest/dg/intro-permission-model.html#lambda-intro-execution-role)
17 | - `timeout` - (optional) the amount of time your Lambda Function has to run in seconds. Defaults to 3. See [Limits](https://docs.aws.amazon.com/lambda/latest/dg/limits.html)
18 | - `subnet_ids` (optional) - If set, the lambda will be deployed inside a VPC on the subnet(s) specified. Expects a comma separated list of valid AWS subnet ids.
19 | - `security_group_ids` (optional) - If set, the lambda will be deployed inside a VPC and use the security groups specified. Expects a comma separated list of valid VPC security group ids .
20 | - `enabled` - boolean expression. If false, the lambda function and the cloudwatch schedule are not set. Defaults to `true`.
21 | 
22 | Usage 
23 | -----
24 | 
25 | ```js
26 | data "aws_iam_policy_document" "create_snaps" {
27 |   statement {
28 |     sid = "1"
29 | 
30 |     actions = [
31 |       "ec2:DescribeVolumes",
32 |       "ec2:CreateSnapshot",
33 |       "ec2:CreateTags",
34 |     ]
35 | 
36 |     resources = [
37 |       "*",
38 |     ]
39 |   }
40 | }
41 | 
42 | data "archive_file" "myfunction" {
43 |   type        = "zip"
44 |   source_file = "/valid/path/to/myfunction.py"
45 |   output_path = "/valid/path/to/myfunction.zip"
46 | }
47 | 
48 | module "lambda_scheduled" {
49 |   source              = "github.com/terraform-community-modules/tf_aws_lambda_scheduled"
50 |   lambda_name         = "my_scheduled_lambda"
51 |   runtime             = "python2.7"
52 |   lambda_zipfile      = "/valid/path/to/myfunction.zip"
53 |   source_code_hash    = "${data.archive_file.myfunction.output_base64sha256}"
54 |   handler             = "myfunction.handler"
55 |   schedule_expression = "rate(1 day)"
56 |   iam_policy_document = "${data.aws_iam_policy_document.create_snaps.json}"
57 | }
58 | ```
59 | 
60 | Outputs
61 | -------
62 | - `lambda_arn` - ARN for the created Lambda function
63 | 
64 | Author
65 | ------
66 | Created and maintained by [Shayne Clausson](https://github.com/sclausson)
67 | 


--------------------------------------------------------------------------------
/main.tf:
--------------------------------------------------------------------------------
 1 | resource "aws_iam_role" "lambda" {
 2 |   name = "${var.lambda_name}"
 3 | 
 4 |   assume_role_policy = <<EOF
 5 | {
 6 |   "Version": "2012-10-17",
 7 |   "Statement": [
 8 |     {
 9 |       "Action": "sts:AssumeRole",
10 |       "Principal": {
11 |         "Service": "lambda.amazonaws.com"
12 |       },
13 |       "Effect": "Allow",
14 |       "Sid": ""
15 |     }
16 |   ]
17 | }
18 | EOF
19 | }
20 | 
21 | resource "aws_iam_role_policy" "lambda" {
22 |   name = "${var.lambda_name}"
23 |   role = "${aws_iam_role.lambda.name}"
24 | 
25 |   policy = "${var.iam_policy_document}"
26 | }
27 | 
28 | resource "aws_lambda_function" "lambda" {
29 |   memory_size      = "${var.memory_size}"
30 |   runtime          = "${var.runtime}"
31 |   filename         = "${var.lambda_zipfile}"
32 |   function_name    = "${var.lambda_name}"
33 |   role             = "${aws_iam_role.lambda.arn}"
34 |   handler          = "${var.handler}"
35 |   source_code_hash = "${var.source_code_hash}"
36 |   count            = "${var.enabled}"
37 |   timeout          = "${var.timeout}"
38 | 
39 |   vpc_config {
40 |     subnet_ids         = ["${var.subnet_ids}"]
41 |     security_group_ids = ["${var.security_group_ids}"]
42 |   }
43 | }
44 | 
45 | resource "aws_lambda_permission" "cloudwatch" {
46 |   statement_id  = "AllowExecutionFromCloudWatch"
47 |   action        = "lambda:InvokeFunction"
48 |   function_name = "${aws_lambda_function.lambda.arn}"
49 |   principal     = "events.amazonaws.com"
50 |   source_arn    = "${aws_cloudwatch_event_rule.lambda.arn}"
51 |   count         = "${var.enabled}"
52 | }
53 | 
54 | resource "aws_cloudwatch_event_rule" "lambda" {
55 |   name                = "${var.lambda_name}"
56 |   schedule_expression = "${var.schedule_expression}"
57 |   count               = "${var.enabled}"
58 | }
59 | 
60 | resource "aws_cloudwatch_event_target" "lambda" {
61 |   target_id = "${var.lambda_name}"
62 |   rule      = "${aws_cloudwatch_event_rule.lambda.name}"
63 |   arn       = "${aws_lambda_function.lambda.arn}"
64 |   count     = "${var.enabled}"
65 | }
66 | 


--------------------------------------------------------------------------------
/output.tf:
--------------------------------------------------------------------------------
 1 | output "lambda_arn" {
 2 |   value = "${aws_lambda_function.lambda.arn}"
 3 | }
 4 | 
 5 | output "role_arn" {
 6 |   value = "${aws_iam_role.lambda.arn}"
 7 | }
 8 | 
 9 | output "role_name" {
10 |   value = "${aws_iam_role.lambda.name}"
11 | }
12 | 


--------------------------------------------------------------------------------
/variables.tf:
--------------------------------------------------------------------------------
 1 | variable "lambda_name" {}
 2 | 
 3 | variable "runtime" {}
 4 | 
 5 | variable "memory_size" {
 6 |   default = 128
 7 | }
 8 | 
 9 | variable "lambda_zipfile" {}
10 | 
11 | variable "source_code_hash" {}
12 | 
13 | variable "handler" {}
14 | 
15 | variable "schedule_expression" {}
16 | 
17 | variable "iam_policy_document" {}
18 | 
19 | variable "enabled" {
20 |   default = true
21 | }
22 | 
23 | variable "timeout" {
24 |   default = 3
25 | }
26 | 
27 | variable "subnet_ids" {
28 |   default = []
29 | }
30 | 
31 | variable "security_group_ids" {
32 |   default = []
33 | }
34 | 


--------------------------------------------------------------------------------