updated

terraform/modules/cloudwatch/data.tf

@@ -1,31 +1,12 @@
-data "aws_iam_policy_document" "cloudwatch_events_assume_role" {
-    statement {
-    effect  = "Allow"
-    actions = ["sts:AssumeRole"]
-
-    principals {
-      type        = "Service"
-      identifiers = ["events.amazonaws.com"]
-    }
+data "aws_iam_policy_document" "events_assume_role" {
+  count = var.target_type != "" ? 1 : 0
+  statement {
+  effect  = "Allow"
+  actions = ["sts:AssumeRole"]
+
+  principals {
+    type        = "Service"
+    identifiers = ["events.amazonaws.com"]
   }
 }
-
-data "aws_iam_policy_document" "cloudwatch_events_target" {
-    statement {
-    effect  = "Allow"
-    actions = ["sts:AssumeRole"]
-
-    principals {
-      type        = "Service"
-      identifiers = ["events.amazonaws.com"]
-    }
-  }
 }
-
-data "aws_ecs_cluster" "existing_cluster" {
-  name = var.ecs_cluster_name
-}
-
-data "aws_ecs_task_definition" "existing_task" {
-  task_definition = var.ecs_task_definition
-}

terraform/modules/cloudwatch/iam.tf

@@ -0,0 +1,12 @@
+resource "aws_iam_role" "events_role" {
+  count = var.target_type != "" ? 1 : 0
+  name  = "${var.resource_prefix}-cloudwatch-events-role"
+
+  assume_role_policy = data.aws_iam_policy_document.events_assume_role[0].json
+}
+
+resource "aws_iam_role_policy_attachment" "events_attachment" {
+  count       = var.target_type != "" ? 1 : 0
+  policy_arn  = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+  role        = aws_iam_role.events_role[0].name
+}

terraform/modules/cloudwatch/locals.tf

@@ -1,4 +1,3 @@
 locals {
   cloudwatch_event_rule_name = "${var.resource_prefix}-cloudwatch-event-rule"
-  sns_topic_name            = "${var.resource_prefix}-sns-topic"
 }

terraform/modules/cloudwatch/main.tf

@@ -1,49 +1,30 @@
-resource "aws_cloudwatch_event_rule" "ecs_scheduled_event" {
-  name        = local.cloudwatch_event_rule_name
-  description = "Scheduled event rule to run ECS task"
+resource "aws_cloudwatch_event_rule" "scheduled_event" {
+  name                = local.cloudwatch_event_rule_name
+  description         = "Scheduled event rule"
   schedule_expression = var.cron_expression
 }
 
-resource "aws_cloudwatch_event_target" "ecs_event_target" {
-  rule      = aws_cloudwatch_event_rule.ecs_scheduled_event.name
-  target_id = "run-ecs-task"
-
-  arn = data.aws_ecs_cluster.existing_cluster.arn
-
-  ecs_target {
-    task_count          = 1
-    launch_type         = var.launch_type
-    platform_version    = "LATEST"
-    task_definition_arn = data.aws_ecs_task_definition.existing_task.arn
+resource "aws_cloudwatch_event_target" "event_target" {
+  count     = var.target_type != "" ? 1 : 0
+  rule      = aws_cloudwatch_event_rule.scheduled_event.name
+  target_id = "custom-target"
+
+  // The ARN and other parameters will be customize based on the target type
+  dynamic "custom_target" {
+    for_each = var.target_type == "custom" ? [1] : []
+    content {
+      arn = var.custom_target_arn
+    }
   }
 }
 
-resource "aws_sns_topic" "slack_notifications" {
-  name = local.sns_topic_name
-}
-
-resource "aws_sns_topic_subscription" "slack_subscription" {
-  topic_arn = aws_sns_topic.slack_notifications.arn
-  protocol  = "https"
-  endpoint  = var.slack_notification_endpoint
-}
-
-resource "aws_iam_role" "cloudwatch_events_role" {
-  name = "${var.resource_prefix}-cloudwatch-events-role"
-
-  assume_role_policy = data.aws_iam_policy_document.cloudwatch_events_assume_role.json
-}
-
-resource "aws_iam_role_policy_attachment" "cloudwatch_events_attachment" {
-  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
-  role       = aws_iam_role.cloudwatch_events_role.name
-}
-
-resource "aws_cloudwatch_event_permission" "cloudwatch_events_permission" {
+resource "aws_cloudwatch_event_permission" "events_permission" {
+  count            = var.target_type != "" ? 1 : 0
   action          = "lambda:InvokeFunction"
   principal       = "events.amazonaws.com"
-  source_arn      = aws_cloudwatch_event_rule.ecs_scheduled_event.arn
+  source_arn      = aws_cloudwatch_event_rule.scheduled_event.arn
   statement_id    = "AllowInvoke"
-  function_name   = aws_cloudwatch_event_target.ecs_event_target.arn
-  source_profile  = aws_iam_role.cloudwatch_events_role.arn
+  function_name   = aws_cloudwatch_event_target.event_target[0].arn
+  source_profile  = aws_iam_role.events_role.arn
 }
+

terraform/modules/cloudwatch/outputs.tf

@@ -1,11 +1,7 @@
 output "cloudwatch_event_rule_arn" {
-  value = aws_cloudwatch_event_rule.ecs_scheduled_event.arn
+  value = aws_cloudwatch_event_rule.scheduled_event.arn
 }
 
-output "sns_topic_arn" {
-  value = aws_sns_topic.slack_notifications.arn
-}
-
-output "cloudwatch_events_role_arn" {
-  value = aws_iam_role.cloudwatch_events_role.arn
+output "events_role_arn" {
+  value = aws_iam_role.events_role[0].arn
 }

terraform/modules/cloudwatch/variable.tf

@@ -1,30 +1,21 @@
 variable "resource_prefix" {
   description = "Prefix for all resources"
-   type        = string
-}
-
-variable "ecs_cluster_name" {
-  description = "Name of the existing ECS cluster"
   type        = string
 }
 
-variable "ecs_task_definition" {
-  description = "ARN of the existing ECS task definition"
+variable "cron_expression" {
+  description = "Cron expression for the CloudWatch event rule"
   type        = string
 }
 
-variable "slack_notification_endpoint" {
-  description = "Slack notification endpoint"
+variable "target_type" {
+  description = "Select a target type for the CloudWatch event"
   type        = string
+  default     = "" // No default target type
 }
 
-variable "cron_expression" {
-  description = "Cron expression for the CloudWatch event rule"
-   type        = string
-}
-
-variable "launch_type" {
-  description = "ecs launch type - FARGATE or EC2"
+variable "custom_target_arn" {
+  description = "ARN for the custom target"
   type        = string
-  default     = "FARGATE"
+  default     = ""
 }

terraform/modules/sns/iam.tf

@@ -0,0 +1,40 @@
+resource "aws_iam_role" "sns_publish_role" {
+  name = "${var.resource_prefix}-${var.sns_topic_name}-publish-role"
+
+  assume_role_policy = jsonencode({
+    Version = "2012-10-17",
+    Statement = [
+      {
+        Action = "sts:AssumeRole",
+        Effect = "Allow",
+        Principal = {
+          Service = "sns.amazonaws.com",
+        },
+      },
+    ],
+  })
+}
+
+resource "aws_iam_role_policy_attachment" "sns_publish_attachment" {
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+  role       = aws_iam_role.sns_publish_role.name
+}
+
+resource "aws_sns_topic_policy" "sns_publish_policy" {
+  name = "${var.resource_prefix}-${var.sns_topic_name}-publish-policy"
+
+  policy = jsonencode({
+    Version = "2012-10-17",
+    Statement = [
+      {
+        Effect    = "Allow",
+        Action    = "sns:Publish",
+        Resource  = aws_sns_topic.main.arn,
+        Principal = {
+          Service = "lambda.amazonaws.com"
+        }
+      }
+    ]
+  })
+}
+

terraform/modules/sns/locals.tf

@@ -0,0 +1,3 @@
+locals {
+  sns_topic_arn = "arn:aws:sns:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:${var.resource_prefix}-${var.sns_topic_name}"
+}

terraform/modules/sns/main.tf

@@ -0,0 +1,10 @@
+resource "aws_sns_topic" "main" {
+  name        = "${var.resource_prefix}-${var.sns_topic_name}"
+  display_name = var.sns_display_name
+}
+
+resource "aws_sns_topic_subscription" "slack" {
+  topic_arn = aws_sns_topic.main.arn
+  protocol  = "https"
+  endpoint  = var.slack_webhook_url
+}

terraform/modules/sns/outputs.tf

@@ -0,0 +1,4 @@
+output "sns_topic_arn" {
+  description = "ARN of the created SNS topic"
+  value       = aws_sns_topic.main.arn
+}

terraform/modules/sns/variable.tf

@@ -0,0 +1,20 @@
+variable "sns_topic_name" {
+  description = "The name of the SNS topic"
+  type        = string
+}
+
+variable "slack_webhook_url" {
+  description = "Slack webhook URL for notifications"
+  type        = string
+}
+
+variable "resource_prefix" {
+  description = "A prefix for naming resources"
+  type        = string
+}
+
+variable "sns_display_name" {
+  description = "Display name for SNS topic"
+  type        = string
+  default     = "DefaultDisplayName"
+}