diff --git a/main.tf b/main.tf index 9bde3bf..cf57874 100644 --- a/main.tf +++ b/main.tf @@ -15,6 +15,7 @@ resource "aws_lambda_function" "lambda_function" { reserved_concurrent_executions = var.reserved_concurrent_executions tags = var.tags package_type = var.image_uri != "" ? "Image" : "Zip" + layers = var.layers vpc_config { subnet_ids = var.subnet_ids diff --git a/test/files/create_lambda.json b/test/files/create_lambda.json index 430f63b..05895f6 100644 --- a/test/files/create_lambda.json +++ b/test/files/create_lambda.json @@ -109,7 +109,7 @@ "image_config": [], "image_uri": null, "kms_key_arn": null, - "layers": null, + "layers": [], "memory_size": 128, "package_type": "Zip", "publish": false, @@ -139,6 +139,7 @@ "image_config": [], "invoke_arn": true, "last_modified": true, + "layers": [], "qualified_arn": true, "role": true, "signing_job_arn": true, diff --git a/test/files/create_lambda_container.json b/test/files/create_lambda_container.json index 96becb5..de0deae 100644 --- a/test/files/create_lambda_container.json +++ b/test/files/create_lambda_container.json @@ -109,7 +109,7 @@ "image_config": [], "image_uri": "image", "kms_key_arn": null, - "layers": null, + "layers": [], "memory_size": 128, "package_type": "Image", "publish": false, @@ -139,6 +139,7 @@ "image_config": [], "invoke_arn": true, "last_modified": true, + "layers": [], "qualified_arn": true, "role": true, "signing_job_arn": true, diff --git a/test/files/create_lambda_in_vpc.json b/test/files/create_lambda_in_vpc.json index 6d4cca7..53c7e35 100644 --- a/test/files/create_lambda_in_vpc.json +++ b/test/files/create_lambda_in_vpc.json @@ -131,7 +131,7 @@ "image_config": [], "image_uri": null, "kms_key_arn": null, - "layers": null, + "layers": [], "memory_size": 128, "package_type": "Zip", "publish": false, @@ -167,6 +167,7 @@ "image_config": [], "invoke_arn": true, "last_modified": true, + "layers": [], "qualified_arn": true, "role": true, "signing_job_arn": true, diff --git a/test/files/create_lambda_with_layers.json b/test/files/create_lambda_with_layers.json new file mode 100644 index 0000000..90ef231 --- /dev/null +++ b/test/files/create_lambda_with_layers.json @@ -0,0 +1,160 @@ +{ + "resource_changes": [ + { + "address": "module.lambda.aws_cloudwatch_log_group.lambda_loggroup", + "module_address": "module.lambda", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "lambda_loggroup", + "provider_name": "aws", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "kms_key_id": null, + "name": "/aws/lambda/check_lambda_function", + "name_prefix": null, + "retention_in_days": 7, + "tags": null + }, + "after_unknown": { + "arn": true, + "id": true + } + } + }, + { + "address": "module.lambda.aws_iam_role.iam_for_lambda", + "module_address": "module.lambda", + "mode": "managed", + "type": "aws_iam_role", + "name": "iam_for_lambda", + "provider_name": "aws", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "assume_role_policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"lambda.amazonaws.com\"\n },\n \"Effect\": \"Allow\"\n }\n ]\n}\n", + "description": null, + "force_detach_policies": false, + "max_session_duration": 3600, + "name_prefix": "check_lambda_function", + "path": "/", + "permissions_boundary": null, + "tags": null + }, + "after_unknown": { + "arn": true, + "create_date": true, + "id": true, + "inline_policy": true, + "managed_policy_arns": true, + "name": true, + "unique_id": true + } + } + }, + { + "address": "module.lambda.aws_iam_role_policy.lambda_policy", + "module_address": "module.lambda", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "lambda_policy", + "provider_name": "aws", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "name": "policy", + "name_prefix": null, + "policy": "{\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"logs:CreateLogGroup\",\n \"logs:CreateLogStream\",\n \"logs:PutLogEvents\"\n ],\n \"Resource\": \"arn:aws:logs:*:*:*\"\n }\n ]\n}\n" + }, + "after_unknown": { + "id": true, + "role": true + } + } + }, + { + "address": "module.lambda.aws_lambda_function.lambda_function", + "module_address": "module.lambda", + "mode": "managed", + "type": "aws_lambda_function", + "name": "lambda_function", + "provider_name": "aws", + "change": { + "actions": [ + "create" + ], + "before": null, + "after": { + "code_signing_config_arn": null, + "dead_letter_config": [], + "description": null, + "environment": [ + { + "variables": null + } + ], + "file_system_config": [], + "filename": null, + "function_name": "check_lambda_function", + "handler": "some_handler", + "image_config": [], + "image_uri": null, + "kms_key_arn": null, + "layers": [ "arn:aws:lambda:eu-west-1:aws:r1" ], + "memory_size": 128, + "package_type": "Zip", + "publish": false, + "reserved_concurrent_executions": -1, + "runtime": "python3.7", + "s3_bucket": "cdflow-lambda-releases", + "s3_key": "s3key.zip", + "s3_object_version": null, + "tags": null, + "timeout": 3, + "timeouts": null, + "vpc_config": [ + { + "security_group_ids": null, + "subnet_ids": null + } + ] + }, + "after_unknown": { + "arn": true, + "dead_letter_config": [], + "environment": [ + {} + ], + "file_system_config": [], + "id": true, + "image_config": [], + "invoke_arn": true, + "last_modified": true, + "layers": [ false ], + "qualified_arn": true, + "role": true, + "signing_job_arn": true, + "signing_profile_version_arn": true, + "source_code_hash": true, + "source_code_size": true, + "tracing_config": true, + "version": true, + "vpc_config": [ + { + "vpc_id": true + } + ] + } + } + } + ] +} \ No newline at end of file diff --git a/test/files/create_lambda_with_reserved_concurrent_executions.json b/test/files/create_lambda_with_reserved_concurrent_executions.json index 95e0d12..3e21916 100644 --- a/test/files/create_lambda_with_reserved_concurrent_executions.json +++ b/test/files/create_lambda_with_reserved_concurrent_executions.json @@ -109,7 +109,7 @@ "image_config": [], "image_uri": null, "kms_key_arn": null, - "layers": null, + "layers": [], "memory_size": 128, "package_type": "Zip", "publish": false, @@ -139,6 +139,7 @@ "image_config": [], "invoke_arn": true, "last_modified": true, + "layers": [], "qualified_arn": true, "role": true, "signing_job_arn": true, diff --git a/test/files/create_lambda_with_tags.json b/test/files/create_lambda_with_tags.json index 5efb813..0bd59b6 100644 --- a/test/files/create_lambda_with_tags.json +++ b/test/files/create_lambda_with_tags.json @@ -109,7 +109,7 @@ "image_config": [], "image_uri": null, "kms_key_arn": null, - "layers": null, + "layers": [], "memory_size": 128, "package_type": "Zip", "publish": false, @@ -142,6 +142,7 @@ "image_config": [], "invoke_arn": true, "last_modified": true, + "layers": [], "qualified_arn": true, "role": true, "signing_job_arn": true, diff --git a/test/infra/main.tf b/test/infra/main.tf index 99f06ba..88d4be7 100644 --- a/test/infra/main.tf +++ b/test/infra/main.tf @@ -27,6 +27,7 @@ module "lambda" { security_group_ids = var.security_group_ids reserved_concurrent_executions = var.reserved_concurrent_executions tags = var.tags + layers = var.layers } variable "subnet_ids" { @@ -58,6 +59,12 @@ variable "tags" { default = {} } +variable "layers" { + type = list(string) + description = "ARNs of the layers to attach to the lambda function in order" + default = [] +} + output "lambda_function_arn" { value = module.lambda.lambda_arn } diff --git a/test/test_lambda.py b/test/test_lambda.py index b510ea1..9d01e3a 100644 --- a/test/test_lambda.py +++ b/test/test_lambda.py @@ -133,3 +133,25 @@ def test_create_lambda_with_tags(self): 'create_lambda_with_tags', resource_changes ) + + def test_create_lambda_with_layers(self): + # Given When + check_call([ + 'terraform', + 'plan', + '-out=plan.out', + '-var', 'layers=["arn:aws:lambda:eu-west-1:aws:r1"]', + '-no-color', + 'test/infra' + ]) + + resource_changes = self.get_resource_changes() + + # Then + assert len(resource_changes) == 4 + self.assert_resource_changes_action(resource_changes, 'create', 4) + self.assert_resource_changes( + 'create_lambda_with_layers', + resource_changes + ) + diff --git a/variables.tf b/variables.tf index 14e16fa..0bbf1a6 100644 --- a/variables.tf +++ b/variables.tf @@ -93,3 +93,9 @@ variable "tags" { type = map(string) default = {} } + +variable "layers" { + type = list(string) + description = "ARNs of the layers to attach to the lambda function in order" + default = [] +}