DEV Community

codeisgood
codeisgood

Posted on

Invoking an AWS Lambda Function with Terraform


Invoking an AWS Lambda Function with Terraform

Introduction

AWS Lambda is a serverless compute service that allows you to run code without provisioning or managing servers. Terraform, on the other hand, is an infrastructure-as-code (IaC) tool that enables you to define and provision cloud resources in a declarative manner. In this article, we'll explore how to create an AWS Lambda function using Terraform and set up automatic invocations whenever a terraform apply command is executed.

Prerequisites

Before we begin, ensure that you have the following prerequisites:

  1. An AWS account with appropriate permissions to create Lambda functions and IAM roles.
  2. Terraform installed on your local machine.

Terraform Code

Below is an example of Terraform code that achieves our goal. We'll create an AWS Lambda function, an IAM role for the function, and configure a CloudWatch Events rule to trigger the Lambda function on every terraform apply.

provider "aws" {
  region = "us-west-2"  # Replace with your desired AWS region
}

# Create an AWS Lambda function
resource "aws_lambda_function" "my_lambda_function" {
  function_name = "my-lambda-function"
  role          = aws_iam_role.my_lambda_role.arn
  handler       = "index.handler"
  runtime       = "python3.8"
  filename      = "lambda_function.zip"  # Replace with the actual path to your Lambda code ZIP file
}

# Create an IAM role for the Lambda function
resource "aws_iam_role" "my_lambda_role" {
  name = "my-lambda-role"

  assume_role_policy = jsonencode({
    Version = "2012-10-17",
    Statement = [
      {
        Action = "sts:AssumeRole",
        Effect = "Allow",
        Principal = {
          Service = "lambda.amazonaws.com"
        }
      }
    ]
  })
}

# Attach a policy to the Lambda role (e.g., permissions to log to CloudWatch)
resource "aws_iam_policy_attachment" "my_lambda_policy_attachment" {
  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"  # Replace with your desired policy ARN
  roles      = [aws_iam_role.my_lambda_role.name]
}

# Create a CloudWatch Events rule to trigger the Lambda function on every `terraform apply`
resource "aws_cloudwatch_event_rule" "my_lambda_trigger" {
  name        = "my-lambda-trigger"
  description = "Trigger Lambda on Terraform apply"
  event_pattern = jsonencode({
    source      = ["aws.terraform"],
    detail_type = ["Terraform Apply"]
  })
}

# Create a CloudWatch Events target to invoke the Lambda function
resource "aws_cloudwatch_event_target" "my_lambda_target" {
  rule      = aws_cloudwatch_event_rule.my_lambda_trigger.name
  arn       = aws_lambda_function.my_lambda_function.arn
  target_id = "my-lambda-target"
}
Enter fullscreen mode Exit fullscreen mode

Conclusion

By following the steps above, you can create an AWS Lambda function using Terraform and ensure that it is automatically invoked whenever you apply changes to your infrastructure. Remember to replace the placeholders with your actual values, and happy coding!


Top comments (0)