refactor: add lambda module environment variable (#29)

* refactor: add lambda module environment variable * docs: add terraform module description
oqtopus-team · Oct 9, 2024 · af32fcc · af32fcc
1 parent 038dc2c
commit af32fcc
Show file tree

Hide file tree

Showing 5 changed files with 94 additions and 29 deletions.
diff --git a/docs/terraform_modules/api-server/README.md b/docs/terraform_modules/api-server/README.md
@@ -73,6 +73,10 @@ module "user_api" {
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_allow_credentials"></a> [allow\_credentials](#input\_allow\_credentials) | The allowed credentials for the API Gateway | `string` | n/a | yes |
+| <a name="input_allow_headers"></a> [allow\_headers](#input\_allow\_headers) | The allowed headers for the API Gateway | `string` | n/a | yes |
+| <a name="input_allow_methods"></a> [allow\_methods](#input\_allow\_methods) | The allowed methods for the API Gateway | `string` | n/a | yes |
+| <a name="input_allow_origins"></a> [allow\_origins](#input\_allow\_origins) | The allowed origins for the API Gateway | `string` | n/a | yes |
 | <a name="input_cognito_user_pool_arns"></a> [cognito\_user\_pool\_arns](#input\_cognito\_user\_pool\_arns) | The ARNs of the Cognito user pools | `list(string)` | n/a | yes |
 | <a name="input_db_proxy_endpoint"></a> [db\_proxy\_endpoint](#input\_db\_proxy\_endpoint) | The endpoint of the RDS proxy | `string` | n/a | yes |
 | <a name="input_db_secret_arn"></a> [db\_secret\_arn](#input\_db\_secret\_arn) | The ARN of the secret for the RDS instance | `string` | n/a | yes |
@@ -81,7 +85,10 @@ module "user_api" {
 | <a name="input_lambda_handler"></a> [lambda\_handler](#input\_lambda\_handler) | The handler for the Lambda function | `string` | n/a | yes |
 | <a name="input_lambda_security_group_ids"></a> [lambda\_security\_group\_ids](#input\_lambda\_security\_group\_ids) | The security group IDs for the Lambda function | `list(string)` | n/a | yes |
 | <a name="input_lambda_subnet_ids"></a> [lambda\_subnet\_ids](#input\_lambda\_subnet\_ids) | The subnet IDs for the Lambda function | `list(string)` | n/a | yes |
+| <a name="input_log_level"></a> [log\_level](#input\_log\_level) | The log level for the Lambda function | `string` | n/a | yes |
 | <a name="input_org"></a> [org](#input\_org) | organization name | `string` | n/a | yes |
+| <a name="input_power_tools_metrics_namespace"></a> [power\_tools\_metrics\_namespace](#input\_power\_tools\_metrics\_namespace) | The namespace for the PowerTools metrics | `string` | n/a | yes |
+| <a name="input_power_tools_service_name"></a> [power\_tools\_service\_name](#input\_power\_tools\_service\_name) | The service name for the PowerTools metrics | `string` | n/a | yes |
 | <a name="input_product"></a> [product](#input\_product) | product name | `string` | n/a | yes |
 | <a name="input_region"></a> [region](#input\_region) | region of the deployment | `string` | n/a | yes |
 

diff --git a/terraform/service/example-dev/main.tf b/terraform/service/example-dev/main.tf
@@ -11,33 +11,47 @@ data "terraform_remote_state" "infrastructure" {
 module "user_api" {
   source = "../modules/api-server"
 
-  product                   = var.product
-  org                       = var.org
-  env                       = var.env
-  identifier                = "user"
-  region                    = var.region
-  db_proxy_endpoint         = data.terraform_remote_state.infrastructure.outputs.db.db_proxy_endpoint
-  db_secret_arn             = data.terraform_remote_state.infrastructure.outputs.db.db_secret_arn
-  lambda_handler            = "oqtopus_cloud.user.lambda_function.handler"
-  lambda_security_group_ids = data.terraform_remote_state.infrastructure.outputs.security_group.lambda_security_group_ids
-  lambda_subnet_ids         = data.terraform_remote_state.infrastructure.outputs.network.private_subnet_ids
-  cognito_user_pool_arns    = [data.terraform_remote_state.infrastructure.outputs.user_cognito.user_pool_arn]
+  product                       = var.product
+  org                           = var.org
+  env                           = var.env
+  identifier                    = "user"
+  region                        = var.region
+  db_proxy_endpoint             = data.terraform_remote_state.infrastructure.outputs.db.db_proxy_endpoint
+  db_secret_arn                 = data.terraform_remote_state.infrastructure.outputs.db.db_secret_arn
+  lambda_handler                = "oqtopus_cloud.user.lambda_function.handler"
+  lambda_security_group_ids     = data.terraform_remote_state.infrastructure.outputs.security_group.lambda_security_group_ids
+  lambda_subnet_ids             = data.terraform_remote_state.infrastructure.outputs.network.private_subnet_ids
+  cognito_user_pool_arns        = [data.terraform_remote_state.infrastructure.outputs.user_cognito.user_pool_arn]
+  power_tools_metrics_namespace = "user-api"
+  power_tools_service_name      = "user-api"
+  allow_origins                 = "*"
+  allow_credentials             = "true"
+  allow_methods                 = "*"
+  allow_headers                 = "*"
+  log_level                     = "INFO"
 }
 
 module "provider_api" {
   source = "../modules/api-server"
 
-  product                   = var.product
-  org                       = var.org
-  env                       = var.env
-  identifier                = "provider"
-  region                    = var.region
-  db_proxy_endpoint         = data.terraform_remote_state.infrastructure.outputs.db.db_proxy_endpoint
-  db_secret_arn             = data.terraform_remote_state.infrastructure.outputs.db.db_secret_arn
-  lambda_handler            = "oqtopus_cloud.provider.lambda_function.handler"
-  lambda_security_group_ids = data.terraform_remote_state.infrastructure.outputs.security_group.lambda_security_group_ids
-  lambda_subnet_ids         = data.terraform_remote_state.infrastructure.outputs.network.private_subnet_ids
-  cognito_user_pool_arns    = [data.terraform_remote_state.infrastructure.outputs.provider_cognito.user_pool_arn]
+  product                       = var.product
+  org                           = var.org
+  env                           = var.env
+  identifier                    = "provider"
+  region                        = var.region
+  db_proxy_endpoint             = data.terraform_remote_state.infrastructure.outputs.db.db_proxy_endpoint
+  db_secret_arn                 = data.terraform_remote_state.infrastructure.outputs.db.db_secret_arn
+  lambda_handler                = "oqtopus_cloud.provider.lambda_function.handler"
+  lambda_security_group_ids     = data.terraform_remote_state.infrastructure.outputs.security_group.lambda_security_group_ids
+  lambda_subnet_ids             = data.terraform_remote_state.infrastructure.outputs.network.private_subnet_ids
+  cognito_user_pool_arns        = [data.terraform_remote_state.infrastructure.outputs.provider_cognito.user_pool_arn]
+  power_tools_metrics_namespace = "provider-api"
+  power_tools_service_name      = "provider-api"
+  allow_origins                 = "*"
+  allow_credentials             = "true"
+  allow_methods                 = "*"
+  allow_headers                 = "*"
+  log_level                     = "INFO"
 }
 
 

diff --git a/terraform/service/modules/api-server/README.md b/terraform/service/modules/api-server/README.md
@@ -73,6 +73,10 @@ module "user_api" {
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
+| <a name="input_allow_credentials"></a> [allow\_credentials](#input\_allow\_credentials) | The allowed credentials for the API Gateway | `string` | n/a | yes |
+| <a name="input_allow_headers"></a> [allow\_headers](#input\_allow\_headers) | The allowed headers for the API Gateway | `string` | n/a | yes |
+| <a name="input_allow_methods"></a> [allow\_methods](#input\_allow\_methods) | The allowed methods for the API Gateway | `string` | n/a | yes |
+| <a name="input_allow_origins"></a> [allow\_origins](#input\_allow\_origins) | The allowed origins for the API Gateway | `string` | n/a | yes |
 | <a name="input_cognito_user_pool_arns"></a> [cognito\_user\_pool\_arns](#input\_cognito\_user\_pool\_arns) | The ARNs of the Cognito user pools | `list(string)` | n/a | yes |
 | <a name="input_db_proxy_endpoint"></a> [db\_proxy\_endpoint](#input\_db\_proxy\_endpoint) | The endpoint of the RDS proxy | `string` | n/a | yes |
 | <a name="input_db_secret_arn"></a> [db\_secret\_arn](#input\_db\_secret\_arn) | The ARN of the secret for the RDS instance | `string` | n/a | yes |
@@ -81,7 +85,10 @@ module "user_api" {
 | <a name="input_lambda_handler"></a> [lambda\_handler](#input\_lambda\_handler) | The handler for the Lambda function | `string` | n/a | yes |
 | <a name="input_lambda_security_group_ids"></a> [lambda\_security\_group\_ids](#input\_lambda\_security\_group\_ids) | The security group IDs for the Lambda function | `list(string)` | n/a | yes |
 | <a name="input_lambda_subnet_ids"></a> [lambda\_subnet\_ids](#input\_lambda\_subnet\_ids) | The subnet IDs for the Lambda function | `list(string)` | n/a | yes |
+| <a name="input_log_level"></a> [log\_level](#input\_log\_level) | The log level for the Lambda function | `string` | n/a | yes |
 | <a name="input_org"></a> [org](#input\_org) | organization name | `string` | n/a | yes |
+| <a name="input_power_tools_metrics_namespace"></a> [power\_tools\_metrics\_namespace](#input\_power\_tools\_metrics\_namespace) | The namespace for the PowerTools metrics | `string` | n/a | yes |
+| <a name="input_power_tools_service_name"></a> [power\_tools\_service\_name](#input\_power\_tools\_service\_name) | The service name for the PowerTools metrics | `string` | n/a | yes |
 | <a name="input_product"></a> [product](#input\_product) | product name | `string` | n/a | yes |
 | <a name="input_region"></a> [region](#input\_region) | region of the deployment | `string` | n/a | yes |
 

diff --git a/terraform/service/modules/api-server/main.tf b/terraform/service/modules/api-server/main.tf
@@ -37,13 +37,13 @@ resource "aws_lambda_function" "this" {
       DB_NAME                      = "main"
       DB_CONNECTOR                 = "mysql+pymysql"
       SECRET_NAME                  = var.db_secret_arn
-      POWERTOOLS_METRICS_NAMESPACE = "SampleAppc"
-      POWERTOOLS_SERVICE_NAME      = "SampleAppc"
-      ALLOW_ORIGINS                = "*"
-      ALLOW_CREDENTIALS            = true
-      ALLOW_METHODS                = "*"
-      ALLOW_HEADERS                = "*"
-      LOG_LEVEL                    = "DEBUG"
+      POWERTOOLS_METRICS_NAMESPACE = var.power_tools_metrics_namespace
+      POWERTOOLS_SERVICE_NAME      = var.power_tools_service_name
+      ALLOW_ORIGINS                = var.allow_origins
+      ALLOW_CREDENTIALS            = var.allow_credentials
+      ALLOW_METHODS                = var.allow_methods
+      ALLOW_HEADERS                = var.allow_headers
+      LOG_LEVEL                    = var.log_level
     }
   }
 

diff --git a/terraform/service/modules/api-server/variables.tf b/terraform/service/modules/api-server/variables.tf
@@ -44,3 +44,40 @@ variable "cognito_user_pool_arns" {
   description = "The ARNs of the Cognito user pools"
   type        = list(string)
 }
+
+variable "power_tools_metrics_namespace" {
+  description = "The namespace for the PowerTools metrics"
+  type        = string
+}
+
+variable "power_tools_service_name" {
+  description = "The service name for the PowerTools metrics"
+  type        = string
+}
+
+variable "allow_origins" {
+  description = "The allowed origins for the API Gateway"
+  type        = string
+}
+
+variable "allow_credentials" {
+  description = "The allowed credentials for the API Gateway"
+  type        = string
+}
+
+
+variable "allow_methods" {
+  description = "The allowed methods for the API Gateway"
+  type        = string
+}
+
+variable "allow_headers" {
+  description = "The allowed headers for the API Gateway"
+  type        = string
+}
+
+
+variable "log_level" {
+  description = "The log level for the Lambda function"
+  type        = string
+}