Closed jpalomaki closed 3 weeks ago
FWIW, I've run a quick smoke test using my fork branch as source
/terratest
@dudymas I've now added a depends_on
that ought to fix the race, can you re-run the tests?
/terratest
Looking good! Now, you'll just need to make sure when enabled=false
that the bucket and other resources aren't created. Sorry for the rigor, but we've got to make sure disabling a component truly does not create any resources. See test step here: https://github.com/cloudposse/terraform-aws-lambda-function/blob/db40e8895f1a4ff77c82d5961fb84efdf86acd7d/test/src/examples_complete_test.go#L62
@dudymas All right, I've now added count
's to the new resources
/terratest
unfortunately, terraform doesn't handle counts of 0
very well on its own. I recommend using the join()
function for the bucket arn, similar to here: https://github.com/cloudposse/terraform-aws-lambda-function/blob/b9923cf8a0f9b6cfd2664565f17f75c57bc51f24/examples/complete/main.tf#L10
unfortunately, terraform doesn't handle counts of
0
very well on its own. I recommend using thejoin()
function for the bucket arn, similar to here:
Oh right, the module instance itself isn't guarded by a count. Should be fixed now.
/terratest
/terratest
@jpalomaki could you please address this linter error:
Raw Output: main.tf:109:50: warning: List items should be accessed using square brackets ()
Should be like:
join("", aws_s3_bucket.example[*].arn)
/terratest
@dudymas @gberenice I've now fixed that linter warning, but looks like I can't run terratest myself
/terratest
@gberenice I've now fixed the apparent formatting errors, please retest
/terratest
@jpalomaki thanks for contribution!
These changes were released in v0.5.6.
what
Allow lambda configuration author to optionally declare
lambda:InvokeFunction
lambda permissions directly in this module.More complex permissions configurations could still be done outside of this module.
why
This co-locates permissions related to the lambda in the module configuration (where we also declare lambda IAM role permissions), which can help a reader understand where the lambda is invoked from, e.g. in cases where the actual event sources are declared in a different root configuration.
In our specific use case, we use terragrunt to deploy the lambda function (straight from terraform registry module), so this feature would also help us avoid having to create a wrapper module just to add the necessary permission resources.
questions
lambda:InvokeFunction
and keep the number of attributes a user has to fill in, small. Does this look like a sane approach (looks like it could cover a lot of ground already, judging by examples)?for_each
is keyed by list index, which isn't ideal, since it would force recreations if items are shuffled/insertedreferences
Slack discussion, cc/ @osterman