Create a Lambda function zipped and stored in S3 to System Manager Paramter Store. It includes management of IAM roles to interact with parameters (encrypted and non-encrypted values).
Quick demo few AWS services and concepts:
- AWS IAM
- AWS System Manager Paramter Store
- AWS KMS
- AWS lambda
- Lambda CW logs setup
- Lambda S3 store
- Terraform
- Setup the environment
// setup-env.sh
export AWS_ACCESS_KEY_ID="<secret>"
export AWS_SECRET_ACCESS_KEY="<secret>"
export AWS_DEFAULT_REGION=us-east-1
export TF_VAR_database_password="<secret>"
export TF_VAR_aws_account_id="<secret>"
. ./setup-env.sh
- Create Infrastructure
terraform init
terraform plan
terraform apply -auto-approve
- Visit Console and trigger lambda
Created custom versioning of lambda code changes via node.js scripts. The gist of it is when versioning is done through the npm (patch, minor, major) the terraform configuration will pick up changes and push changes based on the version in the package.json
.
Publishing:
// Patch
yarn run version:patch
// Minor
yarn run version:minor
// Major
yarn run version:major
Deploying:
terraform plan
terraform apply -auto-approve