# Deploy and destroy the Lambda infrastructure

This notebooks contains scripts that help build and deploy a binary using the reader library to AWS Lambda.

In [5]:
import os

region_name="us-east-2"
binary_name="lambda"
aws_profile=os.environ["AWS_PROFILE"] # Specify the profile you want to use from your .aws/credentials file with the AWS_PROFILE env variable

Create a terraform container containing the binary to be deployed and the infra script, with `terraform init` already executed.

In [3]:
%%bash -s "$binary_name"
date
DOCKER_BUILDKIT=1 docker build -q \
    -f Dockerfile \
    --build-arg BIN_NAME=$1 \
    --target terraform \
    -t cloudfuse/cloud-reader-terraform \
    ..

Mon Aug  9 09:01:34 CEST 2021
sha256:f2865cf57273edf9abb40b9563f3c8cde8dd064d631d82090426a868478d23d3


In [4]:
%%bash -s "$aws_profile" "$region_name" "$binary_name"
date
docker run \
    --rm \
    -v $HOME/.aws/credentials:/creds:ro \
    -v cloud-reader-tf:/mnt/state_vol \
    cloudfuse/cloud-reader-terraform apply -var="profile=$1" -var="region_name=$2" -var="binary_name=$3" -auto-approve

Mon Aug  9 09:01:44 CEST 2021

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  [32m+[0m create
 [36m<=[0m read (data resources)
[0m
Terraform will perform the following actions:

[1m  # module.lambda_function.data.aws_iam_policy_document.logs[0][0m will be read during apply
  # (config refers to values not yet known)[0m[0m
[0m [36m<=[0m[0m data "aws_iam_policy_document" "logs"  {
      [32m+[0m [0m[1m[0mid[0m[0m   = (known after apply)
      [32m+[0m [0m[1m[0mjson[0m[0m = (known after apply)

      [32m+[0m [0mstatement {
          [32m+[0m [0m[1m[0mactions[0m[0m   = [
              [32m+[0m [0m"logs:CreateLogGroup",
              [32m+[0m [0m"logs:CreateLogStream",
              [32m+[0m [0m"logs:PutLogEvents",
            ]
          [32m+[0m [0m[1m[0meffect[0m[0m    = "Allow"
          [32m+[0m [0m[1m[0mresources[0m[0m = [
         

# Destroy AWS Lambda function

In [7]:
%%bash -s "$aws_profile" "$region_name" "$binary_name"
date
docker run \
    --rm \
    -v $HOME/.aws/credentials:/creds:ro \
    -v cloud-reader-tf:/mnt/state_vol \
    cloudfuse/cloud-reader-terraform destroy -var="profile=$1" -var="region_name=$2" -var="binary_name=$3" -auto-approve

Fri Aug  6 11:08:21 CEST 2021
[0m[1mmodule.lambda_function.aws_cloudwatch_log_group.lambda[0]: Refreshing state... [id=/aws/lambda/cloud-reader-benchmark][0m
[0m[1mmodule.lambda_function.aws_iam_role.lambda[0]: Refreshing state... [id=cloud-reader-benchmark][0m
[0m[1mmodule.lambda_function.aws_lambda_function.this[0]: Refreshing state... [id=cloud-reader-benchmark][0m
[0m[1mmodule.lambda_function.aws_iam_policy.logs[0]: Refreshing state... [id=arn:aws:iam::615900053518:policy/cloud-reader-benchmark-logs][0m
[0m[1mmodule.lambda_function.aws_iam_policy_attachment.logs[0]: Refreshing state... [id=cloud-reader-benchmark-logs][0m
[0m
[1m[36mNote:[0m[1m Objects have changed outside of Terraform[0m

[0mTerraform detected the following changes made outside of Terraform since the
last "terraform apply":

[1m  # module.lambda_function.aws_iam_role.lambda[0][0m has been changed[0m[0m
[0m  [33m~[0m[0m resource "aws_iam_role" "lambda" {
        [1m[0mid[0m[0m      

In [8]:
%%bash
# WARNING: deleting the volume before running `terraform destroy` will make it impossible to tear down the infrastructure automatically
date
docker volume rm cloud-reader-tf

Fri Aug  6 11:08:53 CEST 2021
cloud-reader-tf


In [9]:
%%bash
date
docker image rm cloudfuse/cloud-reader-terraform

Fri Aug  6 11:08:53 CEST 2021
Untagged: cloudfuse/cloud-reader-terraform:latest
Deleted: sha256:eb6f623bf02e87581f90b3be10ab94fa50e4dc77bc5fda97b5e8ca3732978b54
