Add terraform infrastructure as code example

Makefile

@@ -1,4 +1,4 @@
-all:
+install:
 	cd lambda-layers && $(MAKE)
 
 clean:

cdk.json

@@ -1,3 +1,3 @@
 {
-  "app": "make && python3 cdk/app.py"
+  "app": "make install && python3 cdk/app.py"
 }

lambda-layers/Makefile

@@ -1,4 +1,4 @@
-all:
+install:
 	cd fastapi && $(MAKE)
 
 clean:

lambda-layers/fastapi/Makefile

@@ -1,5 +1,5 @@
-all:
-	[ -d "modules/python" ] || pip install -r requirements.txt -t modules/python/ --platform manylinux2014_x86_64 --only-binary=:all:
+install:
+	[ -d "modules/python" ] || pip install -r requirements.txt -t modules/python/ --platform manylinux2014_x86_64 --python-version 3.12 --implementation cp --only-binary=:all: --upgrade
 
 clean:
 	rm -rf modules

lambda-layers/fastapi/requirements.txt

@@ -1,4 +1,3 @@
 fastapi==0.109.0
 mangum==0.17.0
-pydantic>=2.5.3
-pydantic_core>=2.14.6
+pydantic==2.6.1

terraform/backend.tf

@@ -0,0 +1,7 @@
+terraform {
+  backend "s3" {
+    bucket = "san99tiago-terraform-backend-dev" # Update to another backend as needed
+    key    = "terraform.fastapi.json"
+    region = "us-east-1"
+  }
+}

terraform/lambda.tf

@@ -0,0 +1,92 @@
+data "aws_iam_policy_document" "lambda_trust_policy" {
+  statement {
+    effect  = "Allow"
+    actions = ["sts:AssumeRole"]
+    principals {
+      type        = "Service"
+      identifiers = ["lambda.amazonaws.com"]
+    }
+  }
+}
+
+resource "aws_iam_role" "lambda_role" {
+  name               = "${var.main_resources_name}-role-${var.environment}"
+  assume_role_policy = data.aws_iam_policy_document.lambda_trust_policy.json
+}
+
+# Add "AWSLambdaBasicExecutionRole" to the role for the Lambda Function
+resource "aws_iam_role_policy_attachment" "lambda_basic_execution_role" {
+  role       = aws_iam_role.lambda_role.name
+  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
+}
+
+# Create ZIP file for the source code at deployment time
+data "archive_file" "lambda_source_package" {
+  type        = "zip"
+  source_dir  = "${local.src_root_path}/lambdas"
+  output_path = "${local.src_root_path}/lambda_package.zip"
+}
+
+# Lambda Layer Install (Python dependencies)
+resource "null_resource" "lambda_layer_install_deps" {
+  provisioner "local-exec" {
+    command     = "make install"
+    working_dir = local.root_path
+  }
+
+  # Enforce to always execute the command
+  triggers = {
+    always_run = "${timestamp()}"
+  }
+}
+
+# Create ZIP file for Lambda Layer (Python dependencies)
+data "archive_file" "lambda_layer_package" {
+  type        = "zip"
+  source_dir  = "${local.lambda_layers_root_path}/fastapi/modules"
+  output_path = "${local.lambda_layers_root_path}/fastapi/modules/lambda_layer_package.zip"
+
+  depends_on = [null_resource.lambda_layer_install_deps]
+}
+
+# Lambda Layer
+resource "aws_lambda_layer_version" "lambda_layer" {
+  filename                 = "${local.lambda_layers_root_path}/fastapi/modules/lambda_layer_package.zip"
+  layer_name               = "${var.main_resources_name}-layer"
+  compatible_runtimes      = ["python3.12"]
+  compatible_architectures = ["x86_64"]
+  source_code_hash         = data.archive_file.lambda_layer_package.output_base64sha256 # Enforce re-deploy on changes
+
+  depends_on = [data.archive_file.lambda_layer_package]
+
+}
+
+resource "aws_lambda_function" "lambda" {
+  function_name    = "${var.main_resources_name}-${var.environment}"
+  filename         = "${local.src_root_path}/lambda_package.zip"
+  handler          = "api/main.handler"
+  role             = aws_iam_role.lambda_role.arn
+  runtime          = "python3.12"
+  timeout          = 20
+  architectures    = ["x86_64"]
+  layers           = [aws_lambda_layer_version.lambda_layer.arn]
+  source_code_hash = data.archive_file.lambda_source_package.output_base64sha256 # Enforce re-deploy on changes
+
+
+  environment {
+    variables = {
+      ENVIRONMENT = var.environment
+    }
+  }
+
+  depends_on = [
+    data.archive_file.lambda_source_package,
+    data.archive_file.lambda_layer_package,
+  ]
+
+}
+
+resource "aws_lambda_function_url" "lambda_url" {
+  function_name      = aws_lambda_function.lambda.function_name
+  authorization_type = "NONE"
+}

terraform/locals.tf

@@ -0,0 +1,7 @@
+locals {
+  # Paths for loading the code related to the Lambda Functions
+  module_path             = abspath(path.module)
+  root_path               = abspath("${path.module}/..")
+  src_root_path           = abspath("${path.module}/../src")
+  lambda_layers_root_path = abspath("${path.module}/../lambda-layers")
+}

terraform/provider.tf

@@ -0,0 +1,11 @@
+provider "aws" {
+  region  = "us-east-1"
+
+  default_tags {
+    tags = {
+      "Owner": "Santiago Garcia Arango",
+      "Source"= "https://github.com/san99tiago/aws-fastapi-lambda",
+      "Usage"= "Sample project to illustrate a quick easy FastAPI deployment on Lambda Functions"
+    }
+  }
+}

terraform/variables.tf

@@ -0,0 +1,11 @@
+variable "environment" {
+  type        = string
+  description = "Environment for the deployment"
+  default     = "dev"
+}
+
+variable "main_resources_name" {
+  type        = string
+  description = "Main resources across the deployment"
+  default     = "fastapi-lambda"
+}