diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 2fedb3a768d1df3a35c52035400068f457f75509..9873f784b92a06d48beaaca254b04d157fd37686 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -27,7 +27,7 @@ Staging Plan:
- cd deploy/
- terraform init
- terraform workspace select staging || terraform workspace new staging
- - terraform plan
+ - terraform plan -var-file=vars/staging.tfvars
rules:
- if: '$CI_MERGE_REQUEST_TARGET_BRANCH_NAME =~ /^(master)$/ || $CI_COMMIT_BRANCH =~ /^(master)$/'
@@ -41,7 +41,7 @@ Staging Apply:
- cd -
- terraform init
- terraform workspace select staging
- - terraform apply -auto-approve
+ - terraform apply -var-file=vars/staging.tfvars -auto-approve
- echo "API_ENDPOINT=$(terraform output -raw api_endpoint)" >> ../deploy.env
artifacts:
reports:
@@ -79,7 +79,7 @@ Staging Destroy:
- cd deploy/
- terraform init
- terraform workspace select staging
- - terraform destroy -auto-approve
+ - terraform destroy -var-file=vars/staging.tfvars -auto-approve
rules:
- if: '$CI_COMMIT_BRANCH =~ /^(master)$/'
when: manual
diff --git a/deploy/.terraform.lock.hcl b/deploy/.terraform.lock.hcl
index 5faf07bdb2dce9e789687584079d24a62e4e24ed..e1ec1ea8b12df7a000c4c1d4f7a069b802d284df 100644
--- a/deploy/.terraform.lock.hcl
+++ b/deploy/.terraform.lock.hcl
@@ -3,7 +3,7 @@
provider "registry.terraform.io/hashicorp/archive" {
version = "2.1.0"
- constraints = ">= 2.1.0"
+ constraints = "~> 2.1"
hashes = [
"h1:K4Q9hmTnCrGbXZBq2hf6CbekHx5oXFwPBmWOwAPNqtM=",
"h1:Rjd4bHMA69V+16tiriAUTW8vvqoljzNLmEaRBCgzpUs=",
@@ -23,39 +23,22 @@ provider "registry.terraform.io/hashicorp/archive" {
}
provider "registry.terraform.io/hashicorp/aws" {
- version = "3.30.0"
- constraints = ">= 3.30.0"
+ version = "3.33.0"
+ constraints = "~> 3.30"
hashes = [
- "h1:H1Vg0BX4XMIQAE6NEOR95wst+ETcrv/tSwz+m04rszE=",
- "h1:PmKa3uxO2mDA5FJfGmpX+4e0x70vFLV5Ka9NxkuMpUo=",
- "h1:z9kdXY2A/+dIZrPy9hNlg/B5I/AuETQsp0jz9EgprIQ=",
- "zh:01f562a6a31fe46a8ca74804f360e3452b26f71abc549ce1f0ab5a8af2484cdf",
- "zh:25bacc5ed725051f0ab1f7d575e45c901e5b8e1d50da4156a31dda92b2b7e481",
- "zh:349b79979d9169db614d8ebd1bc2e0caeb7a38dc816e261b8b2b4b5204615519",
- "zh:5e41446acc54c6fc15e82c3fa14b72174b30eba81e0711ede297e5620c55a628",
- "zh:68ad98f6d612bdc35a65d48950abc8e75c69decb49db28258ce8eeb5458586b7",
- "zh:704603d65e8bac17d203b57c2db142c3134a91076e1b4a31c40f75eb3257dde8",
- "zh:a362c700032b2db047d16007d52f28b3f216d32671b6b355d23bdaa082c66a4b",
- "zh:bd197797b41268de3c93cad02b7c655dc0c4d8661abb37544ca049e6b1eccae6",
- "zh:deb12ef0e3396a71d485977ddc14b695775f7937097ebf2b2f53ed348a4365e7",
- "zh:ec8a7d0f02738f290107d39bf401d68ddce82a95cd9d998003f7e04b3a196411",
- "zh:ffcc43b6c5e7f26c55e2a8c539d7370fca8042722400a3e06bdce4240bd7088a",
- ]
-}
-
-provider "registry.terraform.io/hashicorp/template" {
- version = "2.2.0"
- hashes = [
- "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
- "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
- "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
- "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
- "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
- "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
- "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
- "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
- "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
- "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
- "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+ "h1:4+2CO4Pb3BKwI0MD+DBmnX5GFsYTs47y6w4/kQbPJIQ=",
+ "h1:UJcZV5+xJmHHDCsm+s8+xMonccZvVD0jdGwHAoi7nJg=",
+ "h1:dfszrcpjXjaZN3XsCz7TWhucZkNxZ6AVyoL890K+RdI=",
+ "zh:0e89b10323a59de9dd6f286423cc172cb1733683d654c886493c3bd4e43e6290",
+ "zh:288df55f0f4fac1e920cfa61616ac42a4e4414bd7a637902db03d0c7101f14ca",
+ "zh:303c9136c5bf97e6c1deda6e27f0d0931fe0eaaab547bf219b996623fb0ad522",
+ "zh:457a5da9f323e2781942df534153d000ea81727798ee0771177009d84b04aad7",
+ "zh:857fa3e29cc25ace76556a5edfded41628a3380cebf457e627576a83084852f8",
+ "zh:85e1eb383372f834630fac7b02ec9ae1e33d24d61cf5a7d832583a16e6b5add4",
+ "zh:9dd01eb05ac73146ac5f25421b7683fe4bffec23e408162887e1265f9bfe8462",
+ "zh:b1561e1335754ec93a54f45c18dc1cab70f38bc08adf244d793791134f5641ef",
+ "zh:bb96f57b80e3d94ee4bc05a5450fdd796424272b46cfc67ff9d094d5316c5fac",
+ "zh:e4ce241d8b5dd1124dc0f1da6c0840ab777de8717dac6e76afbbad9883f5ce34",
+ "zh:f2b292e813844d6d611db89017fc420ac05f2e3b25324e3c893481d375e23396",
]
}
diff --git a/deploy/api-gateway.tf b/deploy/api-gateway.tf
index f8443d9eb855838b89dd259185a47b6812ba3ba4..7b31edb8c70cebd700d1a002dd897e0e23365bf6 100644
--- a/deploy/api-gateway.tf
+++ b/deploy/api-gateway.tf
@@ -1,6 +1,7 @@
resource "aws_api_gateway_rest_api" "main" {
name = "${local.prefix}-main"
description = "Internet facing API in order to access Lambda for DynamoDB CRUD operations"
+ tags = local.common_tags
}
resource "aws_api_gateway_resource" "access" {
@@ -56,6 +57,7 @@ resource "aws_lambda_permission" "crud" {
# within the API Gateway REST API.
source_arn = "${aws_api_gateway_rest_api.main.execution_arn}/*/*"
}
+
resource "aws_lambda_permission" "index" {
statement_id = "AllowAPIGatewayInvoke"
action = "lambda:InvokeFunction"
@@ -76,6 +78,7 @@ resource "aws_api_gateway_deployment" "main" {
}
rest_api_id = aws_api_gateway_rest_api.main.id
+
lifecycle {
create_before_destroy = true
}
@@ -89,6 +92,10 @@ resource "aws_api_gateway_stage" "main" {
tags = local.common_tags
}
+output "api_endpoint" {
+ value = aws_api_gateway_stage.main.invoke_url
+}
+
resource "aws_api_gateway_method_settings" "general_settings" {
rest_api_id = aws_api_gateway_rest_api.main.id
stage_name = aws_api_gateway_stage.main.stage_name
diff --git a/deploy/dashboard.tf b/deploy/dashboard.tf
index 38486f608acc4324533d9f224ed5a36b665dcff8..5800d97a193d99aa8c29e186a55326d90522c14e 100644
--- a/deploy/dashboard.tf
+++ b/deploy/dashboard.tf
@@ -14,4 +14,4 @@ resource "aws_cloudwatch_dashboard" "main" {
output "dashboard_json" {
value = aws_cloudwatch_dashboard.main.dashboard_body
-}
\ No newline at end of file
+}
diff --git a/deploy/dynamodb.tf b/deploy/dynamodb.tf
index 5c7f89fef3145bbd653e9c9e1212d83a613b80c9..8af33a12f59075a9df1fd2f752850de9f045a765 100644
--- a/deploy/dynamodb.tf
+++ b/deploy/dynamodb.tf
@@ -2,8 +2,8 @@ resource "aws_dynamodb_table" "main" {
name = "${local.prefix}-main-db"
hash_key = "ID"
billing_mode = "PROVISIONED"
- write_capacity = 5
- read_capacity = 5
+ read_capacity = var.dynamodb_read_capacity
+ write_capacity = var.dynamodb_write_capacity
attribute {
name = "ID"
@@ -11,4 +11,8 @@ resource "aws_dynamodb_table" "main" {
}
tags = local.common_tags
+
+ lifecycle {
+ prevent_destroy = true
+ }
}
diff --git a/deploy/outputs.tf b/deploy/outputs.tf
deleted file mode 100644
index 2fae12f26feb0bc189626f902557918b2b3bd98c..0000000000000000000000000000000000000000
--- a/deploy/outputs.tf
+++ /dev/null
@@ -1,3 +0,0 @@
-output "api_endpoint" {
- value = aws_api_gateway_stage.main.invoke_url
-}
\ No newline at end of file
diff --git a/deploy/variables.tf b/deploy/variables.tf
index 2cb2f1aa25838b3b3157512e380b2b5a17cf9d83..ce5736bf963f6057b715085db6c9831eb4a544a5 100644
--- a/deploy/variables.tf
+++ b/deploy/variables.tf
@@ -19,11 +19,19 @@ variable "aws_region" {
}
variable "slack_webhook_url" {
- sensitive = true
type = string
+ sensitive = true
}
variable "sns_topic_name" {
- default = "edebrye-cloudmon"
type = string
+ default = "edebrye-cloudmon"
+}
+
+variable "dynamodb_read_capacity" {
+ type = number
+}
+
+variable "dynamodb_write_capacity" {
+ type = number
}
diff --git a/deploy/vars/staging.tfvars b/deploy/vars/staging.tfvars
new file mode 100644
index 0000000000000000000000000000000000000000..387fc691d73c9e4d56f68b7a59ab177885beccad
--- /dev/null
+++ b/deploy/vars/staging.tfvars
@@ -0,0 +1,2 @@
+dynamodb_read_capacity = 5
+dynamodb_write_capacity = 5
\ No newline at end of file