diff --git a/modules/apigw/main.tf b/modules/apigw/main.tf index aad0b09..8fc7ab9 100644 --- a/modules/apigw/main.tf +++ b/modules/apigw/main.tf @@ -11,7 +11,7 @@ resource "aws_api_gateway_rest_api" "api" { #apigw role resource "aws_api_gateway_account" "apigw_account" { - depends_on = [aws_iam_role_policy.cloudwatch] + depends_on = [aws_iam_role_policy.cloudwatch] cloudwatch_role_arn = aws_iam_role.cloudwatch.arn } @@ -80,20 +80,20 @@ resource "aws_api_gateway_method" "redirect_method" { resource "aws_api_gateway_integration" "redirect_integration" { rest_api_id = aws_api_gateway_rest_api.api.id resource_id = aws_api_gateway_rest_api.api.root_resource_id - http_method = aws_api_gateway_method.redirect_method.http_method - type = "MOCK" + http_method = aws_api_gateway_method.redirect_method.http_method + type = "MOCK" request_templates = { "application/json" = <<-EOF { "statusCode" : 302 } EOF -} + } } resource "aws_api_gateway_method_response" "redirect" { rest_api_id = aws_api_gateway_rest_api.api.id resource_id = aws_api_gateway_rest_api.api.root_resource_id - http_method = aws_api_gateway_method.redirect_method.http_method + http_method = aws_api_gateway_method.redirect_method.http_method response_parameters = { "method.response.header.Location" = true @@ -105,8 +105,8 @@ resource "aws_api_gateway_method_response" "redirect" { resource "aws_api_gateway_integration_response" "redirect_integration_response" { rest_api_id = aws_api_gateway_rest_api.api.id resource_id = aws_api_gateway_rest_api.api.root_resource_id - http_method = aws_api_gateway_method.redirect_method.http_method - status_code = aws_api_gateway_method_response.redirect.status_code + http_method = aws_api_gateway_method.redirect_method.http_method + status_code = aws_api_gateway_method_response.redirect.status_code response_parameters = { "method.response.header.Location" = "'/v1/ui'" diff --git a/modules/apigw/outputs.tf b/modules/apigw/outputs.tf index 174085f..709b2d1 100644 --- a/modules/apigw/outputs.tf +++ b/modules/apigw/outputs.tf @@ -1,3 +1,3 @@ output "invoke_url" { - value = aws_api_gateway_deployment.api_deployment.invoke_url + value = aws_api_gateway_deployment.api_deployment.invoke_url } \ No newline at end of file diff --git a/modules/database/main.tf b/modules/database/main.tf index 883b5d5..5a153e6 100644 --- a/modules/database/main.tf +++ b/modules/database/main.tf @@ -3,7 +3,7 @@ data "aws_region" "current" {} resource "aws_rds_cluster" "rds_cluster" { cluster_identifier = "${var.namespace}-aurora-cluster" engine = "aurora-mysql" - availability_zones = ["${data.aws_region.current.name}a","${data.aws_region.current.name}b","${data.aws_region.current.name}c"] + availability_zones = ["${data.aws_region.current.name}a", "${data.aws_region.current.name}b", "${data.aws_region.current.name}c"] database_name = "petstore" master_username = var.rds_user master_password = var.rds_password @@ -12,7 +12,8 @@ resource "aws_rds_cluster" "rds_cluster" { preferred_backup_window = "04:00-07:00" engine_mode = "serverless" scaling_configuration { - max_capacity = 2 - min_capacity = 2 + max_capacity = 2 + min_capacity = 2 } + vpc_security_group_ids = [var.sg.db] } diff --git a/modules/lambda/main.tf b/modules/lambda/main.tf index ce9d2e0..70eaae2 100644 --- a/modules/lambda/main.tf +++ b/modules/lambda/main.tf @@ -58,13 +58,13 @@ resource "aws_default_subnet" "default_az3" { #lambda function resource "aws_lambda_function" "lambda_function" { - filename = "${path.module}/../../dist/function.zip" - function_name = "${var.namespace}-lambda" - handler = "deployment" - role = aws_iam_role.lambda_role.arn - memory_size = 256 - runtime = "go1.x" - timeout = 60 + filename = "${path.module}/../../dist/function.zip" + function_name = "${var.namespace}-lambda" + handler = "deployment" + role = aws_iam_role.lambda_role.arn + memory_size = 256 + runtime = "go1.x" + timeout = 60 reserved_concurrent_executions = 1 environment { @@ -78,7 +78,7 @@ resource "aws_lambda_function" "lambda_function" { } vpc_config { - subnet_ids = [aws_default_subnet.default_az1.id,aws_default_subnet.default_az2.id,aws_default_subnet.default_az3.id] + subnet_ids = [aws_default_subnet.default_az1.id, aws_default_subnet.default_az2.id, aws_default_subnet.default_az3.id] security_group_ids = [var.sg.lambda] } } diff --git a/modules/networking/main.tf b/modules/networking/main.tf index 4832752..a92e6c6 100644 --- a/modules/networking/main.tf +++ b/modules/networking/main.tf @@ -4,7 +4,19 @@ resource "aws_default_vpc" "default" { } module "lambda_sg" { - source = "scottwinkler/sg/aws" - vpc_id = aws_default_vpc.default.id + source = "terraform-in-action/sg/aws" + vpc_id = aws_default_vpc.default.id ingress_rules = [] } + +module "db_sg" { + source = "terraform-in-action/sg/aws" + vpc_id = aws_default_vpc.default.id + ingress_rules = [ + { + protocol = "tcp" + port = 3306 + security_groups = [module.lambda_sg.security_group.id] + } + ] +} diff --git a/modules/networking/outputs.tf b/modules/networking/outputs.tf index 33c1dfc..9dc56b2 100644 --- a/modules/networking/outputs.tf +++ b/modules/networking/outputs.tf @@ -1,5 +1,6 @@ output "sg" { value = { lambda = module.lambda_sg.security_group.id + db = module.db_sg.security_group.id } } \ No newline at end of file diff --git a/modules/networking/variables.tf b/modules/networking/variables.tf index 9a3e917..6857747 100644 --- a/modules/networking/variables.tf +++ b/modules/networking/variables.tf @@ -1,3 +1,3 @@ variable "namespace" { - type = string + type = string } \ No newline at end of file diff --git a/outputs.tf b/outputs.tf index 51fb173..28c18f4 100644 --- a/outputs.tf +++ b/outputs.tf @@ -1,3 +1,3 @@ output "address" { - value = module.apigw.invoke_url + value = module.apigw.invoke_url }