From 610d602bb2038d3c2719c14d938b303cefcccac9 Mon Sep 17 00:00:00 2001 From: Mike Carey <32496966+mike-carey@users.noreply.github.com> Date: Fri, 27 Oct 2023 12:08:58 -0500 Subject: [PATCH 1/4] feat: Allows tags to be provided only to the function (#508) Co-authored-by: Mike Carey --- README.md | 1 + examples/complete/main.tf | 4 ++++ main.tf | 2 +- variables.tf | 6 ++++++ wrappers/main.tf | 1 + 5 files changed, 13 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index c3514c78..7ff45dff 100644 --- a/README.md +++ b/README.md @@ -789,6 +789,7 @@ No modules. | [file\_system\_arn](#input\_file\_system\_arn) | The Amazon Resource Name (ARN) of the Amazon EFS Access Point that provides access to the file system. | `string` | `null` | no | | [file\_system\_local\_mount\_path](#input\_file\_system\_local\_mount\_path) | The path where the function can access the file system, starting with /mnt/. | `string` | `null` | no | | [function\_name](#input\_function\_name) | A unique name for your Lambda Function | `string` | `""` | no | +| [function\_tags](#input\_function\_tags) | A map of tags to assign only to the lambda function | `map(string)` | `{}` | no | | [handler](#input\_handler) | Lambda Function entrypoint in your code | `string` | `""` | no | | [hash\_extra](#input\_hash\_extra) | The string to add into hashing function. Useful when building same source path for different functions. | `string` | `""` | no | | [ignore\_source\_code\_hash](#input\_ignore\_source\_code\_hash) | Whether to ignore changes to the function's source code hash. Set to true if you manage infrastructure and code deployments separately. | `bool` | `false` | no | diff --git a/examples/complete/main.tf b/examples/complete/main.tf index ec7b56d1..ef487199 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -172,6 +172,10 @@ module "lambda_function" { delete = "20m" } + function_tags = { + Language = "python" + } + tags = { Module = "lambda1" } diff --git a/main.tf b/main.tf index 78ec8df3..f8433369 100644 --- a/main.tf +++ b/main.tf @@ -118,7 +118,7 @@ resource "aws_lambda_function" "this" { delete = try(var.timeouts.delete, null) } - tags = var.tags + tags = merge(var.tags, var.function_tags) depends_on = [ null_resource.archive, diff --git a/variables.tf b/variables.tf index a3215394..b085b895 100644 --- a/variables.tf +++ b/variables.tf @@ -182,6 +182,12 @@ variable "tags" { default = {} } +variable "function_tags" { + description = "A map of tags to assign only to the lambda function" + type = map(string) + default = {} +} + variable "s3_object_tags" { description = "A map of tags to assign to S3 bucket object." type = map(string) diff --git a/wrappers/main.tf b/wrappers/main.tf index f4a520bf..4a101cd2 100644 --- a/wrappers/main.tf +++ b/wrappers/main.tf @@ -33,6 +33,7 @@ module "wrapper" { vpc_subnet_ids = try(each.value.vpc_subnet_ids, var.defaults.vpc_subnet_ids, null) vpc_security_group_ids = try(each.value.vpc_security_group_ids, var.defaults.vpc_security_group_ids, null) tags = try(each.value.tags, var.defaults.tags, {}) + function_tags = try(each.value.function_tags, var.defaults.function_tags, {}) s3_object_tags = try(each.value.s3_object_tags, var.defaults.s3_object_tags, {}) s3_object_tags_only = try(each.value.s3_object_tags_only, var.defaults.s3_object_tags_only, false) package_type = try(each.value.package_type, var.defaults.package_type, "Zip") From 9e2fff8bc4117fcc0d077c0a30a7cbf840a60478 Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Fri, 27 Oct 2023 17:09:26 +0000 Subject: [PATCH 2/4] chore(release): version 6.1.0 [skip ci] ## [6.1.0](https://github.com/terraform-aws-modules/terraform-aws-lambda/compare/v6.0.1...v6.1.0) (2023-10-27) ### Features * Allows tags to be provided only to the function ([#508](https://github.com/terraform-aws-modules/terraform-aws-lambda/issues/508)) ([610d602](https://github.com/terraform-aws-modules/terraform-aws-lambda/commit/610d602bb2038d3c2719c14d938b303cefcccac9)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index c59a789e..4313cb26 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [6.1.0](https://github.com/terraform-aws-modules/terraform-aws-lambda/compare/v6.0.1...v6.1.0) (2023-10-27) + + +### Features + +* Allows tags to be provided only to the function ([#508](https://github.com/terraform-aws-modules/terraform-aws-lambda/issues/508)) ([610d602](https://github.com/terraform-aws-modules/terraform-aws-lambda/commit/610d602bb2038d3c2719c14d938b303cefcccac9)) + ### [6.0.1](https://github.com/terraform-aws-modules/terraform-aws-lambda/compare/v6.0.0...v6.0.1) (2023-10-05) From 180da4cb0a720f7138e6504700ddfe8d9c63abfd Mon Sep 17 00:00:00 2001 From: AJ Schmidt Date: Fri, 27 Oct 2023 14:00:25 -0400 Subject: [PATCH 3/4] feat: Make `compatible_runtimes` optional, added sam metadata control (#493) Co-authored-by: Anton Babenko Co-authored-by: semantic-release-bot --- examples/alias/main.tf | 1 - examples/async/main.tf | 1 - examples/build-package/main.tf | 1 - examples/code-signing/main.tf | 1 - examples/complete/main.tf | 1 - examples/container-image/main.tf | 1 - examples/deploy/main.tf | 1 - examples/event-source-mapping/main.tf | 1 - examples/multiple-regions/main.tf | 2 -- examples/simple/main.tf | 1 - examples/triggers/main.tf | 1 - examples/with-efs/main.tf | 1 - examples/with-vpc-s3-endpoint/main.tf | 1 - examples/with-vpc/main.tf | 1 - main.tf | 2 +- modules/docker-build/README.md | 1 + modules/docker-build/main.tf | 2 ++ modules/docker-build/variables.tf | 6 ++++++ wrappers/docker-build/main.tf | 1 + 19 files changed, 11 insertions(+), 16 deletions(-) diff --git a/examples/alias/main.tf b/examples/alias/main.tf index 5a37e057..1dc58511 100644 --- a/examples/alias/main.tf +++ b/examples/alias/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } data "aws_organizations_organization" "this" {} diff --git a/examples/async/main.tf b/examples/async/main.tf index 095b249d..8c234026 100644 --- a/examples/async/main.tf +++ b/examples/async/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } resource "random_pet" "this" { diff --git a/examples/build-package/main.tf b/examples/build-package/main.tf index 11c1ce06..ddee6eb8 100644 --- a/examples/build-package/main.tf +++ b/examples/build-package/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } resource "random_pet" "this" { diff --git a/examples/code-signing/main.tf b/examples/code-signing/main.tf index ba8bc6b1..7ce74e1b 100644 --- a/examples/code-signing/main.tf +++ b/examples/code-signing/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } ################################################################################ diff --git a/examples/complete/main.tf b/examples/complete/main.tf index ef487199..0f2d0a8c 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } data "aws_caller_identity" "current" {} diff --git a/examples/container-image/main.tf b/examples/container-image/main.tf index 9cc6e411..d19be410 100644 --- a/examples/container-image/main.tf +++ b/examples/container-image/main.tf @@ -11,7 +11,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } provider "docker" { diff --git a/examples/deploy/main.tf b/examples/deploy/main.tf index d356b500..96269036 100644 --- a/examples/deploy/main.tf +++ b/examples/deploy/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } resource "random_pet" "this" { diff --git a/examples/event-source-mapping/main.tf b/examples/event-source-mapping/main.tf index 46253c35..977ace23 100644 --- a/examples/event-source-mapping/main.tf +++ b/examples/event-source-mapping/main.tf @@ -6,7 +6,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } data "aws_availability_zones" "available" {} diff --git a/examples/multiple-regions/main.tf b/examples/multiple-regions/main.tf index 4406c0c2..dd2e229c 100644 --- a/examples/multiple-regions/main.tf +++ b/examples/multiple-regions/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } provider "aws" { @@ -16,7 +15,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } ################################ diff --git a/examples/simple/main.tf b/examples/simple/main.tf index 010f7c76..ab9aba1a 100644 --- a/examples/simple/main.tf +++ b/examples/simple/main.tf @@ -6,7 +6,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } resource "random_pet" "this" { diff --git a/examples/triggers/main.tf b/examples/triggers/main.tf index 9e9171ef..06627afd 100644 --- a/examples/triggers/main.tf +++ b/examples/triggers/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } ########################################## diff --git a/examples/with-efs/main.tf b/examples/with-efs/main.tf index 97c12569..8fcd8787 100644 --- a/examples/with-efs/main.tf +++ b/examples/with-efs/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } resource "random_pet" "this" { diff --git a/examples/with-vpc-s3-endpoint/main.tf b/examples/with-vpc-s3-endpoint/main.tf index 939dc5ee..3c37db51 100644 --- a/examples/with-vpc-s3-endpoint/main.tf +++ b/examples/with-vpc-s3-endpoint/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } data "aws_region" "current" {} diff --git a/examples/with-vpc/main.tf b/examples/with-vpc/main.tf index 42cde394..1d4b6179 100644 --- a/examples/with-vpc/main.tf +++ b/examples/with-vpc/main.tf @@ -5,7 +5,6 @@ provider "aws" { skip_metadata_api_check = true skip_region_validation = true skip_credentials_validation = true - skip_requesting_account_id = true } resource "random_pet" "this" { diff --git a/main.tf b/main.tf index f8433369..a7bbf09b 100644 --- a/main.tf +++ b/main.tf @@ -151,7 +151,7 @@ resource "aws_lambda_layer_version" "this" { description = var.description license_info = var.license_info - compatible_runtimes = length(var.compatible_runtimes) > 0 ? var.compatible_runtimes : [var.runtime] + compatible_runtimes = length(var.compatible_runtimes) > 0 ? var.compatible_runtimes : (var.runtime == "" ? null : [var.runtime]) compatible_architectures = var.compatible_architectures skip_destroy = var.layer_skip_destroy diff --git a/modules/docker-build/README.md b/modules/docker-build/README.md index bfd753bb..0cf1cc81 100644 --- a/modules/docker-build/README.md +++ b/modules/docker-build/README.md @@ -87,6 +87,7 @@ No modules. |------|-------------|------|---------|:--------:| | [build\_args](#input\_build\_args) | A map of Docker build arguments. | `map(string)` | `{}` | no | | [create\_ecr\_repo](#input\_create\_ecr\_repo) | Controls whether ECR repository for Lambda image should be created | `bool` | `false` | no | +| [create\_sam\_metadata](#input\_create\_sam\_metadata) | Controls whether the SAM metadata null resource should be created | `bool` | `false` | no | | [docker\_file\_path](#input\_docker\_file\_path) | Path to Dockerfile in source package | `string` | `"Dockerfile"` | no | | [ecr\_address](#input\_ecr\_address) | Address of ECR repository for cross-account container image pulling (optional). Option `create_ecr_repo` must be `false` | `string` | `null` | no | | [ecr\_force\_delete](#input\_ecr\_force\_delete) | If true, will delete the repository even if it contains images. | `bool` | `true` | no | diff --git a/modules/docker-build/main.tf b/modules/docker-build/main.tf index b02e094b..dc9ad310 100644 --- a/modules/docker-build/main.tf +++ b/modules/docker-build/main.tf @@ -51,6 +51,8 @@ resource "aws_ecr_lifecycle_policy" "this" { # to the TF application. This resource will maintain the metadata information about the image type lambda # functions. It will contain the information required to build the docker image locally. resource "null_resource" "sam_metadata_docker_registry_image" { + count = var.create_sam_metadata ? 1 : 0 + triggers = { resource_type = "IMAGE_LAMBDA_FUNCTION" docker_context = var.source_path diff --git a/modules/docker-build/variables.tf b/modules/docker-build/variables.tf index 9b8843f3..a59548a8 100644 --- a/modules/docker-build/variables.tf +++ b/modules/docker-build/variables.tf @@ -4,6 +4,12 @@ variable "create_ecr_repo" { default = false } +variable "create_sam_metadata" { + description = "Controls whether the SAM metadata null resource should be created" + type = bool + default = false +} + variable "ecr_address" { description = "Address of ECR repository for cross-account container image pulling (optional). Option `create_ecr_repo` must be `false`" type = string diff --git a/wrappers/docker-build/main.tf b/wrappers/docker-build/main.tf index e92cd2b6..c53be636 100644 --- a/wrappers/docker-build/main.tf +++ b/wrappers/docker-build/main.tf @@ -4,6 +4,7 @@ module "wrapper" { for_each = var.items create_ecr_repo = try(each.value.create_ecr_repo, var.defaults.create_ecr_repo, false) + create_sam_metadata = try(each.value.create_sam_metadata, var.defaults.create_sam_metadata, false) ecr_address = try(each.value.ecr_address, var.defaults.ecr_address, null) ecr_repo = try(each.value.ecr_repo, var.defaults.ecr_repo, null) image_tag = try(each.value.image_tag, var.defaults.image_tag, null) From d4bc88a96e799f272ea58587e7d80d8a7e3d4a2e Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Fri, 27 Oct 2023 18:00:51 +0000 Subject: [PATCH 4/4] chore(release): version 6.2.0 [skip ci] ## [6.2.0](https://github.com/terraform-aws-modules/terraform-aws-lambda/compare/v6.1.0...v6.2.0) (2023-10-27) ### Features * Make `compatible_runtimes` optional, added sam metadata control ([#493](https://github.com/terraform-aws-modules/terraform-aws-lambda/issues/493)) ([180da4c](https://github.com/terraform-aws-modules/terraform-aws-lambda/commit/180da4cb0a720f7138e6504700ddfe8d9c63abfd)) --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4313cb26..30e6db25 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,13 @@ All notable changes to this project will be documented in this file. +## [6.2.0](https://github.com/terraform-aws-modules/terraform-aws-lambda/compare/v6.1.0...v6.2.0) (2023-10-27) + + +### Features + +* Make `compatible_runtimes` optional, added sam metadata control ([#493](https://github.com/terraform-aws-modules/terraform-aws-lambda/issues/493)) ([180da4c](https://github.com/terraform-aws-modules/terraform-aws-lambda/commit/180da4cb0a720f7138e6504700ddfe8d9c63abfd)) + ## [6.1.0](https://github.com/terraform-aws-modules/terraform-aws-lambda/compare/v6.0.1...v6.1.0) (2023-10-27)