Merge pull request #798 from Hestia-Homes/deploy-fastapi-with-terraform

Deploy fastapi with terraform #1: Deploy ECR

infrastructure/terraform/lambda/_template/main.tf

@@ -26,7 +26,7 @@ data "terraform_remote_state" "shared" {
 }
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = REPLACE ME #"address2uprn" for example
   stage = var.stage

infrastructure/terraform/lambda/address2UPRN/main.tf

@@ -15,7 +15,7 @@ locals {
 }
 
 module "address2uprn" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "address2uprn"
   stage = var.stage

infrastructure/terraform/lambda/categorisation/main.tf

@@ -16,7 +16,7 @@ locals {
 }
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "categorisation"
   stage = var.stage

infrastructure/terraform/lambda/condition-etl/main.tf

@@ -17,7 +17,7 @@ locals {
 
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "condition-etl"
   stage = var.stage

infrastructure/terraform/lambda/engine/main.tf

@@ -17,7 +17,7 @@ locals {
 
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "engine"
   stage = var.stage

infrastructure/terraform/lambda/fast-api/main.tf

@@ -0,0 +1,49 @@
+data "terraform_remote_state" "shared" {
+  backend = "s3"
+  config = {
+    bucket = "assessment-model-terraform-state"
+    key = "env:/${var.stage}/terraform.tfstate"
+    region = "eu-west-2"
+  }
+}
+
+module "lambda" {
+  source = "../../modules/lambda_with_sqs"
+
+  name  = REPLACE ME #"address2uprn" for example
+  stage = var.stage
+
+  image_uri = local.image_uri
+
+  # Optional: Set maximum_concurrency to limit concurrent SQS-triggered invocations (2-1000)
+  maximum_concurrency = var.maximum_concurrency
+
+  batch_size = var.batch_size
+
+  environment = {
+    STAGE = var.stage
+    LOG_LEVEL = "info"
+  }
+}
+
+# ======================================================================
+# OPTIONAL: Attach S3 IAM policy to Lambda execution role
+# ======================================================================
+# Uncomment and configure the resource below to attach S3 permissions
+#
+# Example 1: Attach existing policy from shared state
+# resource "aws_iam_role_policy_attachment" "lambda_s3_policy" {
+#   role       = module.lambda.role_name
+#   policy_arn = data.terraform_remote_state.shared.outputs.YOUR_POLICY_OUTPUT_NAME_arn
+# }
+#
+# Example 2: Attach multiple policies
+# resource "aws_iam_role_policy_attachment" "lambda_read_policy" {
+#   role       = module.lambda.role_name
+#   policy_arn = data.terraform_remote_state.shared.outputs.postcode_splitter_s3_read_arn
+# }
+#
+# resource "aws_iam_role_policy_attachment" "lambda_write_policy" {
+#   role       = module.lambda.role_name
+#   policy_arn = data.terraform_remote_state.shared.outputs.another_policy_arn
+# }

infrastructure/terraform/lambda/fast-api/provider.tf

@@ -0,0 +1,16 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.16"
+    }
+  }
+
+  backend "s3" {
+    bucket = REPLACE_ME
+    key    = "terraform.tfstate"
+    region = "eu-west-2"
+  }
+
+  required_version = ">= 1.2.0"
+}

infrastructure/terraform/lambda/fast-api/variables.tf

@@ -0,0 +1,37 @@
+variable "lambda_name" {
+  type        = string
+  description = "Logical name of the lambda (e.g. address2uprn)"
+}
+
+variable "stage" {
+  description = "Deployment stage (e.g. dev, prod)"
+  type        = string
+}
+variable "ecr_repo_url" {
+  type        = string
+  description = "ECR repository URL (no tag, no digest)"
+}
+
+variable "image_digest" {
+  type        = string
+  description = "Image digest (sha256:...)"
+}
+
+variable "maximum_concurrency" {
+  type        = number
+  default     = null
+  description = "Maximum number of concurrent Lambda invocations from SQS (2-1000). null = no limit."
+}
+
+variable "batch_size" {
+  type    = number
+  default = 1
+}
+
+locals {
+  image_uri = "${var.ecr_repo_url}@${var.image_digest}"
+}
+
+output "resolved_image_uri" {
+  value = local.image_uri
+}

infrastructure/terraform/lambda/postcodeSplitter/main.tf

@@ -26,7 +26,7 @@ data "terraform_remote_state" "address2uprn" {
 }
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "postcode-splitter"
   stage = var.stage

infrastructure/terraform/shared/main.tf

@@ -489,3 +489,17 @@ module "engine_s3_read_and_write" {
 output "engine_s3_read_and_write_arn" {
   value = module.engine_s3_read_and_write.policy_arn
 }
+
+################################################
+# FastAPI – Lambda
+################################################
+module "ara_fast_api_state_bucket" {
+  source      = "../modules/tf_state_bucket"
+  bucket_name = "ara-fast-api-terraform-state"
+}
+
+module "ara_fastapi_registry" {
+  source = "../modules/container_registry"
+  name   = "ara-fastapi"
+  stage = var.stage
+}