From 71c0e6b2f3fe8a445b3c3e2c08860d2f62011b5b Mon Sep 17 00:00:00 2001
From: Daniel Roth <daniel_roth@hotmail.co.uk>
Date: Mon, 9 Mar 2026 13:39:09 +0000
Subject: [PATCH 1/5] move lambda_with_sqs to terraform/modules

---
 infrastructure/terraform/lambda/_template/main.tf               | 2 +-
 .../terraform/{lambda => }/modules/lambda_with_sqs/main.tf      | 0
 .../terraform/{lambda => }/modules/lambda_with_sqs/outputs.tf   | 0
 .../terraform/{lambda => }/modules/lambda_with_sqs/variables.tf | 0
 4 files changed, 1 insertion(+), 1 deletion(-)
 rename infrastructure/terraform/{lambda => }/modules/lambda_with_sqs/main.tf (100%)
 rename infrastructure/terraform/{lambda => }/modules/lambda_with_sqs/outputs.tf (100%)
 rename infrastructure/terraform/{lambda => }/modules/lambda_with_sqs/variables.tf (100%)

diff --git a/infrastructure/terraform/lambda/_template/main.tf b/infrastructure/terraform/lambda/_template/main.tf
index c6015ea1..81b1c7f1 100644
--- a/infrastructure/terraform/lambda/_template/main.tf
+++ b/infrastructure/terraform/lambda/_template/main.tf
@@ -26,7 +26,7 @@ data "terraform_remote_state" "shared" {
 }
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = REPLACE ME #"address2uprn" for example
   stage = var.stage
diff --git a/infrastructure/terraform/lambda/modules/lambda_with_sqs/main.tf b/infrastructure/terraform/modules/lambda_with_sqs/main.tf
similarity index 100%
rename from infrastructure/terraform/lambda/modules/lambda_with_sqs/main.tf
rename to infrastructure/terraform/modules/lambda_with_sqs/main.tf
diff --git a/infrastructure/terraform/lambda/modules/lambda_with_sqs/outputs.tf b/infrastructure/terraform/modules/lambda_with_sqs/outputs.tf
similarity index 100%
rename from infrastructure/terraform/lambda/modules/lambda_with_sqs/outputs.tf
rename to infrastructure/terraform/modules/lambda_with_sqs/outputs.tf
diff --git a/infrastructure/terraform/lambda/modules/lambda_with_sqs/variables.tf b/infrastructure/terraform/modules/lambda_with_sqs/variables.tf
similarity index 100%
rename from infrastructure/terraform/lambda/modules/lambda_with_sqs/variables.tf
rename to infrastructure/terraform/modules/lambda_with_sqs/variables.tf

From c8d9c58380fa852ff679de8fd63130988eacb717 Mon Sep 17 00:00:00 2001
From: Daniel Roth <daniel_roth@hotmail.co.uk>
Date: Mon, 9 Mar 2026 13:39:36 +0000
Subject: [PATCH 2/5] udpate references to lambda_with_sqs

---
 infrastructure/terraform/lambda/address2UPRN/main.tf     | 2 +-
 infrastructure/terraform/lambda/categorisation/main.tf   | 2 +-
 infrastructure/terraform/lambda/condition-etl/main.tf    | 2 +-
 infrastructure/terraform/lambda/engine/main.tf           | 2 +-
 infrastructure/terraform/lambda/postcodeSplitter/main.tf | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/infrastructure/terraform/lambda/address2UPRN/main.tf b/infrastructure/terraform/lambda/address2UPRN/main.tf
index 2d185497..f7750cb3 100644
--- a/infrastructure/terraform/lambda/address2UPRN/main.tf
+++ b/infrastructure/terraform/lambda/address2UPRN/main.tf
@@ -15,7 +15,7 @@ locals {
 }
 
 module "address2uprn" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "address2uprn"
   stage = var.stage
diff --git a/infrastructure/terraform/lambda/categorisation/main.tf b/infrastructure/terraform/lambda/categorisation/main.tf
index b7193da4..01e16213 100644
--- a/infrastructure/terraform/lambda/categorisation/main.tf
+++ b/infrastructure/terraform/lambda/categorisation/main.tf
@@ -16,7 +16,7 @@ locals {
 }
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "categorisation"
   stage = var.stage
diff --git a/infrastructure/terraform/lambda/condition-etl/main.tf b/infrastructure/terraform/lambda/condition-etl/main.tf
index 0128f975..d654223c 100644
--- a/infrastructure/terraform/lambda/condition-etl/main.tf
+++ b/infrastructure/terraform/lambda/condition-etl/main.tf
@@ -17,7 +17,7 @@ locals {
 
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "condition-etl"
   stage = var.stage
diff --git a/infrastructure/terraform/lambda/engine/main.tf b/infrastructure/terraform/lambda/engine/main.tf
index 35c00fa3..3f28933b 100644
--- a/infrastructure/terraform/lambda/engine/main.tf
+++ b/infrastructure/terraform/lambda/engine/main.tf
@@ -17,7 +17,7 @@ locals {
 
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "engine"
   stage = var.stage
diff --git a/infrastructure/terraform/lambda/postcodeSplitter/main.tf b/infrastructure/terraform/lambda/postcodeSplitter/main.tf
index d37a01c9..94c5cd4e 100644
--- a/infrastructure/terraform/lambda/postcodeSplitter/main.tf
+++ b/infrastructure/terraform/lambda/postcodeSplitter/main.tf
@@ -26,7 +26,7 @@ data "terraform_remote_state" "address2uprn" {
 }
 
 module "lambda" {
-  source = "../modules/lambda_with_sqs"
+  source = "../../modules/lambda_with_sqs"
 
   name  = "postcode-splitter"
   stage = var.stage

From 51be55a70635c4403e706ea43be86d864d91b709 Mon Sep 17 00:00:00 2001
From: Daniel Roth <daniel_roth@hotmail.co.uk>
Date: Mon, 9 Mar 2026 14:00:30 +0000
Subject: [PATCH 3/5] create fastapi files and add ecr to shared tf

---
 .../terraform/lambda/fast-api/main.tf         | 49 +++++++++++++++++++
 .../terraform/lambda/fast-api/provider.tf     | 16 ++++++
 .../terraform/lambda/fast-api/variables.tf    | 37 ++++++++++++++
 infrastructure/terraform/shared/main.tf       | 14 ++++++
 4 files changed, 116 insertions(+)
 create mode 100644 infrastructure/terraform/lambda/fast-api/main.tf
 create mode 100644 infrastructure/terraform/lambda/fast-api/provider.tf
 create mode 100644 infrastructure/terraform/lambda/fast-api/variables.tf

diff --git a/infrastructure/terraform/lambda/fast-api/main.tf b/infrastructure/terraform/lambda/fast-api/main.tf
new file mode 100644
index 00000000..104d4a4d
--- /dev/null
+++ b/infrastructure/terraform/lambda/fast-api/main.tf
@@ -0,0 +1,49 @@
+data "terraform_remote_state" "shared" {
+  backend = "s3"
+  config = {
+    bucket = "assessment-model-terraform-state"
+    key = "env:/${var.stage}/terraform.tfstate"
+    region = "eu-west-2"
+  }
+}
+
+module "lambda" {
+  source = "../../modules/lambda_with_sqs"
+
+  name  = REPLACE ME #"address2uprn" for example
+  stage = var.stage
+
+  image_uri = local.image_uri
+
+  # Optional: Set maximum_concurrency to limit concurrent SQS-triggered invocations (2-1000)
+  maximum_concurrency = var.maximum_concurrency
+
+  batch_size = var.batch_size
+
+  environment = {
+    STAGE = var.stage
+    LOG_LEVEL = "info"
+  }
+}
+
+# ======================================================================
+# OPTIONAL: Attach S3 IAM policy to Lambda execution role
+# ======================================================================
+# Uncomment and configure the resource below to attach S3 permissions
+#
+# Example 1: Attach existing policy from shared state
+# resource "aws_iam_role_policy_attachment" "lambda_s3_policy" {
+#   role       = module.lambda.role_name
+#   policy_arn = data.terraform_remote_state.shared.outputs.YOUR_POLICY_OUTPUT_NAME_arn
+# }
+#
+# Example 2: Attach multiple policies
+# resource "aws_iam_role_policy_attachment" "lambda_read_policy" {
+#   role       = module.lambda.role_name
+#   policy_arn = data.terraform_remote_state.shared.outputs.postcode_splitter_s3_read_arn
+# }
+#
+# resource "aws_iam_role_policy_attachment" "lambda_write_policy" {
+#   role       = module.lambda.role_name
+#   policy_arn = data.terraform_remote_state.shared.outputs.another_policy_arn
+# }
diff --git a/infrastructure/terraform/lambda/fast-api/provider.tf b/infrastructure/terraform/lambda/fast-api/provider.tf
new file mode 100644
index 00000000..37c412ce
--- /dev/null
+++ b/infrastructure/terraform/lambda/fast-api/provider.tf
@@ -0,0 +1,16 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.16"
+    }
+  }
+
+  backend "s3" {
+    bucket = REPLACE_ME
+    key    = "terraform.tfstate"
+    region = "eu-west-2"
+  }
+
+  required_version = ">= 1.2.0"
+}
\ No newline at end of file
diff --git a/infrastructure/terraform/lambda/fast-api/variables.tf b/infrastructure/terraform/lambda/fast-api/variables.tf
new file mode 100644
index 00000000..e7646811
--- /dev/null
+++ b/infrastructure/terraform/lambda/fast-api/variables.tf
@@ -0,0 +1,37 @@
+variable "lambda_name" {
+  type        = string
+  description = "Logical name of the lambda (e.g. address2uprn)"
+}
+
+variable "stage" {
+  description = "Deployment stage (e.g. dev, prod)"
+  type        = string
+}
+variable "ecr_repo_url" {
+  type        = string
+  description = "ECR repository URL (no tag, no digest)"
+}
+
+variable "image_digest" {
+  type        = string
+  description = "Image digest (sha256:...)"
+}
+
+variable "maximum_concurrency" {
+  type        = number
+  default     = null
+  description = "Maximum number of concurrent Lambda invocations from SQS (2-1000). null = no limit."
+}
+
+variable "batch_size" {
+  type    = number
+  default = 1
+}
+
+locals {
+  image_uri = "${var.ecr_repo_url}@${var.image_digest}"
+}
+
+output "resolved_image_uri" {
+  value = local.image_uri
+}
diff --git a/infrastructure/terraform/shared/main.tf b/infrastructure/terraform/shared/main.tf
index c19e3a0c..15198a34 100644
--- a/infrastructure/terraform/shared/main.tf
+++ b/infrastructure/terraform/shared/main.tf
@@ -489,3 +489,17 @@ module "engine_s3_read_and_write" {
 output "engine_s3_read_and_write_arn" {
   value = module.engine_s3_read_and_write.policy_arn
 }
+
+################################################
+# FastAPI – Lambda
+################################################
+module "ara_fast_api_state_bucket" {
+  source      = "../modules/tf_state_bucket"
+  bucket_name = "ara-fast-api-terraform-state"
+}
+
+module "ara_fastapi_registry" {
+  source = "../modules/container_registry"
+  name   = "engine"
+  stage = var.stage
+}

From 255d7e5dbf8a3d1df860b51f9cda8101db1f6c93 Mon Sep 17 00:00:00 2001
From: Daniel Roth <daniel_roth@hotmail.co.uk>
Date: Mon, 9 Mar 2026 14:12:41 +0000
Subject: [PATCH 4/5] correct ecr name

---
 infrastructure/terraform/shared/main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/infrastructure/terraform/shared/main.tf b/infrastructure/terraform/shared/main.tf
index 15198a34..0cac8d66 100644
--- a/infrastructure/terraform/shared/main.tf
+++ b/infrastructure/terraform/shared/main.tf
@@ -500,6 +500,6 @@ module "ara_fast_api_state_bucket" {
 
 module "ara_fastapi_registry" {
   source = "../modules/container_registry"
-  name   = "engine"
+  name   = "ara_fastapi"
   stage = var.stage
 }

From cf3c4ea7a8b577abdb53e0aa497bd5c6a68b9f89 Mon Sep 17 00:00:00 2001
From: Daniel Roth <daniel_roth@hotmail.co.uk>
Date: Mon, 9 Mar 2026 14:14:04 +0000
Subject: [PATCH 5/5] correct ecr name

---
 infrastructure/terraform/shared/main.tf | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/infrastructure/terraform/shared/main.tf b/infrastructure/terraform/shared/main.tf
index 0cac8d66..05a3665e 100644
--- a/infrastructure/terraform/shared/main.tf
+++ b/infrastructure/terraform/shared/main.tf
@@ -500,6 +500,6 @@ module "ara_fast_api_state_bucket" {
 
 module "ara_fastapi_registry" {
   source = "../modules/container_registry"
-  name   = "ara_fastapi"
+  name   = "ara-fastapi"
   stage = var.stage
 }