add engine lambda directory and create engine lambda ecr

infrastructure/terraform/lambda/engine/README.md

@@ -0,0 +1,50 @@
+## Checklist for adding a new Lambda
+
+### 1. Create the Lambda scaffold
+- Copy the template:
+
+  `cp -r lambda/_template lambda/<lambda_name>`
+
+---
+
+### 2. Add infrastructure prerequisites (shared stack)
+- Add a new ECR repository in:
+
+  infrastructure/terraform/shared/main.tf
+
+- Create a PR to deploy this to main then dev in order to deploy the shared stack
+
+- Verify the ECR repository exists in AWS
+
+---
+
+### 3. Add Docker build configuration
+- Create a `Dockerfile` for the Lambda
+- Verify the Dockerfile path and build context
+- Add a new image build job in `deploy_terraform.yml` using `_build_image.yml`
+
+---
+
+### 4. Wire the Lambda deploy job (CI)
+- Add a deploy job using `_deploy_lambda.yml`
+- Ensure the deploy job depends on the image build job
+
+---
+
+### 5. Deploy
+- Push changes to GitHub
+- CI will:
+  1. Build and push the Docker image
+  2. Deploy the Lambda 
+  3. Verify everything deployed. Good things to check:
+    - ECR with image
+    - SQS
+    - Trigger SQS
+      - Cloud watch logs
+---
+### 5. Delete
+  1. Delete README if you used cp -r
+
+---
+
+## Please feel free to update this document to make it easier for the next person

infrastructure/terraform/lambda/engine/main.tf

@@ -0,0 +1,25 @@
+data "terraform_remote_state" "shared" {
+  backend = "s3"
+  config = {
+    bucket = "assessment-model-terraform-state"
+    key = "env:/${var.stage}/terraform.tfstate"
+    region = "eu-west-2"
+  }
+}
+
+module "lambda" {
+  source = "../modules/lambda_with_sqs"
+
+  name  = "engine"
+  stage = var.stage
+
+  image_uri = local.image_uri
+
+  # Optional: Set maximum_concurrency to limit concurrent SQS-triggered invocations (2-1000)
+  maximum_concurrency = var.maximum_concurrency
+
+  environment = {
+    STAGE = var.stage
+    LOG_LEVEL = "info"
+  }
+}

infrastructure/terraform/lambda/engine/provider.tf

@@ -0,0 +1,16 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 4.16"
+    }
+  }
+
+  backend "s3" {
+    bucket = REPLACE_ME
+    key    = "terraform.tfstate"
+    region = "eu-west-2"
+  }
+
+  required_version = ">= 1.2.0"
+}

infrastructure/terraform/lambda/engine/variables.tf

@@ -0,0 +1,32 @@
+variable "lambda_name" {
+  type        = string
+  description = "Logical name of the lambda (e.g. address2uprn)"
+}
+
+variable "stage" {
+  description = "Deployment stage (e.g. dev, prod)"
+  type        = string
+}
+variable "ecr_repo_url" {
+  type        = string
+  description = "ECR repository URL (no tag, no digest)"
+}
+
+variable "image_digest" {
+  type        = string
+  description = "Image digest (sha256:...)"
+}
+
+variable "maximum_concurrency" {
+  type        = number
+  default     = 12
+  description = "Maximum number of concurrent Lambda invocations from SQS (2-1000). null = no limit."
+}
+
+locals {
+  image_uri = "${var.ecr_repo_url}@${var.image_digest}"
+}
+
+output "resolved_image_uri" {
+  value = local.image_uri
+}

infrastructure/terraform/shared/main.tf

@@ -414,4 +414,19 @@ module "categorisation_registry" {
   source = "../modules/container_registry"
   name   = "categorisation"
   stage = var.stage
+}
+
+################################################
+# Engine – Lambda ECR
+################################################
+module "engine_state_bucket" {
+  source      = "../modules/tf_state_bucket"
+  bucket_name = "engine-terraform-state"
+
+}
+
+module "engine_registry" {
+  source = "../modules/container_registry"
+  name   = "engine"
+  stage = var.stage
 }