89 lines
No EOL
2.6 KiB
HCL
89 lines
No EOL
2.6 KiB
HCL
data "terraform_remote_state" "shared" {
|
|
backend = "s3"
|
|
config = {
|
|
bucket = "assessment-model-terraform-state"
|
|
key = "env:/${var.stage}/terraform.tfstate"
|
|
region = "eu-west-2"
|
|
}
|
|
}
|
|
data "aws_secretsmanager_secret_version" "db_credentials" {
|
|
secret_id = "${var.stage}/assessment_model/db_credentials"
|
|
}
|
|
|
|
|
|
locals {
|
|
db_credentials = jsondecode(data.aws_secretsmanager_secret_version.db_credentials.secret_string)
|
|
}
|
|
|
|
# Reference the existing address2UPRN Lambda outputs from address2uprn state
|
|
data "terraform_remote_state" "address2uprn" {
|
|
backend = "s3"
|
|
config = {
|
|
bucket = "address2uprn-terraform-state"
|
|
key = "env:/${var.stage}/terraform.tfstate"
|
|
region = "eu-west-2"
|
|
}
|
|
}
|
|
|
|
module "lambda" {
|
|
source = "../modules/lambda_with_sqs"
|
|
|
|
name = "postcode-splitter"
|
|
stage = var.stage
|
|
|
|
image_uri = local.image_uri
|
|
|
|
|
|
environment = merge(
|
|
{
|
|
STAGE = var.stage
|
|
LOG_LEVEL = "info"
|
|
DB_USERNAME = local.db_credentials.db_assessment_model_username
|
|
DB_PASSWORD = local.db_credentials.db_assessment_model_password
|
|
GOOGLE_SOLAR_API_KEY = "test"
|
|
SAP_PREDICTIONS_BUCKET = "test"
|
|
CARBON_PREDICTIONS_BUCKET = "test"
|
|
HEAT_PREDICTIONS_BUCKET = "test"
|
|
HEATING_KWH_PREDICTIONS_BUCKET = "test"
|
|
HOTWATER_KWH_PREDICTIONS_BUCKET = "test"
|
|
API_KEY = "test"
|
|
ENVIRONMENT = "test"
|
|
SECRET_KEY = "test"
|
|
PLAN_TRIGGER_BUCKET = "test"
|
|
DATA_BUCKET = "test"
|
|
EPC_AUTH_TOKEN = "test"
|
|
ENGINE_SQS_URL = "test"
|
|
ENERGY_ASSESSMENTS_BUCKET = "test"
|
|
ADDRESS2UPRN_QUEUE_URL = data.terraform_remote_state.address2uprn.outputs.address2uprn_queue_url
|
|
S3_BUCKET_NAME = data.terraform_remote_state.shared.outputs.retrofit_sap_data_bucket_name
|
|
},
|
|
)
|
|
}
|
|
|
|
# Attach S3 read policy to the Lambda execution role
|
|
resource "aws_iam_role_policy_attachment" "postcode_splitter_s3_read" {
|
|
role = module.lambda.role_name
|
|
policy_arn = data.terraform_remote_state.shared.outputs.postcode_splitter_s3_read_arn
|
|
}
|
|
|
|
# Create SQS send policy for address2UPRN queue
|
|
module "postcode_splitter_sqs_policy" {
|
|
source = "../../modules/general_iam_policy"
|
|
|
|
policy_name = "postcode-splitter-sqs-send-${var.stage}"
|
|
policy_description = "Allow postcode-splitter Lambda to send messages to address2UPRN queue"
|
|
|
|
actions = [
|
|
"sqs:SendMessage"
|
|
]
|
|
|
|
resources = [
|
|
data.terraform_remote_state.address2uprn.outputs.address2uprn_queue_arn
|
|
]
|
|
}
|
|
|
|
# Attach SQS policy to the Lambda execution role
|
|
resource "aws_iam_role_policy_attachment" "postcode_splitter_sqs_send" {
|
|
role = module.lambda.role_name
|
|
policy_arn = module.postcode_splitter_sqs_policy.policy_arn
|
|
} |