feat: Update lambda module and bump Terraform/AWS provider versions

.github/workflows/unit-test.yml

@@ -0,0 +1,33 @@
+name: Unit Test
+
+on:
+  pull_request:
+    branches:
+      - main
+      - master
+    paths:
+      - 'functions/**'
+      - '.github/workflows/unit-test.yml'
+
+defaults:
+  run:
+    working-directory: functions
+
+jobs:
+  test:
+    name: Execute unit tests
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Set up Python 3.8
+        uses: actions/setup-python@v2
+        with:
+          python-version: 3.8
+
+      - name: Install pipenv
+        run: |
+          python -m pip install --upgrade pip
+          python -m pip install pipenv

.gitignore

@@ -32,3 +32,4 @@ terraform.rc
 builds/
 __pycache__/
 functions/pytest.ini
+*.zip

.pre-commit-config.yaml

@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/antonbabenko/pre-commit-terraform
-    rev: v1.58.0
+    rev: v1.60.0
     hooks:
       - id: terraform_fmt
       - id: terraform_validate
@@ -26,3 +26,4 @@ repos:
     rev: v4.0.1
     hooks:
       - id: check-merge-conflict
+      - id: end-of-file-fixer

README.md

@@ -80,20 +80,20 @@ To run the tests:
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 2.35 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.61 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 2.35 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.61 |
 
 ## Modules
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_lambda"></a> [lambda](#module\_lambda) | terraform-aws-modules/lambda/aws | 1.47.0 |
+| <a name="module_lambda"></a> [lambda](#module\_lambda) | terraform-aws-modules/lambda/aws | 2.27.1 |
 
 ## Resources
 
@@ -153,7 +153,7 @@ To run the tests:
 | <a name="output_notify_slack_lambda_function_last_modified"></a> [notify\_slack\_lambda\_function\_last\_modified](#output\_notify\_slack\_lambda\_function\_last\_modified) | The date Lambda function was last modified |
 | <a name="output_notify_slack_lambda_function_name"></a> [notify\_slack\_lambda\_function\_name](#output\_notify\_slack\_lambda\_function\_name) | The name of the Lambda function |
 | <a name="output_notify_slack_lambda_function_version"></a> [notify\_slack\_lambda\_function\_version](#output\_notify\_slack\_lambda\_function\_version) | Latest published version of your Lambda function |
-| <a name="output_this_slack_topic_arn"></a> [this\_slack\_topic\_arn](#output\_this\_slack\_topic\_arn) | The ARN of the SNS topic from which messages will be sent to Slack |
+| <a name="output_slack_topic_arn"></a> [slack\_topic\_arn](#output\_slack\_topic\_arn) | The ARN of the SNS topic from which messages will be sent to Slack |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 
 ## Authors

examples/cloudwatch-alerts-to-slack/README.md

@@ -60,16 +60,16 @@ Note that this example may create resources which can cost money. Run `terraform
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 2.35 |
-| <a name="requirement_random"></a> [random](#requirement\_random) | >= 2 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.61 |
+| <a name="requirement_random"></a> [random](#requirement\_random) | >= 2.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 2.35 |
-| <a name="provider_random"></a> [random](#provider\_random) | >= 2 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.61 |
+| <a name="provider_random"></a> [random](#provider\_random) | >= 2.0 |
 
 ## Modules
 
@@ -102,5 +102,5 @@ No inputs.
 | <a name="output_notify_slack_lambda_function_last_modified"></a> [notify\_slack\_lambda\_function\_last\_modified](#output\_notify\_slack\_lambda\_function\_last\_modified) | The date Lambda function was last modified |
 | <a name="output_notify_slack_lambda_function_name"></a> [notify\_slack\_lambda\_function\_name](#output\_notify\_slack\_lambda\_function\_name) | The name of the Lambda function |
 | <a name="output_notify_slack_lambda_function_version"></a> [notify\_slack\_lambda\_function\_version](#output\_notify\_slack\_lambda\_function\_version) | Latest published version of your Lambda function |
-| <a name="output_this_sns_topic_arn"></a> [this\_sns\_topic\_arn](#output\_this\_sns\_topic\_arn) | The ARN of the SNS topic from which messages will be sent to Slack |
+| <a name="output_sns_topic_arn"></a> [sns\_topic\_arn](#output\_sns\_topic\_arn) | The ARN of the SNS topic from which messages will be sent to Slack |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/cloudwatch-alerts-to-slack/main.tf

@@ -55,7 +55,7 @@ resource "aws_cloudwatch_metric_alarm" "lambda_duration" {
   threshold           = "5000"
   alarm_description   = "Duration of notifying slack exceeds threshold"
 
-  alarm_actions = [module.notify_slack["develop"].this_slack_topic_arn]
+  alarm_actions = [module.notify_slack["develop"].slack_topic_arn]
 
   dimensions = {
     FunctionName = module.notify_slack["develop"].notify_slack_lambda_function_name

examples/cloudwatch-alerts-to-slack/outputs.tf

@@ -1,6 +1,6 @@
-output "this_sns_topic_arn" {
+output "sns_topic_arn" {
   description = "The ARN of the SNS topic from which messages will be sent to Slack"
-  value       = module.notify_slack["develop"].this_slack_topic_arn
+  value       = module.notify_slack["develop"].slack_topic_arn
 }
 
 output "lambda_iam_role_arn" {

examples/cloudwatch-alerts-to-slack/versions.tf

@@ -1,8 +1,14 @@
 terraform {
-  required_version = ">= 0.13.0"
+  required_version = ">= 0.13.1"
 
   required_providers {
-    aws    = ">= 2.35"
-    random = ">= 2"
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 3.61"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = ">= 2.0"
+    }
   }
 }

examples/notify-slack-simple/README.md

@@ -23,14 +23,14 @@ Note that this example may create resources which can cost money (AWS Elastic IP
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 2.35 |
+| <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13.1 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.61 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 2.35 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.61 |
 
 ## Modules
 
@@ -60,5 +60,5 @@ No inputs.
 | <a name="output_notify_slack_lambda_function_last_modified"></a> [notify\_slack\_lambda\_function\_last\_modified](#output\_notify\_slack\_lambda\_function\_last\_modified) | The date Lambda function was last modified |
 | <a name="output_notify_slack_lambda_function_name"></a> [notify\_slack\_lambda\_function\_name](#output\_notify\_slack\_lambda\_function\_name) | The name of the Lambda function |
 | <a name="output_notify_slack_lambda_function_version"></a> [notify\_slack\_lambda\_function\_version](#output\_notify\_slack\_lambda\_function\_version) | Latest published version of your Lambda function |
-| <a name="output_this_sns_topic_arn"></a> [this\_sns\_topic\_arn](#output\_this\_sns\_topic\_arn) | The ARN of the SNS topic from which messages will be sent to Slack |
+| <a name="output_sns_topic_arn"></a> [sns\_topic\_arn](#output\_sns\_topic\_arn) | The ARN of the SNS topic from which messages will be sent to Slack |
 <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/notify-slack-simple/outputs.tf

@@ -1,6 +1,6 @@
-output "this_sns_topic_arn" {
+output "sns_topic_arn" {
   description = "The ARN of the SNS topic from which messages will be sent to Slack"
-  value       = module.notify_slack.this_slack_topic_arn
+  value       = module.notify_slack.slack_topic_arn
 }
 
 output "lambda_iam_role_arn" {

examples/notify-slack-simple/versions.tf

@@ -1,7 +1,10 @@
 terraform {
-  required_version = ">= 0.13.0"
+  required_version = ">= 0.13.1"
 
   required_providers {
-    aws = ">= 2.35"
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 3.61"
+    }
   }
 }

functions/pytest.ini.sample

@@ -5,4 +5,3 @@ env =
   SLACK_EMOJI=:aws:
   SLACK_USERNAME=notify_slack_test
   SLACK_WEBHOOK_URL=https://hooks.slack.com/services/YOUR/WEBOOK/URL
-

main.tf

@@ -2,31 +2,18 @@ data "aws_caller_identity" "current" {}
 data "aws_partition" "current" {}
 data "aws_region" "current" {}
 
-resource "aws_sns_topic" "this" {
-  count = var.create_sns_topic && var.create ? 1 : 0
-
-  name = var.sns_topic_name
-
-  kms_master_key_id = var.sns_topic_kms_key_id
-
-  tags = merge(var.tags, var.sns_topic_tags)
-}
-
 locals {
-  sns_topic_arn = element(
-    concat(
-      aws_sns_topic.this.*.arn,
-      ["arn:${data.aws_partition.current.id}:sns:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:${var.sns_topic_name}"],
-      [""]
-    ),
-    0,
+  sns_topic_arn = try(
+    aws_sns_topic.this[0].arn,
+    "arn:${data.aws_partition.current.id}:sns:${data.aws_region.current.name}:${data.aws_caller_identity.current.account_id}:${var.sns_topic_name}",
+    ""
   )
 
   lambda_policy_document = {
     sid       = "AllowWriteToCloudwatchLogs"
     effect    = "Allow"
     actions   = ["logs:CreateLogStream", "logs:PutLogEvents"]
-    resources = [replace("${element(concat(aws_cloudwatch_log_group.lambda[*].arn, [""]), 0)}:*", ":*:*", ":*")]
+    resources = [replace("${try(aws_cloudwatch_log_group.lambda[0].arn, "")}:*", ":*:*", ":*")]
   }
 
   lambda_policy_document_kms = {
@@ -61,18 +48,29 @@ resource "aws_cloudwatch_log_group" "lambda" {
   tags = merge(var.tags, var.cloudwatch_log_group_tags)
 }
 
+resource "aws_sns_topic" "this" {
+  count = var.create_sns_topic && var.create ? 1 : 0
+
+  name = var.sns_topic_name
+
+  kms_master_key_id = var.sns_topic_kms_key_id
+
+  tags = merge(var.tags, var.sns_topic_tags)
+}
+
+
 resource "aws_sns_topic_subscription" "sns_notify_slack" {
   count = var.create ? 1 : 0
 
   topic_arn     = local.sns_topic_arn
   protocol      = "lambda"
-  endpoint      = module.lambda.this_lambda_function_arn
+  endpoint      = module.lambda.lambda_function_arn
   filter_policy = var.subscription_filter_policy
 }
 
 module "lambda" {
   source  = "terraform-aws-modules/lambda/aws"
-  version = "1.47.0"
+  version = "2.27.1"
 
   create = var.create
 
@@ -86,7 +84,8 @@ module "lambda" {
   kms_key_arn                    = var.kms_key_arn
   reserved_concurrent_executions = var.reserved_concurrent_executions
 
-  # If publish is disabled, there will be "Error adding new Lambda Permission for notify_slack: InvalidParameterValueException: We currently do not support adding policies for $LATEST."
+  # If publish is disabled, there will be "Error adding new Lambda Permission for notify_slack:
+  # InvalidParameterValueException: We currently do not support adding policies for $LATEST."
   publish = true
 
   environment_variables = {
@@ -109,7 +108,7 @@ module "lambda" {
   # the value of presense of KMS. Famous "computed values in count" bug...
   attach_cloudwatch_logs_policy = false
   attach_policy_json            = true
-  policy_json                   = element(concat(data.aws_iam_policy_document.lambda[*].json, [""]), 0)
+  policy_json                   = try(data.aws_iam_policy_document.lambda[0].json, "")
 
   use_existing_cloudwatch_log_group = true
   attach_network_policy             = var.lambda_function_vpc_subnet_ids != null

outputs.tf

@@ -1,4 +1,4 @@
-output "this_slack_topic_arn" {
+output "slack_topic_arn" {
   description = "The ARN of the SNS topic from which messages will be sent to Slack"
   value       = local.sns_topic_arn
 }
@@ -15,30 +15,30 @@ output "lambda_iam_role_name" {
 
 output "notify_slack_lambda_function_arn" {
   description = "The ARN of the Lambda function"
-  value       = module.lambda.this_lambda_function_arn
+  value       = module.lambda.lambda_function_arn
 }
 
 output "notify_slack_lambda_function_name" {
   description = "The name of the Lambda function"
-  value       = module.lambda.this_lambda_function_name
+  value       = module.lambda.lambda_function_name
 }
 
 output "notify_slack_lambda_function_invoke_arn" {
   description = "The ARN to be used for invoking Lambda function from API Gateway"
-  value       = module.lambda.this_lambda_function_invoke_arn
+  value       = module.lambda.lambda_function_invoke_arn
 }
 
 output "notify_slack_lambda_function_last_modified" {
   description = "The date Lambda function was last modified"
-  value       = module.lambda.this_lambda_function_last_modified
+  value       = module.lambda.lambda_function_last_modified
 }
 
 output "notify_slack_lambda_function_version" {
   description = "Latest published version of your Lambda function"
-  value       = module.lambda.this_lambda_function_version
+  value       = module.lambda.lambda_function_version
 }
 
 output "lambda_cloudwatch_log_group_arn" {
   description = "The Amazon Resource Name (ARN) specifying the log group"
-  value       = element(concat(aws_cloudwatch_log_group.lambda.*.arn, [""]), 0)
+  value       = try(aws_cloudwatch_log_group.lambda[0].arn, "")
 }

versions.tf

@@ -1,7 +1,10 @@
 terraform {
-  required_version = ">= 0.13.0"
+  required_version = ">= 0.13.1"
 
   required_providers {
-    aws = ">= 2.35"
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 3.61"
+    }
   }
 }