Merge pull request #7 from non-existing-organization/fix/readme-examples

simple-me · web-flow · commit e2e7711c6a4b · 2022-06-19T09:24:18.000-03:00
modify readme, move example script
diff --git a/README.md b/README.md
@@ -48,9 +48,9 @@
 
 ## About The Project
 
-This is a simple project that involves a python script that scans the Ec2 API in search of a certain criteria (currently is fixed to a SG (Security Group) rule matching *0.0.0.0/0*) and then store that SG id in a DynamoDB table. If that criteria is "remediated" the script will delete that SG id from the table, that way you can keep a live record of SG ids you wish to keep monitored. Everything is glued together with terraform which will zip the python script and deploy it to the lambda function.
+This is a simple terraform module that deploys an Lambda function and a DynamoDB table and the necessary IAM permissions to allow interaction between them. Inside this same module there's a simple example of how the module is invoked and a simple python script that scans the Security Groups in the region and stores any SG with a "0.0.0.0/0" rule in the DynamoDB table.
 
-I made this project as part of my learning process since i did not have that much practice with the DynamoDB service, but also i wanted to glue everything with python and terraform and have some fun along the way.
+The user must provide it's own script, runtime and source code hash.
 
 
 ### Built With
diff --git a/example/example1/aws-lambda-script/sg-checker.py b/example/example1/aws-lambda-script/sg-checker.py
diff --git a/example/example1/main.tf b/example/example1/main.tf
@@ -1,7 +1,7 @@
 module "security_group_checker" {
+  //source                     = "git::https://github.com/non-existing-organization/terraform_module_security_group_checker.git?ref=master"
   source                     = "../../"
-  source_file                = "../../aws-lambda-script/sg-checker.py"
-  output_path                = "sg-checker.zip"
+  output_path                = "aws-lambda-script/sg-checker.zip"
   function_name              = "security_group_checker_lambda"
   table_name                 = "sg-checker-table"
   attribute_name             = "SecurityGroupId"
@@ -10,4 +10,12 @@ module "security_group_checker" {
   dynamodb_policy_name       = "sg-checker-dynamodb-policy"
   cloudwatch_event_rule_name = "trigger-sg-checker-lambda"
   lambda_role_name           = "iam_for_lambda"
+  lambda_runtime             = "python3.8"
+  source_code_hash           = data.archive_file.lambda_zip.output_base64sha256
+}
+
+data "archive_file" "lambda_zip" {
+  type        = "zip"
+  source_file = "aws-lambda-script/sg-checker.py"
+  output_path = "aws-lambda-script/sg-checker.zip"
 }
