From 081412c33451f6a5c42202ba644088788331c223 Mon Sep 17 00:00:00 2001
From: Anmol Nagpal <anmol@clouddrove.com>
Date: Fri, 17 Nov 2023 19:33:41 +0530
Subject: [PATCH 1/3] feat: fixed hardcoded value by defined in variable file

---
 _example/basic-function/example.tf    |  2 +-
 _example/complete-function/example.tf |  2 +-
 main.tf                               | 21 +++---------------
 outputs.tf                            |  5 +++++
 variables.tf                          | 32 ++++++++++++++++++++++++++-
 5 files changed, 41 insertions(+), 21 deletions(-)

diff --git a/_example/basic-function/example.tf b/_example/basic-function/example.tf
index d2fa3cd..0c8be29 100644
--- a/_example/basic-function/example.tf
+++ b/_example/basic-function/example.tf
@@ -14,7 +14,7 @@ module "lambda" {
   source      = "../../"
   name        = local.name
   environment = local.environment
-  filename    = "../../lambda_packages/existing_package.zip"
+  filename    = "../../lambda_packages/index.py"
   handler     = "index.lambda_handler"
   runtime     = "python3.7"
   variables = {
diff --git a/_example/complete-function/example.tf b/_example/complete-function/example.tf
index 2c77b4e..a6d8a0c 100644
--- a/_example/complete-function/example.tf
+++ b/_example/complete-function/example.tf
@@ -16,7 +16,7 @@ module "lambda" {
   environment                       = local.environment
   create_layers                     = true
   timeout                           = 60
-  filename                          = "../../lambda_packages/existing_package.zip"
+  filename                          = "../../lambda_packages/index.py"
   handler                           = "index.lambda_handler"
   runtime                           = "python3.8"
   compatible_architectures          = ["arm64"]
diff --git a/main.tf b/main.tf
index 5d2b048..7bfc8ef 100644
--- a/main.tf
+++ b/main.tf
@@ -151,22 +151,7 @@ resource "aws_lambda_permission" "default" {
 resource "aws_iam_role" "default" {
   count = var.enable && var.create_iam_role ? 1 : 0
   name  = format("%s-role", module.labels.id)
-
-  assume_role_policy = <<EOF
-{
-  "Version": "2012-10-17",
-  "Statement": [
-    {
-      "Action": "sts:AssumeRole",
-      "Principal": {
-        "Service": "lambda.amazonaws.com"
-      },
-      "Effect": "Allow",
-      "Sid": ""
-    }
-  ]
-}
-EOF
+  assume_role_policy =var.assume_role_policy
 }
 
 ##-----------------------------------------------------------------------------
@@ -175,7 +160,7 @@ EOF
 resource "aws_iam_policy" "default" {
   count       = var.enable && var.create_iam_role ? 1 : 0
   name        = format("%s-logging", module.labels.id)
-  path        = "/"
+  path        = var.aws_iam_policy_path
   description = "IAM policy for logging from a lambda"
   policy      = data.aws_iam_policy_document.default[0].json
 }
@@ -322,7 +307,7 @@ data "aws_iam_policy_document" "logs" {
 
 resource "aws_iam_policy" "logs" {
   count  = var.enable && var.create_iam_role && var.attach_cloudwatch_logs_policy ? 1 : 0
-  name   = "aws_lambda-logs"
+  name   = var.aws_iam_policy_name
   path   = var.policy_path
   policy = data.aws_iam_policy_document.logs[0].json
   tags   = module.labels.tags
diff --git a/outputs.tf b/outputs.tf
index 3d0ef92..0e45954 100644
--- a/outputs.tf
+++ b/outputs.tf
@@ -1,5 +1,10 @@
 # Module      : Lambda
 # Description : Terraform Lambda function module outputs.
+output "name" {
+  value       = module.labels.name
+  description = "The name can identifying your Lambda Function."
+}
+
 output "arn" {
   value       = join("", aws_lambda_function.default[*].arn)
   description = "The Amazon Resource Name (ARN) identifying your Lambda Function."
diff --git a/variables.tf b/variables.tf
index 900c038..98d961f 100644
--- a/variables.tf
+++ b/variables.tf
@@ -412,4 +412,34 @@ variable "policy_path" {
   type        = string
   default     = null
   description = "Path of policies to that should be added to IAM role for Lambda Function"
-}
\ No newline at end of file
+}
+
+variable "assume_role_policy" {
+  type = string
+  description = "assume role policy document in JSON format"
+  default = <<EOF
+{
+  "Version": "2012-10-17",
+  "Statement": [
+    {
+      "Action": "sts:AssumeRole",
+      "Principal": {
+        "Service": "lambda.amazonaws.com"
+      },
+      "Effect": "Allow",
+      "Sid": ""
+    }
+  ]
+}
+EOF
+}
+variable "aws_iam_policy_name" {
+  type        = string
+  default     = "aws_lambda-logs"
+  description = "IAM policy name mentioned here"
+}
+variable "aws_iam_policy_path" {
+  type        = string
+  default     = "/"
+  description = "IAM policy path default value"
+}

From d42f32f3402de03c048a8f7b339237d68af4ded5 Mon Sep 17 00:00:00 2001
From: Anmol Nagpal <anmol@clouddrove.com>
Date: Fri, 17 Nov 2023 22:52:49 +0530
Subject: [PATCH 2/3] feat: fixed all the lambda functions

---
 _example/basic-function/example.tf    |  2 +-
 _example/complete-function/example.tf |  4 ++--
 lambda_packages/layer.py              | 14 ++++++++++++++
 main.tf                               | 12 ++++++------
 variables.tf                          |  4 ++--
 5 files changed, 25 insertions(+), 11 deletions(-)
 create mode 100644 lambda_packages/layer.py

diff --git a/_example/basic-function/example.tf b/_example/basic-function/example.tf
index 0c8be29..17cf5fa 100644
--- a/_example/basic-function/example.tf
+++ b/_example/basic-function/example.tf
@@ -14,7 +14,7 @@ module "lambda" {
   source      = "../../"
   name        = local.name
   environment = local.environment
-  filename    = "../../lambda_packages/index.py"
+  filename    = "../../lambda_packages/index.zip"
   handler     = "index.lambda_handler"
   runtime     = "python3.7"
   variables = {
diff --git a/_example/complete-function/example.tf b/_example/complete-function/example.tf
index a6d8a0c..3748422 100644
--- a/_example/complete-function/example.tf
+++ b/_example/complete-function/example.tf
@@ -16,7 +16,7 @@ module "lambda" {
   environment                       = local.environment
   create_layers                     = true
   timeout                           = 60
-  filename                          = "../../lambda_packages/index.py"
+  filename                          = "../../lambda_packages/index.zip"
   handler                           = "index.lambda_handler"
   runtime                           = "python3.8"
   compatible_architectures          = ["arm64"]
@@ -31,7 +31,7 @@ module "lambda" {
   names = [
     "python_layer"
   ]
-  layer_filenames = ["../../lambda_packages/guardduty_enabler.zip"]
+  layer_filenames = ["../../lambda_packages/layer.zip"]
   compatible_runtimes = [
     ["python3.8"]
   ]
diff --git a/lambda_packages/layer.py b/lambda_packages/layer.py
new file mode 100644
index 0000000..832d23f
--- /dev/null
+++ b/lambda_packages/layer.py
@@ -0,0 +1,14 @@
+import os
+import json
+
+def lambda_handler(event, context):
+    json_region = os.environ['AWS_REGION']
+    return {
+        "statusCode": 200,
+        "headers": {
+            "Content-Type": "application/json"
+        },
+        "body": json.dumps({
+            "Region ": json_region
+        })
+    }
\ No newline at end of file
diff --git a/main.tf b/main.tf
index 7bfc8ef..d6507d9 100644
--- a/main.tf
+++ b/main.tf
@@ -150,7 +150,7 @@ resource "aws_lambda_permission" "default" {
 ##-----------------------------------------------------------------------------
 resource "aws_iam_role" "default" {
   count = var.enable && var.create_iam_role ? 1 : 0
-  name  = format("%s-role", module.labels.id)
+  name  = format("%s-testrole", module.labels.id)
   assume_role_policy =var.assume_role_policy
 }
 
@@ -159,7 +159,7 @@ resource "aws_iam_role" "default" {
 ##-----------------------------------------------------------------------------
 resource "aws_iam_policy" "default" {
   count       = var.enable && var.create_iam_role ? 1 : 0
-  name        = format("%s-logging", module.labels.id)
+  name        = format("%s-testlogging", module.labels.id)
   path        = var.aws_iam_policy_path
   description = "IAM policy for logging from a lambda"
   policy      = data.aws_iam_policy_document.default[0].json
@@ -198,13 +198,13 @@ resource "aws_kms_key" "kms" {
 
 resource "aws_kms_alias" "kms-alias" {
   count         = var.enable && var.enable_kms ? 1 : 0
-  name          = format("alias/%s-lambda-keys", module.labels.id)
+  name          = format("alias/%s-testlambda-keys", module.labels.id)
   target_key_id = aws_kms_key.kms[0].key_id
 }
 
 resource "aws_kms_alias" "kms-alias-cloudwatch" {
   count         = var.enable && var.enable_kms && !var.existing_cloudwatch_log_group ? 1 : 0
-  name          = format("alias/%s-lambda-cloudwatch-keys", module.labels.id)
+  name          = format("alias/%s-testlambda-cloudwatch-keys", module.labels.id)
   target_key_id = aws_kms_key.kms[1].key_id
 }
 
@@ -286,7 +286,7 @@ data "aws_cloudwatch_log_group" "lambda" {
 
 resource "aws_cloudwatch_log_group" "lambda" {
   count             = var.enable && !var.existing_cloudwatch_log_group ? 1 : 0
-  name              = "/aws/lambda/${module.labels.id}"
+  name              = "/aws/testlambda/${module.labels.id}"
   retention_in_days = var.cloudwatch_logs_retention_in_days
   kms_key_id        = var.enable_kms ? aws_kms_key.kms[1].arn : var.cloudwatch_logs_kms_key_arn
   tags              = module.labels.tags
@@ -307,7 +307,7 @@ data "aws_iam_policy_document" "logs" {
 
 resource "aws_iam_policy" "logs" {
   count  = var.enable && var.create_iam_role && var.attach_cloudwatch_logs_policy ? 1 : 0
-  name   = var.aws_iam_policy_name
+  name   = var.aws_iam_policy_logs_name
   path   = var.policy_path
   policy = data.aws_iam_policy_document.logs[0].json
   tags   = module.labels.tags
diff --git a/variables.tf b/variables.tf
index 98d961f..bff6b59 100644
--- a/variables.tf
+++ b/variables.tf
@@ -433,9 +433,9 @@ variable "assume_role_policy" {
 }
 EOF
 }
-variable "aws_iam_policy_name" {
+variable "aws_iam_policy_logs_name" {
   type        = string
-  default     = "aws_lambda-logs"
+  default     = "aws_testlambda-logs"
   description = "IAM policy name mentioned here"
 }
 variable "aws_iam_policy_path" {

From 13ba5185aa2d2b123356bfa5135be7588aadd94d Mon Sep 17 00:00:00 2001
From: poojakasar <pooja.kasar@clouddrove.com>
Date: Mon, 20 Nov 2023 16:07:37 +0530
Subject: [PATCH 3/3] feat: verified tfchecks

---
 main.tf      | 6 +++---
 variables.tf | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/main.tf b/main.tf
index d6507d9..befdebe 100644
--- a/main.tf
+++ b/main.tf
@@ -149,9 +149,9 @@ resource "aws_lambda_permission" "default" {
 ## Terraform module to create Iam role resource on AWS for lambda.
 ##-----------------------------------------------------------------------------
 resource "aws_iam_role" "default" {
-  count = var.enable && var.create_iam_role ? 1 : 0
-  name  = format("%s-testrole", module.labels.id)
-  assume_role_policy =var.assume_role_policy
+  count              = var.enable && var.create_iam_role ? 1 : 0
+  name               = format("%s-testrole", module.labels.id)
+  assume_role_policy = var.assume_role_policy
 }
 
 ##-----------------------------------------------------------------------------
diff --git a/variables.tf b/variables.tf
index bff6b59..8e4064b 100644
--- a/variables.tf
+++ b/variables.tf
@@ -415,9 +415,9 @@ variable "policy_path" {
 }
 
 variable "assume_role_policy" {
-  type = string
+  type        = string
   description = "assume role policy document in JSON format"
-  default = <<EOF
+  default     = <<EOF
 {
   "Version": "2012-10-17",
   "Statement": [