feat(s3_bucket_subscription): allow enabling eventbridge

João Taveira Araújo · João Taveira Araújo · commit 2cd71c5d0912 · 2024-03-22T09:49:14.000-07:00
diff --git a/README.md b/README.md
@@ -68,6 +68,7 @@ No modules.
 |------|-------------|------|---------|:--------:|
 | <a name="input_dead_letter_queue_destination"></a> [dead\_letter\_queue\_destination](#input\_dead\_letter\_queue\_destination) | Send failed events/function executions to a dead letter queue arn sns or sqs | `string` | `null` | no |
 | <a name="input_description"></a> [description](#input\_description) | Lambda description | `string` | `"Lambda function to forward events towards Observe"` | no |
+| <a name="input_enable_eventbridge"></a> [enable\_eventbridge](#input\_enable\_eventbridge) | Enable sending bucket notifications to EventBridge | `bool` | `false` | no |
 | <a name="input_iam_name_prefix"></a> [iam\_name\_prefix](#input\_iam\_name\_prefix) | Prefix used for all created IAM roles and policies | `string` | `"observe-lambda-"` | no |
 | <a name="input_kms_key_arn"></a> [kms\_key\_arn](#input\_kms\_key\_arn) | The ARN of the AWS Key Management Service (AWS KMS) key that's used to encrypt your function's environment variables.<br>If it's not provided, AWS Lambda uses a default service key. | `string` | `""` | no |
 | <a name="input_lambda_envvars"></a> [lambda\_envvars](#input\_lambda\_envvars) | Environment variables | `map(any)` | `{}` | no |
diff --git a/modules/s3_bucket_subscription/README.md b/modules/s3_bucket_subscription/README.md
@@ -33,13 +33,13 @@ module "observe_lambda_s3_subscription" {
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.1.0 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 2.68 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 2.68 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.0 |
 
 ## Modules
 
@@ -60,6 +60,7 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_bucket_arns"></a> [bucket\_arns](#input\_bucket\_arns) | S3 bucket ARNs to subscribe to Observe Lambda | `list(string)` | `[]` | no |
+| <a name="input_enable_eventbridge"></a> [enable\_eventbridge](#input\_enable\_eventbridge) | Enable sending bucket notifications to EventBridge | `bool` | `false` | no |
 | <a name="input_filter_prefix"></a> [filter\_prefix](#input\_filter\_prefix) | Specifies object key name prefix on S3 bucket notifications. | `string` | `""` | no |
 | <a name="input_filter_suffix"></a> [filter\_suffix](#input\_filter\_suffix) | Specifies object key name suffix on S3 bucket notifications. | `string` | `""` | no |
 | <a name="input_iam_name_prefix"></a> [iam\_name\_prefix](#input\_iam\_name\_prefix) | Prefix used for all created IAM roles and policies | `string` | `"observe-lambda-"` | no |
diff --git a/modules/s3_bucket_subscription/main.tf b/modules/s3_bucket_subscription/main.tf
@@ -18,14 +18,16 @@ resource "aws_lambda_permission" "allow_bucket" {
 }
 
 resource "aws_s3_bucket_notification" "notification" {
-  count  = length(aws_lambda_permission.allow_bucket)
-  bucket = data.aws_arn.bucket[count.index].resource
+  count       = length(aws_lambda_permission.allow_bucket)
+  bucket      = data.aws_arn.bucket[count.index].resource
+  eventbridge = var.enable_eventbridge
   lambda_function {
     lambda_function_arn = aws_lambda_permission.allow_bucket[count.index].function_name
     events              = ["s3:ObjectCreated:*"]
     filter_prefix       = var.filter_prefix
     filter_suffix       = var.filter_suffix
   }
+
 }
 
 resource "aws_iam_policy" "s3_bucket_read" {
diff --git a/modules/s3_bucket_subscription/variables.tf b/modules/s3_bucket_subscription/variables.tf
@@ -40,3 +40,10 @@ variable "statement_id_prefix" {
   nullable    = false
   default     = ""
 }
+
+variable "enable_eventbridge" {
+  description = "Enable sending bucket notifications to EventBridge"
+  type        = bool
+  nullable    = false
+  default     = false
+}
diff --git a/modules/s3_bucket_subscription/versions.tf b/modules/s3_bucket_subscription/versions.tf
@@ -4,7 +4,7 @@ terraform {
   required_providers {
     aws = {
       source  = "hashicorp/aws"
-      version = ">= 2.68"
+      version = ">= 4.0"
     }
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -18,14 +18,16 @@ resource "aws_lambda_permission" "allow_bucket" {`
`18`	`18`	`}`
`19`	`19`
`20`	`20`	`resource "aws_s3_bucket_notification" "notification" {`
`21`		`- count = length(aws_lambda_permission.allow_bucket)`
`22`		`- bucket = data.aws_arn.bucket[count.index].resource`
	`21`	`+ count = length(aws_lambda_permission.allow_bucket)`
	`22`	`+ bucket = data.aws_arn.bucket[count.index].resource`
	`23`	`+ eventbridge = var.enable_eventbridge`
`23`	`24`	`lambda_function {`
`24`	`25`	`lambda_function_arn = aws_lambda_permission.allow_bucket[count.index].function_name`
`25`	`26`	`events = ["s3:ObjectCreated:*"]`
`26`	`27`	`filter_prefix = var.filter_prefix`
`27`	`28`	`filter_suffix = var.filter_suffix`
`28`	`29`	`}`
	`30`	`+`
`29`	`31`	`}`
`30`	`32`
`31`	`33`	`resource "aws_iam_policy" "s3_bucket_read" {`
Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,7 @@ terraform {`
`4`	`4`	`required_providers {`
`5`	`5`	`aws = {`
`6`	`6`	`source = "hashicorp/aws"`
`7`		`- version = ">= 2.68"`
	`7`	`+ version = ">= 4.0"`
`8`	`8`	`}`
`9`	`9`	`}`
`10`	`10`	`}`