I want to move my lambda function from AWS amplify to my terraform project.
All the dependencies should be installed in the separate lambda layer.
Here’s my package.json file
{
"name": "authorizerfunction",
"version": "2.0.0",
"description": "Lambda function generated by Amplify",
"main": "index.ts",
"license": "Apache-2.0",
"dependencies": {
"jwt-decode": "^3.1.2",
"aws-lambda": "^1.0.7",
"@types/aws-lambda": "^8.10.97",
"@types/node": "^18.11.18"
},
"devDependencies": {
}
}
resource "null_resource" "install_dependencies" {
provisioner "local-exec" {
command = "npm install --omit=dev --prefix ${local.lambda_layer_output_dir}/nodejs ${local.lambda_source_dir}"
}
triggers = {
always_run = "${timestamp()}"
}
}
resource "aws_lambda_layer_version" "lambda_layer" {
filename = data.archive_file.zip_layer.output_path
layer_name = "${local.project_name}-lambda-layer"
compatible_runtimes = [local.lambda_runtime]
source_code_hash = base64sha256(data.archive_file.zip_layer.output_path)
}
resource "aws_lambda_function" "lambda_function" {
filename = data.archive_file.zip_the_python_code.output_path
function_name = local.project_name
role = aws_iam_role.lambda_role.arn
handler = "index.handler"
runtime = local.lambda_runtime
layers = [aws_lambda_layer_version.lambda_layer.arn]
source_code_hash = base64sha256(data.archive_file.zip_the_python_code.output_path)
depends_on = [
aws_iam_role_policy_attachment.attach_iam_policy_to_iam_role
]
}
data "archive_file" "zip_the_python_code" {
type = "zip"
source_dir = "${local.lambda_source_dir}/"
output_path = local.lambda_zip_path
excludes = ["package.json", "package-lock.json", "tsconfig.json"]
}
data "archive_file" "zip_layer" {
type = "zip"
source_dir = "${local.lambda_layer_output_dir}/"
output_path = local.lambda_layer_zip_path
depends_on = [null_resource.install_dependencies]
}
locals {
project_name = "AuthorizerFunction2-${terraform.workspace}"
lambda_zip_file_name = "lambda.zip"
lambda_zip_path = "${path.module}/${local.lambda_zip_file_name}"
lambda_source_dir = "${path.module}/lambda"
lambda_layer_zip_file_name = "layer.zip"
lambda_layer_zip_path = "${path.module}/${local.lambda_layer_zip_file_name}"
lambda_layer_output_dir = "${path.module}/lambda_layer_files"
lambda_runtime = "nodejs14.x"
}
When it comes to apply the changes, I got some weird error because the npm install command from null_resource resource expects my project to be a github repository.
│ Error: local-exec provisioner error
│
│ with module.authorizer_function.null_resource.install_dependencies,
│ on authorizer_function/lambda.tf line 2, in resource "null_resource" "install_dependencies":
│ 2: provisioner "local-exec" {
│
│ Error running command 'npm install --omit=dev --prefix
│ authorizer_function/lambda_layer_files/nodejs authorizer_function/lambda':
│ exit status 128. Output: npm error code 128
│ npm error An unknown git error occurred
│ npm error command git --no-replace-objects ls-remote
│ ssh://[email protected]/authorizer_function/lambda.git
│ npm error [email protected]: Permission denied (publickey).
│ npm error fatal: Could not read from remote repository.
│ npm error
│ npm error Please make sure you have the correct access rights
│ npm error and the repository exists.
│
│ npm error A complete log of this run can be found in:
│ /root/.npm/_logs/2024-09-26T09_25_53_181Z-debug-0.log
│
1