Chalice
Chalice is a tool to facilitate Python based lambda deployment. This repo contains the output of my basic exploration of this tool.
My specific goal with this tiny project was to examine the output of the terraform code and understand what resources will be created for a helloworld project.
I followed this tutorial, although used virtualenv a bit differently.
python3 --version
python3 -m venv venv38
. venv38/bin/activate
As instructed in the tutorial, instead of running chalice deploy, I used chalice package to specify terraform as the package format. Once executed, the output folder contained the zip file for the lambda and the terraform code file in JSON format. terraform should be run in the output folder to initiate deployment.
chalice package --pkg-format terraform /tmp/packaged-app/
Applying terraform
Output of the terraform apply command shows the creation of the following resources:
- aws_api_gateway_deployment
- aws_api_gateway_rest_api
- aws_iam_role
- aws_iam_role_policy
- aws_lambda_function
- aws_lambda_permission
And here is the output:
$ terraform apply
provider.aws.region
The region where AWS operations will take place. Examples
are us-east-1, us-west-2, etc.
Enter a value: eu-west-1
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_api_gateway_deployment.rest_api will be created
+ resource "aws_api_gateway_deployment" "rest_api" {
+ created_date = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ invoke_url = (known after apply)
+ rest_api_id = (known after apply)
+ stage_description = (known after apply)
+ stage_name = "api"
}
# aws_api_gateway_rest_api.rest_api will be created
+ resource "aws_api_gateway_rest_api" "rest_api" {
+ api_key_source = (known after apply)
+ arn = (known after apply)
+ binary_media_types = [
+ "application/octet-stream",
+ "application/x-tar",
+ "application/zip",
+ "audio/basic",
+ "audio/ogg",
+ "audio/mp4",
+ "audio/mpeg",
+ "audio/wav",
+ "audio/webm",
+ "image/png",
+ "image/jpg",
+ "image/jpeg",
+ "image/gif",
+ "video/ogg",
+ "video/mpeg",
+ "video/webm",
]
+ body = (known after apply)
+ created_date = (known after apply)
+ description = (known after apply)
+ disable_execute_api_endpoint = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ minimum_compression_size = -1
+ name = "test-tf-deploy"
+ policy = (known after apply)
+ root_resource_id = (known after apply)
+ tags_all = (known after apply)
+ endpoint_configuration {
+ types = [
+ "EDGE",
]
+ vpc_endpoint_ids = (known after apply)
}
}
# aws_iam_role.default-role will be created
+ resource "aws_iam_role" "default-role" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "lambda.amazonaws.com"
}
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "test-tf-deploy-dev"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
+ inline_policy {
+ name = (known after apply)
+ policy = (known after apply)
}
}
# aws_iam_role_policy.default-role will be created
+ resource "aws_iam_role_policy" "default-role" {
+ id = (known after apply)
+ name = "default-rolePolicy"
+ policy = jsonencode(
{
+ Statement = [
+ {
+ Action = [
+ "logs:CreateLogGroup",
+ "logs:CreateLogStream",
+ "logs:PutLogEvents",
]
+ Effect = "Allow"
+ Resource = "arn:*:logs:*:*:*"
},
]
+ Version = "2012-10-17"
}
)
+ role = (known after apply)
}
# aws_lambda_function.api_handler will be created
+ resource "aws_lambda_function" "api_handler" {
+ architectures = (known after apply)
+ arn = (known after apply)
+ filename = "./deployment.zip"
+ function_name = "test-tf-deploy-dev"
+ handler = "app.app"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = (known after apply)
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "G/z6BLWCK/9iNDEl1lRyYpXyFoo/hJkW0NdhLEf5tUc="
+ source_code_size = (known after apply)
+ tags = {
+ "aws-chalice" = "version=1.26.5:stage=dev:app=test-tf-deploy"
}
+ tags_all = {
+ "aws-chalice" = "version=1.26.5:stage=dev:app=test-tf-deploy"
}
+ timeout = 60
+ version = (known after apply)
+ tracing_config {
+ mode = (known after apply)
}
}
# aws_lambda_permission.rest_api_invoke will be created
+ resource "aws_lambda_permission" "rest_api_invoke" {
+ action = "lambda:InvokeFunction"
+ function_name = (known after apply)
+ id = (known after apply)
+ principal = "apigateway.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = (known after apply)
}
Plan: 6 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ EndpointURL = (known after apply)
+ RestAPIId = (known after apply)
╷
│ Warning: Deprecated Resource
│
│ with data.null_data_source.chalice,
│ on chalice.tf.json line 109, in data.null_data_source.chalice:
│ 109: }
│
│ The null_data_source was historically used to construct intermediate values to re-use elsewhere in configuration, the same can now be achieved using locals
│
│ (and one more similar warning elsewhere)
╵
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
aws_iam_role.default-role: Creating...
aws_iam_role.default-role: Creation complete after 2s [id=test-tf-deploy-dev]
aws_iam_role_policy.default-role: Creating...
aws_lambda_function.api_handler: Creating...
aws_iam_role_policy.default-role: Creation complete after 1s [id=test-tf-deploy-dev:default-rolePolicy]
aws_lambda_function.api_handler: Still creating... [10s elapsed]
aws_lambda_function.api_handler: Creation complete after 14s [id=test-tf-deploy-dev]
aws_api_gateway_rest_api.rest_api: Creating...
aws_api_gateway_rest_api.rest_api: Creation complete after 1s [id=fzegk1qj6c]
aws_api_gateway_deployment.rest_api: Creating...
aws_lambda_permission.rest_api_invoke: Creating...
aws_lambda_permission.rest_api_invoke: Creation complete after 1s [id=terraform-20220203152421383500000001]
aws_api_gateway_deployment.rest_api: Creation complete after 1s [id=g8xs21]
Apply complete! Resources: 6 added, 0 changed, 0 destroyed.
TODO
- Build a pipeline
2 Jan 06, 2022
1 Nov 11, 2021
275 Jan 02, 2023
100 Nov 04, 2022
31.3k Dec 30, 2022
261 Jan 04, 2023
251 Dec 13, 2022
1 Dec 04, 2022
5 Sep 24, 2022
2 Jun 15, 2022
352 Jan 06, 2023
0 Jun 02, 2022
59 Dec 19, 2022
2 Dec 14, 2022
6 Dec 21, 2022
47 Jan 03, 2023
1 Nov 21, 2021
3 Nov 09, 2022
1 Oct 29, 2021
1 Feb 05, 2022