Chalice
Chalice is a tool to facilitate Python based lambda deployment. This repo contains the output of my basic exploration of this tool.
My specific goal with this tiny project was to examine the output of the terraform code and understand what resources will be created for a helloworld project.
I followed this tutorial, although used virtualenv a bit differently.
python3 --version
python3 -m venv venv38
. venv38/bin/activate
As instructed in the tutorial, instead of running chalice deploy, I used chalice package to specify terraform as the package format. Once executed, the output folder contained the zip file for the lambda and the terraform code file in JSON format. terraform should be run in the output folder to initiate deployment.
chalice package --pkg-format terraform /tmp/packaged-app/
Applying terraform
Output of the terraform apply command shows the creation of the following resources:
- aws_api_gateway_deployment
- aws_api_gateway_rest_api
- aws_iam_role
- aws_iam_role_policy
- aws_lambda_function
- aws_lambda_permission
And here is the output:
$ terraform apply
provider.aws.region
The region where AWS operations will take place. Examples
are us-east-1, us-west-2, etc.
Enter a value: eu-west-1
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# aws_api_gateway_deployment.rest_api will be created
+ resource "aws_api_gateway_deployment" "rest_api" {
+ created_date = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ invoke_url = (known after apply)
+ rest_api_id = (known after apply)
+ stage_description = (known after apply)
+ stage_name = "api"
}
# aws_api_gateway_rest_api.rest_api will be created
+ resource "aws_api_gateway_rest_api" "rest_api" {
+ api_key_source = (known after apply)
+ arn = (known after apply)
+ binary_media_types = [
+ "application/octet-stream",
+ "application/x-tar",
+ "application/zip",
+ "audio/basic",
+ "audio/ogg",
+ "audio/mp4",
+ "audio/mpeg",
+ "audio/wav",
+ "audio/webm",
+ "image/png",
+ "image/jpg",
+ "image/jpeg",
+ "image/gif",
+ "video/ogg",
+ "video/mpeg",
+ "video/webm",
]
+ body = (known after apply)
+ created_date = (known after apply)
+ description = (known after apply)
+ disable_execute_api_endpoint = (known after apply)
+ execution_arn = (known after apply)
+ id = (known after apply)
+ minimum_compression_size = -1
+ name = "test-tf-deploy"
+ policy = (known after apply)
+ root_resource_id = (known after apply)
+ tags_all = (known after apply)
+ endpoint_configuration {
+ types = [
+ "EDGE",
]
+ vpc_endpoint_ids = (known after apply)
}
}
# aws_iam_role.default-role will be created
+ resource "aws_iam_role" "default-role" {
+ arn = (known after apply)
+ assume_role_policy = jsonencode(
{
+ Statement = [
+ {
+ Action = "sts:AssumeRole"
+ Effect = "Allow"
+ Principal = {
+ Service = "lambda.amazonaws.com"
}
+ Sid = ""
},
]
+ Version = "2012-10-17"
}
)
+ create_date = (known after apply)
+ force_detach_policies = false
+ id = (known after apply)
+ managed_policy_arns = (known after apply)
+ max_session_duration = 3600
+ name = "test-tf-deploy-dev"
+ name_prefix = (known after apply)
+ path = "/"
+ tags_all = (known after apply)
+ unique_id = (known after apply)
+ inline_policy {
+ name = (known after apply)
+ policy = (known after apply)
}
}
# aws_iam_role_policy.default-role will be created
+ resource "aws_iam_role_policy" "default-role" {
+ id = (known after apply)
+ name = "default-rolePolicy"
+ policy = jsonencode(
{
+ Statement = [
+ {
+ Action = [
+ "logs:CreateLogGroup",
+ "logs:CreateLogStream",
+ "logs:PutLogEvents",
]
+ Effect = "Allow"
+ Resource = "arn:*:logs:*:*:*"
},
]
+ Version = "2012-10-17"
}
)
+ role = (known after apply)
}
# aws_lambda_function.api_handler will be created
+ resource "aws_lambda_function" "api_handler" {
+ architectures = (known after apply)
+ arn = (known after apply)
+ filename = "./deployment.zip"
+ function_name = "test-tf-deploy-dev"
+ handler = "app.app"
+ id = (known after apply)
+ invoke_arn = (known after apply)
+ last_modified = (known after apply)
+ memory_size = 128
+ package_type = "Zip"
+ publish = false
+ qualified_arn = (known after apply)
+ reserved_concurrent_executions = -1
+ role = (known after apply)
+ runtime = "python3.8"
+ signing_job_arn = (known after apply)
+ signing_profile_version_arn = (known after apply)
+ source_code_hash = "G/z6BLWCK/9iNDEl1lRyYpXyFoo/hJkW0NdhLEf5tUc="
+ source_code_size = (known after apply)
+ tags = {
+ "aws-chalice" = "version=1.26.5:stage=dev:app=test-tf-deploy"
}
+ tags_all = {
+ "aws-chalice" = "version=1.26.5:stage=dev:app=test-tf-deploy"
}
+ timeout = 60
+ version = (known after apply)
+ tracing_config {
+ mode = (known after apply)
}
}
# aws_lambda_permission.rest_api_invoke will be created
+ resource "aws_lambda_permission" "rest_api_invoke" {
+ action = "lambda:InvokeFunction"
+ function_name = (known after apply)
+ id = (known after apply)
+ principal = "apigateway.amazonaws.com"
+ source_arn = (known after apply)
+ statement_id = (known after apply)
}
Plan: 6 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ EndpointURL = (known after apply)
+ RestAPIId = (known after apply)
╷
│ Warning: Deprecated Resource
│
│ with data.null_data_source.chalice,
│ on chalice.tf.json line 109, in data.null_data_source.chalice:
│ 109: }
│
│ The null_data_source was historically used to construct intermediate values to re-use elsewhere in configuration, the same can now be achieved using locals
│
│ (and one more similar warning elsewhere)
╵
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
aws_iam_role.default-role: Creating...
aws_iam_role.default-role: Creation complete after 2s [id=test-tf-deploy-dev]
aws_iam_role_policy.default-role: Creating...
aws_lambda_function.api_handler: Creating...
aws_iam_role_policy.default-role: Creation complete after 1s [id=test-tf-deploy-dev:default-rolePolicy]
aws_lambda_function.api_handler: Still creating... [10s elapsed]
aws_lambda_function.api_handler: Creation complete after 14s [id=test-tf-deploy-dev]
aws_api_gateway_rest_api.rest_api: Creating...
aws_api_gateway_rest_api.rest_api: Creation complete after 1s [id=fzegk1qj6c]
aws_api_gateway_deployment.rest_api: Creating...
aws_lambda_permission.rest_api_invoke: Creating...
aws_lambda_permission.rest_api_invoke: Creation complete after 1s [id=terraform-20220203152421383500000001]
aws_api_gateway_deployment.rest_api: Creation complete after 1s [id=g8xs21]
Apply complete! Resources: 6 added, 0 changed, 0 destroyed.
TODO
- Build a pipeline
25 Oct 24, 2022
36 Dec 09, 2022
243 Jan 03, 2023
2 Sep 10, 2022
4 Feb 10, 2022
2 Oct 21, 2021
500 Dec 22, 2022
1 Jan 10, 2022
3 Feb 02, 2022
224 Jan 04, 2023
1 Dec 31, 2021
31 Aug 07, 2022
1 Nov 22, 2021
16 Aug 29, 2022
1 Oct 19, 2021
3 Aug 11, 2022
5 Sep 23, 2022
1 Jan 23, 2022
0 Apr 25, 2022
4 May 16, 2022