Last active
September 22, 2017 04:50
-
-
Save lisp-ceo/a6479e59f294fd93d874a9772761072c to your computer and use it in GitHub Desktop.
Terraform with AWS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| REGION=${REGION:-"ap-southeast-2"} | |
| INSTANCE='HAL-TheBigPHPMachine' | |
| SCRIPT_EXT=-$REGION$INSTANCE | |
| cp StartEC2Instances.py.template StartEC2Instances$SCRIPT_EXT.py | |
| sed -i '' 's/__REGION__/'${REGION}'/g' StartEC2Instances$SCRIPT_EXT.py | |
| sed -i '' 's/__INSTANCE__/'${INSTANCE}'/g' StartEC2Instances$SCRIPT_EXT.py | |
| zip StartEC2Instances.zip StartEC2Instances$SCRIPT_EXT.py | |
| cp StopEC2Instances.py.template StopEC2Instances$SCRIPT_EXT.py | |
| sed -i '' 's/__REGION__/'${REGION}'/g' StopEC2Instances$SCRIPT_EXT.py | |
| sed -i '' 's/__INSTANCE__/'${INSTANCE}'/g' StopEC2Instances$SCRIPT_EXT.py | |
| zip StopEC2Instances.zip StopEC2Instances$SCRIPT_EXT.py |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| provider "aws" { | |
| region = "${var.region}" | |
| shared_credentials_file = "~/.aws/credentials" | |
| } | |
| variable "region" { | |
| type = "string" | |
| default = "ap-southeast-2" | |
| } | |
| variable "instance" { | |
| type = "string" | |
| } | |
| resource "aws_iam_role" "iam_for_lambda" { | |
| name = "iam_for_lambda" | |
| assume_role_policy = <<EOF | |
| { | |
| "Version": "2012-10-17", | |
| "Statement": [ | |
| { | |
| "Action": "sts:AssumeRole", | |
| "Principal": { | |
| "Service": "lambda.amazonaws.com" | |
| }, | |
| "Effect": "Allow", | |
| "Sid": "" | |
| } | |
| ] | |
| } | |
| EOF | |
| } | |
| resource "aws_lambda_function" "StartEC2Instances" { | |
| filename = "StartEC2Instances-${var.region}${var.instance}.zip" | |
| function_name = "StartEC2Instances-${var.region}${var.instance}" | |
| role = "${aws_iam_role.iam_for_lambda.arn}" | |
| handler = "StartEC2Instances-${var.region}${var.instance}.lambda_handler" | |
| source_code_hash = "${base64sha256(file("StartEC2Instances-${var.region}${var.instance}.zip"))}" | |
| runtime = "python2.7" | |
| environment { | |
| variables = { | |
| foo = "bar" | |
| } | |
| } | |
| } | |
| resource "aws_lambda_function" "StopEC2Instances" { | |
| filename = "StopEC2Instances-${var.region}${var.instance}.zip" | |
| function_name = "StopEC2Instances-${var.region}${var.instance}" | |
| role = "${aws_iam_role.iam_for_lambda.arn}" | |
| handler = "StopEC2Instances-${var.region}${var.instance}.lambda_handler" | |
| source_code_hash = "${base64sha256(file("StopEC2Instances-${var.region}${var.instance}.zip"))}" | |
| runtime = "python2.7" | |
| environment { | |
| variables = { | |
| foo = "bar" | |
| } | |
| } | |
| } | |
| # CloudWatch Alarm -> CloudWatch Event Target -> Posts to SNS Topic -> | |
| ## Start | |
| resource "aws_cloudwatch_event_rule" "fires_at_8am_each_business_day" { | |
| name = "fires_at_8am_each_business_day" | |
| description = "CloudWatch Even that fires at 8am each day" | |
| schedule_expression = "cron(0 8 ? * MON-FRI *)" | |
| } | |
| resource "aws_cloudwatch_event_target" "sns_start_machines" { | |
| rule = "${aws_cloudwatch_event_rule.fires_at_8am_each_business_day.name}" | |
| arn = "${aws_sns_topic.start_machines.arn}" | |
| } | |
| resource "aws_sns_topic" "start_machines" { | |
| name = "start_machines" | |
| } | |
| resource "aws_sns_topic_subscription" "sns_start_machines" { | |
| topic_arn = "${aws_sns_topic.start_machines.arn}" | |
| protocol = "lambda" | |
| endpoint = "${aws_lambda_function.StartEC2Instances.arn}" | |
| } | |
| resource "aws_lambda_permission" "sns_start_machines" { | |
| statement_id = "AllowExecutionFromSNS" | |
| action = "lambda:InvokeFunction" | |
| function_name = "${aws_lambda_function.StartEC2Instances.arn}" | |
| principal = "sns.amazonaws.com" | |
| source_arn = "${aws_sns_topic.start_machines.arn}" | |
| } | |
| ## Stop | |
| resource "aws_sns_topic" "stop_machines" { | |
| name = "stop_machines" | |
| } | |
| resource "aws_cloudwatch_event_rule" "fires_at_8pm_each_business_day" { | |
| name = "fires_at_8pm_each_business_day" | |
| description = "CloudWatch Even that fires at 8pm each day" | |
| schedule_expression = "cron(0 20 ? * MON-FRI *)" | |
| } | |
| resource "aws_cloudwatch_event_target" "sns_stop_machines" { | |
| rule = "${aws_cloudwatch_event_rule.fires_at_8pm_each_business_day.name}" | |
| arn = "${aws_sns_topic.stop_machines.arn}" | |
| } | |
| resource "aws_sns_topic_subscription" "sns_stop_machines" { | |
| topic_arn = "${aws_sns_topic.stop_machines.arn}" | |
| protocol = "lambda" | |
| endpoint = "${aws_lambda_function.StopEC2Instances.arn}" | |
| } | |
| resource "aws_lambda_permission" "sns_stop_machines" { | |
| statement_id = "AllowExecutionFromSNS" | |
| action = "lambda:InvokeFunction" | |
| function_name = "${aws_lambda_function.StopEC2Instances.arn}" | |
| principal = "sns.amazonaws.com" | |
| source_arn = "${aws_sns_topic.stop_machines.arn}" | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| create_ws: | |
| terraform workspace new lambdas | |
| LCInstanceGen: | |
| ./LCInstanceGen.sh | |
| plan: | |
| terraform plan -var instance='HAL-TheBigPHPMachine' -var region=ap-southeast-2 | |
| apply: | |
| terraform apply -var instance='HAL-TheBigPHPMachine' -var region=ap-southeast-2 | |
| destroy: | |
| terraform destroy -force -var instance='HAL-TheBigPHPMachine' -var region=ap-southeast-2 | |
| invoke: | |
| aws lambda invoke --function-name StopEC2Instances-ap-southeast-2HAL-TheBigPHPMachine test.txt | |
| list_topics: | |
| aws sns list-topics | |
| update: | |
| @MAKE LCInstanceGen | |
| @MAKE plan | |
| @MAKE apply |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| region = '__REGION__' | |
| instances = ['__INSTANCE__'] | |
| def lambda_handler(event, context): | |
| ec2 = boto3.client('ec2', region_name=region) | |
| ec2.start_instances(InstanceIds=instances) | |
| print 'started your instances: ' + str(instances) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import boto3 | |
| region = '__REGION__' | |
| instances = ['__INSTANCE__'] | |
| def lambda_handler(event, context): | |
| ec2 = boto3.client('ec2', region_name=region) | |
| ec2.stop_instances(InstanceIds=instances) | |
| print 'stopped your instances: ' + str(instances) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment