Terraform configuration used to create the required AWS resources for integrating between Spectral and external service providers.
Name | Version |
---|---|
terraform | >= 1.3.0 |
aws | >= 5.26.0 |
Name | Version |
---|---|
aws | >= 5.26.0 |
random | n/a |
Name | Source | Version |
---|---|---|
api_gateway | ./modules/api_gateway | n/a |
backend_lambda_function | ./modules/lambda | n/a |
frontend_lambda_function | ./modules/lambda | n/a |
lambda_function | ./modules/lambda | n/a |
lambda_role | ./modules/role | n/a |
secrets_manager | ./modules/secrets_manager | n/a |
Name | Description | Type | Default | Required |
---|---|---|---|---|
backend_lambda_source_code_path | Path to the lambda source code zip file of the backend lambda | string |
null |
no |
env_vars | Extendable object contains all required environment variables required for the integration. | map(string) |
{ |
no |
environment | The target environment name for deployment. | string |
"prod" |
no |
frontend_lambda_source_code_path | Path to the lambda source code zip file of the frontend lambda | string |
null |
no |
gateway_api_integration_timeout_milliseconds | Timeout for the API Gateway to wait for lambda response | number |
29000 |
no |
global_tags | A list of tags to apply on all newly created resources. | map(string) |
{ |
no |
integration_type | Spectral integration type (A unique phrase describing the integration) - Available values: github , terraform , jira and gitlab |
string |
n/a | yes |
lambda_enable_logs | Specifies if Lambda should have CloudWatch a dedicated logs group. | bool |
false |
no |
lambda_function_memory_size | Amount of memory in MB your Lambda Function can use at runtime. Defaults to 1024. | number |
1024 |
no |
lambda_function_timeout | Amount of time your Lambda Function has to run in seconds. | number |
300 |
no |
lambda_logs_retention_in_days | Specifies the number of days you want to retain log events in the specified log group. | number |
30 |
no |
lambda_publish | Whether to publish creation/change as new Lambda Function Version. | bool |
false |
no |
lambda_source_code_path | Path to the lambda source code zip file | string |
null |
no |
resource_name_common_part | A common part for all resources created under the stack | string |
null |
no |
secrets_names | Names of secrets to create | list(string) |
null |
no |
store_secret_in_secrets_manager | Whether to store your secrets in secrets manager, default is false | bool |
false |
no |
tags | A collection of tags grouped by key representing it's target resource. | map(map(string)) |
{ |
no |
vpc_config | Configuration block for VPC settings for the Lambda function, including subnet IDs and security group IDs. | object({ |
null |
no |
In some integrations, Spectral requires some environment variables besides the default ones.
Those variables should be added to the env_vars
.
Please refer to our docs / source pages to view the extra environment variables needed for the integration.
This variable holds a list of tags be applied on all newly created resources:
{
BusinessUnit = "Spectral"
...
}
This variable holds a collection of tags grouped by key representing its target resource:
- IAM role resource - using the
iam
key - Lambda resource - using the
lambda
key - ApiGateway resource - using the
api_gateway
key
{
iam = {
...
}
lambda = {
...
}
api_gateway = {
...
}
}
module "spectral_lambda_integration" {
source = "github.com/SpectralOps/spectral-terraform-lambda-integration"
environment = "prod"
integration_type = "terraform"
lambda_enable_logs = true
lambda_logs_retention_in_days = 30
lambda_publish = false
lambda_function_timeout = 300
lambda_function_memory_size = 1024
# Environment variables used by the integration
env_vars = {
# Mandatory (unless you are using vault) - Your spectral DSN retrieved from SpectralOps
SPECTRAL_DSN = ""
# Additional env-vars should go here
}
# Global tags - Tags to be applied on every newly created resource
global_tags = {
# Tags to apply to all newly created resources
BusinessUnit = "Spectral"
}
# Tags to be applied on concrete resources
tags = {
# Tags to apply on iam related resources
iam = {
Resource = "role"
}
# Tags to apply on lambda related resources
lambda = {
Resource = "lambda"
}
# Tags to apply on api_gateway related resources
api_gateway = {
Resource = "api_gateway"
}
}
}
Name | Type |
---|---|
aws_api_gateway_rest_api | resource |
aws_api_gateway_method | resource |
aws_api_gateway_method_response | resource |
aws_api_gateway_integration | resource |
aws_api_gateway_deployment | resource |
aws_api_gateway_stage | resource |
aws_lambda_permission | resource |
aws_lambda_function | resource |
aws_cloudwatch_log_group | resource |
aws_iam_role | resource |
aws_iam_role_policy_attachment | resource |
aws_iam_policy_document | data |
Name | Description |
---|---|
lambda_function_arn | Amazon Resource Name (ARN) identifying your Lambda Function |
lambda_function_name | The name of the lambda function |
lambda_iam_role_arn | Amazon Resource Name (ARN) specifying the role |
lambda_iam_role_name | Name of the role |
rest_api_arn | Amazon Resource Name (ARN) identifying your Rest API |
rest_api_execution_arn | The execution ARN part to be used in lambda_permission's source_arn, not concatenated to other allowed API resources |
rest_api_id | The ID of the REST API |
rest_api_lambda_execution_arn | The execution ARN part to be used in lambda_permission's source_arn, concatenated with allowed API resources (method & path) |
rest_api_url | The URL for accessing the lambda through the ApiGateway |
secrets_arns | Arns of created secrets in secrets manager |
For GitHub deployment - only bot version 2.x is supported. The default GitHub bot version that this module deploys is 2.0.4, if you wish to use other versions please set local paths to the relevant ZIP files.