使用 Terraform 创建从 AWS Lambda Python3.8 发送消息到 Slack 的配置
【个人备忘录】简单设置:从Lambda向Slack发送消息。
简而言之
Terraform配置
- Terraform実行環境 ローカルディレクトリ構成 (MacOS)
├── .terraform
│ ├── plugins
│ │ └── darwin_amd64
│ │ └── terraform-provider-aws_v2.48.0_x4
├── post-slack.tf
└── source_code
└── post-slack
└── main.py
- Lambda関数を作成する tf ファイル
data "archive_file" "post-slack" {
type = "zip"
source_dir = "./source_code/post-slack"
output_path = "./source_code/post-slack.zip"
}
resource "aws_lambda_function" "post-slack" {
filename = "${data.archive_file.post-slack.output_path}"
function_name = "post-slack"
role = "arn:aws:iam::※※※※※※※※※※※※:role/service-role/lambda-basic-execution"
handler = "main.lambda_handler"
source_code_hash = "${data.archive_file.post-slack.output_base64sha256}"
runtime = "python3.8"
memory_size = 128
timeout = 300
environment {
variables = {
SLACK_CHANNEL = "#hogehoge"
SLACK_TEXT = "Slack通知テスト"
SLACK_USER_NAME = "名無し"
SLACK_ICON_EMOJI = ":fearful:"
SLACK_COLOR = "warning"
SLACK_WEBHOOK_URL = "https://hooks.slack.com/services/※※※※※※※※※/※※※※※※※※※/※※※※※※※※※※※※※※※※※※※※※※※※"
}
}
}
- Lambda に割り当てる IAMロール
data "aws_iam_policy_document" "lambda-assume-role-policy" {
statement {
actions = ["sts:AssumeRole"]
principals {
type = "Service"
identifiers = ["lambda.amazonaws.com"]
}
}
}
resource "aws_iam_role" "role_lambda-basic-execution" {
name = "lambda-basic-execution"
assume_role_policy = data.aws_iam_policy_document.lambda-assume-role-policy.json
path = "/service-role/"
}
resource "aws_iam_role_policy_attachment" "AWSLambdaBasicExecutionRole" {
role = aws_iam_role.role_lambda-basic-execution.name
policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole"
}
- Slack API へメッセージを送信する python コード
import os
import json
from urllib.request import Request, urlopen
slackChannel = os.environ['SLACK_CHANNEL']
slackUserName = os.environ['SLACK_USER_NAME']
slackText = os.environ['SLACK_TEXT']
slackWebhookURL = os.environ['SLACK_WEBHOOK_URL']
slackIconEmoji = os.environ['SLACK_ICON_EMOJI']
slackColor = os.environ['SLACK_COLOR']
def lambda_handler(event, context):
post_slack()
def post_slack():
message = {
'channel': slackChannel,
'username': slackUserName,
'text': slackText,
'icon_emoji': slackIconEmoji,
'attachments': [
{
"color": slackColor,
"text": "なんて日だ・・"
}
]
}
data = json.dumps(message).encode('utf-8')
request = Request(slackWebhookURL, data)
urlopen(request).read()
运行terraform plan
如果在首次运行terraform plan时遇到以下错误,请执行以下操作:
$ terraform plan
Error: Could not satisfy plugin requirements
Plugin reinitialization required. Please run "terraform init".
Plugins are external binaries that Terraform uses to access and manipulate
resources. The configuration provided requires plugins which can't be located,
don't satisfy the version constraints, or are otherwise incompatible.
Terraform automatically discovers provider requirements from your
configuration, including providers used in child modules. To see the
requirements and constraints from each module, run "terraform providers".
Error: provider.archive: no suitable version installed
version requirements: "(any version)"
versions installed: none
执行 terraform init
$ terraform init
Initializing the backend...
Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "archive" (hashicorp/archive) 2.0.0...
The following providers do not have any version constraints in configuration,
so the latest version was installed.
To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.
* provider.archive: version = "~> 2.0"
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
terraform-provider-aws_v2.48.0_x4 已经下载到插件目录。
├── .terraform
│ ├── plugins
│ │ └── darwin_amd64
│ │ ├── terraform-provider-archive_v2.0.0_x5
│ │ └── terraform-provider-aws_v2.48.0_x4
执行 Terraform 应用
$ terraform apply
运行后,post-slack.zip 将在 source_code 目录中生成
└── source_code
├── post-slack
│ └── main.py
└── post-slack.zip
在 AWS 管理控制台上查看
Lambda 函数 “post-slack” 的配置
进行测试
