decadence

個人のメモ帳

terraform で API Gateway/DynamoDB の設定

Terraform by HashiCorp

terraform を使って AWS 関連の設定を行う。

API Gateway

前回の LINE Bot のために terraform で API Gateway の設定

なお、apex には apex infra 機能はあるが、直接 terraform を触った方が明らかに良い

variable "access_key" {}
variable "secret_key" {}
variable "region" {
  default = "ap-northeast-1"
}

provider "aws" {
  access_key = "${var.access_key}"
  secret_key = "${var.secret_key}"
  region = "${var.region}"
}

# https://www.terraform.io/docs/providers/aws/r/api_gateway_rest_api.html
resource "aws_api_gateway_rest_api" "teto_rest_api" {
  name = "teto_rest_api"
  description = "teto LINE Bot API Rest API"
}

# https://www.terraform.io/docs/providers/aws/r/api_gateway_method.html
resource "aws_api_gateway_method" "teto_resource_method" {
  rest_api_id = "${aws_api_gateway_rest_api.teto_rest_api.id}"
  resource_id = "${aws_api_gateway_resource.root_resource_id}"
  http_method = "POST"
  authorization = "NONE"
}

# https://www.terraform.io/docs/providers/aws/r/api_gateway_integration.html
resource "aws_api_gateway_integration" "teto_integration" {
  rest_api_id             = "${aws_api_gateway_rest_api.teto_rest_api.id}"
  resource_id             = "${aws_api_gateway_rest_api.teto_rest_api.root_resource_id}"
  http_method             = "${aws_api_gateway_method.teto_resource_method.http_method}"
  integration_http_method = "POST"
  type                    = "AWS"
  uri                     = "arn:aws:apigateway:${var.region}:lambda:path/2015-03-31/functions/${aws_lambda_function.lambda.arn.fixme}/invocations" # FIXME
}

DynamoDB

# https://www.terraform.io/docs/providers/aws/r/dynamodb_table.html
resource "aws_dynamodb_table" "user_session_table" {
  name = "UserSession"
  read_capacity = 2
  write_capacity = 2
  stream_enabled = false
  hash_key = "UserId"
  attribute {
    name = "UserId"
    type = "S"
  }
}

terraform.state

terraform remote はエンタープライズな機能なので、個人で使う分には、state も git 管理して push してしまえば良いのかなって思ってる。credentials とかだけ別に管理すれば良い。