{"id":20823318,"url":"https://github.com/gorros/python-lambda-terraform-template","last_synced_at":"2026-04-12T01:42:31.097Z","repository":{"id":197540853,"uuid":"310788900","full_name":"gorros/python-lambda-terraform-template","owner":"gorros","description":"A template project to organize CI/CD  for AWS Lambdas written in Python (and any other AWS infrastructure) using Terraform and Github Actions.","archived":false,"fork":false,"pushed_at":"2020-12-10T19:35:18.000Z","size":7,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-12T06:42:32.229Z","etag":null,"topics":["aws-lambda","ci-cd","github-actions","python","terraform"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gorros.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2020-11-07T07:11:56.000Z","updated_at":"2020-12-10T19:35:20.000Z","dependencies_parsed_at":null,"dependency_job_id":"5cc1043c-fdf3-4607-843c-fd65c0c6defe","html_url":"https://github.com/gorros/python-lambda-terraform-template","commit_stats":null,"previous_names":["gorros/python-lambda-terraform-template"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/gorros/python-lambda-terraform-template","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gorros%2Fpython-lambda-terraform-template","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gorros%2Fpython-lambda-terraform-template/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gorros%2Fpython-lambda-terraform-template/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gorros%2Fpython-lambda-terraform-template/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gorros","download_url":"https://codeload.github.com/gorros/python-lambda-terraform-template/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gorros%2Fpython-lambda-terraform-template/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28071778,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-27T02:00:05.897Z","response_time":58,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws-lambda","ci-cd","github-actions","python","terraform"],"created_at":"2024-11-17T22:18:04.699Z","updated_at":"2025-12-27T04:08:51.714Z","avatar_url":"https://github.com/gorros.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# python-lambda-terraform-template\n\n## Terraform\nWe rely on Terraform workspaces to create separate environments. This requires corrsponding naming convention for resources. Your resource names should have following prefix `${var.project_name}-${terraform.workspace}-`. For example:\n```\nresource \"aws_lambda_layer_version\" \"lambda_layer\" {\n  layer_name = \"${var.project_name}-${terraform.workspace}-lambda-layer\"\n\n  filename         = data.archive_file.lambda_layer_archive.output_path\n  source_code_hash = data.archive_file.lambda_layer_archive.output_base64sha256\n\n  compatible_runtimes = [\"python3.7\", \"python3.8\"]\n}\n```\n\nGenerally, I suggest to use [Kebab case](https://medium.com/better-programming/string-case-styles-camel-pascal-snake-and-kebab-case-981407998841) since it is easier to distiguish project resources from resources (especially policies and roles) created by AWS which is using Pascal case.\n\n#### Initialize\n```shell script\n$ cd terraform/\n$ terraform init -backend-config=backend.tfvars\n```\n\n#### Workspace\n```shell script\n$ terraform workspace list\n```\n\nIf workspaces exist, such as `dev`, `stage` or `prod`\n```shell script\n$ terraform workspace select YOUR_ENV\n```\n\nIf there is only `default` one, create a new one\n```shell script\n$ terraform workspace new YOUR_ENV\n```\n\nFinally, plan and deploy\n```shell script\n$ terraform plan -var-file=prod.tfvars\n$ terraform apply -var-file=prod.tfvars\n```\n\n## CI/CD\n\nWe use [Github Actions](https://github.com/features/actions) to run CI/CD workflows. \nTo test and deploy Lambdas together with the rest of the infrastructure we need just one workflow with two jobs:\n- Test lambdas and make sure that not only all tests are passing but also appropriate test coverage is achieved  \n- Plan and apply changes to the infrastructure with Terraform. The main idea is to only run `terraform plan` and present\n future changes if it is a PR and run `terraform apply` only when that PR is approved and merged to `stage` or `master` (`main`) branch.\n\n#### Git\nFor this setup to work, you should have a corresponding branch for each environment. For example:\n- master -\u003e prod\n- staging -\u003e stage\n- dev -\u003e dev\nHere we assume that you have `prod`  and `stage` environments. But similar to those you can also add `dev`. \nThe main idea is to map each environment\n  to corresponding Terraform workspace described above. \n\n#### Github Actions Runner\nOur CI/CD process assumes that you are using `self-hosted` runner on an EC2. This approach has several benefits in \ncomparison to Github-hosted runners. First, this was you are not limited to credits that Github provides and\n usually a `t3.micro` instance should be enough and want cost much or will be free since it is eligible for free tier.\n Second, this approach is more secure. You do not need to save access secrets or other sensitive information in Github\n Secrets. You only need to attach a corresponding role to an EC2 instance which should allow it to assume a more powerful role.\n Self-hosted runner are easy to setup. Just follow these guidelines:\n- https://docs.github.com/en/actions/hosting-your-own-runners/adding-self-hosted-runners\n- https://docs.github.com/en/actions/hosting-your-own-runners/configuring-the-self-hosted-runner-application-as-a-service\n\n## Lambda\n\nLambda module has following structure\n```\nlambda\n|-- src\n|   `-- lambda.py\n|-- tests\n|   `-- test_lambda.py\n|-- .gitignore\n`-- requirements.txt\n\n```\n\n`lambda.py` and `test_lambda.py` are placeholders for actual lambdas and their tests.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgorros%2Fpython-lambda-terraform-template","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgorros%2Fpython-lambda-terraform-template","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgorros%2Fpython-lambda-terraform-template/lists"}