https://github.com/binbashar/terraform-aws-notifications

Terraform module which creates SNS topic and Lambda function which sends notifications
https://github.com/binbashar/terraform-aws-notifications
Last synced: 3 months ago
JSON representation
Terraform module which creates SNS topic and Lambda function which sends notifications
Host: GitHub
URL: https://github.com/binbashar/terraform-aws-notifications
Owner: binbashar
Created: 2024-05-22T19:36:33.000Z (about 2 years ago)
Default Branch: master
Last Pushed: 2024-06-10T18:26:35.000Z (about 2 years ago)
Last Synced: 2025-12-17T06:12:41.851Z (6 months ago)
Language: Python
Size: 41 KB
Stars: 0
Watchers: 10
Forks: 0
Open Issues: 1
Metadata Files:
- Readme: README.md
Awesome Lists containing this project

README

          

    






# AWS Notifications Terraform module

This module creates an SNS topic (or uses an existing one) and an AWS Lambda function that sends notifications to Slack (using the [incoming webhooks API](https://api.slack.com/incoming-webhooks)) or Google Chat (using [webhooks](https://developers.google.com/workspace/chat/quickstart/webhooks)).

## Usage

### Slack

Start by setting up an [incoming webhook integration](https://my.slack.com/services/new/incoming-webhook/) in your Slack workspace.

```hcl

module "notify_slack" {

  source  = "github.com/binbashar/terraform-aws-notifications?ref=v1.0.0"

  version = "~> 5.0"

  sns_topic_name = "slack-topic"

  slack_webhook_url = "https://hooks.slack.com/services/AAA/BBB/CCC"

  slack_channel     = "aws-notification"

  slack_username    = "reporter"

}

```

### Google

Start by setting up an [incoming webhook integration](https://developers.google.com/workspace/chat/quickstart/webhooks#create_a_webhook) in your Google Space.

```hcl

module "notify_google" {

  source = "github.com/binbashar/terraform-aws-notifications?ref=v1.0.0"

  create           = true

  create_sns_topic = true

  chatops_app        = "google"

  google_webhook_url = "https://chat.googleapis.com/v1/spaces/AAAA/messages?key=BBBB"

  lambda_function_name = local.name

  lambda_description   = "Lambda function which sends notifications to Google"

  log_events           = true

  sns_topic_name       = local.name

}

```

## Requirements

| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 1.0 |

|  [aws](#requirement\_aws) | >= 4.8 |

## Providers

| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | >= 4.8 |

## Modules

| Name | Source | Version |

|------|--------|---------|

|  [lambda](#module\_lambda) | terraform-aws-modules/lambda/aws | 3.2.0 |

## Resources

| Name | Type |

|------|------|

| [aws_cloudwatch_log_group.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudwatch_log_group) | resource |

| [aws_iam_role.sns_feedback_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |

| [aws_sns_topic.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic) | resource |

| [aws_sns_topic_subscription.sns_notifications](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sns_topic_subscription) | resource |

| [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |

| [aws_iam_policy_document.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |

| [aws_iam_policy_document.sns_feedback](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |

| [aws_partition.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition) | data source |

| [aws_region.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/region) | data source |

## Inputs

| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [architectures](#input\_architectures) | Instruction set architecture for your Lambda function. Valid values are ["x86\_64"] and ["arm64"]. | `list(string)` | `null` | no |

|  [chatops\_app](#input\_chatops\_app) | Chatops app - google, slack | `string` | `"slack"` | no |

|  [cloudwatch\_log\_group\_kms\_key\_id](#input\_cloudwatch\_log\_group\_kms\_key\_id) | The ARN of the KMS Key to use when encrypting log data for Lambda | `string` | `null` | no |

|  [cloudwatch\_log\_group\_retention\_in\_days](#input\_cloudwatch\_log\_group\_retention\_in\_days) | Specifies the number of days you want to retain log events in log group for Lambda. | `number` | `0` | no |

|  [cloudwatch\_log\_group\_tags](#input\_cloudwatch\_log\_group\_tags) | Additional tags for the Cloudwatch log group | `map(string)` | `{}` | no |

|  [create](#input\_create) | Whether to create all resources | `bool` | `true` | no |

|  [create\_sns\_topic](#input\_create\_sns\_topic) | Whether to create new SNS topic | `bool` | `true` | no |

|  [enable\_sns\_topic\_delivery\_status\_logs](#input\_enable\_sns\_topic\_delivery\_status\_logs) | Whether to enable SNS topic delivery status logs | `bool` | `false` | no |

|  [google\_webhook\_url](#input\_google\_webhook\_url) | The URL of Google webhook | `string` | `""` | no |

|  [hash\_extra](#input\_hash\_extra) | The string to add into hashing function. Useful when building same source path for different functions. | `string` | `""` | no |

|  [iam\_policy\_path](#input\_iam\_policy\_path) | Path of policies to that should be added to IAM role for Lambda Function | `string` | `null` | no |

|  [iam\_role\_boundary\_policy\_arn](#input\_iam\_role\_boundary\_policy\_arn) | The ARN of the policy that is used to set the permissions boundary for the role | `string` | `null` | no |

|  [iam\_role\_name\_prefix](#input\_iam\_role\_name\_prefix) | A unique role name beginning with the specified prefix | `string` | `"lambda"` | no |

|  [iam\_role\_path](#input\_iam\_role\_path) | Path of IAM role to use for Lambda Function | `string` | `null` | no |

|  [iam\_role\_tags](#input\_iam\_role\_tags) | Additional tags for the IAM role | `map(string)` | `{}` | no |

|  [kms\_key\_arn](#input\_kms\_key\_arn) | ARN of the KMS key used for decrypting slack webhook url | `string` | `""` | no |

|  [lambda\_attach\_dead\_letter\_policy](#input\_lambda\_attach\_dead\_letter\_policy) | Controls whether SNS/SQS dead letter notification policy should be added to IAM role for Lambda Function | `bool` | `false` | no |

|  [lambda\_dead\_letter\_target\_arn](#input\_lambda\_dead\_letter\_target\_arn) | The ARN of an SNS topic or SQS queue to notify when an invocation fails. | `string` | `null` | no |

|  [lambda\_description](#input\_lambda\_description) | The description of the Lambda function | `string` | `null` | no |

|  [lambda\_function\_ephemeral\_storage\_size](#input\_lambda\_function\_ephemeral\_storage\_size) | Amount of ephemeral storage (/tmp) in MB your Lambda Function can use at runtime. Valid value between 512 MB to 10,240 MB (10 GB). | `number` | `512` | no |

|  [lambda\_function\_name](#input\_lambda\_function\_name) | The name of the Lambda function to create | `string` | `"notify_slack"` | no |

|  [lambda\_function\_s3\_bucket](#input\_lambda\_function\_s3\_bucket) | S3 bucket to store artifacts | `string` | `null` | no |

|  [lambda\_function\_store\_on\_s3](#input\_lambda\_function\_store\_on\_s3) | Whether to store produced artifacts on S3 or locally. | `bool` | `false` | no |

|  [lambda\_function\_tags](#input\_lambda\_function\_tags) | Additional tags for the Lambda function | `map(string)` | `{}` | no |

|  [lambda\_function\_vpc\_security\_group\_ids](#input\_lambda\_function\_vpc\_security\_group\_ids) | List of security group ids when Lambda Function should run in the VPC. | `list(string)` | `null` | no |

|  [lambda\_function\_vpc\_subnet\_ids](#input\_lambda\_function\_vpc\_subnet\_ids) | List of subnet ids when Lambda Function should run in the VPC. Usually private or intra subnets. | `list(string)` | `null` | no |

|  [lambda\_role](#input\_lambda\_role) | IAM role attached to the Lambda Function.  If this is set then a role will not be created for you. | `string` | `""` | no |

|  [lambda\_source\_path](#input\_lambda\_source\_path) | The source path of the custom Lambda function | `string` | `null` | no |

|  [log\_events](#input\_log\_events) | Boolean flag to enabled/disable logging of incoming events | `bool` | `false` | no |

|  [recreate\_missing\_package](#input\_recreate\_missing\_package) | Whether to recreate missing Lambda package if it is missing locally or not | `bool` | `true` | no |

|  [reserved\_concurrent\_executions](#input\_reserved\_concurrent\_executions) | The amount of reserved concurrent executions for this lambda function. A value of 0 disables lambda from being triggered and -1 removes any concurrency limitations | `number` | `-1` | no |

|  [slack\_channel](#input\_slack\_channel) | The name of the channel in Slack for notifications | `string` | `""` | no |

|  [slack\_emoji](#input\_slack\_emoji) | A custom emoji that will appear on Slack messages | `string` | `":aws:"` | no |

|  [slack\_username](#input\_slack\_username) | The username that will appear on Slack messages | `string` | `""` | no |

|  [slack\_webhook\_url](#input\_slack\_webhook\_url) | The URL of Slack webhook | `string` | `""` | no |

|  [sns\_topic\_feedback\_role\_description](#input\_sns\_topic\_feedback\_role\_description) | Description of IAM role to use for SNS topic delivery status logging | `string` | `null` | no |

|  [sns\_topic\_feedback\_role\_force\_detach\_policies](#input\_sns\_topic\_feedback\_role\_force\_detach\_policies) | Specifies to force detaching any policies the IAM role has before destroying it. | `bool` | `true` | no |

|  [sns\_topic\_feedback\_role\_name](#input\_sns\_topic\_feedback\_role\_name) | Name of the IAM role to use for SNS topic delivery status logging | `string` | `null` | no |

|  [sns\_topic\_feedback\_role\_path](#input\_sns\_topic\_feedback\_role\_path) | Path of IAM role to use for SNS topic delivery status logging | `string` | `null` | no |

|  [sns\_topic\_feedback\_role\_permissions\_boundary](#input\_sns\_topic\_feedback\_role\_permissions\_boundary) | The ARN of the policy that is used to set the permissions boundary for the IAM role used by SNS topic delivery status logging | `string` | `null` | no |

|  [sns\_topic\_feedback\_role\_tags](#input\_sns\_topic\_feedback\_role\_tags) | A map of tags to assign to IAM the SNS topic feedback role | `map(string)` | `{}` | no |

|  [sns\_topic\_kms\_key\_id](#input\_sns\_topic\_kms\_key\_id) | ARN of the KMS key used for enabling SSE on the topic | `string` | `""` | no |

|  [sns\_topic\_lambda\_feedback\_role\_arn](#input\_sns\_topic\_lambda\_feedback\_role\_arn) | IAM role for SNS topic delivery status logs.  If this is set then a role will not be created for you. | `string` | `""` | no |

|  [sns\_topic\_lambda\_feedback\_sample\_rate](#input\_sns\_topic\_lambda\_feedback\_sample\_rate) | The percentage of successful deliveries to log | `number` | `100` | no |

|  [sns\_topic\_name](#input\_sns\_topic\_name) | The name of the SNS topic to create | `string` | n/a | yes |

|  [sns\_topic\_tags](#input\_sns\_topic\_tags) | Additional tags for the SNS topic | `map(string)` | `{}` | no |

|  [subscription\_filter\_policy](#input\_subscription\_filter\_policy) | (Optional) A valid filter policy that will be used in the subscription to filter messages seen by the target resource. | `string` | `null` | no |

|  [subscription\_filter\_policy\_scope](#input\_subscription\_filter\_policy\_scope) | (Optional) A valid filter policy scope MessageAttributes\|MessageBody | `string` | `null` | no |

|  [tags](#input\_tags) | A map of tags to add to all resources | `map(string)` | `{}` | no |

## Outputs

| Name | Description |

|------|-------------|

|  [lambda\_cloudwatch\_log\_group\_arn](#output\_lambda\_cloudwatch\_log\_group\_arn) | The Amazon Resource Name (ARN) specifying the log group |

|  [lambda\_iam\_role\_arn](#output\_lambda\_iam\_role\_arn) | The ARN of the IAM role used by Lambda function |

|  [lambda\_iam\_role\_name](#output\_lambda\_iam\_role\_name) | The name of the IAM role used by Lambda function |

|  [notification\_lambda\_function\_arn](#output\_notification\_lambda\_function\_arn) | The ARN of the Lambda function |

|  [notification\_lambda\_function\_invoke\_arn](#output\_notification\_lambda\_function\_invoke\_arn) | The ARN to be used for invoking Lambda function from API Gateway |

|  [notification\_lambda\_function\_last\_modified](#output\_notification\_lambda\_function\_last\_modified) | The date Lambda function was last modified |

|  [notification\_lambda\_function\_name](#output\_notification\_lambda\_function\_name) | The name of the Lambda function |

|  [notification\_lambda\_function\_version](#output\_notification\_lambda\_function\_version) | Latest published version of your Lambda function |

|  [notification\_topic\_arn](#output\_notification\_topic\_arn) | The ARN of the SNS topic from which messages will be sent to Slack |

|  [sns\_topic\_feedback\_role\_arn](#output\_sns\_topic\_feedback\_role\_arn) | The Amazon Resource Name (ARN) of the IAM role used for SNS delivery status logging |
ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

https://github.com/binbashar/terraform-aws-notifications

Awesome Lists containing this project

README
