From 0c9a517ae0190a1eb363589f08c8fe5facbf5fc2 Mon Sep 17 00:00:00 2001
From: Ronaldo Macapobre <rmacapob@gov.bc.ca>
Date: Fri, 15 Nov 2024 20:00:29 +0000
Subject: [PATCH] Added lambda mem size default to 512M

---
 .github/workflows/aws-template-terraform.yml      |  1 +
 .../cloud/environments/dev/variables.tf           |  5 +++++
 infrastructure/cloud/environments/dev/webapp.tf   |  3 ++-
 infrastructure/cloud/modules/Lambda/main.tf       | 11 ++++++-----
 infrastructure/cloud/modules/Lambda/variables.tf  | 15 +++++++++++++--
 5 files changed, 27 insertions(+), 8 deletions(-)

diff --git a/.github/workflows/aws-template-terraform.yml b/.github/workflows/aws-template-terraform.yml
index b63cc51a..02cb0d1b 100644
--- a/.github/workflows/aws-template-terraform.yml
+++ b/.github/workflows/aws-template-terraform.yml
@@ -85,6 +85,7 @@ jobs:
       TF_VAR_environment: ${{ vars.ENVIRONMENT_NAME }}
       TF_VAR_kms_key_name: ${{ vars.KMS_KEY_NAME }}
       TF_VAR_vpc_id: ${{ vars.VPC_ID }}
+      TF_VAR_lambda_memory_size: ${{ var.LAMBDA_MEMORY_SIZE }}
     needs: [check_changes, scan]
     steps:
       - name: Checkout repository
diff --git a/infrastructure/cloud/environments/dev/variables.tf b/infrastructure/cloud/environments/dev/variables.tf
index 5bcaef0d..5acbe981 100644
--- a/infrastructure/cloud/environments/dev/variables.tf
+++ b/infrastructure/cloud/environments/dev/variables.tf
@@ -67,3 +67,8 @@ variable "cert_domain_name" {
   description = "The BCGov provisioned certificate domain name"
   type        = string
 }
+
+variable "lambda_memory_size" {
+  description = "The Lambda Function default Memory Size"
+  type        = number
+}
diff --git a/infrastructure/cloud/environments/dev/webapp.tf b/infrastructure/cloud/environments/dev/webapp.tf
index bd3dab14..efd37bcd 100644
--- a/infrastructure/cloud/environments/dev/webapp.tf
+++ b/infrastructure/cloud/environments/dev/webapp.tf
@@ -130,10 +130,11 @@ module "lambda" {
   apigw_execution_arn = module.apigw.apigw_execution_arn
   lambda_ecr_repo_url = data.aws_ecr_repository.lambda_ecr_repo.repository_url
   mtls_secret_name    = module.secrets_manager.mtls_secret_name
+  lambda_memory_size  = var.lambda_memory_size
   functions = {
     "authorizer" = {
       http_method   = "*"
-      resource_path = "/*"
+      resource_path = ""
       env_variables = {
         VERIFY_SECRET_NAME = module.secrets_manager.api_authorizer_secret.name
       }
diff --git a/infrastructure/cloud/modules/Lambda/main.tf b/infrastructure/cloud/modules/Lambda/main.tf
index 0b15326c..d2c7ec5c 100644
--- a/infrastructure/cloud/modules/Lambda/main.tf
+++ b/infrastructure/cloud/modules/Lambda/main.tf
@@ -22,14 +22,15 @@ locals {
   lambda_functions = {
     for k, v in merge(local.default_functions, var.functions) : k => {
       name                = k
-      memory_size         = lookup(v, "memory_size", 2048)
-      timeout             = lookup(v, "timeout", 30)
+      memory_size         = coalesce(lookup(v, "memory_size", null), var.lambda_memory_size)
+      timeout             = coalesce(lookup(v, "timeout", null), var.lambda_timeout)
       http_method         = v.http_method
       resource_path       = v.resource_path
-      statement_id_prefix = lookup(v, "statement_id_prefix", "AllowAPIGatewayInvoke")
-      principal           = lookup(v, "principal", "apigateway.amazonaws.com")
-      env_variables       = lookup(v, "env_variables", {})
       source_arn          = lookup(v, "source_arn", "${var.apigw_execution_arn}/*/${v.http_method}${v.resource_path}")
+      statement_id_prefix = coalesce(lookup(v, "statement_id_prefix", null), "AllowAPIGatewayInvoke")
+      principal           = coalesce(lookup(v, "principal", null), "apigateway.amazonaws.com")
+      env_variables       = coalesce(lookup(v, "env_variables", null), {})
+      source_arn          = coalesce(lookup(v, "source_arn", null), "${var.apigw_execution_arn}/*/${v.http_method}${v.resource_path}")
     }
   }
 
diff --git a/infrastructure/cloud/modules/Lambda/variables.tf b/infrastructure/cloud/modules/Lambda/variables.tf
index 006dd6a6..1cdfeb74 100644
--- a/infrastructure/cloud/modules/Lambda/variables.tf
+++ b/infrastructure/cloud/modules/Lambda/variables.tf
@@ -19,8 +19,8 @@ variable "functions" {
     http_method         = string
     resource_path       = string
     env_variables       = optional(map(string), {})
-    timeout             = optional(number, 300)
-    memory_size         = optional(number, 2048)
+    timeout             = optional(number, null)
+    memory_size         = optional(number, null)
     statement_id_prefix = optional(string, "AllowAPIGatewayInvoke")
     principal           = optional(string, "apigateway.amazonaws.com")
     source_arn          = optional(string, null)
@@ -42,3 +42,14 @@ variable "mtls_secret_name" {
   description = "The secret name of mTLS Cert in Secrets Manager"
   type        = string
 }
+
+variable "lambda_memory_size" {
+  description = "The Lambda Function default Memory Size"
+  type        = number
+}
+
+variable "lambda_timeout" {
+  description = "The Lambda Fucntion default timeout"
+  type        = number
+  default     = 30
+}