From cc9b99eb0d5ef7e7e21fc5452b40aa29b53f9ab9 Mon Sep 17 00:00:00 2001 From: mhsong Date: Wed, 27 Mar 2024 15:18:54 +0900 Subject: [PATCH 1/3] Add API IaC Codes --- IaC/serverless_api_template/lambda/main.tf | 36 +++++++++++++ IaC/serverless_api_template/lambda/var.tf | 5 ++ IaC/serverless_api_template/var.tf | 25 +++++++++ .../serverless_inference_deploy/IaC/main.tf | 41 ++++++++++++++ recommend/family_recommend/IaC/main.tf | 54 +++++++++++++++++++ 5 files changed, 161 insertions(+) create mode 100644 automation/serverless_inference_deploy/IaC/main.tf create mode 100644 recommend/family_recommend/IaC/main.tf diff --git a/IaC/serverless_api_template/lambda/main.tf b/IaC/serverless_api_template/lambda/main.tf index ab0bfc4b72..adc82b4c8e 100644 --- a/IaC/serverless_api_template/lambda/main.tf +++ b/IaC/serverless_api_template/lambda/main.tf @@ -20,6 +20,42 @@ resource "aws_iam_role_policy_attachment" "lambda_basic_policy" { policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole" } +resource "aws_iam_role_policy_attachment" "cloudwatch_policy" { + count = var.attach_cloudwatch_policy + role = aws_iam_role.lambda-role.name + policy_arn = "arn:aws:iam::aws:policy/service-role/CloudWatchFullAccess" +} + +resource "aws_iam_role_policy_attachment" "cloudwatchlogs_policy" { + count = var.attach_cloudwatch_policy + role = aws_iam_role.lambda-role.name + policy_arn = "arn:aws:iam::aws:policy/service-role/CloudWatchLogsFullAccess" +} + +resource "aws_iam_role_policy_attachment" "ec2_policy" { + count = var.attach_ec2_policy + role = aws_iam_role.lambda-role.name + policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonEC2FullAccess" +} + +resource "aws_iam_role_policy_attachment" "vpc_policy" { + count = var.attach_vpc_policy + role = aws_iam_role.lambda-role.name + policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonVPCFullAccess" +} + +resource "aws_iam_role_policy_attachment" "s3_policy" { + count = var.attach_s3_policy + role = aws_iam_role.lambda-role.name + policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonS3FullAccess" +} + +resource "aws_iam_role_policy_attachment" "lambda_policy" { + count = var.attach_lambda_policy + role = aws_iam_role.lambda-role.name + policy_arn = "arn:aws:iam::aws:policy/service-role/AWSLambda_FullAccess" +} + resource "aws_lambda_function" "lambda" { function_name = "${var.prefix}-aws-lambda" package_type = "Image" diff --git a/IaC/serverless_api_template/lambda/var.tf b/IaC/serverless_api_template/lambda/var.tf index c558a6e8d9..fd908ac417 100644 --- a/IaC/serverless_api_template/lambda/var.tf +++ b/IaC/serverless_api_template/lambda/var.tf @@ -3,3 +3,8 @@ variable "container_registry" {} variable "container_repository" {} variable "container_image_tag" {} variable "ram_mib" {} +variable "attach_cloudwatch_policy" {} +variable "attach_ec2_policy" {} +variable "attach_lambda_policy" {} +variable "attach_s3_policy" {} +variable "attach_vpc_policy" {} \ No newline at end of file diff --git a/IaC/serverless_api_template/var.tf b/IaC/serverless_api_template/var.tf index 8cb20b9fcc..9439311c3e 100644 --- a/IaC/serverless_api_template/var.tf +++ b/IaC/serverless_api_template/var.tf @@ -32,3 +32,28 @@ variable "lambda_ram_size" { type = number default = 2048 } + +variable "attach_ec2_policy" { + type = bool + default = false +} + +variable "attach_s3_policy" { + type = bool + default = false +} + +variable "attach_vpc_policy" { + type = bool + default = false +} + +variable "attach_lambda_policy" { + type = bool + default = false +} + +variable "attach_cloudwatch_policy" { + type = bool + default = false +} \ No newline at end of file diff --git a/automation/serverless_inference_deploy/IaC/main.tf b/automation/serverless_inference_deploy/IaC/main.tf new file mode 100644 index 0000000000..f20b0c60fd --- /dev/null +++ b/automation/serverless_inference_deploy/IaC/main.tf @@ -0,0 +1,41 @@ + +module "serverless_inference_deploy" { + source = "github.com/kookmin-sw/capstone-2024-12//IaC/serverless_api_template" + prefix = "cpu_family_recommend" + container_registry = "694448341573.dkr.ecr.ap-northeast-2.amazonaws.com" + container_repository = "recommend-inference-cpu-family" + container_image_tag = "latest" + lambda_ram_size = 2048 + attach_s3_policy = true + attach_ec2_policy = true + attach_lambda_policy = true + attach_cloudwatch_policy = true +} + +variable "region" { + type = string + default = "ap-northeast-2" +} + +variable "awscli_profile" { + type = string + default = "default" +} + +output "function_url" { + value = module.serverless_inference.function_url +} + +provider "aws" { + region = var.region + profile = var.awscli_profile +} + +terraform { + backend "s3" { + bucket = "sskai-terraform-state" + key = "family_recommend/tf.state" + region = "ap-northeast-2" + encrypt = true + } +} \ No newline at end of file diff --git a/recommend/family_recommend/IaC/main.tf b/recommend/family_recommend/IaC/main.tf new file mode 100644 index 0000000000..f7ba736fc4 --- /dev/null +++ b/recommend/family_recommend/IaC/main.tf @@ -0,0 +1,54 @@ + +module "cpu_family_recommend" { + source = "github.com/kookmin-sw/capstone-2024-12//IaC/serverless_api_template" + prefix = "cpu_family_recommend" + container_registry = "694448341573.dkr.ecr.ap-northeast-2.amazonaws.com" + container_repository = "recommend-inference-cpu-family" + container_image_tag = "latest" + lambda_ram_size = 2048 + attach_s3_policy = true + attach_ec2_policy = true +} + +module "gpu_family_recommend" { + source = "github.com/kookmin-sw/capstone-2024-12//IaC/serverless_api_template" + prefix = "gpu_family_recommend" + container_registry = "694448341573.dkr.ecr.ap-northeast-2.amazonaws.com" + container_repository = "recommend-inference-gpu-family" + container_image_tag = "latest" + lambda_ram_size = 2048 + attach_s3_policy = true + attach_ec2_policy = true +} + +variable "region" { + type = string + default = "ap-northeast-2" +} + +variable "awscli_profile" { + type = string + default = "default" +} + +output "cpu_recommend_function_url" { + value = module.cpu_family_recommend.function_url +} + +output "gpu_recommend_function_url" { + value = module.gpu_family_recommend.function_url +} + +provider "aws" { + region = var.region + profile = var.awscli_profile +} + +terraform { + backend "s3" { + bucket = "sskai-terraform-state" + key = "family_recommend/tf.state" + region = "ap-northeast-2" + encrypt = true + } +} \ No newline at end of file From 9ed9c1ebede072a1f4aa4e1204ec547b21a31a2b Mon Sep 17 00:00:00 2001 From: mhsong Date: Wed, 27 Mar 2024 15:19:52 +0900 Subject: [PATCH 2/3] Change state directory --- automation/serverless_inference_deploy/IaC/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automation/serverless_inference_deploy/IaC/main.tf b/automation/serverless_inference_deploy/IaC/main.tf index f20b0c60fd..4e89bee7d3 100644 --- a/automation/serverless_inference_deploy/IaC/main.tf +++ b/automation/serverless_inference_deploy/IaC/main.tf @@ -34,7 +34,7 @@ provider "aws" { terraform { backend "s3" { bucket = "sskai-terraform-state" - key = "family_recommend/tf.state" + key = "serverless_inference_deploy/tf.state" region = "ap-northeast-2" encrypt = true } From 510036e9493e51e60fca339dd7b4b883dafa88ac Mon Sep 17 00:00:00 2001 From: mhsong Date: Wed, 27 Mar 2024 15:23:15 +0900 Subject: [PATCH 3/3] change prefix / container repository name --- automation/serverless_inference_deploy/IaC/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automation/serverless_inference_deploy/IaC/main.tf b/automation/serverless_inference_deploy/IaC/main.tf index 4e89bee7d3..9d7c298b85 100644 --- a/automation/serverless_inference_deploy/IaC/main.tf +++ b/automation/serverless_inference_deploy/IaC/main.tf @@ -1,9 +1,9 @@ module "serverless_inference_deploy" { source = "github.com/kookmin-sw/capstone-2024-12//IaC/serverless_api_template" - prefix = "cpu_family_recommend" + prefix = "serverless_inference_deploy" container_registry = "694448341573.dkr.ecr.ap-northeast-2.amazonaws.com" - container_repository = "recommend-inference-cpu-family" + container_repository = "serverless-inference-deploy" container_image_tag = "latest" lambda_ram_size = 2048 attach_s3_policy = true