Fixes for Lambda responses CORS (#42)

mdeeks · web-flow · commit 37150bcb4a6b · 2025-04-04T11:46:43.000-07:00
* Add multi-az as an option

* CORS and lifecycle delete after 1 day for lambda

* Fix tf warning
diff --git a/main.tf b/main.tf
@@ -52,6 +52,7 @@ module "database" {
   source                    = "./modules/database"
   deployment_name           = var.deployment_name
   postgres_instance_type    = var.postgres_instance_type
+  multi_az                  = var.postgres_multi_az
   postgres_storage_size     = var.postgres_storage_size
   postgres_max_storage_size = var.postgres_max_storage_size
   postgres_storage_type     = var.postgres_storage_type
diff --git a/modules/database/main.tf b/modules/database/main.tf
@@ -19,6 +19,7 @@ resource "aws_db_instance" "main" {
   storage_type          = var.postgres_storage_type
   storage_throughput    = var.postgres_storage_throughput
   iops                  = var.postgres_storage_iops
+  multi_az              = var.multi_az
 
   db_name  = "postgres"
   username = local.postgres_username
diff --git a/modules/database/variables.tf b/modules/database/variables.tf
@@ -61,3 +61,9 @@ variable "kms_key_arn" {
   type        = string
   default     = null
 }
+
+variable "multi_az" {
+  description = "Specifies if the RDS instance is multi-AZ. Increases cost but provides higher availability. Recommended for production environments."
+  type        = bool
+  default     = false
+}
diff --git a/modules/services/s3.tf b/modules/services/s3.tf
@@ -36,6 +36,34 @@ resource "aws_s3_bucket" "lambda_responses_bucket" {
   tags = local.common_tags
 }
 
+resource "aws_s3_bucket_lifecycle_configuration" "lambda_responses_bucket" {
+  bucket = aws_s3_bucket.lambda_responses_bucket.id
+
+  rule {
+    id     = "ExpireObjectsAfterOneDay"
+    status = "Enabled"
+
+    filter {
+      prefix = ""
+    }
+
+    expiration {
+      days = 1
+    }
+  }
+}
+
+resource "aws_s3_bucket_cors_configuration" "lambda_responses_bucket" {
+  bucket = aws_s3_bucket.lambda_responses_bucket.id
+
+  cors_rule {
+    allowed_headers = ["*"]
+    allowed_methods = ["GET", "HEAD"]
+    allowed_origins = ["*"]
+    max_age_seconds = 3600
+  }
+}
+
 resource "aws_s3_bucket_server_side_encryption_configuration" "lambda_responses_bucket" {
   bucket = aws_s3_bucket.lambda_responses_bucket.id
 
diff --git a/variables.tf b/variables.tf
@@ -158,6 +158,12 @@ variable "postgres_version" {
   default     = "15.7"
 }
 
+variable "postgres_multi_az" {
+  description = "Specifies if the RDS instance is multi-AZ. Increases cost but provides higher availability. Recommended for production environments."
+  type        = bool
+  default     = false
+}
+
 ## Redis
 variable "redis_instance_type" {
   description = "Instance type for the Redis cluster"
