I need to download a lambda archive file from an URL before actual lambda resource is created and this file needs to be deleted when I run terraform destroy. Basically a local file resource created from a remote URL. I have it currently done using a null_resource
and local-exec
provisioner like below. But this doesn't delete the file when i run terraform destroy. Is there a better way?
resource "null_resource" "lambda_jar" {
triggers = {
on_version_change = "${var.lambda_archive_version}"
}
provisioner "local-exec" {
command = "curl -o lambda.jar ${var.server_url}/${var.lambda_archive_version}.jar"
}
}
Interesting use case... I haven't tried this myself, but I'm pretty sure one of the two options below will allow you to accomplish this.
when = destroy
:resource "null_resource" "lambda_jar" {
triggers = {
on_version_change = "${var.lambda_archive_version}"
}
provisioner "local-exec" {
command = "curl -o lambda.jar ${var.server_url}/${var.lambda_archive_version}.jar"
}
provisioner "local-exec" {
when = destroy
command = "$YOUR_CURL_DELETE_COMMAND"
}
}
You can download a file from a URL using the http data source
My use case is similar to yours:
All these operations happen on terraform apply
and rolled-back on terraform destroy
data "http" "aws-lb-controller-policy" {
url = "https://raw.githubusercontent.com/kubernetes-sigs/aws-load-balancer-controller/v2.4.0/docs/install/iam_policy.json"
request_headers = {
Accept = "application/json"
}
}
resource "aws_iam_policy" "load-balancer-controller" {
name = "AWSLoadBalancerControllerIAMPolicy"
policy = tostring(data.http.aws-lb-controller-policy.body)
description = "Load Balancer Controller add-on for EKS"
}
resource "aws_iam_role_policy_attachment" "inline-AWSLoadBalancerControllerIAMPolicy" {
role = aws_iam_role.dev-oidc-role.name
policy_arn = aws_iam_policy.load-balancer-controller.arn
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With