fix(s3-bucket-protection): update the existing bucket demo to use upd…

…ated lambda/falconpy layer (#254)
CrowdStrike · Oct 9, 2023 · d787c7f · d787c7f
1 parent bac73bc
commit d787c7f
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 6 deletions.
diff --git a/s3-bucket-protection/existing.sh b/s3-bucket-protection/existing.sh
@@ -36,8 +36,9 @@ then
 	read -sp "CrowdStrike API Client SECRET: " FSECRET
     echo
     read -p "Bucket name: " BUCKET_NAME
-    rm lambda/falconpy-layer.zip >/dev/null 2>&1
-    curl -o lambda/falconpy-layer.zip https://falconpy.io/downloads/falconpy-layer.zip
+    # This demo will be using a custom version of the falconpy layer for now. - jshcodes@CrowdStrike 05.04.2023 #230
+    #rm lambda/falconpy-layer.zip >/dev/null 2>&1
+    #curl -o lambda/falconpy-layer.zip https://falconpy.io/downloads/falconpy-layer.zip
     if ! [ -f existing/.terraform.lock.hcl ]; then
         terraform -chdir=existing init
     fi

diff --git a/s3-bucket-protection/existing/lambda-function.tf b/s3-bucket-protection/existing/lambda-function.tf
@@ -15,17 +15,27 @@ data "archive_file" "lambda_archive" {
   type        = "zip"
   output_path = "${path.cwd}/lambda/${var.lambda_function_filename}"
   source_dir  = "${data.null_data_source.wait_for_archive_delay.outputs["source_dir"]}"
-  excludes = [ 
+  excludes = [
     var.falconpy_layer_filename,
     "quickscan-bucket.zip",
     var.lambda_function_filename
     ]
 }
+variable "python_tools_layer_name" {
+    type = string
+    default = "AWSLambdaPowertoolsPythonV2"
+}
+data "aws_lambda_layer_version" "pythontools" {
+    layer_name = "arn:aws:lambda:${var.region}:017000801446:layer:${var.python_tools_layer_name}"
+    version = 30
+}
+
 resource "aws_lambda_layer_version" "falconpy" {
   filename      = "${path.cwd}/lambda/${var.falconpy_layer_filename}"
   layer_name    = var.falconpy_layer_name
-  compatible_runtimes = ["python3.7", "python3.8"]
+  compatible_runtimes = ["python3.10"]
 }
+
 resource "aws_lambda_permission" "allow_bucket" {
   statement_id  = "AllowExecutionFromS3Bucket"
   action        = "lambda:InvokeFunction"
@@ -40,8 +50,8 @@ resource "aws_lambda_function" "func" {
   description   = var.lambda_description
   role          = aws_iam_role.iam_for_lambda.arn
   handler       = "lambda_function.lambda_handler"
-  layers        = [aws_lambda_layer_version.falconpy.arn]
-  runtime       = "python3.8"
+  layers        = [data.aws_lambda_layer_version.pythontools.arn, aws_lambda_layer_version.falconpy.arn]
+  runtime       = "python3.10"
   timeout       = 30
   depends_on = [data.archive_file.lambda_archive]
   environment {