Lambda Integration

# Create log group for Lambda function
module "lambda_logs" {
  source  = "registry.patterneddesigns.ca/essentials/cloudwatch-logs/aws"
  version = "1.3.0"

  log_group_name    = "/aws/lambda/my-processor"
  retention_in_days = 14

  metric_filters = [
    {
      name             = "cold-starts"
      pattern          = "INIT_START"
      metric_name      = "ColdStarts"
      metric_namespace = "Lambda/MyProcessor"
    },
    {
      name             = "timeouts"
      pattern          = "Task timed out"
      metric_name      = "Timeouts"
      metric_namespace = "Lambda/MyProcessor"
    }
  ]
}

# Stream logs to another Lambda for processing
resource "aws_lambda_permission" "cloudwatch" {
  statement_id  = "AllowCloudWatchLogs"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.log_processor.function_name
  principal     = "logs.amazonaws.com"
  source_arn    = "${module.lambda_logs.log_group_arn}:*"
}

resource "aws_cloudwatch_log_subscription_filter" "processor" {
  name            = "log-processor"
  log_group_name  = module.lambda_logs.log_group_name
  filter_pattern  = "ERROR"
  destination_arn = aws_lambda_function.log_processor.arn

  depends_on = [aws_lambda_permission.cloudwatch]
}