From 3873c106def29fda492384ed984cc407d0f01153 Mon Sep 17 00:00:00 2001
From: Andrei Krasnitski <a.krasnitski@outlook.com>
Date: Sat, 2 Oct 2021 21:19:39 +0200
Subject: [PATCH] feat: Add support for AWS Graviton2 powered functions (#206)

---
 README.md                  |  6 ++++--
 examples/async/README.md   |  4 ++--
 examples/async/main.tf     |  1 +
 examples/async/versions.tf |  2 +-
 examples/complete/main.tf  |  8 +++++---
 main.tf                    |  4 +++-
 variables.tf               | 14 +++++++++++++-
 versions.tf                |  2 +-
 8 files changed, 30 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index 6038fb16..93e2ad5f 100644
--- a/README.md
+++ b/README.md
@@ -590,7 +590,7 @@ Q4: What does this error mean - `"We currently do not support adding policies fo
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.12.31 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.43 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.61 |
 | <a name="requirement_external"></a> [external](#requirement\_external) | >= 1 |
 | <a name="requirement_local"></a> [local](#requirement\_local) | >= 1 |
 | <a name="requirement_null"></a> [null](#requirement\_null) | >= 2 |
@@ -599,7 +599,7 @@ Q4: What does this error mean - `"We currently do not support adding policies fo
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.43 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.61 |
 | <a name="provider_external"></a> [external](#provider\_external) | >= 1 |
 | <a name="provider_local"></a> [local](#provider\_local) | >= 1 |
 | <a name="provider_null"></a> [null](#provider\_null) | >= 2 |
@@ -659,6 +659,7 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_allowed_triggers"></a> [allowed\_triggers](#input\_allowed\_triggers) | Map of allowed triggers to create Lambda permissions | `map(any)` | `{}` | no |
+| <a name="input_architectures"></a> [architectures](#input\_architectures) | Instruction set architecture for your Lambda function. Valid values are ["x86\_64"] and ["arm64"]. | `list(string)` | `null` | no |
 | <a name="input_artifacts_dir"></a> [artifacts\_dir](#input\_artifacts\_dir) | Directory name where artifacts should be stored | `string` | `"builds"` | no |
 | <a name="input_assume_role_policy_statements"></a> [assume\_role\_policy\_statements](#input\_assume\_role\_policy\_statements) | Map of dynamic policy statements for assuming Lambda Function role (trust relationship) | `any` | `{}` | no |
 | <a name="input_attach_async_event_policy"></a> [attach\_async\_event\_policy](#input\_attach\_async\_event\_policy) | Controls whether async event policy should be added to IAM role for Lambda Function | `bool` | `false` | no |
@@ -675,6 +676,7 @@ No modules.
 | <a name="input_cloudwatch_logs_kms_key_id"></a> [cloudwatch\_logs\_kms\_key\_id](#input\_cloudwatch\_logs\_kms\_key\_id) | The ARN of the KMS Key to use when encrypting log data. | `string` | `null` | no |
 | <a name="input_cloudwatch_logs_retention_in_days"></a> [cloudwatch\_logs\_retention\_in\_days](#input\_cloudwatch\_logs\_retention\_in\_days) | Specifies the number of days you want to retain log events in the specified log group. Possible values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, 1827, and 3653. | `number` | `null` | no |
 | <a name="input_cloudwatch_logs_tags"></a> [cloudwatch\_logs\_tags](#input\_cloudwatch\_logs\_tags) | A map of tags to assign to the resource. | `map(string)` | `{}` | no |
+| <a name="input_compatible_architectures"></a> [compatible\_architectures](#input\_compatible\_architectures) | A list of Architectures Lambda layer is compatible with. Currently x86\_64 and arm64 can be specified. | `list(string)` | `null` | no |
 | <a name="input_compatible_runtimes"></a> [compatible\_runtimes](#input\_compatible\_runtimes) | A list of Runtimes this layer is compatible with. Up to 5 runtimes can be specified. | `list(string)` | `[]` | no |
 | <a name="input_create"></a> [create](#input\_create) | Controls whether resources should be created | `bool` | `true` | no |
 | <a name="input_create_async_event_config"></a> [create\_async\_event\_config](#input\_create\_async\_event\_config) | Controls whether async event configuration for Lambda Function/Alias should be created | `bool` | `false` | no |
diff --git a/examples/async/README.md b/examples/async/README.md
index 4ecdfd7a..4f1a9a65 100644
--- a/examples/async/README.md
+++ b/examples/async/README.md
@@ -20,14 +20,14 @@ Note that this example may create resources which cost money. Run `terraform des
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.12.31 |
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.19 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.61 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.19 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.61 |
 | <a name="provider_random"></a> [random](#provider\_random) | >= 2 |
 
 ## Modules
diff --git a/examples/async/main.tf b/examples/async/main.tf
index b91e06b6..c2755359 100644
--- a/examples/async/main.tf
+++ b/examples/async/main.tf
@@ -19,6 +19,7 @@ module "lambda_function" {
   function_name = "${random_pet.this.id}-lambda-async"
   handler       = "index.lambda_handler"
   runtime       = "python3.8"
+  architectures = ["arm64"]
 
   source_path = "${path.module}/../fixtures/python3.8-app1"
 
diff --git a/examples/async/versions.tf b/examples/async/versions.tf
index d19ea6ad..deca917d 100644
--- a/examples/async/versions.tf
+++ b/examples/async/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_version = ">= 0.12.31"
 
   required_providers {
-    aws    = ">= 3.19"
+    aws    = ">= 3.61"
     random = ">= 2"
   }
 }
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index 34deb8b4..dc45da57 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -21,6 +21,7 @@ module "lambda_function" {
   description   = "My awesome lambda function"
   handler       = "index.lambda_handler"
   runtime       = "python3.8"
+  architectures = ["x86_64"]
   publish       = true
 
   source_path = "${path.module}/../fixtures/python3.8-app1"
@@ -183,9 +184,10 @@ module "lambda_layer_local" {
 
   create_layer = true
 
-  layer_name          = "${random_pet.this.id}-layer-local"
-  description         = "My amazing lambda layer (deployed from local)"
-  compatible_runtimes = ["python3.8"]
+  layer_name               = "${random_pet.this.id}-layer-local"
+  description              = "My amazing lambda layer (deployed from local)"
+  compatible_runtimes      = ["python3.8"]
+  compatible_architectures = ["arm64"]
 
   source_path = "${path.module}/../fixtures/python3.8-app1"
 }
diff --git a/main.tf b/main.tf
index 7c4a10be..047900c2 100644
--- a/main.tf
+++ b/main.tf
@@ -32,6 +32,7 @@ resource "aws_lambda_function" "this" {
   kms_key_arn                    = var.kms_key_arn
   image_uri                      = var.image_uri
   package_type                   = var.package_type
+  architectures                  = var.architectures
 
   filename         = local.filename
   source_code_hash = var.ignore_source_code_hash ? null : (local.filename == null ? false : fileexists(local.filename)) && !local.was_missing ? filebase64sha256(local.filename) : null
@@ -102,7 +103,8 @@ resource "aws_lambda_layer_version" "this" {
   description  = var.description
   license_info = var.license_info
 
-  compatible_runtimes = length(var.compatible_runtimes) > 0 ? var.compatible_runtimes : [var.runtime]
+  compatible_runtimes      = length(var.compatible_runtimes) > 0 ? var.compatible_runtimes : [var.runtime]
+  compatible_architectures = var.compatible_architectures
 
   filename         = local.filename
   source_code_hash = var.ignore_source_code_hash ? null : (local.filename == null ? false : fileexists(local.filename)) && !local.was_missing ? filebase64sha256(local.filename) : null
diff --git a/variables.tf b/variables.tf
index 96e44a5a..4c5b8c61 100644
--- a/variables.tf
+++ b/variables.tf
@@ -79,6 +79,12 @@ variable "layers" {
   default     = null
 }
 
+variable "architectures" {
+  description = "Instruction set architecture for your Lambda function. Valid values are [\"x86_64\"] and [\"arm64\"]."
+  type        = list(string)
+  default     = null
+}
+
 variable "kms_key_arn" {
   description = "The ARN of KMS key to use by your Lambda Function"
   type        = string
@@ -203,6 +209,12 @@ variable "compatible_runtimes" {
   default     = []
 }
 
+variable "compatible_architectures" {
+  description = "A list of Architectures Lambda layer is compatible with. Currently x86_64 and arm64 can be specified."
+  type        = list(string)
+  default     = null
+}
+
 ############################
 # Lambda Async Event Config
 ############################
@@ -605,4 +617,4 @@ variable "recreate_missing_package" {
   description = "Whether to recreate missing Lambda package if it is missing locally or not"
   type        = bool
   default     = true
-}
\ No newline at end of file
+}
diff --git a/versions.tf b/versions.tf
index 2dddf02a..26f42e20 100644
--- a/versions.tf
+++ b/versions.tf
@@ -2,7 +2,7 @@ terraform {
   required_version = ">= 0.12.31"
 
   required_providers {
-    aws      = ">= 3.43"
+    aws      = ">= 3.61"
     external = ">= 1"
     local    = ">= 1"
     null     = ">= 2"