resource "aws_cloudwatch_event_rule" "ec2-instance-termination" {
  name = "capture-ec2-spot-instance-termination"
  description = "Capture EC2 Spot Instance Interruption Warning"

  event_pattern = <<PATTERN
{
  "source": [
    "aws.ec2"
  ],
  "detail-type": [
    "EC2 Spot Instance Interruption Warning"
  ]
}
PATTERN
}

resource "aws_cloudwatch_event_target" "trigger-ec2-spot-ecs-drainer-lambda" {
  rule = "${aws_cloudwatch_event_rule.ec2-instance-termination.name}"
  arn = "${replace-with-my-lambda.arn}"
  target_id = "ec2-spot-ecs-drainer"
}

resource "aws_lambda_permission" "lambda-permission" {
  statement_id = "AllowExecutionFromCloudWatch"
  action = "lambda:InvokeFunction"
  function_name = "ec2-spot-ecs-drainer"
  principal = "events.amazonaws.com"
  source_arn = "${aws_cloudwatch_event_rule.ec2-instance-termination.arn}"
}

resource "aws_iam_role_policy" "lambda-ec2-spot-ecs-drainer_role-policy" {
    name = "lambda-ec2-spot-ecs-drainer_role-policy"
    role = "${replace-with-my-lambda-role.id}"
    policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:Describe*",
        "ecs:DescribeContainerInstances",
        "ecs:ListContainerInstances",
        "ecs:ListTasks",
        "ecs:DescribeTasks",
        "ecs:UpdateContainerInstancesState",
        "cloudwatch:DescribeAlarms"
      ],
      "Resource": "*"
    }
  ]
}
EOF
}