cattle-ops
diff --git a/‎README.md
+5-7 b/‎README.md
+5-7
diff --git a/‎main.tf
+8-9 b/‎main.tf
+8-9
diff --git a/‎modules/terminate-instances/.tflint.hcl
+5 b/‎modules/terminate-instances/.tflint.hcl
+5
diff --git a/‎modules/terminate-workers/README.md ‎modules/terminate-instances/README.md
+17-44 b/‎modules/terminate-workers/README.md ‎modules/terminate-instances/README.md
+17-44
diff --git a/‎modules/terminate-workers/cloudwatch.tf ‎modules/terminate-instances/cloudwatch.tf
+6-12 b/‎modules/terminate-workers/cloudwatch.tf ‎modules/terminate-instances/cloudwatch.tf
+6-12
@@ -216,20 +216,20 @@ module "runner" {
 
 ### Auto Scaling Group Instance Termination
 
-When the instance in the Auto Scaling Group is terminated, worker instances that were spawned may be left behind unattached to an active runner.
+When the runner in the Auto Scaling Group is terminated, runner instances that were spawned may be left behind unattached to an active runner.
 
 This module provides an instance termination [lifecycle hook](https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html)
-that executes a provided Lambda function to terminate worker instances that were spawned.
+that executes a provided Lambda function to terminate instances that were spawned.
 
-There is a caveat to this scenario in that a worker instance can potentially be running a job
+There is a caveat to this scenario in that a instance can potentially be running a job
 while it receives the termination signal.
 
 The use of the termination lifecycle can be toggled using the [`asg_termination_lifecycle_hook_create`](#input_asg_terminate_lifecycle_hook_create) variable.
 
 When using this feature, a `builds/` directory relative to the root module will
 persist that contains the packaged Lambda function.
 
-Refer to the [terminate-workers module](https://github.com/npalm/terraform-aws-gitlab-runner/tree/develop/modules/terminate-workers) for more information.
+Refer to the [terminate-instances module](https://github.com/npalm/terraform-aws-gitlab-runner/tree/develop/modules/terminate-instances) for more information.
 
 ## Examples
 
@@ -281,7 +281,7 @@ terraform destroy
 | Name | Source | Version |
 |------|--------|---------|
 | <a name="module_cache"></a> [cache](#module\_cache) | ./modules/cache | n/a |
-| <a name="module_terminate_workers_lifecycle_function"></a> [terminate\_workers\_lifecycle\_function](#module\_terminate\_workers\_lifecycle\_function) | ./modules/terminate-workers | n/a |
+| <a name="module_terminate_instances_lifecycle_function"></a> [terminate\_instances\_lifecycle\_function](#module\_terminate\_instances\_lifecycle\_function) | ./modules/terminate-instances | n/a |
 
 ## Resources
 
@@ -348,9 +348,7 @@ terraform destroy
 | <a name="input_asg_delete_timeout"></a> [asg\_delete\_timeout](#input\_asg\_delete\_timeout) | Timeout when trying to delete the Runner ASG. | `string` | `"10m"` | no |
 | <a name="input_asg_max_instance_lifetime"></a> [asg\_max\_instance\_lifetime](#input\_asg\_max\_instance\_lifetime) | The seconds before an instance is refreshed in the ASG. | `number` | `null` | no |
 | <a name="input_asg_terminate_lifecycle_hook_create"></a> [asg\_terminate\_lifecycle\_hook\_create](#input\_asg\_terminate\_lifecycle\_hook\_create) | Boolean toggling the creation of the ASG instance terminate lifecycle hook. | `bool` | `false` | no |
-| <a name="input_asg_terminate_lifecycle_hook_create_package"></a> [asg\_terminate\_lifecycle\_hook\_create\_package](#input\_asg\_terminate\_lifecycle\_hook\_create\_package) | Boolean toggling the creation of the ASG instance terminate lifecycle hook Lambda package with the module. False implies it's packaged externally. | `bool` | `true` | no |
 | <a name="input_asg_terminate_lifecycle_hook_heartbeat_timeout"></a> [asg\_terminate\_lifecycle\_hook\_heartbeat\_timeout](#input\_asg\_terminate\_lifecycle\_hook\_heartbeat\_timeout) | The amount of time, in seconds, for the instances to remain in wait state. | `number` | `90` | no |
-| <a name="input_asg_terminate_lifecycle_hook_local_existing_package"></a> [asg\_terminate\_lifecycle\_hook\_local\_existing\_package](#input\_asg\_terminate\_lifecycle\_hook\_local\_existing\_package) | The path to the zip file containing the ASG instance terminate lifecycle hook Lambda package. Use this when the package is built external from the module. | `string` | `null` | no |
 | <a name="input_asg_terminate_lifecycle_hook_name"></a> [asg\_terminate\_lifecycle\_hook\_name](#input\_asg\_terminate\_lifecycle\_hook\_name) | Specifies a custom name for the ASG terminate lifecycle hook and related resources. | `string` | `null` | no |
 | <a name="input_aws_region"></a> [aws\_region](#input\_aws\_region) | AWS region. | `string` | n/a | yes |
 | <a name="input_cache_bucket"></a> [cache\_bucket](#input\_cache\_bucket) | Configuration to control the creation of the cache bucket. By default the bucket will be created and used as shared cache. To use the same cache across multiple runners disable the creation of the cache and provide a policy and bucket name. See the public runner example for more details. | `map(any)` | <pre>{<br>  "bucket": "",<br>  "create": true,<br>  "policy": ""<br>}</pre> | no |
 
@@ -507,20 +507,19 @@ resource "aws_iam_role_policy_attachment" "eip" {
 ################################################################################
 ### Lambda function for ASG instance termination lifecycle hook
 ################################################################################
-module "terminate_workers_lifecycle_function" {
-  source = "./modules/terminate-workers"
+module "terminate_instances_lifecycle_function" {
+  source = "./modules/terminate-instances"
 
   count = var.asg_terminate_lifecycle_hook_create ? 1 : 0
 
-  name                                 = local.name_asg_terminate_lifecycle_hook
-  asg_name                             = aws_autoscaling_group.gitlab_runner_instance.name
+  name                                 = var.asg_terminate_lifecycle_hook_name == null ? "terminate-instances" : var.asg_terminate_lifecycle_hook_name
+  environment                          = var.environment
   asg_arn                              = aws_autoscaling_group.gitlab_runner_instance.arn
-  create                               = var.asg_terminate_lifecycle_hook_create
-  create_package                       = var.asg_terminate_lifecycle_hook_create_package
-  local_existing_package               = var.asg_terminate_lifecycle_hook_local_existing_package
-  role_permissions_boundary            = var.permissions_boundary == "" ? null : "${var.arn_format}:iam::${data.aws_caller_identity.current.account_id}:policy/${var.permissions_boundary}"
+  asg_name                             = aws_autoscaling_group.gitlab_runner_instance.name
   cloudwatch_logging_retention_in_days = var.cloudwatch_logging_retention_in_days
-  name_iam_objects                     = "${local.name_iam_objects}-terminate-workers"
+  lambda_memory_size                   = var.asg_terminate_lifecycle_lambda_memory_size
   lifecycle_heartbeat_timeout          = var.asg_terminate_lifecycle_hook_heartbeat_timeout
+  name_iam_objects                     = local.name_iam_objects
+  role_permissions_boundary            = var.permissions_boundary == "" ? null : "${var.arn_format}:iam::${data.aws_caller_identity.current.account_id}:policy/${var.permissions_boundary}"
   tags                                 = local.tags
 }
@@ -0,0 +1,5 @@
+plugin "aws" {
+    enabled = true
+    version = "0.8.0"
+    source  = "github.com/terraform-linters/tflint-ruleset-aws"
+}
@@ -1,4 +1,4 @@
-# terminate-workers module
+# terminate-instances module
 
 Module for Termination Lifecycle Hook Lambda Function
 
@@ -8,10 +8,10 @@ This module is used __internally__ by the parent [_terraform\-aws\-gitlab\-runne
 
 The Lambda functions evaluates an EC2 instance tag called `gitlab-runner-parent-id`, set in the
 [runner config](../../template/runner-config.tpl) by the parent module's
-[user data](../../template/gitlab-runner.tpl). Worker instances created by the runner
-will have this tag applied with the parent worker's instance ID. When the runner
-instance in the ASG is terminated, the lifecycle hook triggers the Lambda to
-terminate worker instances with the matching parent tag and/or any "orphaned"
+[user data](../../template/gitlab-runner.tpl). Runner instances created by the runner
+will have this tag applied with the parent runner's instance ID. When the runner
+in the ASG is terminated, the lifecycle hook triggers the Lambda to
+terminate spawned runner instances with the matching parent tag and/or any "orphaned"
 instances with no running parent runner.
 
 See [issue #214](https://github.com/npalm/terraform-aws-gitlab-runner/issues/214) for
@@ -35,29 +35,6 @@ module "runner" {
   source  = "npalm/gitlab-runner/aws"
 
   asg_terminate_lifecycle_hook_create         = true
-  asg_terminate_lifecycle_hook_create_package = true
-
-  ...
-```
-
-### Building the package externally
-
-If desirable, the Lambda package may also be built externally.
-
-Set `asg_terminate_lifecycle_hook_create_package` to `false` and
-specify the `.zip` file package with the `asg_terminate_lifecycle_hook_local_existing_package`
-variable.
-
-This example shows interacting with this module via the parent module's
-input variables:
-
-```terraform
-module "runner" {
-  source  = "npalm/gitlab-runner/aws"
-
-  asg_terminate_lifecycle_hook_create                 = true
-  asg_terminate_lifecycle_hook_create_package         = false
-  asg_terminate_lifecycle_hook_local_existing_package = "${path.module}/custom-lambda/foo.zip"
 
   ...
 ```
@@ -72,8 +49,8 @@ Note the `asg_terminate_lifecycle_hook_*` variables:
 module "runner" {
   source  = "npalm/gitlab-runner/aws"
 
-  aws_region                    = "us-west-2"
-  environment                   = "glrunners-foo"
+  aws_region                    = "eu-west-1"
+  environment                   = "glrunners-dev"
   runners_name                  = "glrunners-foo"
   runners_gitlab_url            = "https://code.foo.org/"
   docker_machine_instance_type	= "t3.large"
@@ -86,7 +63,6 @@ module "runner" {
 
   asg_max_instance_lifetime                   = 604800
   asg_terminate_lifecycle_hook_create         = true
-  asg_terminate_lifecycle_hook_create_package = true
 
   permissions_boundary              = "FooOrg-Permissions-Boundary"
   runners_iam_instance_profile_name = "foo-gitlab-runner-profile"
@@ -124,14 +100,13 @@ module "runner" {
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.13 |
 | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 2.46 |
-| <a name="requirement_local"></a> [local](#requirement\_local) | >= 1.4 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_archive"></a> [archive](#provider\_archive) | n/a |
-| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 2.46 |
+| <a name="provider_archive"></a> [archive](#provider\_archive) | 2.2.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | 3.63.0 |
 
 ## Modules
 
@@ -148,10 +123,10 @@ No modules.
 | [aws_iam_policy.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
 | [aws_iam_role.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role) | resource |
 | [aws_iam_role_policy_attachment.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_role_policy_attachment) | resource |
-| [aws_lambda_function.terminate_runner_workers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
+| [aws_lambda_function.terminate_runner_instances](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function) | resource |
 | [aws_lambda_permission.current_version_triggers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
 | [aws_lambda_permission.unqualified_alias_triggers](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_permission) | resource |
-| [archive_file.terminate_runner_workers_lambda](https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/file) | data source |
+| [archive_file.terminate_runner_instances_lambda](https://registry.terraform.io/providers/hashicorp/archive/latest/docs/data-sources/file) | data source |
 | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
 | [aws_iam_policy_document.assume_role](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
 | [aws_iam_policy_document.lambda](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
@@ -161,23 +136,21 @@ No modules.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_asg_arn"></a> [asg\_arn](#input\_asg\_arn) | The ARN of the Auto Scaling Group to attach to. | `string` | n/a | yes |
-| <a name="input_asg_name"></a> [asg\_name](#input\_asg\_name) | The name of the Auto Scaling Group to attach to. | `string` | n/a | yes |
+| <a name="input_asg_name"></a> [asg\_name](#input\_asg\_name) | The name of the Auto Scaling Group to attach to. The 'environment' will be prefixed to this. | `string` | n/a | yes |
 | <a name="input_cloudwatch_logging_retention_in_days"></a> [cloudwatch\_logging\_retention\_in\_days](#input\_cloudwatch\_logging\_retention\_in\_days) | The number of days to retain logs in CloudWatch. | `number` | `30` | no |
-| <a name="input_create"></a> [create](#input\_create) | Boolean toggling whether the reources for the lifecycle hook should be created or not. | `bool` | `true` | no |
-| <a name="input_create_package"></a> [create\_package](#input\_create\_package) | Enable packaging the Lambda function by the module. Requires pip and zip. | `bool` | `true` | no |
+| <a name="input_environment"></a> [environment](#input\_environment) | A name that identifies the environment, used as a name prefix and for tagging. | `string` | n/a | yes |
+| <a name="input_lambda_memory_size"></a> [lambda\_memory\_size](#input\_lambda\_memory\_size) | The memory size in MB to allocate to the Lambda function. | `number` | `128` | no |
 | <a name="input_lifecycle_heartbeat_timeout"></a> [lifecycle\_heartbeat\_timeout](#input\_lifecycle\_heartbeat\_timeout) | The amount of time, in seconds, for the instances to remain in wait state. | `number` | `90` | no |
-| <a name="input_local_existing_package"></a> [local\_existing\_package](#input\_local\_existing\_package) | If a path is specified, this will use an existing ZIP file built externally for the Lambda function rather than attempt to build and package it in the module. | `string` | `null` | no |
-| <a name="input_name"></a> [name](#input\_name) | The name of the Lambda function to create. | `string` | n/a | yes |
-| <a name="input_name_iam_objects"></a> [name\_iam\_objects](#input\_name\_iam\_objects) | The name to use for IAM resources - roles and policies | `string` | `""` | no |
+| <a name="input_name"></a> [name](#input\_name) | The name of the Lambda function to create. The 'environment' will be prefixed to this. | `string` | n/a | yes |
+| <a name="input_name_iam_objects"></a> [name\_iam\_objects](#input\_name\_iam\_objects) | The name to use for IAM resources - roles and policies. | `string` | `""` | no |
 | <a name="input_role_permissions_boundary"></a> [role\_permissions\_boundary](#input\_role\_permissions\_boundary) | An optional IAM permissions boundary to use when creating IAM roles. | `string` | `null` | no |
-| <a name="input_source_path"></a> [source\_path](#input\_source\_path) | Used if 'local\_existing\_package' is not. This is the path to the Lambda function source to build and package. | `list(any)` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | Map of tags to apply to resources. | `map(any)` | `{}` | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| <a name="output_lambda_function_arn"></a> [lambda\_function\_arn](#output\_lambda\_function\_arn) | ---------------------------------------------------------------------------- Terminate Workers - Outputs ---------------------------------------------------------------------------- |
+| <a name="output_lambda_function_arn"></a> [lambda\_function\_arn](#output\_lambda\_function\_arn) | ---------------------------------------------------------------------------- Terminate Instances - Outputs ---------------------------------------------------------------------------- |
 | <a name="output_lambda_function_invoke_arn"></a> [lambda\_function\_invoke\_arn](#output\_lambda\_function\_invoke\_arn) | n/a |
 | <a name="output_lambda_function_name"></a> [lambda\_function\_name](#output\_lambda\_function\_name) | n/a |
 | <a name="output_lambda_function_source_code_hash"></a> [lambda\_function\_source\_code\_hash](#output\_lambda\_function\_source\_code\_hash) | n/a |
 
@@ -1,14 +1,12 @@
 # ----------------------------------------------------------------------------
-# Terminate Workers - CloudWatch/EventBridge Resources
+# Terminate Instances - CloudWatch/EventBridge Resources
 #
 # This deploys an event rule and target for triggering the provided Lambda
 # function from the ASG lifecycle hook.
 # ----------------------------------------------------------------------------
 resource "aws_cloudwatch_event_rule" "terminate_instances" {
-  count = var.create ? 1 : 0
-
-  name        = var.name
-  description = "Trigger GitLab runner worker lifecycle hook on termination."
+  name        = "${var.environment}-${var.name}"
+  description = "Trigger GitLab runner instance lifecycle hook on termination."
 
   event_pattern = <<EOF
 {
@@ -22,17 +20,13 @@ EOF
 }
 
 resource "aws_cloudwatch_event_target" "terminate_instances" {
-  count = var.create ? 1 : 0
-
-  rule      = aws_cloudwatch_event_rule.terminate_instances[0].name
+  rule      = aws_cloudwatch_event_rule.terminate_instances.name
   target_id = "TriggerTerminateLambda"
-  arn       = aws_lambda_function.terminate_runner_workers[0].arn
+  arn       = aws_lambda_function.terminate_runner_instances.arn
 }
 
 resource "aws_cloudwatch_log_group" "lambda" {
-  count = var.create ? 1 : 0
-
-  name              = "/aws/lambda/${var.name}"
+  name              = "/aws/lambda/${var.environment}-${var.name}"
   retention_in_days = var.cloudwatch_logging_retention_in_days
 
   tags = var.tags