# Terraform configuration to create an AWS Glue Crawler.

provider "aws" {
  region = "us-east-1"
}

# --- Random Suffix for Uniqueness ---
resource "random_pet" "suffix" {
  length = 2
}

# --- 1. S3 Bucket for Sample Data ---
resource "aws_s3_bucket" "glue_data_bucket" {
  bucket = "my-tf-glue-data-${random_pet.suffix.id}"

  tags = {
    Name = "GlueSampleDataBucket"
  }
}

resource "aws_s3_bucket_acl" "glue_data_bucket_acl" {
  bucket = aws_s3_bucket.glue_data_bucket.id
  acl    = "private"
}

# --- 2. Upload Sample Data ---
resource "local_file" "sample_data_csv" {
  content  = "id,name,value\n1,Alice,100\n2,Bob,200"
  filename = "${path.module}/sample_data.csv"
}

resource "aws_s3_object" "sample_data" {
  bucket       = aws_s3_bucket.glue_data_bucket.id
  key          = "input/sample_data.csv"
  source       = local_file.sample_data_csv.filename
  content_type = "text/csv"
  etag         = filemd5(local_file.sample_data_csv.filename)
}

# --- 3. Glue Database ---
resource "aws_glue_catalog_database" "main" {
  name = "my_terraform_glue_database"
}

# --- 4. IAM Role for Glue Crawler ---
resource "aws_iam_role" "glue_crawler_role" {
  name = "MyTerraformGlueCrawlerRole"

  assume_role_policy = jsonencode({
    Version = "2012-10-17",
    Statement = [
      {
        Effect = "Allow",
        Principal = {
          Service = "glue.amazonaws.com"
        },
        Action = "sts:AssumeRole"
      }
    ]
  })
}

resource "aws_iam_role_policy_attachment" "glue_service_role_policy" {
  role       = aws_iam_role.glue_crawler_role.name
  policy_arn = "arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole"
}

resource "aws_iam_role_policy_attachment" "s3_read_only_policy" {
  role       = aws_iam_role.glue_crawler_role.name
  policy_arn = "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess"
}

# --- 5. Glue Crawler ---
resource "aws_glue_crawler" "main" {
  database_name = aws_glue_catalog_database.main.name
  name          = "MyTerraformGlueCrawler"
  role          = aws_iam_role.glue_crawler_role.arn
  schedule      = "cron(0 2 * * ? *)" # Daily at 2 AM UTC

  s3_target {
    path = "s3://${aws_s3_bucket.glue_data_bucket.bucket}/input/"
  }

  depends_on = [
    aws_iam_role_policy_attachment.glue_service_role_policy,
    aws_iam_role_policy_attachment.s3_read_only_policy,
    aws_s3_object.sample_data,
  ]
}

# --- Outputs ---
output "glue_database_name" {
  value       = aws_glue_catalog_database.main.name
  description = "The name of the Glue Database."
}

output "glue_crawler_name" {
  value       = aws_glue_crawler.main.name
  description = "The name of the Glue Crawler."
}

output "s3_bucket_name" {
  value       = aws_s3_bucket.glue_data_bucket.bucket
  description = "The S3 bucket where sample data is stored."
}