Terraform-provider-aws: aws_lambda_function.vpc_config always detects a change when empty

Created on 13 Jun 2017  ยท  15Comments  ยท  Source: hashicorp/terraform-provider-aws

_This issue was originally opened by @rochdev as hashicorp/terraform#10900. It was migrated here as part of the provider split. The original body of the issue is below._

Terraform Version

0.8.2

Affected Resource(s)

aws_lambda_function

Terraform Configuration Files

# Only relevant parts shown

variable "subnet_ids" {
  default = []
}

variable "security_group_ids" {
  default = []
}

resource "aws_lambda_function" "lambda" {
  vpc_config {
    subnet_ids         = ["${var.subnet_ids}"]
    security_group_ids = ["${var.security_group_ids}"]
  }
}

Expected Behavior

Right after applying, terraform plan should not detect any change since there aren't any.

Actual Behavior

Right after applying, terraform plan detects a change in vpc_config. If you apply the change, terraform plan will still detect the same change over and over again.

Relevant part of the output:

-/+ module.auth.authorizer.authorizer_lambda.aws_lambda_function.lambda
    vpc_config.#:        "0" => "1" (forces new resource)
    vpc_config.0.vpc_id: "" => "<computed>"

Steps to Reproduce

  1. terraform plan
  2. terraform apply
  3. repeat

References

Seem to be related:

bug serviclambda terraform-0.12 upstream-terraform
Source
picture hashibot
👍8

Most helpful comment

Anyone has any luck with this? I'm on version 0.11.5 and it's still happening.

Ideally I'd like to create one module for both normal and in vpc lambda. If there's no workaround creating two modules seem the easiest workaround.

picture oktaviandi-nugraha on 25 Mar 2018
👍5

All 15 comments

Still seeing this on 0.9.8

jgillard picture jgillard on 21 Jun 2017

I checked on 0.9.11 and it seems to be fixed.

mandos picture mandos on 18 Jul 2017

I am still seeing this issue in 0.9.11. EDIT: and 0.10.8
Like the original example, I am passing in subnet_ids and security_group_ids as variables, but I was also able to reproduce the bug like this

vpc_config {
  security_group_ids = []
  subnet_ids         = []
}
mikedal picture mikedal on 31 Oct 2017

+1

It is really troublesome if you have to manage Lambda functions in Classic and VPC.

nagas picture nagas on 12 Dec 2017

Still seeing this in Terraform 0.11.0 with AWS provider 1.5.0.

grahamlyons picture grahamlyons on 20 Dec 2017

0.11.1 as well with 1.6.0

although the error chagned a bit for me
```
Error: Error applying plan:

3 error(s) occurred:

  • module.source_lambda.aws_lambda_function.lambda: 1 error(s) occurred:

  • aws_lambda_function.lambda: vpc_config is

  • module.builds_lambda.aws_lambda_function.lambda: 1 error(s) occurred:

  • aws_lambda_function.lambda: vpc_config is

  • module.deployment_lambda.aws_lambda_function.lambda: 1 error(s) occurred:

  • aws_lambda_function.lambda: vpc_config is ```

nickm4062 picture nickm4062 on 2 Jan 2018

Still experiencing this issue on version v0.11.3

ChinmayAmin picture ChinmayAmin on 1 Mar 2018

This might be resolved or at least partially fixed with something like #1341 and/or #3473

bflad picture bflad on 1 Mar 2018

Anyone has any luck with this? I'm on version 0.11.5 and it's still happening.

Ideally I'd like to create one module for both normal and in vpc lambda. If there's no workaround creating two modules seem the easiest workaround.

oktaviandi-nugraha picture oktaviandi-nugraha on 25 Mar 2018
👍5

Still happening for me on 0.11.7 and AWS provider 1.20.0

jonwinton picture jonwinton on 24 May 2018

any ETA ?

giuliocalzolari picture giuliocalzolari on 22 Jun 2018

@giuliocalzolari If you are interested in testing out this feature in a patched v1.21.0 version, I've made some Alpine Linux x64 binaries available here: https://github.com/lifeomic/terraform-provider-aws/releases/tag/v1.21.0_patched_5f7d0def

That fork will likely see future patched versions as well. I haven't had a chance to update it for the latest release yet but I'm sure it will happen.

mdlavin picture mdlavin on 28 Jun 2018
2

In version 1.35.0 of the AWS provider, releasing shortly, the aws_lambda_function resource should now accept the following configuration and show no differences for an unconfigured VPC setup:

vpc_config {
  security_group_ids = []
  subnet_ids         = []
}
bflad picture bflad on 6 Sep 2018

This has been released in version 1.35.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

bflad picture bflad on 6 Sep 2018

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

hashibot[bot] picture hashibot[bot] on 3 Apr 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

joelittlejohn picture joelittlejohn  ยท  3Comments
hazmeister picture hazmeister  ยท  3Comments
modax picture modax  ยท  3Comments
ccslamstack picture ccslamstack  ยท  3Comments
hashibot picture hashibot  ยท  3Comments