Terraform: Lambda s3_object_version is not updated with new S3 etag

Created on 27 May 2016  ยท  5Comments  ยท  Source: hashicorp/terraform

Terraform Version

Terraform v0.6.16

Affected Resource(s)

  • aws_lambda_function
  • aws_s3_bucket_object

    Terraform Configuration Files

resource "aws_s3_bucket" "artifacts" {
    bucket = "test-terraform-issue-artifacts"
    acl = "private"
    versioning {
        enabled = true
    }
}

resource "aws_s3_bucket_object" "lambda_zip" {
    bucket = "${aws_s3_bucket.artifacts.bucket}"
    key = "lambda_function.zip"
    source = "./lambda_function.zip"
    etag = "${md5(file("./lambda_function.zip"))}"
}

resource "aws_lambda_function" "lambda_function" {
    s3_bucket = "${aws_s3_bucket_object.lambda_zip.bucket}"
    s3_key = "${aws_s3_bucket_object.lambda_zip.key}"
    s3_object_version = "${aws_s3_bucket_object.lambda_zip.version_id}"
    function_name = "test-lambda-function"
    description = "Example lambda to reproduce S3 version lag"
    role = "arn:aws:iam::1234567890:role/lambda_function_role"
    runtime = "java8"
    timeout = 15
    memory_size = 1024
    handler = "com.package.name.LambdaHandler::handle"
}

Expected Behavior

Modifying the S3 upload zip file with terraform apply should update the s3_object_version of the lambda function with the S3 bucket object's version_id.

Actual Behavior

The version_id on the S3 bucket object is updated after pushing the updated file, but the s3_object_version is not updated on the lambda.

Steps to Reproduce

  1. terraform apply with the manifests listed above.
  2. Modify the content of the zip file uploaded so that it forces a new S3 etag
  3. terraform apply - note the S3 bucket object updates the etag, but Lambda does not get the new s3_object_version.
  4. terraform apply again, the Lambda gets the new s3_object_version.
bug core
Source
picture gthole

All 5 comments

I also note that adding an explicit depends_on = ["aws_s3_bucket_object.lambda_zip"] to the Lambda function does not help.

gthole picture gthole on 27 May 2016
👍1

Hi @gthole ,
this is unfortunately a known issue, specifically a missing schema feature - ComputedWhen.

In the current implementation all Computed fields are recognized correctly for re-computation at the time of (re)creation of the whole resource, but not at the time of update - hence it requires two apply steps.

See WIP in https://github.com/hashicorp/terraform/pull/4846.
The specific issue with Lambda function & S3 is actually being addressed/tested in https://github.com/hashicorp/terraform/pull/5330

Probably the best workaround for now is to either run two terraform apply or have S3 upload in a separate context/directory or deal with S3 upload outside of terraform.

radeksimko picture radeksimko on 27 May 2016

Thanks for the prompt reply @radeksimko - happy to close this since the issue is well known.

gthole picture gthole on 28 May 2016

Is this still the only workaround or has there been a fix? I am assuming not as I am running into this issue as well and there is no linked fix.

hollsteinm picture hollsteinm on 21 Jan 2019
👀1

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashibot[bot] picture hashibot[bot] on 30 Mar 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rjinski picture rjinski  ยท  3Comments
cpoole picture cpoole  ยท  3Comments
pawelsawicz picture pawelsawicz  ยท  3Comments
ronnix picture ronnix  ยท  3Comments
franklinwise picture franklinwise  ยท  3Comments