Terraform: Updating environment variables does not cause a new AWS Lambda version to be published

Created on 10 Mar 2017  路  1Comment  路  Source: hashicorp/terraform

Terraform Version

Terraform v0.8.9-dev (8173c76a782c3c8fc0e3b295cbf344d237602ede)

Affected Resource(s)

  • aws_lambda_function

Terraform Configuration Files

resource "aws_lambda_function" "lambda" {
  environment = {
    variables = {
      FOO = "bar"
    }
  }

  publish = true

  # everything else required to make the lambda work
}

Expected Behavior

A new version of the lambda is published whenever any of the lambda configuration changes.

Actual Behavior

When only the environment variables were changed, a new version of the lambda was not published. $LATEST was updated.

Steps to Reproduce

  1. Create a lambda with an environment variable and publish = true
  2. terraform apply
  3. Observe that there is a version 1 of the lambda function alongside $LATEST
  4. Modify the environment variable value
  5. terraform apply
  6. Observe that there is no version 2 of the lambda function with the new environment configuration, but that $LATEST has been updated.

Speculation

Looking at the code for Terraform's lambda support, and the AWS SDK, it looks like Terraform is relying on the publish option for CreateFunction calls, but doing nothing about publishing when there's a pure update. UpdateFunctionConfiguration doesn't have a publish option available. UpdateFunctionCode does, and Terraform makes use of that, but it'll only do it _before_ calling UpdateFunctionConfiguration, and if UpdateFunctionCode is never called, the publish never happens.

I believe that the use of publish in UpdateFunctionCode may need to be removed in favour of calling PublishVersion explicitly when both update operations have been completed. Although this is just from reading the code today, so I may be mistaken about exactly what's going on here in terms of timing. But it certainly looks like if you don't cause a code update you don't get a new lambda version, and it also looks like that new version may miss updates to the function configuration if they're also being done in the same Terraform run.

bug provideaws
Source
picture ghost

Most helpful comment

I encountered this problem today as well. Do we know if there are any plans to get this addressed? Thanks!

picture jbankston on 22 Apr 2017
👍2

>All comments

I encountered this problem today as well. Do we know if there are any plans to get this addressed? Thanks!

jbankston picture jbankston on 22 Apr 2017
👍2
Was this page helpful?
0 / 5 - 0 ratings

Related issues

thebenwaters picture thebenwaters  路  3Comments
carl-youngblood picture carl-youngblood  路  3Comments
shanmugakarna picture shanmugakarna  路  3Comments
rnowosielski picture rnowosielski  路  3Comments
pawelsawicz picture pawelsawicz  路  3Comments