terraform-provider-aws: Breaking change on data source aws_lambda_function introduced in version 2.0.0

Community Note

  • Please vote on this issue by adding a đź‘Ť reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave “+1” or “me too” comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

Terraform: 0.10.8 Terraform AWS provider: 2.11.0

Affected Resource(s)

  • Data source aws_lambda_function

Terraform Configuration Files

data "aws_lambda_function" "lambda" {
  function_name = "myFunction"
  qualifier     = ""
}

resource "aws_cloudfront_distribution" "distribution" {
  default_cache_behavior {
    lambda_function_association {
      event_type   = "origin-response"
      lambda_arn   = "${data.aws_lambda_function.lambda.qualified_arn}"
      include_body = false
    }
  }
}

Expected Behavior

  • The Lambda function qualified_arn should be qualified by the latest version number instead of $LATEST

Actual Behavior

  • The Lambda function qualified_arn is qualified with $LATEST

References

The breaking change has been introduced in the PR https://github.com/terraform-providers/terraform-provider-aws/pull/7663 which has been merged into the provider version 2.0.0.

The dataSourceAwsLambdaFunctionRead() implementation switched from using resourceAwsLambdaFunctionRead() (defined in resource_aws_lambda_function.go) to a new (de-coupled) implementation.

The resourceAwsLambdaFunctionRead() implementation has support to fetch the latest version number in case qualifierExistance is falsy (see code here), while the new one doesn’t have it.

Questions, please:

  • Is there any interest to fix the breaking change?
  • If not, shouldn’t we document it in the upgrade guide?
  • If not, is there any known workaround to get the latest version number of a Lambda function defined as a data source?

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Reactions: 16
  • Comments: 16

Most upvoted comments

In order to associate a lambda functions with a CloudFront distribution as Lambda@Edge, it is required to provide a version number.

I would be interested to retrieve the latest fixed version number of a given lambda. Is this possible currently by using aws_lambda_function data source?

data "aws_lambda_function" "example_lambda_edge" {
  function_name = "example"
  qualifier     = ""
}

resource "aws_cloudfront_distribution" "example_distribution" {
  # ...

  default_cache_behavior {
    # ...

    lambda_function_association {
      event_type   = "viewer-request"
      # Problem: the qualifier here will be "$LATEST" which will not work in that case.
      lambda_arn   = data.aws_lambda_function.example_lambda_edge.qualified_arn
    }
  }
}
+5
ghost on Aug 13, 2019

If you are using the AWS Console @eretica you will need to create the lambda in us-east-1 N. Virgina. Then you will need to publish a version that will give you a version number.

You can check out the doco here https://docs.aws.amazon.com/lambda/latest/dg/configuration-versions.html

In Terraform you need to make sure that your region is set to us-east-1 and have publish = true so that you can get the version (other than $LATEST) with aws_lambda_function.this.qualified_arn

+2
brucedvgw on Jun 30, 2020

So the workaround I did was to ensure that aws_lambda_function had the publish = true set. This then enabled me to use aws_lambda_function.this.qualified_arn to get the arn with the version number.

Hope this helps someone!

+1
brucedvgw on Jun 23, 2020
Read more comments on GitHub
← terraform-provider-aws: Breaking change for several resources from 2.51.0 → 2.52.0
terraform-provider-aws: bucket_regional_domain_name does not contain the region →