serverless: Environment variables not updating in new lambda function version

This is a Bug Report

Description

For bug reports:

What went wrong? New environment variables are not deploying to new function version for AWS Lambda. I’ve verified that the new variables are properly set inside the CloudFormation stack template. I’ve also ran every variation of deploy (with -p, with -f, with --force, with --update-config, and with code changes). My base use case is to sls package first, then deploy with -p
What did you expect should have happened? Changing or adding environment variables in serverless.yml should update environment variables in lambda console for the corresponding function version when deployed.
What was the config you used?

service:
  name: foo-service
  awsKmsKeyArn: ${ssm:/infra/lambda-env-kms-key-id}

frameworkVersion: "^1.25.0"

functions:
  foo-service:
    name: ${self:custom.stageNames.${self:provider.stage}, self:custom.defaultName}
    handler: dist/lambda.handler

provider:
  name: aws
  stage: ${opt:stage, self:custom.defaultStage}
  region: us-east-1
  profile: serverless
  deploymentBucket:
    name: ${ssm:/infra/serverless-deployment-bucket}
    serverSideEncryption: aws:kms
    sseKMSKeyId: ${ssm:/infra/serverless-deployment-bucket-kms-key-id}
  
  # service function settings
  runtime: nodejs6.10
  memorySize: 1024
  timeout: 30
  environment:
    SERVERLESS_STAGE: ${self:provider.stage}
    SERVERLESS_ALIAS: ${self:provider.alias}
    NODE_ENV: ${ssm:/infra/NODE_ENV}
    MY_NEW_ENV_VAR: ${ssm:/infra/foobar}
  vpc:
    subnetIds:
      - ${ssm:/infra/lambda-subnet}
    securityGroupIds:
      - ${ssm:/infra/lambda-sg}

custom:
  defaultName: ${self:service}__${self:provider.stage}
  defaultStage: staging
  defaultRegion: us-east-1
  stageNames:
    staging: ${self:service}
    prod: ${self:service}

package:
  include:
    - dist/**
    - node_modules/**
    - '!**/*.d.ts'
    - '!**/*.test.js'
    - '!**/*.spec.js'
    - '!**/__tests__/**'
  exclude:
    - '**'

plugins:
  - serverless-pseudo-parameters
  - serverless-aws-alias

What stacktrace or error message from your provider did you see? No error message. Package and Deploy were successful.

Similar or dependent issues:

https://github.com/HyperBrain/serverless-aws-alias/issues/91

Additional Data

Serverless Framework Version you’re using: 1.25.0
Operating System: Mac High Sierra locally and Ubuntu in CircleCI
Stack Trace: None
Provider Error messages: None

About this issue

Original URL
State: closed
Created 6 years ago
Reactions: 24
Comments: 55 (14 by maintainers)

Links to this issue

amazon web services - AWS Lambda environment variable is not updated when execute aws cloudformation deploy - Stack Overflow

Commits related to this issue

readme and try to replicate serverless/serverless#4638 — committed to dschep-bug-repos/sls-4638 by dschep 6 years ago

Most upvoted comments

Any update on this?

+20

chrisyorkston on Sep 24, 2018

It appears that the impact of this issue is not limited only to environment variables, but other lambda configuration options like timeout and VPC.

Confirmed with 1.26.0, Mac OS High Sierra locally.

nullflux on Feb 16, 2018

Yep still reproducible. Since editing an environment variable through the AWS console, serverless.yml updates to that variable are no longer being received.

xaun on Jun 11, 2020

@rdsedmundo can Framework do something about it? I think that at any time you try to do updates manually and not via proper CF update, there’s a risk of going out of sync.

CF update simply does comparison against the previously deployed state, and assumes there were no changes done on the side to related resources. Framework trusts that as well.

To mitigate the scenarios you mention in broad scope, Framework will have to confirm on every single property as configured in CF stack and apply side AWS SDK updates if there’s a mismatch. Such will be killing performance-wise, and I don’t see it possible to achieve maintenance-wise.

The only real solution is: do not update resources as deployed with stack manually, and if you do, mind the consequences

medikoo on Jan 14, 2022

If you think there’s a bug in existing version of a framework, please open an bug report respecting all its template remarks

medikoo on Jun 12, 2020

Hitting this 4 years later. Edited something on the AWS console one-off for testing, and Serverless Framework won’t override it again even upon doing a full sls deploy of the service again.

rdsedmundo on Jan 14, 2022

I was commenting that I could reproduced the problem, but actually I misspelt enviroment, I deleted the original comment (by mistake). I apologize for the notification.

duy9403 on Jul 19, 2019

Thanks for following-up @boyvanduuren 👍

In that case I’ll close this issue for now since it seems to be non-deterministic and hard to reproduce. @aliatsis feel free to re-open it if you see this bug again and can shed some light into the reproduction.

pmuens on Jul 16, 2019

I’ve noticed that when updating environment variables in the serverless config:

environment:
  VAR: ${env:VAR}

WILL update the lambda function environment variables, but references like

environment:
  VAR: { "Ref": MyResource }

will NOT update the lambda function environment variables.

MacMcIrish on Jun 27, 2018