Bug with lambda function Zip type attribute checks is not fixed with 3.55.0

[ashokdasari06]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

$ terraform -v
Terraform v0.12.31

• provider.aws v3.55.0
• provider.local v2.1.0
• provider.random v3.1.0
• provider.template v2.2.0

Affected Resource(s)

• aws_lambda_function

Terraform Configuration Files

Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.

### Formation
module "lambda" {
  source                         = "tf-lambda-module.git?ref=1.0.0"
  is_invoked_from_formation      = true
  environment                    = var.environment
  app_name                       = var.app_name
  lambda_details                 = local.lambda_details_for_module_input

### locals.tf
lambda_details_for_module_input = merge(local.authorizer_lambda_definition, local.lambda_details_enriched_with_arns)

  lambda_details_enriched_with_arns = {
    for key, lambda in local.lambda_details_map :
    key => merge(
      lambda,
      {
        "event_source_mapping" = lookup(local.event_sqs_source_arns_map_for_lambdas, key, {}),
      },
      {
        "lambda_dlq_arn" = lookup(local.dlq_arns_for_lambdas, key, "")
      },
      {
        "sns_trigger_arn" = lookup(module.sns_topics.topic_arns, key, "")
      }
    )
  }

  lambda_details_map = {
    for lambda in var.lambda_details :
    lambda.function_name => lambda
  }

### [email protected]
resource "aws_lambda_function" "lambda" {
  for_each          = local.lambdas_key_set
  s3_bucket         = local.lambda_s3_bucket
  s3_key            = var.lambda_zip_file_key
  s3_object_version = data.aws_s3_bucket_object.function_package.version_id
  function_name     = "${var.environment}-${var.app_name}-${each.key}"
  description       = var.lambda_details[each.key].lambda_description
  runtime           = var.lambda_details[each.key].runtime
  handler           = var.lambda_details[each.key].handler
  kms_key_arn       = var.kms_arn
  memory_size       = lookup(var.lambda_details[each.key], "memory_size", "128")
  timeout           = lookup(var.lambda_details[each.key], "timeout", "3")
  role              = lookup(var.lambda_details[each.key], "role", var.workspace_lambda_roles[terraform.workspace])

Debug Output

terraform plan --var-file=testing.tfvars

Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

module.api_gateway.data.aws_caller_identity.current: Refreshing state...
module.api_gateway.data.aws_region.current: Refreshing state...
module.lambda.module.vpc_subnets.data.aws_vpc.selected: Refreshing state...
module.s3.data.aws_caller_identity.current: Refreshing state...
data.aws_ssm_parameter.subscription_lambda_arn: Refreshing state...
module.s3.data.aws_region.current: Refreshing state...
module.rds.data.aws_ssm_parameter.rds_proxy_secret_arn[0]: Refreshing state...
module.kms.data.aws_caller_identity.current: Refreshing state...
module.sns_topics.data.aws_caller_identity.current: Refreshing state...
module.kinesis_datastreams.data.aws_region.current: Refreshing state...
module.seed_sns.data.aws_caller_identity.current: Refreshing state...
module.api_gateway.module.vpc_subnets.data.aws_vpc.selected: Refreshing state...
module.lambda.data.aws_s3_bucket_object.function_package: Refreshing state...
module.elasticache.module.vpc_subnets.data.aws_vpc.selected: Refreshing state...
module.rds.data.aws_iam_role.rds_proxy_execution_role: Refreshing state...
module.rds.module.vpc_subnets.data.aws_vpc.selected: Refreshing state...
module.acm.data.aws_route53_zone.env[0]: Refreshing state...
module.rds.data.aws_ssm_parameter.master_password[0]: Refreshing state...
module.api_gateway.data.aws_route53_zone.env[0]: Refreshing state...
module.api_gateway.data.template_file.public_policy: Refreshing state...
module.kms.data.template_file.kms_policy: Refreshing state...
module.api_gateway.data.aws_vpc_endpoint.api_endpoint: Refreshing state...
module.lambda.module.vpc_subnets.data.aws_subnet_ids.selected_subnets["SEEDPrivateSubnetPoolC"]: Refreshing state...
module.elasticache.module.vpc_subnets.data.aws_subnet_ids.selected_subnets["SEEDPrivateSubnetPoolC"]: Refreshing state...
module.rds.module.vpc_subnets.data.aws_subnet_ids.selected_subnets["SEEDPrivateSubnetPoolB"]: Refreshing state...
module.rds.module.vpc_subnets.data.aws_subnet_ids.selected_subnets["SEEDPrivateSubnetPoolC"]: Refreshing state...
module.lambda.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-08c50bcbececa1848"]: Refreshing state...
module.lambda.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-0d149e9a8ef2d38c2"]: Refreshing state...
module.lambda.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-093d627a54c20c0fd"]: Refreshing state...
module.lambda.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-0a0fc995a1dfaa6ca"]: Refreshing state...
module.rds.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-08346064c0fe08dd8"]: Refreshing state...
module.rds.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-0d16edf92e825ec9e"]: Refreshing state...
module.rds.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-08c50bcbececa1848"]: Refreshing state...
module.rds.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-0d149e9a8ef2d38c2"]: Refreshing state...
module.rds.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-0ce8215364c7fd551"]: Refreshing state...
module.rds.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-093d627a54c20c0fd"]: Refreshing state...
module.rds.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-0a0fc995a1dfaa6ca"]: Refreshing state...
module.elasticache.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-0d149e9a8ef2d38c2"]: Refreshing state...
module.elasticache.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-0a0fc995a1dfaa6ca"]: Refreshing state...
module.elasticache.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-08c50bcbececa1848"]: Refreshing state...
module.elasticache.module.vpc_subnets.data.aws_subnet.selected_subnets["subnet-093d627a54c20c0fd"]: Refreshing state...
module.api_gateway.data.template_file.private_policy: Refreshing state...

---

Error: handler and runtime must be set when PackageType is Zip

on .terraform/modules/lambda/lambda.tf line 22, in resource "aws_lambda_function" "lambda":
22: resource "aws_lambda_function" "lambda" {

Error: handler and runtime must be set when PackageType is Zip

on .terraform/modules/lambda/lambda.tf line 22, in resource "aws_lambda_function" "lambda":
22: resource "aws_lambda_function" "lambda" {

Error: handler and runtime must be set when PackageType is Zip

on .terraform/modules/lambda/lambda.tf line 22, in resource "aws_lambda_function" "lambda":
22: resource "aws_lambda_function" "lambda" {

Panic Output

Expected Behavior

Create lambda functions without any issues.

Actual Behavior

Failing at terraform plan with 3.55.0 aws provider version.
We have tested the same code with 3.18.0 version of aws provider and that works fine. Any provider post 3.19.0 breaks with this error. The release notes says its fixed with 3.55.0, but it did not work for us. Please see the terraform version being used.

Steps to Reproduce

Call lambda module which is interpreting the handler and runtime from a terraform formation and that fails.

terraform init
terraform plan

References

• #0000

[ewbankkit]

Relates #20575.

[bnusunny]

I can take a look.

[bnusunny]

@ewbankkit Could you please assign this issue to me?

[ashokdasari06]

@bnusunny @ewbankkit Could you please let me know if there is some progress on this ?

[bnusunny]

I was working on Lambda Graviton2 support last month. I will take a look soon.

[ashokdasari06]

Hi, We are blocked to use any new features that are released post 3.18.0 due to this bug. Could you please look into it at the earliest.

[ashokdasari06]

@bnusunny @ewbankkit

[ashokdasari06]

Could someone look at it at the earliest ?

[bnusunny]

I'll take a look today.

[ashokdasari06]

@bnusunny Appreciate any updates on this please.

[bnusunny]

I'm making progress and will submit PR next week.

[bnusunny]

@ashokdasari06 Are you getting the error when refreshing terraform stats for existing lambda functions? Are you getting the same error when creating a new lambda function?

[ashokdasari06]

I just ran some tests again and this is interesting. This is happening on new and existing lambdas when I try to use terraform version 0.12.31 and provider version >3.18.0. I just gave it a try upgrading the terraform version to 0.13.7 and I see it working with any provider version. This looks more like a terraform bug but not the provider ?

[justinretzolk]

Hi all 👋 Given there's been a number of AWS Provider releases since the last report of this issue, and the comment above indicating that this may have been a bug in earlier versions of Terraform, is anyone able to confirm whether they're still experiencing this behavior?

[github-actions]

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label.

If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you!

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.