pulumi-aws
pulumi-aws copied to clipboard
pulumi
Error when setting VPC configuration in AWS Lambda Function
Hello!
- Vote on this issue by adding a 👍 reaction
- To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already)
Issue details
There might be a bug when trying to associate a AWS Lambda Function with a VPC. The error is the following:
error: aws:lambda/function:Function resource 'name-of-lambda-function' has a problem: Value for unconfigurable attribute: Can't configure a value for "vpc_config.0.vpc_id": its value will be decided automatically based on the result of applying this configuration.. Examine values at 'Function.VpcConfig.VpcId'.
Steps to reproduce
The code leading to the previous message is right below:
import pulumi
import pulumi_aws as aws
default_vpc = aws.ec2.get_vpc(default=True)
default_vpc_subnets = aws.ec2.get_subnet_ids(vpc_id=default_vpc.id)
security_group_id = Config("security").require("group_id")
vpc_config = aws.lambda_.FunctionVpcConfigArgs(
vpc_id=default_vpc.id,
subnet_ids=default_vpc_subnets.ids,
security_group_ids=[security_group_id],
)
trigger_prefect_flow_run_lambda = aws.lambda_.Function(
lambda_name,
name=lambda_name,
code=pulumi.FileArchive("./path/to/lambda.zip"),
role=lambda_role.arn,
handler="app.lambda_handler",
runtime="python3.8",
memory_size=128,
layers=[lambda_layer.arn],
tags={...},
timeout=30, # 30 seconds
opts=ResourceOptions(depends_on=[lambda_role_policy_attachment]),
environment=aws.lambda_.FunctionEnvironmentArgs(
variables={
"VARIABLE": variable
},
),
vpc_config=vpc_config,
)
I have also tried changing vpc_id=default_vpc.id to vpc_id="vpc_XXXX" but the error persists.
Using pulumi==v3.28.0 and python 3.8.10
Expected: To associate the VPC with the AWS Lambda Function. Actual: An error raises.
@snikolakis This looks like a bug in the code that generates the SDK. Try not setting a value for vpc_id - just use subnet_ids.
When we fix the underlying issue, we'll publish a new version of the provider where vpc_id is not settable, as should be the case.
I have this issue as well. I've tried not setting a value for vpc_id as per @snikolakis suggestion. All this does is allow the lambda to be created, but does not associate it with the VPC.
Hello @shaungreen , the original suggestion was by @jkodroff (and thank you!). Please, notice that I have tried the given suggestion with pulumi_aws==v5.4.0.
import pulumi
import pulumi_aws as aws
default_vpc = aws.ec2.get_vpc(default=True)
default_vpc_subnets = aws.ec2.get_subnets(
filters=[aws.ec2.GetSubnetFilterArgs(name="vpc-id", values=[default_vpc.id])]
)
security_group_id = Config("security").require("group_id")
vpc_config = aws.lambda_.FunctionVpcConfigArgs(
subnet_ids=default_vpc_subnets.ids, security_group_ids=[security_group_id]
)
trigger_prefect_flow_run_lambda = aws.lambda_.Function(
lambda_name,
name=lambda_name,
code=pulumi.FileArchive("./path/to/lambda.zip"),
role=lambda_role.arn,
handler="app.lambda_handler",
runtime="python3.8",
memory_size=128,
layers=[lambda_layer.arn],
tags={...},
timeout=30, # 30 seconds
opts=ResourceOptions(depends_on=[lambda_role_policy_attachment]),
environment=aws.lambda_.FunctionEnvironmentArgs(
variables={
"VARIABLE": variable
},
),
vpc_config=vpc_config,
)
This works fine for me. Hope it helps you, as well.
@paulrobello I'm not seeing the VPC ID being required in TS. Can you post a minimal program where the VPC ID is required for a lambda.Function?
It was my fault. I was importing from outputs instead of inputs. They are identical except the input marks vpcId as optional. Which makes sense.
