0

Every time I run terraform plan, it shows unexpected changes with AWS lambda function even I didn't modify any lambda code, I use following code to deploy lambda function:

resource "aws_s3_bucket" "lambda_code_bucket" {
  bucket = "${var.environment}-test-code"
  force_destroy = true
}

data "archive_file" "test_code" {
  type        = "zip"
  source_dir  = "${path.module}/lambda_python/test_code"
  output_path = "${path.module}/lambda_python/test_code.zip"
}

resource "aws_s3_object" "test_code_zip" {
  bucket      = aws_s3_bucket.lambda_code_bucket.id
  key         = "code/test_code.zip"
  source      = data.archive_file.test_code.output_path
  source_hash = data.archive_file.test_code.output_md5
}

resource "aws_lambda_function" "test_code" {
  function_name = "test_code"
  s3_bucket     = aws_s3_bucket.lambda_code_bucket.id
  s3_key        = aws_s3_object.test_code_zip.key
  runtime = "python3.9"
  handler = "test_code.lambda_handler"
  timeout = 600
  source_code_hash = data.archive_file.test_code.output_base64sha256
}

When I ran terraform plan, it shows datasource.archive_file.test_code will be read, aws_s3_object.test_code_zip and aws_lambda_function.test_code with be updated

# module.core_uswest2.module.lambdas.module.test.data.archive_file.test_code will be read during apply
  # (config refers to values not yet known)
 <= data "archive_file" "test_code"  {
      ~ id                  = "1483aa70c54b1d11e0237f79" -> (known after apply)
      ~ output_base64sha256 = "qyrLyAI+6bLQgpFtxdve6ch=" -> (known after apply)
      ~ output_md5          = "3645e65deecf63" -> (known after apply)
      ~ output_sha          = "1483aa70c54b1d11e0237f      = 5132 -> (known after apply)
        # (3 unchanged attributes hidden)
    }

# module.core_uswest2.module.lambdas.module.test.aws_s3_object.test_code_zip will be updated in-place
  ~ resource "aws_s3_object" "test_code_zip" {
        id                 = "test_code/test_code.zip"
      ~ source_hash        = "1781dbcc3599f35b0a" -> (known after apply)
        tags               = {}
      + version_id         = (known after apply)
        # (11 unchanged attributes hidden)
    }

# module.core_uswest2.module.lambdas.module.test.aws_lambda_function.test_code will be updated in-place
  ~ resource "aws_lambda_function" "test_code" {
        id                             = "test_code"
      ~ last_modified                  = "2022-12-19T09:49:13.000+0000" -> (known after apply)
      ~ source_code_hash               = "97DjWSB071OvSjxUX2He2f=" -> (known after apply)
        tags                           = {}
        # (20 unchanged attributes hidden)
        # (3 unchanged blocks hidden)
    }

and after I deployed the changes, the source_hash and source_code_hash is actually not changed. This issue won't impact anything, but pretty annoying.

When I apply the changes, in the apply output it show 0 change were applied.

I'm trying to find a way when I run terraform plan, it won't show any changes if I didn't modify lambda function code.

steve Z
  • 9
  • 3
  • What is the bucket definition? Also this does not seem to be your real code. `role` is required in `aws_lambda_function`, yet you do not have it provided. Thus your code will not even run. – Marcin Jan 23 '23 at 02:27
  • Sorry I didn't make it clear, it was just part of my code, and the code is working fine, the issue is every time when I run the terraform plan, it comes up with 2 changes, so I just provider the resources might case this issue. – steve Z Jan 23 '23 at 02:45
  • So What is the bucket definition? – Marcin Jan 23 '23 at 02:48
  • Just updated the body. – steve Z Jan 23 '23 at 02:55
  • Its still not clear to me. Why would plan show `version_id` changes, if your bucket is not versioned at all? – Marcin Jan 23 '23 at 02:59
  • I didn't enable bucket versioning. maybe I should enable the versioning and try again. – steve Z Jan 23 '23 at 03:08
  • Can't reproduce for now, just before I've applied the changes, it always takes couple days to reproduce this issue again. – steve Z Jan 23 '23 at 03:59

0 Answers0