search

aws / aws-sam-cli

CLI tool to build, test, debug, and deploy Serverless applications using AWS SAM
https://aws.amazon.com/serverless/sam/
Apache License 2.0
6.49k stars 1.17k forks source link

Bug: sam build --hook-name terraform --beta-features command fails: SAM CLI doesnot supporting Lambda aliases in API gatway #5948

Open arvindkurhe opened 11 months ago

arvindkurhe commented 11 months ago

Description:

We have terraform script where it creates API gateway (with child, grand child and parent relations ship) and Lambda functions. This Also requirement is to use Aliases for lambda function and create multi version API gateway. However whenver we run sam build comand gives following error,

Error: An error occurred when attempting to link two resources: Could not use the value aws_lambda_alias.publish_book_review_alias_refresh.invoke_arn as a destination for the source resource aws_api_gateway_integration.api_integration. The expected destination resources should be of destination resource type aws_lambda_function. using invoke_arn property.

SAM CLI doesnot supporting Lambda aliases in API gatway; SAM CLI DOESNOT UNDERSTAND aws_lambda_alias.publish_book_review_alias_refresh.invoke_arn

Steps to reproduce:

Create API Gateway with parent->child->grandchild relations ship Create Lambda function and intergrate same lambda function with all API's

Execute following command, sam build --hook-name terraform --beta-features --debug

Observed result:

Gives folloqwing error, aws_lambda_alias.publish_book_review_alias_refresh.invoke_arn as a destination for the source resource aws_api_gateway_integration.api_integration. The expected destination resources should be of destination resource type aws_lambda_function. using invoke_arn property.

Expected result:

LABMDA ALIASES INTEGRATED WITH API GATWAY WORKS IN ALL SCENARIO'S. SHOULD WORK WITH SAM CLI ALSO.

Additional environment details (Ex: Windows, Mac, Amazon Linux etc)

  1. OS: WINDOWS
  2. sam --version:1.97.0
  3. AWS region:aws-cli/2.1.11 Python/3.7.9 Windows/10 exe/AMD64 prompt/off
# Paste the output of `sam --info` here

{ "version": "1.97.0", "system": { "python": "3.8.8", "os": "Windows-10-10.0.19041-SP0" }, "additional_dependencies": { "docker_engine": "20.10.17", "aws_cdk": "Not available", "terraform": "1.5.3" }, "available_beta_feature_env_vars": [ "SAM_CLI_BETA_FEATURES", "SAM_CLI_BETA_BUILD_PERFORMANCE", "SAM_CLI_BETA_TERRAFORM_SUPPORT", "SAM_CLI_BETA_RUST_CARGO_LAMBDA" ] } Add --debug flag to command you are running error

arvindkurhe commented 11 months ago

Code Base is same AWS SAM Terraform as provided in below link, https://github.com/aws-samples/aws-sam-terraform-examples/tree/main/zip_based_lambda_functions/api-lambda-dynamodb-example

We have modified the code as per our requirment.

Please find attached zip file produces exact scenario, api-lambda-dynamodb-example.zip

arvindkurhe commented 11 months ago

Can someone guide on this as this is affecting procution deployment.

mildaniel commented 11 months ago

Hey @arvindkurhe, thanks for raising this issue. The AWS SAM CLI Terraform integration currently does not support linking your integration to a Lambda alias. It expects a Lambda function which is why you're seeing that error. I can mark this as a feature request.

Can you elaborate further on how this is affecting your production deployment. The Terraform integration features are intended for local development and testing.

arvindkurhe commented 11 months ago

How it is affecting production environement: We have dev, qa and prod environment created using terraform. Same code is used to set up local environment and running API's ang Lambda locally for developement purpose.

Now, we want to maintain diffrent versions of API's in same/diffrent API gateway deployment in single environment. This requires aliases which works with terraform but not with SAM terraform hook.

arvindkurhe commented 11 months ago

This should be a bug and not a feature as this is normal usecase might be used in lots of project.

mildaniel commented 11 months ago

I understand that this might be a normal use case, however, is not something currently supported by SAM CLI and not anything that is actually broken.

As for your case, would it be feasible to conditionally link to a function if the environment is development and to an alias if it's production? This way you'll be able to use the local testing functionality and keep your production configuration as is. To do this, you'll need to use the terraform apply workaround documented here https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/using-samcli-terraform.html

arvindkurhe commented 11 months ago

If we use terraform apply then this will create environment in AWS Account. Usually terraform script will have other resources also which would cost. This breaks thec concept of local testing of API and Lambda.