Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
r/aws_lambda_function: re-implement replace_security_groups_on_destroy (
#37624) This change implements an alternative approach for improving deletion times of security groups associated with deleted Lambda functions. Previously, the `replace_security_groups_on_destroy` and `replacement_security_group_ids` were deprecated as AWS began disallowing modification of the security groups assigned to orphaned ENI's left behind after destruction of a Lambda function. The deprecations on these arguments will be removed with this re-implementation. Instead of attempting to modify orphaned ENI's after deletion of the function, this approach replaces the security groups assigned in the functions VPC configuration, waits for the configuration update to complete, and then deletes the function. This re-ordering allows for faster security group deletion as the lambda function ENI's left behind after deletion do not contain the configured security groups. This approach also does not violate AWS rules around mutability of Lambda function ENI's, as Lambda is handling replacement of the security groups associated with the ENI's internally. While improvements are not as significant as the previous approach, this option still offers a significant reduction in destroy time when compared to a configurations without this option enabled. ```console % make testacc PKG=lambda TESTS="TestAccLambdaFunction_VPC_replaceSGWith" ==> Checking that code complies with gofmt requirements... TF_ACC=1 go1.22.2 test ./internal/service/lambda/... -v -count 1 -parallel 20 -run='TestAccLambdaFunction_VPC_replaceSGWith' -timeout 360m --- PASS: TestAccLambdaFunction_VPC_replaceSGWithDefault (426.21s) --- PASS: TestAccLambdaFunction_VPC_replaceSGWithCustom (648.47s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/lambda 653.553s ``` ```console % make testacc PKG=lambda TESTS="TestAccLambdaFunction_" ==> Checking that code complies with gofmt requirements... TF_ACC=1 go1.22.2 test ./internal/service/lambda/... -v -count 1 -parallel 20 -run='TestAccLambdaFunction_' -timeout 360m --- PASS: TestAccLambdaFunction_expectFilenameAndS3Attributes (7.82s) === CONT TestAccLambdaFunction_loggingConfig --- PASS: TestAccLambdaFunction_nameValidation (8.23s) === CONT TestAccLambdaFunction_ephemeralStorage --- PASS: TestAccLambdaFunction_Zip_validation (13.86s) === CONT TestAccLambdaFunction_architecturesWithLayer --- PASS: TestAccLambdaFunction_versioned (49.69s) === CONT TestAccLambdaFunction_architecturesUpdate --- PASS: TestAccLambdaFunction_S3Update_unversioned (59.60s) === CONT TestAccLambdaFunction_architectures --- PASS: TestAccLambdaFunction_skipDestroyInconsistentPlan (60.70s) === CONT TestAccLambdaFunction_EnvironmentVariables_noValue --- PASS: TestAccLambdaFunction_S3Update_basic (62.64s) === CONT TestAccLambdaFunction_tags --- PASS: TestAccLambdaFunction_nilDeadLetter (68.23s) === CONT TestAccLambdaFunction_unpublishedCodeUpdate --- PASS: TestAccLambdaFunction_basic (71.08s) === CONT TestAccLambdaFunction_envVariables --- PASS: TestAccLambdaFunction_tracing (74.88s) === CONT TestAccLambdaFunction_disappears --- PASS: TestAccLambdaFunction_EnvironmentVariables_emptyUpgrade (76.27s) === CONT TestAccLambdaFunction_disablePublish --- PASS: TestAccLambdaFunction_skipDestroy (80.78s) === CONT TestAccLambdaFunction_deadLetterUpdated --- PASS: TestAccLambdaFunction_snapStart (81.34s) === CONT TestAccLambdaFunction_deadLetter --- PASS: TestAccLambdaFunction_concurrencyCycle (98.23s) === CONT TestAccLambdaFunction_VPCPublishNo_changes --- PASS: TestAccLambdaFunction_codeSigning (105.37s) === CONT TestAccLambdaFunction_s3 --- PASS: TestAccLambdaFunction_ephemeralStorage (114.15s) === CONT TestAccLambdaFunction_emptyVPC --- PASS: TestAccLambdaFunction_s3 (26.56s) === CONT TestAccLambdaFunction_VPC_replaceSGWithCustom --- PASS: TestAccLambdaFunction_loggingConfig (126.46s) === CONT TestAccLambdaFunction_VPC_replaceSGWithDefault --- PASS: TestAccLambdaFunction_LocalUpdate_nameOnly (304.98s) === CONT TestAccLambdaFunction_VPC_properIAMDependencies --- PASS: TestAccLambdaFunction_localUpdate (310.81s) === CONT TestAccLambdaFunction_VPCPublishHas_changes --- PASS: TestAccLambdaFunction_EnvironmentVariables_noValue (273.32s) === CONT TestAccLambdaFunction_enablePublish --- PASS: TestAccLambdaFunction_architectures (276.70s) === CONT TestAccLambdaFunction_versionedUpdate --- PASS: TestAccLambdaFunction_disappears (281.36s) === CONT TestAccLambdaFunction_encryptedEnvVariables --- PASS: TestAccLambdaFunction_tags (297.75s) === CONT TestAccLambdaFunction_vpc --- PASS: TestAccLambdaFunction_disablePublish (297.83s) === CONT TestAccLambdaFunction_VPC_withInvocation --- PASS: TestAccLambdaFunction_deadLetterUpdated (309.54s) === CONT TestAccLambdaFunction_vpcUpdate --- PASS: TestAccLambdaFunction_deadLetter (310.61s) === CONT TestAccLambdaFunction_vpcRemoval --- PASS: TestAccLambdaFunction_envVariables (331.82s) === CONT TestAccLambdaFunction_layers --- PASS: TestAccLambdaFunction_runtimes (438.40s) === CONT TestAccLambdaFunction_layersUpdate --- PASS: TestAccLambdaFunction_architecturesWithLayer (562.33s) === CONT TestAccLambdaFunction_concurrency --- PASS: TestAccLambdaFunction_ipv6AllowedForDualStack (701.53s) === CONT TestAccLambdaFunction_KMSKeyARN_noEnvironmentVariables --- PASS: TestAccLambdaFunction_emptyVPC (643.83s) --- PASS: TestAccLambdaFunction_fileSystem (907.72s) --- PASS: TestAccLambdaFunction_VPCPublishNo_changes (938.12s) --- PASS: TestAccLambdaFunction_VPC_replaceSGWithCustom (1056.70s) --- PASS: TestAccLambdaFunction_architecturesUpdate (1295.23s) --- PASS: TestAccLambdaFunction_VPC_properIAMDependencies (1056.01s) --- PASS: TestAccLambdaFunction_VPC_replaceSGWithDefault (1226.73s) --- PASS: TestAccLambdaFunction_enablePublish (1038.48s) --- PASS: TestAccLambdaFunction_unpublishedCodeUpdate (1479.15s) --- PASS: TestAccLambdaFunction_encryptedEnvVariables (1228.87s) --- PASS: TestAccLambdaFunction_VPCPublishHas_changes (1424.59s) --- PASS: TestAccLambdaFunction_vpc (1569.97s) --- PASS: TestAccLambdaFunction_layers (1546.31s) --- PASS: TestAccLambdaFunction_VPC_withInvocation (1588.27s) --- PASS: TestAccLambdaFunction_KMSKeyARN_noEnvironmentVariables (1654.83s) --- PASS: TestAccLambdaFunction_concurrency (1782.71s) --- PASS: TestAccLambdaFunction_layersUpdate (1924.70s) --- PASS: TestAccLambdaFunction_versionedUpdate (2040.51s) --- PASS: TestAccLambdaFunction_vpcUpdate (2161.88s) --- PASS: TestAccLambdaFunction_vpcRemoval (2161.44s) PASS ok github.com/hashicorp/terraform-provider-aws/internal/service/lambda 2558.481s ```
- Loading branch information