Skip to content

terraform-lambda-ecr-integration: Update AWS Provider to v6 #3092

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kakakakakku wants to merge 4 commits into
base: main
Choose a base branch
from
Open

terraform-lambda-ecr-integration: Update AWS Provider to v6 #3092

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
6279f15
terraform-lambda-ecr-integration: Update AWS Provider to v6
kakakakakku May 2, 2026
c709592
terraform-lambda-ecr-integration: Fix deprecated aws_region name attr…
kakakakakku May 2, 2026
1416403
terraform-lambda-ecr-integration: Fix docker build for containerd ima…
kakakakakku May 2, 2026
8ef42e2
terraform-lambda-ecr-integration: Fix service name
kakakakakku May 2, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 5 additions & 5 deletions terraform-lambda-ecr-integration/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

This pattern will provision Amazon Elastic Container Registry (ECR), push the code into the Container Registry along with AWS Lambda function to execute the container.

As part of the build process, a container will be built, pushed into ECR, and ultimately deployed as an AWS Lambda function. When an AWS Lambda is executed, the container's example bash script will run. Following the completion of the AWS lambda function execution, logs will be published to AWS Cloudwatch. The security component is likewise handled by KMS Keys and IAM Roles.
As part of the build process, a container will be built, pushed into ECR, and ultimately deployed as an AWS Lambda function. When an AWS Lambda is executed, the container's example bash script will run. Following the completion of the AWS lambda function execution, logs will be published to AWS CloudWatch. The security component is likewise handled by KMS Keys and IAM Roles.

## Getting started with Terraform Serverless Patterns

Expand All @@ -14,27 +14,27 @@ You also need [docker](https://www.docker.com/) and md5 to be installed on your

The deployment will require you to provide the AWS VPC id along with the Subnet id(s) where you want this pattern to be deployed.

Optionally, you can also specify env and organization (tagging purposes), timeout and memory_size (AWS Lmabda function compute purposes) and lastly logging_level to specify the logging level for your function. These values default to entires in the variable.tf file if not provided at deployment.
Optionally, you can also specify env and organization (tagging purposes), timeout and memory_size (AWS Lambda function compute purposes) and lastly logging_level to specify the logging level for your function. These values default to entires in the variable.tf file if not provided at deployment.

```shell
# terraform init
terraform init

# terraform plan with sample values for vpc and subnet
terraform plan -var="aws_vpc_id=vpc-xxxx" -var='aws_subnets=["subnet-xxxx","subnet-xxxx","subnet-xxxx"]'
terraform plan -var="aws_vpc_id=vpc-xxxx" -var='aws_subnets=["subnet-xxxx","subnet-xxxx","subnet-xxxx"]'

# terraform apply
terraform apply -var="aws_vpc_id=vpc-xxxx" -var='aws_subnets=["subnet-xxxx","subnet-xxxx","subnet-xxxx"]'
```

Once deployed you can execute the Lambda function from the AWS Lambda Console or via AWS CLI. The logs will be published to Amazon Cloudwatch.
Once deployed you can execute the Lambda function from the AWS Lambda Console or via AWS CLI. The logs will be published to Amazon CloudWatch.

```shell
aws lambda invoke \
--function-name testing-serverlessland-ecr-lambda \
--cli-binary-format raw-in-base64-out \
--log-type Tail --query 'LogResult' --output text \
response.json | base64 --decode
response.json | base64 --decode
```


Expand Down
2 changes: 1 addition & 1 deletion terraform-lambda-ecr-integration/bin/build.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ aws ecr get-login-password --region ${TARGET_AWS_REGION} | docker login --userna
}

# Build image
docker build --no-cache -t ${IMAGE_NAME} ${BUILD_FOLDER} --platform linux/amd64
docker build --no-cache --provenance=false -t ${IMAGE_NAME} ${BUILD_FOLDER} --platform linux/amd64
Copy link
Copy Markdown
Contributor Author

@kakakakakku kakakakakku May 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

╷
│ Error: creating Lambda Function (testing-serverlessland-ecr-lambda): operation error Lambda: CreateFunction, https response error StatusCode: 400, RequestID: 337794b6-72f5-4311-804b-a607af78a1ae, InvalidParameterValueException: The image manifest, config or layer media type for the source image 000000000000.dkr.ecr.us-east-1.amazonaws.com/testing-serverlessland-ecr-lambda@sha256:c548298ac414e9880c90c95b21be156f3a1dda1c6c86ef7882db9e9474a0952c is not supported.
│ 
│   with aws_lambda_function.this_aws_lambda_function,
│   on main.tf line 186, in resource "aws_lambda_function" "this_aws_lambda_function":
│  186: resource "aws_lambda_function" "this_aws_lambda_function" {
│ 
╵


# Docker Tag and Push
docker tag ${IMAGE_NAME}:latest ${IMAGE_URI}:latest
Expand Down
2 changes: 1 addition & 1 deletion terraform-lambda-ecr-integration/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ locals {
organization = var.organization
env = var.env
}
region = data.aws_region.current.name
region = data.aws_region.current.id
Copy link
Copy Markdown
Contributor Author

@kakakakakku kakakakakku May 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

  ╷                                                                                                                                                                                 
  │ Warning: Deprecated attribute                                                                                                                                                   
  │                                                                                                                                                                                 
  │   on main.tf line 17, in locals:                                                                                                                                                
  │   17:   region                 = data.aws_region.current.name                                                                                                                   
  │                                                                                                                                                                                 
  │ The attribute "name" is deprecated. Refer to the provider documentation for details.

account_id = data.aws_caller_identity.current.account_id
standard_resource_name = "${var.env}-${var.organization}-ecr-lambda"
ecr_base_arn = "${local.account_id}.dkr.ecr.${local.region}.amazonaws.com"
Expand Down
4 changes: 2 additions & 2 deletions terraform-lambda-ecr-integration/versions.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 5.24"
version = "~> 6.0"
}
external = {
source = "hashicorp/external"
Expand All @@ -15,4 +15,4 @@ terraform {
version = ">= 3.2"
}
}
}
}