-
Notifications
You must be signed in to change notification settings - Fork 5.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Race condition with AWS API Gateway Method & Lambda Permission #9525
Comments
Hello @richardowen, thanks a lot for reporting and for spotting this bug. We'd be more than happy to accept a community PR that addresses this problem 🙇 |
@pgrzesik I'd like to take this up, but since I'm not aware of the codebase whatsoever, I'll be going through it first before I start working on it, hope that's okay!? If anyone else in the mean time wants to pick it up, I'll be happy to contribute towards that PR or just even learning from their PR! |
So, from what I can gather from the issue is that the template on
|
Hello @ParadoxInfinite,
And did you get a way to reproduce the issue? |
When creating an API gateway method using the lambda proxy integration, the method isn't set to depend on the lambda permission in the CloudFormation code. When you first deploy the API, this isn't a problem, because the API can be deployed and the lambda permission created in parallel, and once they're both done the API works.
However, if you perform an update which replaces the lambda function, this is what happens:
Eventually, the API works. However during the update, users can receive errors from the API due to missing permissions. This is because step 2 & 3 above run in parallel, creating a race condition. The API gateway can be deployed before the Lambda permission has been created. Until the permission has been created, users will receive errors.
I think the fix for this should be fairly simple. The
AWS::ApiGateway::Method
resource in the CloudFormation stack needs aDependsOn
attribute referencing theAWS::Lambda::Permission
resource.serverless.yml (for create)
serverless.yml (for update)
SLS_DEBUG=* serverless deploy
outputInstalled version
The text was updated successfully, but these errors were encountered: