Correctness

lambda-redundant-field-with-image

When using the AWS Lambda “Image” package_type, runtime and handler are not necessary for Lambda to understand how to run the code. These are built into the container image. Including runtime or handler with an “Image” package_type will result in an error on terraform apply. Remove these redundant fields.

lambda-permission-logs-missing-arn-asterisk

The source_arn field needs to end with an asterisk, like this: <log-group-arn>:* Without this, the aws_lambda_permission resource ‘

NAME' will not be created. Add the asterisk to the end of the arn. x

ARN

subscription-filter-missing-depends

The aws_cloudwatch_log_subscription_filter resource “$NAME” needs a depends_on clause on the aws_lambda_permission, otherwise Terraform may try to create these out-of-order and fail.
Confidence: MEDIUM

reserved-aws-lambda-environment-variable

terraform apply will fail because the environment variable “

VARIABLE" is a reserved by AWS. Use another name for "

VARIABLE”.

Start Here

Setup

Pull Request Review

Scan center

Integrations

IDE

Rule Reference

Resources