Why is Terraform saying "unsupported block type"?

Question

We maintain lambda deployments using Terraform. A new lambda requires VPC attachment to an existing VPC in my account. How do I define this network attachment in terraform?

I found this article Deploy AWS Lambda to VPC with Terraform insightful, but the example involves adding a new VPC (with subnets, security groups, etc.) as opposed to attaching to existing VPC, existing subnets, security groups etc.

I did try the following:

module "lambda" {
    source = "git::https://private-gitlab.net/corp-cloud-platform/corpcloudv2/terraform/lambda-modules.git?ref=dev" 
    lambda_name = var.name
    lambda_role = "arn:aws:iam::${var.ACCOUNT}:role/${var.lambda_role}"
    lambda_handler = var.handler
    lambda_runtime = var.runtime
    default_lambda_timeout = var.timeout
    ACCOUNT = var.ACCOUNT
    env = merge(
        local.common_tags,
        { DEFAULT_ROLE = "corp-platform" }
    )
    vpc_config {
    subnet_ids         = ["obfuscated", "obfuscated"]
    security_group_ids = ["obfuscated"]
  }

}

which was inspired by that blog example, but I get:

Error: Unsupported block type...
  on main.tf line 25, in module "lambda":
  25:     vpc_config {

What am I doing wrong? How do I use TF to attach my lambda to an existing VPC?

Thanks in advance.

Answer 1

You are using this block in a module resource. The vpc_config argument only works with aws_lambda_function resource. For your module you can try the following:

vpc_config = {
    subnet_ids         = ["obfuscated", "obfuscated"]
    security_group_ids = ["obfuscated"]
  }

Don't forget to add the variable to your module so you can reference it from the module.