Skip to content

Fix lambda target group: remove unsupported health_check block#70

Merged
Alexanderamiri merged 1 commit into
mainfrom
fix/lambda-target-group-health-check
Mar 16, 2026
Merged

Fix lambda target group: remove unsupported health_check block#70
Alexanderamiri merged 1 commit into
mainfrom
fix/lambda-target-group-health-check

Conversation

@Alexanderamiri
Copy link
Copy Markdown
Member

@Alexanderamiri Alexanderamiri commented Mar 16, 2026

Lambda target groups don't support health checks. The health_check block causes a validation error on create.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented Mar 16, 2026

Terraform Plan

🚧 Changes detected — Plan: 4 to add, 0 to change, 0 to destroy.

Plan output 
Acquiring state lock. This may take a few moments...

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.lambdas.aws_lambda_permission.password_set_alb will be created
  + resource "aws_lambda_permission" "password_set_alb" {
      + action              = "lambda:InvokeFunction"
      + function_name       = "javabin-password-set"
      + id                  = (known after apply)
      + principal           = "elasticloadbalancing.amazonaws.com"
      + source_arn          = (known after apply)
      + statement_id        = "AllowALBInvoke"
      + statement_id_prefix = (known after apply)
    }

  # module.lambdas.aws_lb_listener_rule.password_set will be created
  + resource "aws_lb_listener_rule" "password_set" {
      + arn          = (known after apply)
      + id           = (known after apply)
      + listener_arn = "arn:aws:elasticloadbalancing:eu-central-1:553637109631:listener/app/javabin-platform-alb/bec1dd43ab8341b9/500c9c2b4186bf45"
      + priority     = 10
      + tags_all     = {
          + "environment" = "production"
          + "managed-by"  = "terraform"
          + "project"     = "javabin"
          + "team"        = "javabin"
        }

      + action {
          + order            = (known after apply)
          + target_group_arn = (known after apply)
          + type             = "forward"
        }

      + condition {
          + host_header {
              + values = [
                  + "password.javazone.no",
                ]
            }
        }
    }

  # module.lambdas.aws_lb_target_group.password_set will be created
  + resource "aws_lb_target_group" "password_set" {
      + arn                                = (known after apply)
      + arn_suffix                         = (known after apply)
      + connection_termination             = (known after apply)
      + deregistration_delay               = "300"
      + id                                 = (known after apply)
      + ip_address_type                    = (known after apply)
      + lambda_multi_value_headers_enabled = false
      + load_balancer_arns                 = (known after apply)
      + load_balancing_algorithm_type      = (known after apply)
      + load_balancing_anomaly_mitigation  = (known after apply)
      + load_balancing_cross_zone_enabled  = (known after apply)
      + name                               = "javabin-password-set"
      + name_prefix                        = (known after apply)
      + preserve_client_ip                 = (known after apply)
      + protocol_version                   = (known after apply)
      + proxy_protocol_v2                  = false
      + slow_start                         = 0
      + tags_all                           = {
          + "environment" = "production"
          + "managed-by"  = "terraform"
          + "project"     = "javabin"
          + "team"        = "javabin"
        }
      + target_type                        = "lambda"
    }

  # module.lambdas.aws_lb_target_group_attachment.password_set will be created
  + resource "aws_lb_target_group_attachment" "password_set" {
      + id               = (known after apply)
      + target_group_arn = (known after apply)
      + target_id        = "arn:aws:lambda:eu-central-1:553637109631:function:javabin-password-set"
    }

Plan: 4 to add, 0 to change, 0 to destroy.

─────────────────────────────────────────────────────────────────────────────

Saved the plan to: tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "tfplan"

LLM Review

Risk: 🟢 LOW

Adding ALB integration for password-set Lambda function with listener rule routing traffic from password.javazone.no.

  • [routine] Creating ALB target group and listener rule to route password.javazone.no traffic to existing javabin-password-set Lambda function
  • [routine] Adding Lambda permission for ALB (elasticloadbalancing.amazonaws.com) to invoke the password-set function - standard ALB-Lambda integration pattern
  • [routine] No security group changes, no public access modifications, and no changes to existing Lambda function or IAM policies
  • [routine] All new resources properly tagged with environment, project, team, and managed-by labels for governance

@Alexanderamiri Alexanderamiri merged commit dbddf9f into main Mar 16, 2026
3 checks passed
@Alexanderamiri Alexanderamiri deleted the fix/lambda-target-group-health-check branch March 16, 2026 20:53
Alexanderamiri added a commit that referenced this pull request May 9, 2026
@Alexanderamiri
Fix lambda target group: remove unsupported health_check block (#70)
8a73eda 
Lambda target groups don't support health checks. The `health_check`
block causes a validation error on create.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Alexanderamiri