New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
network acl: change in one rule triggers updates for all #10611
Comments
Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label. If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you! |
Hey @giner 👋 Thank you for taking the time to file this issue. Given that there's been a number of Terraform and AWS provider releases since you initially filed it, can you confirm whether you're still experiencing this behavior? |
Hi @justinretzolk, The behaviour is a bit different now but still in place. Before the changes were mistakenly recognized in Configuration:
Plan:
|
I am facing the same issue when adding a new inline rule. Here is the existing rule which requires update in-place.
This is my new rule that I would like to add
Here is my Terraform version:
Is there any workarounds for this as it has to destroy the old rules and re-create them which is not reasonable for me, especially on Production environment. Appreciate!!! |
Hey y'all 👋 Can someone who is experiencing this behavior supply a sample configuration so we have the information we need to look into this? |
@justinretzolk Hi Justin, here is my simple Terraform resource that I use for testing this one.
Also, here is my provider version as well:
|
Same with ipv6_cidr_block: If you pass
|
{ I just changed the order from inbound rule 140 to inbound rule 130 and inbound rule 130 to inbound rule 140 . Nothing was added or removed. |
I also am facing this issue from cdktf. Below is portion of my config This makes using terraform for production NACL highly unusable.
|
I'm having this issue as well, when managing the default network acl for a VPC.
This plan has already been applied, when I run terraform plan on this code again, I get the following output:
|
If
icmp_code
andicmp_type
are not provided in the config (as these are optional) their values are sent to aws API asnull
s however retrieved later as zeroes. This leads to reapplying all of the rules every time there is a small change.Community Note
Terraform Version
0.12.9 with the latest version of the aws provider plugin
Affected Resource(s)
Terraform Configuration Files
Expected Behavior
Change in a single rule updates only the related record.
Actual Behavior
Change in a single rule triggers updates for all rules.
Steps to Reproduce
terraform apply
terraform plan
orterraform apply
Workaround
Specifying icmp_type and icmp_code explicitly as '0' helps to work around the issue.
The text was updated successfully, but these errors were encountered: