-
Notifications
You must be signed in to change notification settings - Fork 9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws_instance associate_public_ip_address #227
Comments
+1 on this ticket |
Hey @mengesb + @alejandroEsc, Thanks for the issue! However, I believe this is working as expected. More than happy to discuss reasons why I might be wrong, however 😄 The Then, during the Read of the created instance, the This all being said, it sounds like the issue would be made much clearer if All of this being said, however, if you require a much more granularity in instance-level networking, the For now, I'm going to close this issue, but if we discuss further that it needs to be fixed, we can re-open and re-evaluate. Thanks again! |
@grubernaut please reopen and in encourage you to warn before closing next time. Summary: |
@grubernaut also, I would have to review, but I do NOT remember this value being a computed value, how would that possibly be the case? |
@grubernaut this issue attends from a tri-state problem that was in the history of the original issues (more than one).
User provided information should take precedence over anything computed. In this case terraform can't create a private IP only system in a subnet that has associate public IP set to true |
Hey @alejandroEsc + @mengesb, Thank you for the replies! First of all, would like to apologize for pre-emptively closing the issues and PR's, going to re-open for re-evaluation. Also apologies for the late response, been in meetings. Going to respond as best as I can to the points made:
So, I will fully stand by the fact that there is a bug with the
Absolutely agree! We're currently discussing internally the best way to solve this issue without incurring the breaking change by making the attribute a string value, and should come up with a solution soon. Thanks, and apologies again for the premature issue close. |
@grubernaut thank you for the prompt reply. The solution, as per my investigation, would require in the most complete way to change your schema types in such a way to allow for nullable-types as valid option schema types. That, in my opinion would be a huge change and any other change would most likely be more hacky band-aid. Since we are parsing from yaml, i do not believe that my PRs are breaking changes. |
Hey all, Just a quick note, we haven't forgotten about you 😄. Thanks! |
Hey all, sorry for the delay on this. Thanks! |
@grubernaut please RE-OPEN my PRs again and let's compare. I dont think you quite get the whole story. You essentially do what i did in one of my PRs that you closed, but you are again relying on |
@alejandroEsc, I'm more than happy to discuss why you feel it's not working as expected. |
@grubernaut please add here the PR where the functionality of GerOkExists() has changed. In addition I would like to mention that my changes is not a breaking change. I took extreme care not to do so. |
@grubernaut the change was pointed to me but another collaborator. Yeah the addition of that new function is something i guess you accepted the risk of potential abuse, and it was something i had considered but went against it for a few reasons some philosophical and some practical. Could you verify for me the following cases work: Tests to perform on Launch Configurations and Instances:
please note that distinction between the three cases: |
Hey @alejandroEsc, sure no problem. The PR to Terraform core that adds And the PR's listed to change the boolean attributes to string attributes incur a breaking change on existing terraform statefiles. For an example, try creating an
Then compile your PR, and observe the differences. The breaking change would require each user specifying a boolean value for that attribute, to wrap strings around the attribute's value. The PR also does not handle a boolean being explicitly set inside of a user's config. If a user attempts to use the current behavior of a literal boolean, your PR causes the parsed "string" value to be Removing the conflict on the Also, the PR doesn't handle the conversion of the returned struct into a string during the Read function. Thus, the returned boolean from the AWS API call will attempt to be cast into a string during the call to This can, however, be fixed with a state migration function on the |
@alejandroEsc expanded the tests to cover each case listed.
|
👍
On Aug 4, 2017 09:51, "Jake Champlin" <notifications@github.com> wrote:
@alejandroEsc <https://github.com/alejandroesc> expanded the tests to cover
each case listed.
$ make testacc TEST=./aws TESTARGS="-run=TestAccAWSInstance_associatePublic_"
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSInstance_associatePublic_ -timeout 120m
=== RUN TestAccAWSInstance_associatePublic_defaultPrivate
--- PASS: TestAccAWSInstance_associatePublic_defaultPrivate (106.54s)
=== RUN TestAccAWSInstance_associatePublic_defaultPublic
--- PASS: TestAccAWSInstance_associatePublic_defaultPublic (215.38s)
=== RUN TestAccAWSInstance_associatePublic_explicitPublic
--- PASS: TestAccAWSInstance_associatePublic_explicitPublic (112.23s)
=== RUN TestAccAWSInstance_associatePublic_explicitPrivate
--- PASS: TestAccAWSInstance_associatePublic_explicitPrivate (224.96s)
=== RUN TestAccAWSInstance_associatePublic_overridePublic
--- PASS: TestAccAWSInstance_associatePublic_overridePublic (117.78s)
=== RUN TestAccAWSInstance_associatePublic_overridePrivate
--- PASS: TestAccAWSInstance_associatePublic_overridePrivate (112.48s)
PASS
ok github.com/terraform-providers/terraform-provider-aws/aws 889.375s
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#227 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ABUHF_1aJQKH6DCb01mdSlwCsF8Po0Cfks5sU0wBgaJpZM4N41XY>
.
|
Hi, Sorry but maybe I misunderstood something - I am trying to create an ec2 instance in a vpc that is out of my control where the default behaviour is to attach public ips and I want terraform to force this NOT to happen, so I have Terraform version
Resource declaration
Results
Note how after creation the value of
|
Hi @iancustoica, thanks for the report! This was just merged into the |
@iancustoica in reply to "Is there anything I can do about it": If you compile the |
Roger that, thank you very much for taking the time and answering my questions - I will wait until the next release. |
@iancustoica awesome, happy to help! Please let us know if you need anything else, thanks! |
@grubernaut I am still having the issue. My versions:
Am I missing something ? I have a minimal config file that doesn't work:
The result of
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
This issue was originally opened by @mengesb as hashicorp/terraform#8244. It was migrated here as part of the provider split. The original body of the issue is below.
Related to hashicorp/terraform#5764 I'd like to re-raise the issue of
associate_public_ip_address
in theaws_instance
resource.If the subnet being used has a
map_public_ip = true
setting, it will always map a public IP. I rather this be interpreted as, "If not specified, usemap_public_ip
setting for the subnet". It seems this is not the case, and that the subnet settings can override theaws_instance
settings.Is this an API limitation? Even if I create a subnet with public IP mapping, there are circumstances where I want the VMs created to not have public IPs. I know that if I have a subnet that DOES NOT map public IPs, and I set
associate_public_ip_address = true
on theaws_instance
resource, I get a public IP. When I manually create an instance via the AWS console, I get the option to disable the 'auto-assign public IP', accept the subnet default, or enable. Seems pretty clear-cut here that if I specifyfalse
forassociate_public_ip_address
I should NOT get a public IP no matter what the subnet settings are.Terraform Version
0.7.0
Affected Resource(s)
Terraform Configuration Files
Debug Output
N/A
Panic Output
N/A
Expected Behavior
if
associate_public_ip_address
is set to false, I get an instance without a public IP. If `associate_public_ip_address is set to true, I get an instance with a public IP. This doesn't matter whether or not the subnet is set to automatically map public IPs or not.Actual Behavior
if
associate_public_ip_address
is set to false, I get an instance with a public IP if the subnet is configured tomap_public_ip = true
(done in terraform or not done in terraform).if
associate_public_ip_address
is set to false, I get an instance without a public IP if the subnet is configured tomap_public_ip = false
(done in terraform or not done in terraform).Steps to Reproduce
associate_public_ip_address
tofalse
map_public_ip = true
)terraform apply
associate_public_ip_address
totrue
map_public_ip = false
)terraform apply
associate_public_ip_address
tofalse
map_public_ip = false
)terraform apply
associate_public_ip_address
totrue
map_public_ip = true
)terraform apply
associate_public_ip_address
map_public_ip = true
)terraform apply
associate_public_ip_address
map_public_ip = false
)terraform apply
Important Factoids
N/A
References
Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:
The text was updated successfully, but these errors were encountered: