-
Notifications
You must be signed in to change notification settings - Fork 9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
S3 and Dynamodb endpoints keep getting replaced #25568
Comments
Hi @aaditi30 👋 Thank you for taking the time to raise this! I see that the module.vpc.data.aws_vpc_endpoint_service.dynamodb_endpoint_service will be read during apply
(config refers to values not yet known) Can you supply the configuration for this data source as well? Based on the plan log, it appears that what is happening is that there is an argument for the data source that is not known at plan time, and so the data source must be read during the apply phase on each run (see the Data Resource Behavior documentation for more information). Because the |
This is happening for us sporadically. It doesn't happen all the time. Sometimes we apply and suddenly all of our VPC endpoints need to be replaced. We aren't changing anything going into the VPC module or relating to the endpoints. Sidenote - we are deploying in govcloud. We're using this module: https://github.com/defenseunicorns/terraform-aws-vpc/blob/main/main.tf#L130-L256 which feeds into this -> truncated output, but it does this for all of our endpoints that get fed from that ~ requester_managed = false -> (known after apply)
~ route_table_ids = [] -> (known after apply)
~ service_name = "com.amazonaws.us-gov-west-1.ssm" # forces replacement -> (known after apply) # forces replacement
~ state = "available" -> (known after apply) |
Problem Summary:
Provider Version: 3.31
Terraform version: v0.14.11
Creating s3 and dynamodb vpc endpoints.
Each time we run terraform plan the endpoint service is finding new endpoint in the backend and these endpoints keep getting replaced.
Output
We can clearly see the service arn changing in the data call aws_vpc_endpoint_service for every plan output.
Tried adding the aws_vpc_endpoint_service data resource, adding the service arn and vpc arn in local
Referred issues:
#13383
#3777
Expected Behavior:
Once apply resource should not get modified unless there is a specific change made in the resource.
Actual Behavior
The resource gets modified on every apply.
The text was updated successfully, but these errors were encountered: