terraform-provider-aws icon indicating copy to clipboard operation
terraform-provider-aws copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

[Bug]: aws_identitystore_group description not updating

Open gab-despreslaberge opened this issue 2 years ago • 1 comments

Terraform Core Version

1.3.5

AWS Provider Version

4.43.0

Affected Resource(s)

  • aws_identitystore_group

Expected Behavior

The description of the group should be updated when changed

Actual Behavior

The description is not updated

Relevant Error/Panic Output Snippet

terraform apply --auto-approve
data.aws_organizations_organization.this: Reading...
data.aws_ssoadmin_instances.this: Reading...
data.aws_ssoadmin_instances.this: Read complete after 0s [id=ca-central-1]
aws_identitystore_group.test_gab: Refreshing state... [id=<redacted>]
data.aws_organizations_organization.this: Read complete after 1s [id=<redacted>]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_identitystore_group.test_gab will be updated in-place
  ~ resource "aws_identitystore_group" "test_gab" {
      ~ description       = "test_gab" -> "change me"
        id                = "<redacted>"
        # (4 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.
aws_identitystore_group.test_gab: Modifying... [id=<redacted>]
aws_identitystore_group.test_gab: Modifications complete after 0s [id=<redacted>]

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

terraform plan                
data.aws_organizations_organization.this: Reading...
data.aws_ssoadmin_instances.this: Reading...
data.aws_ssoadmin_instances.this: Read complete after 0s [id=ca-central-1]
aws_identitystore_group.test_gab: Refreshing state... [id=<redacted>]
data.aws_organizations_organization.this: Read complete after 1s [id=<redacted>]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # aws_identitystore_group.test_gab will be updated in-place
  ~ resource "aws_identitystore_group" "test_gab" {
      ~ description       = "test_gab" -> "change me"
        id                = "<redacted>"
        # (4 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Terraform Configuration Files

main.tf

provider "aws" {}
data "aws_ssoadmin_instances" "this" {}

locals {
  identity_store_id             = tolist(data.aws_ssoadmin_instances.this.identity_store_ids)[0]
}

resource "aws_identitystore_group" "test_gab" {
  identity_store_id = local.identity_store_id
  display_name = "test_gab"
  description    = "initial description"
}

Steps to Reproduce

  • Create a SSO group using the main.tf above with terraform apply
  • Change the description in main.tf
  • Apply the changes again: terraform apply
  • The description will not have changed, can be confirmed in the AWS Console and a terraform plan will yield the same changes over and over.

Debug Output

https://gist.github.com/gab-despreslaberge/8c653c187b253a6d8c3772568ef5d80f

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

No

gab-despreslaberge avatar Nov 30 '22 13:11 gab-despreslaberge

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

github-actions[bot] avatar Nov 30 '22 13:11 github-actions[bot]

Same issue here. Deleting and recreating the group solves it temporarily.

I am creating permission-sets in the same apply, with the same description, pulled from a variable. The permission-sets deploy successfully.

selfisch avatar Dec 06 '22 13:12 selfisch

Any update on this? I am facing the same issue.

rruben-kyndryl avatar Jan 11 '23 13:01 rruben-kyndryl

same issue here

mgs-garcia avatar Mar 10 '23 19:03 mgs-garcia

Changing the display_name of the resource forces the replacement. It's a dirty way to force the update of the description, but it's working.

RobinFrcd avatar Apr 16 '23 10:04 RobinFrcd

/push

fbeering avatar Apr 25 '23 08:04 fbeering

same issue here

rpolak avatar Aug 04 '23 19:08 rpolak

This issue is still exists. v1.5.1

zoltan-szabo avatar Aug 22 '23 22:08 zoltan-szabo

Issue still happens with latest tf and provider version.

  • Terraform v1.5.6
  • hashicorp/aws 5.15.0

christoph-kluge avatar Sep 01 '23 10:09 christoph-kluge

This functionality has been released in v5.23.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

github-actions[bot] avatar Oct 26 '23 23:10 github-actions[bot]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

github-actions[bot] avatar Nov 26 '23 02:11 github-actions[bot]