pulumi-aws-native icon indicating copy to clipboard operation
pulumi-aws-native copied to clipboard

Published 20 hours ago verified publisher icon pulumi

Update requires: Replacement fields are not triggering replace

Open dmfigol opened this issue 5 months ago • 2 comments

What happened?

When I change a field that requires replacement, pulumi doesn't treat it as such.
I am pretty sure this was not happening before.

Example

Repro

name: pulumi-sandbox
description: A minimal AWS Pulumi YAML program
runtime: yaml
resources:
  vpc:
    type: aws-native:ec2:Vpc
    properties:
      cidrBlock: 10.20.0.0/16

change cidrBlock to something else and run pulumi up. Replace is not triggered:

-> % pulumi up
Previewing update (dev)

View in Browser (Ctrl+O): https://app.pulumi.com/dmfigol-cloud/pulumi-sandbox/dev/previews/0061d466-3366-4aed-afdf-b341b8ad5055

     Type                   Name                Plan       Info
     pulumi:pulumi:Stack    pulumi-sandbox-dev             
 ~   └─ aws-native:ec2:Vpc  vpc                 update     [diff: ~cidrBlock]

Resources:
    ~ 1 to update
    1 unchanged

Do you want to perform this update? yes
Updating (dev)

View in Browser (Ctrl+O): https://app.pulumi.com/dmfigol-cloud/pulumi-sandbox/dev/updates/7

     Type                   Name                Status                  Info
     pulumi:pulumi:Stack    pulumi-sandbox-dev  **failed**              1 error
 ~   └─ aws-native:ec2:Vpc  vpc                 **updating failed**     [diff: ~cidrBlock]; 1 error

Diagnostics:
  pulumi:pulumi:Stack (pulumi-sandbox-dev):
    error: update failed

  aws-native:ec2:Vpc (vpc):
    error: operation error CloudControl: UpdateResource, https response error StatusCode: 400, RequestID: 8ad952c0-49bb-4de1-b508-cde54b88b8eb, NotUpdatableException: Invalid patch update: createOnlyProperties [/properties/CidrBlock] cannot be updated

    [Pulumi Copilot] Would you like help with these diagnostics?
    https://app.pulumi.com/dmfigol-cloud/pulumi-sandbox/dev/updates/7?explainFailure

Outputs:
  - vpcId: "vpc-001633b7f42bba23a"

Output of pulumi about

CLI          
Version      3.175.0
Go Version   go1.24.3
Go Compiler  gc

Plugins
KIND      NAME        VERSION
resource  aws-native  unknown
language  yaml        1.19.2

Host     
OS       ubuntu
Version  24.04
Arch     x86_64

This project is written in yaml

Current Stack: dmfigol-cloud/pulumi-sandbox/dev

TYPE                                 URN
pulumi:pulumi:Stack                  urn:pulumi:dev::pulumi-sandbox::pulumi:pulumi:Stack::pulumi-sandbox-dev
pulumi:providers:aws-native          urn:pulumi:dev::pulumi-sandbox::pulumi:providers:aws-native::default
aws-native:ec2:Vpc                   urn:pulumi:dev::pulumi-sandbox::aws-native:ec2:Vpc::vpc


Found no pending operations associated with dev

Backend        
Name           pulumi.com
URL            https://app.pulumi.com/[redacted]
User           [redacted]
Organizations  [redacted]
Token type     personal

Dependencies:
NAME        VERSION
aws-native  

Pulumi locates its logs in /tmp by default

Additional context

I tried this with different objects with the same result

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

dmfigol avatar Jun 10 '25 19:06 dmfigol