terraform-aws-cloudfront-s3-cdn
terraform-aws-cloudfront-s3-cdn copied to clipboard
cloudposse
version 4.0.0 of the aws provider contains breaking changes for the CDN module
Describe the Bug
Version 4.0.0 of the aws terraform provider introduced breaking changes for s3 bucket configurations which are used within this module, please refer to the upgrade notes here: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/version-3-upgrade
Expected Behavior
lifecycle rules, acls, origin configuration etc are applied or updated.
Steps to Reproduce
Steps to reproduce the behavior: Simply attempt to call the module with version 4.0.0 of the aws provider.
Errors:
Errors from our terraform GitOps repo
Error: Unsupported attribute
on .terraform/modules/portal_cdn.logs/main.tf line 30, in resource "aws_s3_bucket" "default":
30: for_each = var.enable_glacier_transition ? [1] : []
This object does not have an attribute named "enable_glacier_transition".
Error: Unsupported attribute
on .terraform/modules/portal_cdn.logs/main.tf line 44, in resource "aws_s3_bucket" "default":
44: for_each = var.enable_glacier_transition ? [1] : []
This object does not have an attribute named "enable_glacier_transition".
Error: Value for unconfigurable attribute
with module.portal_cdn.aws_s3_bucket.origin,
on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin":
232: resource "aws_s3_bucket" "origin" {
Can't configure a value for "logging": its value will be decided
automatically based on the result of applying this configuration.
Error: Value for unconfigurable attribute
with module.portal_cdn.aws_s3_bucket.origin,
on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin":
232: resource "aws_s3_bucket" "origin" {
Can't configure a value for "server_side_encryption_configuration": its value
will be decided automatically based on the result of applying this
configuration.
Error: Value for unconfigurable attribute
with module.portal_cdn.aws_s3_bucket.origin,
on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin":
232: resource "aws_s3_bucket" "origin" {
Can't configure a value for "cors_rule": its value will be decided
automatically based on the result of applying this configuration.
Error: Value for unconfigurable attribute
with module.portal_cdn.aws_s3_bucket.origin,
on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin":
232: resource "aws_s3_bucket" "origin" {
Can't configure a value for "versioning": its value will be decided
automatically based on the result of applying this configuration.
Error: Value for unconfigurable attribute
with module.portal_cdn.aws_s3_bucket.origin,
on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin":
232: resource "aws_s3_bucket" "origin" {
Can't configure a value for "website": its value will be decided
automatically based on the result of applying this configuration.
Error: Value for unconfigurable attribute
with module.portal_cdn.aws_s3_bucket.origin,
on .terraform/modules/portal_cdn/main.tf line 241, in resource "aws_s3_bucket" "origin":
241: acl = "private"
Can't configure a value for "acl": its value will be decided automatically
based on the result of applying this configuration.
</details>
## Additional Context
Add any other context about the problem here.
Version 0.82.3 adds a provider restriction and the module work ok (https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn/releases/tag/0.82.3).
Yes, the breaking changes in AWS provider v4.0.0 did, in fact, break this module and many others. You should pin your providers in your top-level components, using either version blocks (usually in versions.tf) or via .terraform.lock.hcl files.
This module will be updated to support v4 eventually, but most likely will have its own breaking changes and will surely require manual migration steps when it is released. See, for an example of our thinking about how to upgrades modules like this one, how we upgraded terraform-aws-s3-bucket and terraform-aws-s3-log-storage.
Hey guys,
Any updates on this? This is the one module blocking us from upgrading to >v4 AWS provider
I am on the same boat, upgrading to 0.82.x of this module puts a < 4.0.0 restriction on the AWS provider which is breaking my s3 configuration, because aws_s3_bucket_object was replaced by aws_s3_object.
I've got a fairly untested migration to aws provider > 4.0.0 in a branch on a fork over here https://github.com/EIGTech/terraform-aws-cloudfront-s3-cdn/tree/4.0.0-aws-provider
I am no terraform expert, and the update definitely shows. A couple of changes required decisions to be made that broke the public API of the module, and I am fairly certain that things could be cleaned up quite a bit. If anyone wants to use this to take a swing at a PR that would be accepted, feel free.
The latest AWS 4.release does not contain the breaking changes to S3. Could we have an update to this module that works with AWS 4.19, please?
Yes, came here to say this. I am getting version errors when using this module with the s3 module https://github.com/cloudposse/terraform-aws-s3-bucket v2.0.3
│ Error: Failed to query available provider packages │ │ Could not retrieve the list of available versions for provider │ hashicorp/aws: no available releases match the given constraints >= 2.0.0, │ >= 3.0.0, >= 3.64.0, < 4.0.0, >= 4.9.0
same here
Yes, came here to say this. I am getting version errors when using this module with the s3 module https://github.com/cloudposse/terraform-aws-s3-bucket v2.0.3
│ Error: Failed to query available provider packages │ │ Could not retrieve the list of available versions for provider │ hashicorp/aws: no available releases match the given constraints >= 2.0.0, │ >= 3.0.0, >= 3.64.0, < 4.0.0, >= 4.9.0
