pulumi-aws icon indicating copy to clipboard operation
pulumi-aws copied to clipboard

Published 20 hours ago verified publisher icon pulumi

InvalidArgument: The parameter ForwardedValues cannot be used when a cache policy is associated to the cache behavior

Open JoseAlban opened this issue 4 years ago • 4 comments

When updating an aws.cloudfront.Distribution instance from:

defaultCacheBehavior: {
      targetOriginId: originId,
      forwardedValues: {
        cookies: {
          forward: 'none',
        },
        queryString: false,
      },
      allowedMethods: [
        'GET',
        'HEAD',
        'OPTIONS',
        'PUT',
        'POST',
        'PATCH',
        'DELETE',
      ],
      cachedMethods: ['GET', 'HEAD', 'OPTIONS'],
      viewerProtocolPolicy: 'allow-all',
    },

to

defaultCacheBehavior: {
      targetOriginId: originId,
      cachePolicyId: cfCachePolicy.id,
      originRequestPolicyId: cfOriginRequestPolicy.id,
      allowedMethods: [
        'GET',
        'HEAD',
        'OPTIONS',
        'PUT',
        'POST',
        'PATCH',
        'DELETE',
      ],
      cachedMethods: ['GET', 'HEAD', 'OPTIONS'],
      viewerProtocolPolicy: 'allow-all',
    },

pulumi up errors with: InvalidArgument: The parameter ForwardedValues cannot be used when a cache policy is associated to the cache behavior

then, I have to export stack > remove forwardedValues references, import stack, and reapply

Expected behavior

pulumi phases the change in 2 (ie remove forwardedvalues, add cachepolicy), if a single update not allowed by aws

Current behavior

error above

Steps to reproduce

delta above

Context (Environment)

pulumi version 2.21.2 under pulumi's docker image

Affected feature

pulumi up

JoseAlban avatar Feb 24 '21 12:02 JoseAlban

This is an upstream bug tracked in https://github.com/hashicorp/terraform-provider-aws/issues/17626

leezen avatar Feb 25 '21 18:02 leezen

You have to disable the forwarded section if applying a custom cache_policy and origin_request_policy.

Eg/- ordered_cache_behavior { path_pattern = "/*" allowed_methods = ["GET", "HEAD", "OPTIONS"] cached_methods = ["GET", "HEAD"] target_origin_id = "${var.s3_origin_id}" #origin_request_policy_id = aws_cloudfront_origin_request_policy.origin_request_policy.name #cache_policy_id = aws_cloudfront_cache_policy.cache_policy.name origin_request_policy_id = aws_cloudfront_origin_request_policy.origin_request_policy.id cache_policy_id = aws_cloudfront_cache_policy.cache_policy.id

# forwarded_values { # query_string = false # # cookies { # forward = "none" # } # }
min_ttl = 0 default_ttl = 3600 max_ttl = 86400 compress = true viewer_protocol_policy = "redirect-to-https" }

dushan566 avatar Jun 03 '21 09:06 dushan566

I can confirm this issue. The only workaround is to remove cachePolicyId which is not ideal.

runlevel5 avatar Jul 12 '22 12:07 runlevel5

Hi, I had the same issue in Terraform and resolve with parameters use_forwarded_values = false . i hope this can help you

violenti avatar Aug 05 '22 17:08 violenti