Terraform show changes for launch configurations out of no where

[ghost]

This issue was originally opened by @Krishna1408 as hashicorp/terraform#24087. It was migrated here as a result of the provider split. The original body of the issue is below.

---

Terraform Version

Terraform v0.12.13

Terraform Configuration Files

terraform {
  required_version = ">= 0.12.0"
}

provider "aws" {
  region  = var.region
}

provider "random" {
  version = "~> 2.1"
}

provider "local" {
  version = "~> 1.2"
}

provider "null" {
  version = "~> 2.1"
}

provider "template" {
  version = "~> 2.1"
}

resource "random_string" "suffix" {
  length  = 8
  special = false
}
module "eks" {
  source = "../../../modules/aws/terraform-eks"

  env             = local.env
  cluster_name    = local.cluster_name
  cluster_version = 1.14

  subnets = module.vpc.private_subnets
  vpc_id  = module.vpc.vpc_id

  worker_groups = [
    {
      name                 = "terraform-1"
      instance_type        = "t3.large"
      key_name             = "eks-dev"
      bootstrap_extra_args = "--enable-docker-bridge true"
      kubelet_extra_args   = "--node-labels=env=Test,service=docker,team=platform"
      node_group_k8s_labels = {
        Environment = "Test"
        Team        = "Platform"
        Service     = "Docker"
      }
      asg_max_size = "0" # Maximum worker capacity in the autoscaling group.
      asg_min_size = "0"
    },
    {
      name                 = "admin-worker-group-1"
      instance_type        = "t3.xlarge"
      key_name             = "eks-dev"
      bootstrap_extra_args = "--enable-docker-bridge true"
      kubelet_extra_args   = "--node-labels=env=Dev,service=ci-cd,team=platform"
      node_group_k8s_labels = {
        Environment = "Admin"
        Team        = "Platform"
      }
      asg_max_size = "10" # Maximum worker capacity in the autoscaling group.
      asg_min_size = "1"
    },
    ]

  map_roles    = var.map_roles
  map_users    = var.map_users
}

Expected Behavior

As there are no changes made to terraform files or module, I should see no changes when I run plan.

Actual Behavior

I am getting changes for all of my worker groups when I run terraform plan. E.g. Below is the plan output for one of the worker group

  # module.eks.aws_launch_configuration.workers[0] must be replaced
+/- resource "aws_launch_configuration" "workers" {
        associate_public_ip_address      = false
        ebs_optimized                    = true
        enable_monitoring                = true
        iam_instance_profile             = "sennder-admin-cluster20200106121106098100000008"
      ~ id                               = "sennder-admin-cluster-terraform-12020010612110773630000000d" -> (known after apply)
        image_id                         = "ami-07034b303e1ffc843"
        instance_type                    = "t3.large"
        key_name                         = "eks-dev"
      ~ name                             = "sennder-admin-cluster-terraform-12020010612110773630000000d" -> (known after apply)
        name_prefix                      = "sennder-admin-cluster-terraform-1"
        security_groups                  = [
        ]
      ~ user_data_base64                 = "BIG BLOCK OF BASE64" -> (known after apply) # forces replacement
      - vpc_classic_link_security_groups = [] -> null

      + ebs_block_device {
          + delete_on_termination = (known after apply)
          + device_name           = (known after apply)
          + encrypted             = (known after apply)
          + iops                  = (known after apply)
          + no_device             = (known after apply)
          + snapshot_id           = (known after apply)
          + volume_size           = (known after apply)
          + volume_type           = (known after apply)
        }

      ~ root_block_device {
            delete_on_termination = true
          ~ encrypted             = false -> (known after apply)
            iops                  = 0
            volume_size           = 100
            volume_type           = "gp2"
        }
    }

  # module.eks.random_pet.workers[0] must be replaced
+/- resource "random_pet" "workers" {
      ~ id        = "amusing-parakeet" -> (known after apply)
      ~ keepers   = {
          - "lc_name" = "sennder-admin-cluster-terraform-12020010612110773630000000d"
        } -> (known after apply) # forces replacement
        length    = 2
        separator = "-"
    }


  # module.eks.local_file.kubeconfig[0] must be replaced
-/+ resource "local_file" "kubeconfig" {
      ~ content              = "" -> (known after apply) # forces replacement
        directory_permission = "0777"
        file_permission      = "0777"
        filename             = "./kubeconfig_sennder-admin-cluster"
      ~ id                   = "d2ea96f32318207ab27000f3d7ff80a70ae6b321" -> (known after apply)
    }

Steps to Reproduce

1. terraform init
2. terraform plan

Additional Context

I found that this is happening for all the old clusters I am having.

[jurajseffer]

Probably a duplicate of #10269
I guess it's triggered by your userdata interpolating something from other resources which will be updated even though its actual value might not change.

[justinretzolk]

Hey there 👋 In looking at this, it does indeed appear to be a duplicate of #10269. We like to try to keep the conversation consolidated where possible, so we're going to close this issue in favor of #10269.

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.