Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

resource aws_globalaccelerator_endpoint_group is not up-to-date after apply #9329

Closed
ghost opened this issue Jul 12, 2019 · 5 comments · Fixed by #14486
Closed

resource aws_globalaccelerator_endpoint_group is not up-to-date after apply #9329

ghost opened this issue Jul 12, 2019 · 5 comments · Fixed by #14486
Labels
bug Addresses a defect in current functionality. service/globalaccelerator Issues and PRs that pertain to the globalaccelerator service.
Milestone

Comments

@ghost
Copy link

ghost commented Jul 12, 2019

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

$ terraform -v
Terraform v0.12.3
+ provider.aws v2.19.0
+ provider.local v1.3.0
+ provider.null v2.1.2
+ provider.random v2.1.2

Affected Resource(s)

  • aws_globalaccelerator_endpoint_group

Terraform Configuration Files

resource "aws_globalaccelerator_accelerator" "sop-accelerator" {
  name = "salesopportunity-accelerator"
  ip_address_type = "IPV4"
  enabled = true
}

resource "aws_globalaccelerator_listener" "sop-listener" {
  accelerator_arn = aws_globalaccelerator_accelerator.sop-accelerator.id
  client_affinity = "NONE"
  protocol = "TCP"

  port_range {
    from_port = 80
    to_port = 80
  }
}

resource "aws_globalaccelerator_endpoint_group" "sop-endpoint-group" {
  listener_arn = aws_globalaccelerator_listener.sop-listener.id

  health_check_path = "/"
  health_check_port = 80

  endpoint_configuration {
    endpoint_id = var.endpoint-id
    weight = 100
  }
}

Debug Output

Panic Output

Expected Behavior

after applying my changes i expect further runs of terraform plan or terraform apply to be up-to-date

Actual Behavior

after applying my changes terraform does not consider the resources to be up-to-date. running terraform apply again will again modify the resource.

Steps to Reproduce

  • apply changes => success
  • check with terraform plan => resources are not up-to-date
  • see output from terraform plan:
An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.global-accelerator.aws_globalaccelerator_endpoint_group.sop-endpoint-group will be updated in-place
  ~ resource "aws_globalaccelerator_endpoint_group" "sop-endpoint-group" {
        endpoint_group_region         = "eu-central-1"
        health_check_interval_seconds = 30
      + health_check_path             = "/"
        health_check_port             = 80
        health_check_protocol         = "TCP"
        id                            = "arn:aws:globalaccelerator::XYZ"
        listener_arn                  = "arn:aws:globalaccelerator::XYZ"
        threshold_count               = 3
        traffic_dial_percentage       = 100

        endpoint_configuration {
            endpoint_id = "arn:aws:elasticloadbalancing:eu-central-1:XYZ"
            weight      = 100
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Note that it is trying to modify health_check_path.

Important Factoids

  • in our configuration var.endpoint-id is the ARN of an ALB (application load balancer)
  • output from the aws cli describing the resource:
$ aws globalaccelerator describe-endpoint-group --endpoint-group-arn arn:aws:globalaccelerator::XYZ
{
    "EndpointGroup": {
        "EndpointGroupArn": "arn:aws:globalaccelerator::XYZ",
        "EndpointGroupRegion": "eu-central-1",
        "EndpointDescriptions": [
            {
                "EndpointId": "arn:aws:elasticloadbalancing:eu-central-1:XYZ",
                "Weight": 100,
                "HealthState": "HEALTHY"
            }
        ],
        "TrafficDialPercentage": 100.0,
        "HealthCheckPort": 80,
        "HealthCheckProtocol": "TCP",
        "HealthCheckIntervalSeconds": 30,
        "ThresholdCount": 3
    }
}

Note that there is no mention of health check path here.

References

  • #0000
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Jul 12, 2019
@ghost ghost changed the title resource _aws_globalaccelerator_endpoint_group_ is not uptodate after apply resource aws_globalaccelerator_endpoint_group is not uptodate after apply Jul 12, 2019
@ghost ghost changed the title resource aws_globalaccelerator_endpoint_group is not uptodate after apply resource aws_globalaccelerator_endpoint_group is not up-to-date after apply Jul 12, 2019
@aeschright aeschright added the service/globalaccelerator Issues and PRs that pertain to the globalaccelerator service. label Aug 2, 2019
@tarrall
Copy link

tarrall commented Oct 14, 2019

Workaround:

resource "aws_globalaccelerator_endpoint_group" "example" {
  health_check_path = ""
  [...]

It would probably make sense to remove the default "/" value to be more in line with the implementation of similar resources, e.g. aws_lb_target_group.

@bflad bflad added bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Jan 6, 2020
@bflad
Copy link
Contributor

bflad commented Jan 6, 2020

Hi folks 👋 This does indeed look like an issue in the resource schema, where we default the value to / in all cases, instead of conditionally based on HTTP(S) protocol:

https://github.com/terraform-providers/terraform-provider-aws/blob/259e0b18646b74d04aa4c3374c59a7b3f89ff1df/aws/resource_aws_globalaccelerator_endpoint_group.go#L45-L49

For reference, the CreateEndpointGroup API Reference:

If the protocol is HTTP/S, then this specifies the path that is the destination for health check targets. The default value is slash (/).

The simplest fix in these cases is to switch from Default: true to Computed: true in the schema, which will tell Terraform to ignore the value if it is not configured. When doing this though, we should also include a note in the documentation for the attribute along the lines of:

* `health_check_path` - (Optional) If the protocol is HTTP/S, then this specifies the path that is the destination for health check targets. The default value is slash (/) for HTTP/S and undeclared for TCP. Terraform will only perform drift detection of its value when present in a configuration.

If anyone is interested in implementing and verifying the fix, we will be happy to take a look. 👍 See also the Contributing Guide section on running acceptance testing.

@bflad
Copy link
Contributor

bflad commented Aug 22, 2020

The fix for this has been merged and will release with version 3.4.0 of the Terraform AWS Provider, later next week. 👍

@ghost
Copy link

ghost commented Aug 27, 2020

This has been released in version 3.4.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@github-actions
Copy link

github-actions bot commented Jun 2, 2021

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 2, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug Addresses a defect in current functionality. service/globalaccelerator Issues and PRs that pertain to the globalaccelerator service.
Projects
None yet
3 participants