awscc_ec2_launch_template - update in-place failed

[wellsiau-aws]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment
• The resources and data sources in this provider are generated from the CloudFormation schema, so they can only support the actions that the underlying schema supports. For this reason submitted bugs should be limited to defects in the generation and runtime code of the provider. Customizing behavior of the resource, or noting a gap in behavior are not valid bugs and should be submitted as enhancements to AWS via the CloudFormation Open Coverage Roadmap.

Terraform CLI and Terraform AWS Cloud Control Provider Version

Affected Resource(s)

• awscc_ec2_launch_template

Terraform Configuration Files

First run Terraform apply using the following config:

resource "awscc_ec2_launch_template" "amazon_linux" {
  launch_template_data = {
    image_id      = data.aws_ami.amazon_linux.id
    instance_type = "t2.large"
  }
  launch_template_name = "latest_amazon_linux"
}

data "aws_ami" "amazon_linux" {
  most_recent = true
  owners      = ["amazon"]
  filter {
    name   = "name"
    values = ["amzn2-ami-hvm-*-gp2"]
  }

  filter {
    name   = "root-device-type"
    values = ["ebs"]
  }

  filter {
    name   = "virtualization-type"
    values = ["hvm"]
  }

  filter {
    name   = "architecture"
    values = ["x86_64"]
  }
}

Then change the instance type to something else and re-run terraform apply

Expected Behavior

Resource properties should be updated in-place

Actual Behavior

Error:

Calling Cloud Control API service UpdateResource operation returned: operation error CloudControl: UpdateResource, https response error StatusCode: 400, RequestID: 41ae3730-a136-4f62-97e9-d61b6893e5de, api error

ValidationException: [REPLACE Operation] noSuchPath in source, path provided: //LaunchTemplateData/InstanceType

Steps to Reproduce

1. terraform apply
2. update the instance type to something else : t2.large
3. terraform apply

Important Factoids

Interestingly, the Cloud Control API Get Resource returned all properties but the LaunchTemplateData

aws cloudcontrol get-resource --type-name AWS::EC2::LaunchTemplate --identifier lt-0ff84a5fe28526982 | jq ".ResourceDescription.Properties | fromjson"

{
  "LaunchTemplateName": "latest_amazon_linux",
  "LatestVersionNumber": "1",
  "LaunchTemplateId": "lt-0ff84a5fe28526982",
  "DefaultVersionNumber": "1"
}

Likely upstream issue

[wellsiau-aws]

Summary of the issue:

LaunchTemplateData is considered as writeOnlyProperties in the schema.

aws cloudformation describe-type --type RESOURCE --type-name AWS::EC2::LaunchTemplate | jq -r ".Schema" | jq ".writeOnlyProperties" 
[
  "/properties/LaunchTemplateData",
  "/properties/VersionDescription",
  "/properties/TagSpecifications"
]

writeOnlyProperties is not returned by CCAPI GetResource call , click here to learn more

When AWSCC detect diff for LaunchTemplateData, the patch document crafted by AWSCC will contain this attributes.

Internally when CCAPI trying to calculate the final resource state, it couldn't read the property LaunchTemplateData since tis a writeOnlyProperties, thus throwing error such as 👍

ValidationException: [REPLACE Operation] noSuchPath in source, path provided: //LaunchTemplateData/InstanceType