version 4.0.0 of the aws provider contains breaking changes for the CDN module

[m477r1x]

Describe the Bug

Version 4.0.0 of the aws terraform provider introduced breaking changes for s3 bucket configurations which are used within this module, please refer to the upgrade notes here: https://registry.terraform.io/providers/hashicorp/aws/latest/docs/guides/version-3-upgrade

Expected Behavior

lifecycle rules, acls, origin configuration etc are applied or updated.

Steps to Reproduce

Steps to reproduce the behavior: Simply attempt to call the module with version 4.0.0 of the aws provider.

Errors:

Errors from our terraform GitOps repo

``` Error: Unsupported attribute on .terraform/modules/portal_cdn.logs/main.tf line 30, in resource "aws_s3_bucket" "default": 30: for_each = var.enable_glacier_transition ? [1] : [] This object does not have an attribute named "enable_glacier_transition". Error: Unsupported attribute on .terraform/modules/portal_cdn.logs/main.tf line 44, in resource "aws_s3_bucket" "default": 44: for_each = var.enable_glacier_transition ? [1] : [] This object does not have an attribute named "enable_glacier_transition". Error: Value for unconfigurable attribute with module.portal_cdn.aws_s3_bucket.origin, on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin": 232: resource "aws_s3_bucket" "origin" { Can't configure a value for "logging": its value will be decided automatically based on the result of applying this configuration. Error: Value for unconfigurable attribute with module.portal_cdn.aws_s3_bucket.origin, on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin": 232: resource "aws_s3_bucket" "origin" { Can't configure a value for "server_side_encryption_configuration": its value will be decided automatically based on the result of applying this configuration. Error: Value for unconfigurable attribute with module.portal_cdn.aws_s3_bucket.origin, on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin": 232: resource "aws_s3_bucket" "origin" { Can't configure a value for "cors_rule": its value will be decided automatically based on the result of applying this configuration. Error: Value for unconfigurable attribute with module.portal_cdn.aws_s3_bucket.origin, on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin": 232: resource "aws_s3_bucket" "origin" { Can't configure a value for "versioning": its value will be decided automatically based on the result of applying this configuration. Error: Value for unconfigurable attribute with module.portal_cdn.aws_s3_bucket.origin, on .terraform/modules/portal_cdn/main.tf line 232, in resource "aws_s3_bucket" "origin": 232: resource "aws_s3_bucket" "origin" { Can't configure a value for "website": its value will be decided automatically based on the result of applying this configuration. Error: Value for unconfigurable attribute with module.portal_cdn.aws_s3_bucket.origin, on .terraform/modules/portal_cdn/main.tf line 241, in resource "aws_s3_bucket" "origin": 241: acl = "private" Can't configure a value for "acl": its value will be decided automatically based on the result of applying this configuration.

Additional Context

Add any other context about the problem here.

[olivatooo]

I'm having the same issue

[ecarlson0205]

We are having the same issue when trying to upgrade

[rusowyler]

Version 0.82.3 adds a provider restriction and the module work ok (https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn/releases/tag/0.82.3).

[Nuru]

Yes, the breaking changes in AWS provider v4.0.0 did, in fact, break this module and many others. You should pin your providers in your top-level components, using either version blocks (usually in versions.tf) or via .terraform.lock.hcl files.

This module will be updated to support v4 eventually, but most likely will have its own breaking changes and will surely require manual migration steps when it is released. See, for an example of our thinking about how to upgrades modules like this one, how we upgraded terraform-aws-s3-bucket and terraform-aws-s3-log-storage.

[joelsdc]

Hey guys,

Any updates on this? This is the one module blocking us from upgrading to >v4 AWS provider

[joechimo]

I am on the same boat, upgrading to 0.82.x of this module puts a < 4.0.0 restriction on the AWS provider which is breaking my s3 configuration, because aws_s3_bucket_object was replaced by aws_s3_object.

[amccall-eigt]

I've got a fairly untested migration to aws provider > 4.0.0 in a branch on a fork over here https://github.com/EIGTech/terraform-aws-cloudfront-s3-cdn/tree/4.0.0-aws-provider

I am no terraform expert, and the update definitely shows. A couple of changes required decisions to be made that broke the public API of the module, and I am fairly certain that things could be cleaned up quite a bit. If anyone wants to use this to take a swing at a PR that would be accepted, feel free.

[richstokes]

The latest AWS 4.release does not contain the breaking changes to S3. Could we have an update to this module that works with AWS 4.19, please?

[josh-onchain]

Yes, came here to say this. I am getting version errors when using this module with the s3 module https://github.com/cloudposse/terraform-aws-s3-bucket v2.0.3

│ Error: Failed to query available provider packages │ │ Could not retrieve the list of available versions for provider │ hashicorp/aws: no available releases match the given constraints >= 2.0.0, │ >= 3.0.0, >= 3.64.0, < 4.0.0, >= 4.9.0

[httpdss]

same here

Yes, came here to say this. I am getting version errors when using this module with the s3 module https://github.com/cloudposse/terraform-aws-s3-bucket v2.0.3

│ Error: Failed to query available provider packages │ │ Could not retrieve the list of available versions for provider │ hashicorp/aws: no available releases match the given constraints >= 2.0.0, │ >= 3.0.0, >= 3.64.0, < 4.0.0, >= 4.9.0

[rafaljanicki]

Same issue, can't use it with the most recent S3 module