Closed sgametrio closed 1 year ago
Voting for Prioritization
Volunteering to Work on This Issue
FYI: This issues with WAFv2 has been reported multiple times:
I ran into the same issue with default_tags
. Reverting to AWS 3.74.0 (while keeping Terraform 1.3.4) worked for me.
As a worksround run this script before plan
to update tags using aws cli
#!/bin/bash
set -euo pipefail
echo "--- Update WAF tags"
web_acl_name="test"
scope=REGIONAL
web_acls_list=$(aws wafv2 list-web-acls --scope $scope)
web_acl_arn=$(echo $web_acls_list | jq -r --arg WEB_ACL_NAME "$web_acl_name" '.WebACLs[] | select(.Name==$WEB_ACL_NAME).ARN')
echo "web acl arn : ${web_acl_arn}"
# update tags if waf exists
if [ "${web_acl_arn}" ]; then
echo "--- Tags list before update"
echo $(aws wafv2 list-tags-for-resource --resource-arn $web_acl_arn)
echo "--- Update tags for : $web_acl_arn"
response=$(aws wafv2 tag-resource --resource-arn $web_acl_arn --tags Key=Tag1,Value=test
echo "--- Tags list after update"
echo $(aws wafv2 list-tags-for-resource --resource-arn $web_acl_arn)
else
echo "Web ACL with name ${web_acl_name} not found" 1>&2
fi
echo "success"
This is still an issue with v4.51.0
of the provider.
i am having the same issue with aws_wafv2_web_acl
and tags_all
UPDATE: renamed the ACL to recreate the ACL and it solved the issue :)
i am having the same issue with
aws_wafv2_web_acl
andtags_all
UPDATE: renamed the ACL to recreate the ACL and it solved the issue :)
I tried this, however if you have the waf associated with other resources (cloudfront, api gateway, etc.) the terraform recreation will fail. Manually disassociating the resources from the waf web acl in the aws console and then applying the name change to recreate the waf will fix it.
Upgrading terraform to 1.4.x fixed this for me
Upgrading terraform to 1.4.x fixed this for me
I can confirm I run this via terraform 1.5.x and it got fixed. Closing the ticket.
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Related:
23390
23423
23936
23992
24386
27273
27479
28191
28672
29012
29304
30858
Terraform Core Version
1.3.1,1.3.2
AWS Provider Version
4.33.0,4.34.0
Affected Resource(s)
Expected Behavior
Apply worked correctly and added the AWS tag.
Actual Behavior
The
apply
command returned an error "Provider produced an inconsistent final plan" and panicked.Relevant Error/Panic Output Snippet
Terraform Configuration Files
Steps to Reproduce
Debug Output
No response
Panic Output
output_failed_plan.txt
It's an ANSI file (console colored output). To visualize it I use the ANSI extension in VSCode and by changing the file extension to
.ans
you can preview it.Important Factoids
No response
References
No response
Would you like to implement a fix?
No response