[Bug]: unable to use aws_sns_platform_application to rotate (expired) platform applications

[flokli]

Terraform Core Version

1.1.7

AWS Provider Version

4.3.0

Affected Resource(s)

• aws_sns_platform_applications.

Expected Behavior

I'm using some aws_sns_platform_application resources to manage various push credentials, including APNS push credentials.

You normally use certificates for this, and these certificates expire after a while. The value can be observed in the Attributes.AppleCertificateExpirationDate key.

Once the certificates expire, AWS sets Attributes.Enabled to false.

In terraform world, the platform_credential and platform_principal are used for the private key and certificate respectively.

I'd provide a privkey/certificate on these two keys. I'd expect Terraform to update the credentials whenever I change them, and in case the application got disabled due to the old certificate being expired, I'd expect it to re-enable the application.

Actual Behavior

There's some SNS Platform applications with an expiration date in the past, so it looks like the certificates didn't get updated, even though terraform shows state matches configuration. Also, some applications stayed disabled.

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

resource "aws_sns_platform_application" "apns_application" {
  name                = "apns_application"
  platform            = "APNS"
  platform_credential = "<APNS PRIVATE KEY>"
  platform_principal  = "<APNS CERTIFICATE>"
}

Steps to Reproduce

• Create a SNS platform application with a soon-to-be-expired expiry date through terraform (or import it into terraform). terraform apply should show it has nothing to do.
• Wait for the certificate to expire, and observe AWS disabling the SNS platform application
• Renew the push credentials, and use terraform to update the certificates
• Observe if the certificates get updated or not, and if the platform applications get re-enabled or not.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

None

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.