search

hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.74k stars 9.1k forks source link

[Bug]: Order is lost for data aws_iam_policy_document (ECR) #36012

Open ScubaDrew opened 6 months ago

ScubaDrew commented 6 months ago

Terraform Core Version

1.7.3

AWS Provider Version

5.38.0

Affected Resource(s)

aws_ecr_repository_policy

Expected Behavior

Once applied, no changes are detected on subsequent plans.

Actual Behavior

Every time you apply, then plan, new changes are detected.

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

module "gsal_proxy" { source = "terraform-aws-modules/ecr/aws" version = "1.6.0"

repository_name = "gs/al-proxy"

repository_read_write_access_arns = var.read_write_arns repository_read_access_arns = var.read_only_arns create_lifecycle_policy = false }

vars: "read_only_arns": [ "arn:aws-us-gov:iam::xxx:role/prd-1-20231005055232381500000001", "arn:aws-us-gov:sts::xxx:assumed-role/prd-1-20231005055232381500000001/i-zzz", "arn:aws-us-gov:sts::xxx:assumed-role/prd-1-20231206195128453200000003/i-zzz", "arn:aws-us-gov:sts::xxx:assumed-role/test-1-20231015185902248100000003/i-zzz", "arn:aws-us-gov:iam::xxx:role/dev-01-1-20230526030206003600000002", "arn:aws-us-gov:sts::xxx:assumed-role/stg-01-1-20231102031159343200000001/i-zzz", "arn:aws-us-gov:iam::xxx:assumed-role/stg-01-1-20231122212759304500000001/i-zzz" ], "read_write_arns": [ "arn:aws-us-gov:iam::xxx:role/gitlab_runner_role" ]

Steps to Reproduce

Apply

Debug Output

No response

Panic Output

No response

Important Factoids

This seems to be a reoccurrence of https://github.com/hashicorp/terraform-provider-aws/issues/11801

References

No response

Would you like to implement a fix?

None

github-actions[bot] commented 6 months ago

Community Note

Voting for Prioritization

Volunteering to Work on This Issue