[Bug]: Terraform incorrectly shows no changes/Actual state is not compared with TF state

[EugenKon]

Terraform Core Version

v1.8.2

AWS Provider Version

v4.67.0

Affected Resource(s)

• aws_autoscaling_group

Expected Behavior

Terraform should show mismatches between state and actual configuration.

Actual Behavior

Terraform does not show mismatches

Relevant Error/Panic Output Snippet

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no
changes are needed.

Terraform Configuration Files

Current terraform.state

Current live configuration

This configuration correspons to current live configuration:

Current TF configuration
  vpc_zone_identifier = [
    aws_subnet.a_private_prd_plntr.id,
    aws_subnet.b_private_prd_plntr.id,
    aws_subnet.c_private_prd_plntr.id,
    aws_subnet.d_private_prd_plntr.id,
  ]

Steps to Reproduce

1. Make changes on Live
2. Make changes in TF configration
3. Run terraform plan Terraform compares current configuration with live configuration and does not change the old TF state which refers to the old TF configuration.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

None

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[justinretzolk]

Hey @EugenKon 👋 Thank you for taking the time to raise this! Are you able to supply a sample configuration that can be used to reproduce this, and/or debug logs (redacted as needed)?

[EugenKon]

@justinretzolk

This is the resource which is related to this TF state. I can not share the configuration for a full cluster.

resource "aws_autoscaling_group" "www" {
  name                  = "www-autoscale"
  desired_capacity      = 2
  min_size              = 2
  max_size              = 2
  protect_from_scale_in = true

  launch_template {
    id = aws_launch_template.www.id
    version = "$Latest"
  }

+  vpc_zone_identifier = [
+    aws_subnet.a_private_prd_plntr.id,
+    aws_subnet.b_private_prd_plntr.id,
+    aws_subnet.c_private_prd_plntr.id,
+    aws_subnet.d_private_prd_plntr.id,
+  ]

  target_group_arns = [
    aws_lb_target_group.www-http.arn,
    aws_lb_target_group.www-https-autoscale.arn,
  ]

  # Required to redeploy without an outage.
  lifecycle {
    create_before_destroy = true
  }

  tag {
    key                 = "env"
    propagate_at_launch = true
    value               = "prd"
  }
  tag {
    key                 = "role"
    propagate_at_launch = true
    value               = "www"
  }
  tag {
    key                 = "managed_by"
    propagate_at_launch = true
    value               = "autoscale"
  }
}

[justinretzolk]

Hey @EugenKon, totally understand the limitations. Based on what you provided in your last comment, is it safe to say that the change that's being made to the configuration when you noticed the issue is the addition of the vpc_zone_identifier argument to the aws_autoscaling_group resource?

[EugenKon]

@justinretzolk The issue was that AWS deployed new autoscale instances in the different network (This is not TF issue). We discovered that and changed the subnets for network via AWS Console. But then detected that TF does not recognize this change. When we added "vpc_zone_identifier" it does. So I believe, that TF should not store the state for the resource which it does not manage OR if something is in TF state, it should display changes.