Open FIAV1 opened 1 month ago
Voting for Prioritization
Volunteering to Work on This Issue
Hi, I faced the same issue- importing an existing TLS config and then applying any changes will throw the same http 400 error. I am using the following temporary workaround :
Perform the tf import as usual but use a local state file
Use the aws cli command to describe the imported TLS config (https://awscli.amazonaws.com/v2/documentation/api/latest/reference/network-firewall/describe-tls-inspection-configuration.html). This is to obtain the update-token.
e.g.
aws network-firewall describe-tls-inspection-configuration --tls-inspection-configuration-name <your config name> --profile <your aws profile> --region <your region>
Take note of the "UpdateToken" from the above output and manually update the local state file with this token value (look for _"updatetoken" : null in the state file).
Proceed to perform tf plan and apply and this should work without issue.
Perform tf state migration to your remote backend if required.
Hi, the workaround works fine, thanks!
EDIT: it actually worked fine until I tried to make an update, now the error tied to update_token
is back again...
Hi, the workaround works ~fine~, thanks!
EDIT: it actually worked fine until I tried to make an update, now the error tied to
update_token
is back again...
Strange, I am able to continue to update without any issue yet. Are you able to check whether the "update-token" is not null when you try to apply again? It should be replaced with the last update-token value after each apply.
BTW, I am using terraform v1.8.5 and AWS Provider v5.59.0
Hi, the workaround works ~fine~, thanks! EDIT: it actually worked fine until I tried to make an update, now the error tied to
update_token
is back again...Strange, I am able to continue to update without any issue yet. Are you able to check whether the "update-token" is not null when you try to apply again? It should be replaced with the last update-token value after each apply.
BTW, I am using terraform v1.8.5 and AWS Provider v5.59.0
I tried again (AWS provider upgraded to v5.61.0 from 5.59.0 and terraform 1.8.3), this time worked fine; last time I had to manually change the updateToken
value in the remote state directly (I had to download the tfstate
file from S3, update the updateToken
value and upload the tfstate
file back to S3).
Hi, the workaround works ~fine~, thanks! EDIT: it actually worked fine until I tried to make an update, now the error tied to
update_token
is back again...Strange, I am able to continue to update without any issue yet. Are you able to check whether the "update-token" is not null when you try to apply again? It should be replaced with the last update-token value after each apply. BTW, I am using terraform v1.8.5 and AWS Provider v5.59.0
I tried again (AWS provider upgraded to v5.61.0 from 5.59.0 and terraform 1.8.3), this time worked fine; last time I had to manually change the
updateToken
value in the remote state directly (I had to download thetfstate
file from S3, update theupdateToken
value and upload thetfstate
file back to S3).
Good to know but I am confused. Did the latest v5.61.0 AWS provider fixed the TF import issue with the HTTP 400 error? The bug is still opened right?
Hi, the workaround works ~fine~, thanks! EDIT: it actually worked fine until I tried to make an update, now the error tied to
update_token
is back again...Strange, I am able to continue to update without any issue yet. Are you able to check whether the "update-token" is not null when you try to apply again? It should be replaced with the last update-token value after each apply. BTW, I am using terraform v1.8.5 and AWS Provider v5.59.0
I tried again (AWS provider upgraded to v5.61.0 from 5.59.0 and terraform 1.8.3), this time worked fine; last time I had to manually change the
updateToken
value in the remote state directly (I had to download thetfstate
file from S3, update theupdateToken
value and upload thetfstate
file back to S3).Good to know but I am confused. Did the latest v5.61.0 AWS provider fixed the TF import issue with the HTTP 400 error? The bug is still opened right?
Sorry, I wasn't clear: I just wanted to point out I'm using the latest AWS provider version, but I didn't test if the problem was fixed with latest release
It looks like the issue is in the Read
function where the results of read are applied to the state. The UpdateToken
is handled
Terraform Core Version
1.8.3
AWS Provider Version
5.59.0
Affected Resource(s)
aws_networkfirewall_tls_inspection_configuration
Expected Behavior
I imported the resource like this:
terraform import aws_networkfirewall_tls_inspection_configuration.netfw arn:aws:network-firewall:eu-central-1:012345678901:tls-configuration/example
, I expect I can make modifications and publish them.Actual Behavior
All good when executing
terraform plan -out=tfplan
but when executingterraform apply tfplan
I get an error about theupdateToken
missing.Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
Steps to Reproduce
Import an existing tls inspection configuration, make some modifications (e.g. to scope), then
plan
andapply
Debug Output
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
None