[Bug]: Provider produced inconsistent final plan, migrating from launch config to launch template

[lamp0chka]

Terraform Core Version

1.8.3

AWS Provider Version

5.65.0

Affected Resource(s)

aws_autoscaling_group

Expected Behavior

Existing autoscaling group updated to use launch template instead of launch configuration

Actual Behavior

Terraform fails on first apply with the error below, 2nd apply goes through fine. Works as expected with provider 4.67.0

Relevant Error/Panic Output Snippet

╷
│ Error: Provider produced inconsistent final plan
│ 
│ When expanding the plan for module.asg_proxyserver_m5_large.aws_autoscaling_group.asg to include new values learned so far during apply, provider "registry.terraform.io/hashicorp/aws" produced an invalid new value for .launch_template[0].id: was null, but now cty.StringVal("unknown").
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵

Terraform Configuration Files

Old module:

data "template_file" "user_data" {
  template = file("${path.module}/user_data.tpl")
  vars = {
    aws_region         = var.aws_region_name
  }
}

resource "aws_launch_configuration" "lcfg" {
  name_prefix                 = "${var.name}.LCFG-"
  image_id                    = var.ami
  instance_type               = var.instance_type
  iam_instance_profile        = var.iam_instance_profile_id
  key_name                    = var.key_name
  security_groups             = var.security_groups
  associate_public_ip_address = var.associate_public_ip_address
  user_data                   = data.template_file.user_data.rendered

  lifecycle {
    create_before_destroy = true
  }
}

resource "aws_autoscaling_group" "asg" {
  name                      = "${var.name}.ASG"
  launch_configuration      = aws_launch_configuration.lcfg.name
  vpc_zone_identifier       = var.subnets
  max_size                  = var.max_size
  min_size                  = 0
  desired_capacity          = var.server_count
  load_balancers            = var.load_balancers
  health_check_grace_period = 60
  termination_policies      = ["OldestLaunchConfiguration", "OldestInstance"]
  suspended_processes       = ["AZRebalance"]

  tag {
    key                 = "Name"
    propagate_at_launch = true
    value               = "${var.name}.ASG"
  }

  lifecycle {
    create_before_destroy = true
  }
}

New module:

resource "aws_launch_template" "launchtemplate" {
  name_prefix                 = "${var.name}.launchtemplate-"
  image_id                    = var.ami
  instance_type               = var.instance_type
  update_default_version      = true
  iam_instance_profile        {
    name = var.iam_instance_profile_id
  }
  key_name                    = var.key_name
  network_interfaces {
    security_groups = var.security_groups
    associate_public_ip_address = var.associate_public_ip_address
  }
  user_data                   = base64encode(templatefile(
    "${path.module}/user_data.tpl",
    {
      aws_region         = var.aws_region_name
    }
  ))

  lifecycle {
    create_before_destroy = true
  }

  tag_specifications {
    resource_type = "instance"

    tags = {
      profile = var.titan_profile_name
    }
  }
}

resource "aws_autoscaling_group" "asg" {
  name                      = "${var.name}.ASG"
  launch_template           {
    name = aws_launch_template.launchtemplate.name
  }
  vpc_zone_identifier       = var.subnets
  max_size                  = var.max_size
  min_size                  = 0
  desired_capacity          = var.server_count
  load_balancers            = var.load_balancers
  health_check_grace_period = 60
  termination_policies      = ["OldestLaunchConfiguration", "OldestInstance"]
  suspended_processes       = ["AZRebalance"]

  tag {
    key                 = "Name"
    propagate_at_launch = true
    value               = "${var.name}.ASG"
  }

  lifecycle {
    create_before_destroy = true
  }
}

Steps to Reproduce

Create a asg with launch config applied, apply, create launch template and replace launch config with launch template. Results in a bug above. Same steps with provider 4.67 go through with no issues.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

No

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.