[Bug]: Unnecessary `depends_on` Requirement for S3 Bucket Replication Module

[dalabi06]

Terraform Core Version

1.9.7

AWS Provider Version

5.27.0

Affected Resource(s)

aws_s3_bucket_replication_configuration

Expected Behavior

When referencing the aws_s3_bucket.destination.arn in the depends_on block, Terraform should automatically recognize the dependency and execute the necessary operations in the correct order without requiring an explicit depends_on declaration. The resource creation for the main S3 bucket and its replication should succeed on the first run, ensuring that all dependencies are resolved as intended.

Additionally, the configuration should allow for the successful creation of both the primary and replica S3 buckets on the first run without any errors related to the dependency management.

Actual Behavior

During the initial execution of the Terraform configuration, the creation of the S3 bucket and its replica failed due to a dependency issue, despite the correct references being in place. The error message indicated that the aws_s3_bucket.destination.arn was not recognized as a dependency, leading to the failure of the provisioning process.

However, upon re-running the Terraform configuration, the resources were created successfully without any issues. This inconsistency suggests that Terraform's dependency resolution is not functioning as expected during the first run, requiring an explicit depends_on declaration to bypass the issue.

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

#Replication Configuration
resource "aws_s3_bucket_replication_configuration" "replication" {
  count = local.backup_enabled ? 1 : 0

  role   = aws_iam_role.replication[0].arn
  bucket = local.bucket

  rule {
    id       = "replication"
    priority = 10
    status   = "Enabled"

    #This is required for the our rule to apply to all objects in the bucket and also required to configure RTC, DeleteMarker, and etc.
    filter {
      and {
        tags = {}
      }
    }

    destination {
      bucket        = module.s3_bucket_replica[0].s3_bucket_arn
      storage_class = "INTELLIGENT_TIERING"

      metrics {
        event_threshold {
          minutes = 15
        }
        status = "Enabled"
      }

      replication_time {
        status = "Enabled"
        time {
          minutes = 15
        }
      }
    }

    delete_marker_replication {
      status = "Enabled"
    }
  }

  # Wait for replica bucket to be created first
  depends_on = [
    module.s3_bucket_replica[0]
  ]
}

Steps to Reproduce

Apply Terraform Configuration:

terraform apply Observe the output for any errors during the initial run.

Review Results: Take note of the output and any error messages that occur during the first run. The expected behavior is that the resources should be created without errors.

Rerun the terraform apply command again: terraform apply This time, the command should succeed without errors.

Verify that the expected resources are created in your AWS account and that no errors are thrown during the second run.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

None

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[brianpham]

I am seeing this same issue as well when creating aws_s3_bucket_replication_configuration. If I run a plan / apply the second time, it seems to work correctly. Adding a depends on seems to fix the issue.

[justinretzolk]

Hey @dalabi06 👋 Thank you for taking the time to raise this! I'm not sure I follow you in this case. You mentioned that you're referencing aws_s3_bucket.destination.arn, however, that's not reflected in your sample configuration, which only has interpolations of module.s3_bucket_replica. Can you supply a bit of additional context, and, if possible, debug logging (redacted as needed)?