awscc_gamelift_game_server_group Is Unable To Handle Updates

[kurtislamb]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment
• The resources and data sources in this provider are generated from the CloudFormation schema, so they can only support the actions that the underlying schema supports. For this reason submitted bugs should be limited to defects in the generation and runtime code of the provider. Customizing behavior of the resource, or noting a gap in behavior are not valid bugs and should be submitted as enhancements to AWS via the CloudFormation Open Coverage Roadmap.

Terraform CLI and Terraform AWS Cloud Control Provider Version

Terraform v1.6.5 on linux_amd64 awscc 0.68.0

Affected Resource(s)

• awscc_gamelift_game_server_group

Terraform Configuration Files

locals {
  game_server_group_name = join("-", [var.common.environment, var.gamelift_region, "server-group"])
}

resource "awscc_gamelift_game_server_group" "game_server_group" {
  game_server_group_name        = local.game_server_group_name
  balancing_strategy            = "ON_DEMAND_ONLY"
  delete_option                 = "SAFE_DELETE"
  game_server_protection_policy = "FULL_PROTECTION"
  min_size                      = var.regional_config.servergroup_min
  max_size                      = var.regional_config.servergroup_max
  role_arn                      = aws_iam_role.service_group_iam_role.arn
  vpc_subnets                   = module.network.private_subnet_ids

  auto_scaling_policy = {
    estimated_instance_warmup_time = var.common.estimated_instance_warmup_time
    target_tracking_configuration = {
      target_value = var.regional_config.target_tracking_value
    }
  }

  instance_definitions = var.regional_config.instance_definitions

  launch_template = {
    launch_template_id = aws_launch_template.gamelift_server_group.id
  }
}

I've removed parts of the code not relevant such as tags etc

Debug Output

https://gist.github.com/kurtislamb/23f5581e6b2b572e62d2a8c61ffee2a3

Expected Behavior

When we change values like min_size terraform sees this as an update and updates the resource in AWS. I expect the update to work as AWS confirm the Cloud Control API supports update. This should update the GameServer Group and the underlying Auto Scaling Group with the values that have changed.

 # module.gamelift.module.eu_central_1[0].awscc_gamelift_game_server_group.game_server_group will be updated in-place
  ~ resource "awscc_gamelift_game_server_group" "game_server_group" {
      ~ auto_scaling_policy           = {
          + estimated_instance_warmup     = (known after apply)
            # (1 unchanged attribute hidden)
        }
        id                            = "arn:aws:gamelift:eu-central-1:123454566:gameservergroup/kurtisl-eu-central-1-server-group"
      ~ launch_template               = {
          + launch_template_name = (known after apply)
          + version              = (known after apply)
            # (1 unchanged attribute hidden)
        }
      ~ min_size                      = 2 -> 1
      ~ tags                          = [
          ~ {
              + key   = (known after apply)
              + value = (known after apply)
            },
        ]
        # (10 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Actual Behavior

When the above action is taken the following error occurs;

╷
│ Error: AWS SDK Go Service Operation Unsuccessful
│ 
│   with module.gamelift.module.eu_central_1[0].awscc_gamelift_game_server_group.game_server_group,
│   on modules/gamelift_fleet_iq/server_group_awscc.tf line 5, in resource "awscc_gamelift_game_server_group" "game_server_group":
│    5: resource "awscc_gamelift_game_server_group" "game_server_group" {
│ 
│ Calling Cloud Control API service UpdateResource operation returned: operation error CloudControl: UpdateResource, https response error StatusCode: 400, RequestID: c0c592bc-ece6-4de7-aa20-8a14a35c35ae,
│ api error ValidationException: [REPLACE Operation] noSuchPath in source, path provided : //MinSize
╵

As a side note, if only the name changes the resource update completes but the change does not take effect in AWS, thus every subsequent apply wants to change the name again.

Steps to Reproduce

1. terraform apply to create the resources, all applies correctly
2. change min_size value
3. terraform apply terraform detects change and tries to update, error occurs

Important Factoids

We use a mixture of AWSCC and AWS Providers with 99% of the code base on the AWS Provider

References

https://docs.aws.amazon.com/cloudcontrolapi/latest/userguide/supported-resources.html

[wellsiau-aws]

Found out that min_size is marked as writeOnlyProperties:

aws cloudformation describe-type --type RESOURCE --type-name AWS::GameLift::GameServerGroup | jq -r ".Schema" | jq ".writeOnlyProperties" 
[
  "/properties/DeleteOption",
  "/properties/LaunchTemplate",
  "/properties/MinSize",
  "/properties/MaxSize",
  "/properties/AutoScalingPolicy",
  "/properties/VpcSubnets",
  "/properties/Tags"
]

As per: https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-schema.html#schema-properties-writeonlyproperties , this attribute is not returned by read / list request.

I believe this is an upstream AWS issue

[wellsiau-aws]

relates to #1149