conversation_log_settings always shows change for resource awscc_lex_bot_alias

rug-grygiel commented 1 month ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment
The resources and data sources in this provider are generated from the CloudFormation schema, so they can only support the actions that the underlying schema supports. For this reason submitted bugs should be limited to defects in the generation and runtime code of the provider. Customizing behavior of the resource, or noting a gap in behavior are not valid bugs and should be submitted as enhancements to AWS via the CloudFormation Open Coverage Roadmap.

Terraform CLI and Terraform AWS Cloud Control Provider Version

Terraform v1.7.5 on linux_amd64

provider registry.terraform.io/hashicorp/archive v2.4.2
provider registry.terraform.io/hashicorp/aws v5.57.0
provider registry.terraform.io/hashicorp/awscc v1.4.0
provider registry.terraform.io/hashicorp/external v2.3.3
provider registry.terraform.io/hashicorp/local v2.5.1
provider registry.terraform.io/hashicorp/null v3.2.2
provider registry.terraform.io/hashicorp/random v3.6.2

Affected Resource(s)

awscc_lex_bot_alias

Terraform Configuration Files

resource "awscc_lex_bot_alias" "calculate" {
  bot_alias_name = "calculate"
  bot_id  = aws_cloudformation_stack.calculator.outputs.BotId
  bot_version = aws_lexv2models_bot_version.calculator-bot-version.bot_version
  description    = "Calculate"
  bot_alias_locale_settings = local.calculator-aliases-locale-specification

  bot_alias_tags = [{
    key   = "environment"
    value = "poc"
  }]

  conversation_log_settings = {
    audio_log_settings = [{
      enabled = true
      destination = {
        s3_bucket = {
          log_prefix    = "poc"
          s3_bucket_arn = aws_s3_bucket.conversation_logs.arn
        }
      }
    }]
    text_log_settings = [{
      enabled = false
      destination = {
        cloudwatch = {
          log_prefix               = "poc"
          cloudwatch_log_group_arn = aws_cloudwatch_log_group.attribute-log-group.arn
        }
      }
    }]
  }

Expected Behavior

Terraform plan shows as if changes have not been applied after the terraform apply is run.

Terraform state reflects the configuration.

The resource configuration is applied to the resource.

Actual Behavior

Terraform plan always shows changes needed and required for an apply even if they match the configuration.
See results from plan which appear as if apply was not executed.

# awscc_lex_bot_alias.testbotalias will be updated in-place
  ~ resource "awscc_lex_bot_alias" "testbotalias" {
      ~ conversation_log_settings   = {
          ~ audio_log_settings = [
              - {
                  - destination = {
                      - s3_bucket = {
                          - log_prefix    = "poc" -> null
                          - s3_bucket_arn = "arn:aws:s3:::conversation-logs" -> null
                        } -> null
                    } -> null
                  - enabled     = true -> null
                },
              + {
                  + destination = {
                      + s3_bucket = {
                          + kms_key_arn   = (known after apply)
                          + log_prefix    = "poc"
                          + s3_bucket_arn = "arn:aws:s3:::conversation-logs"
                        }
                    }
                  + enabled     = true
                },
            ]
            # (1 unchanged attribute hidden)
        }
        id                          = "1234567|987654"
        # (10 unchanged attributes hidden)
    }

Steps to Reproduce

terraform apply
terraform plan

Important Factoids

If I don't include the section conversation_log_settings then it results as expected no changes. It seems to be specific to conversation_log_settings section that is not recognized.

quixoticmonk commented 1 month ago

Thank you for opening the issue @rug-grygiel . Are you able to check the state file for the resource and see what is set for log_prefix and others which are changing on the subsequent runs ?

And, if you can , please run this and paste the output removing the account details.

aws cloudcontrol get-resource --type-name AWS::Lex::BotAlias --identifier <id_from_state>

rug-grygiel commented 4 weeks ago

Here is the sanitized output from the command you provided:

{
    "TypeName": "AWS::Lex::BotAlias",
    "ResourceDescription": {
        "Identifier": "SAMPLE1|SAMPLE2",
        "Properties": "{\"BotVersion\":\"1\",\"Description\":\"TestBotAlias\",\"BotId\":\"SAMPLE2\",\"BotAliasStatus\":\"Available\",\"BotAliasLocaleSettings\":[{\"LocaleId\":\"en_US\",\"BotAliasLocaleSetting\":{\"CodeHookSpecification\":{\"LambdaCodeHook\":{\"LambdaArn\":\"arn:aws:lambda:us-east-1:1234567890:function:sample-lex-suggested-responses\",\"CodeHookInterfaceVersion\":\"1.0\"}},\"Enabled\":true}}],\"Arn\":\"arn:aws:lex:us-east-1:1234567890:bot-alias/SAMPLE2/SAMPLE1\",\"ConversationLogSettings\":{\"TextLogSettings\":[{\"Destination\":{\"CloudWatch\":{\"CloudWatchLogGroupArn\":\"arn:aws:logs:us-east-1:1234567890:log-group:/aws/lambda/sample-logssample\",\"LogPrefix\":\"sample\"}},\"Enabled\":false}],\"AudioLogSettings\":[{\"Destination\":{\"S3Bucket\":{\"LogPrefix\":\"sample\",\"S3BucketArn\":\"arn:aws:s3:::sample-conversation-logs\"}},\"Enabled\":true}]},\"BotAliasId\":\"SAMPLE1\",\"SentimentAnalysisSettings\":{\"DetectSentiment\":false},\"BotAliasName\":\"sample-testbotalias\"}"
    }
}

quixoticmonk commented 2 weeks ago

Thank you for the update on the get-resource @rug-grygiel . I was able to reproduce the issue and #1962 seems like a duplicate of this.

Drift detected is on the response received from CloudControl on the resource .


2024-09-10T21:53:59.631-0400 [DEBUG] provider.terraform-provider-awscc: Detected value change between proposed new state and prior state: 
tf_req_id=3104ebba-c429-efa3-b9b6-d3ce02df2f78 tf_resource_type=awscc_lex_bot_alias 
@caller=/Users/manuchn/go/pkg/mod/github.com/hashicorp/terraform-plugin-framework@v1.11.0/internal/fwserver/server_planresourcechange.go:208 
@module=sdk.framework tf_rpc=PlanResourceChange 
tf_attribute_path=sentiment_analysis_settings 
tf_provider_addr=registry.terraform.io/hashicorp/awscc timestamp=2024-09-10T21:53:59.631-0400

Though this is the drift detected, there does seem to be another issue with the kms_key associated with the S3 bucket when the sentiment_analysis_settings is provided. Reviewing this further.

quixoticmonk commented 2 weeks ago

Debug logs


2024-09-10T22:48:00.485-0400 [DEBUG] provider.terraform-provider-awscc: 
Detected value change between proposed new state and prior state: 
tf_resource_type=awscc_lex_bot_alias 
tf_attribute_path=sentiment_analysis_settings 
tf_provider_addr=registry.terraform.io/hashicorp/awscc 
tf_req_id=2c1ddc1d-94b1-fe5c-44be-26a7a212c8f5 
@caller=/Users/manuchn/go/pkg/mod/github.com/hashicorp/terraform-plugin-framework@v1.11.0/internal/fwserver/server_planresourcechange.go:208 @module=sdk.framework tf_rpc=PlanResourceChange 
timestamp=2024-09-10T22:48:00.485-0400

Proposed new state

tfrd logs/sdk_proto/1726022882091_PlanResourceChange_Request_ProposedNewState.msgpack
{
  "arn": "arn:aws:lex:us-east-1:############:bot-alias/PLE96TCB8F/NHKZWUKWXJ",
  "bot_alias_id": "NHKZWUKWXJ",
  "bot_alias_locale_settings": [
    {
      "bot_alias_locale_setting": {
        "code_hook_specification": null,
        "enabled": true
      },
      "locale_id": "en_US"
    }
  ],
  "bot_alias_name": "calculate",
  "bot_alias_status": "Available",
  "bot_alias_tags": [
    {
      "key": "environment",
      "value": "poc"
    }
  ],
  "bot_id": "PLE96TCB8F",
  "bot_version": "2",
  "conversation_log_settings": {
    "audio_log_settings": [
      {
        "destination": {
          "s3_bucket": {
            "kms_key_arn": null,
            "log_prefix": "poc",
            "s3_bucket_arn": "arn:aws:s3:::manuchn-tftest-bucket"
          }
        },
        "enabled": true
      }
    ],
    "text_log_settings": [
      {
        "destination": {
          "cloudwatch": {
            "cloudwatch_log_group_arn": "arn:aws:logs:us-east-1:############:log-group:/aws/connect/manuchn-connect:*",
            "log_prefix": "poc"
          }
        },
        "enabled": false
      }
    ]
  },
  "description": "Calculate",
  "id": "NHKZWUKWXJ|PLE96TCB8F",
  "sentiment_analysis_settings": null
}

Prior state


tfrd logs/sdk_proto/1726022882090_PlanResourceChange_Request_PriorState.msgpack
{
  "arn": "arn:aws:lex:us-east-1:############:bot-alias/PLE96TCB8F/NHKZWUKWXJ",
  "bot_alias_id": "NHKZWUKWXJ",
  "bot_alias_locale_settings": [
    {
      "bot_alias_locale_setting": {
        "code_hook_specification": null,
        "enabled": true
      },
      "locale_id": "en_US"
    }
  ],
  "bot_alias_name": "calculate",
  "bot_alias_status": "Available",
  "bot_alias_tags": [
    {
      "key": "environment",
      "value": "poc"
    }
  ],
  "bot_id": "PLE96TCB8F",
  "bot_version": "2",
  "conversation_log_settings": {
    "audio_log_settings": [
      {
        "destination": {
          "s3_bucket": {
            "kms_key_arn": null,
            "log_prefix": "poc",
            "s3_bucket_arn": "arn:aws:s3:::manuchn-tftest-bucket"
          }
        },
        "enabled": true
      }
    ],
    "text_log_settings": [
      {
        "destination": {
          "cloudwatch": {
            "cloudwatch_log_group_arn": "arn:aws:logs:us-east-1:############:log-group:/aws/connect/manuchn-connect:*",
            "log_prefix": "poc"
          }
        },
        "enabled": false
      }
    ]
  },
  "description": "Calculate",
  "id": "NHKZWUKWXJ|PLE96TCB8F",
  "sentiment_analysis_settings": {
    "detect_sentiment": false
  }
}

hashicorp / terraform-provider-awscc