Closed tangr closed 4 months ago
Hey @tangr. Thanks for letting us know. I am able to reproduce the perpetual diff.
This doesn't seem to be fixed by shimv2.WithPlanResourceChange
:
provider/resources.go | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/provider/resources.go b/provider/resources.go
index 45c8e33607..6b43ba153a 100644
--- a/provider/resources.go
+++ b/provider/resources.go
@@ -794,7 +794,8 @@ func ProviderFromMeta(metaInfo *tfbridge.MetadataInfo) *tfbridge.ProviderInfo {
shimv2.WithDiffStrategy(shimv2.PlanState),
shimv2.WithPlanResourceChange(func(s string) bool {
switch s {
- case "aws_ssm_document", "aws_wafv2_web_acl":
+ case "aws_ssm_document", "aws_wafv2_web_acl",
+ "aws_wafv2_rule_group":
return true
default:
return false
CC @t0yv0
@iwahbe Any updates? We encountered the same problem and it is annoying to see a diff every time we run pulumi up
.
@iwahbe @t0yv0 Hi there, any update on this?
The same issue for rule override
python-aws code part
aws.wafv2.WebAclRuleArgs(
name="AWS-AWSManagedRulesCommonRuleSet",
priority=3,
statement=aws.wafv2.WebAclRuleStatementArgs(
managed_rule_group_statement=aws.wafv2.WebAclRuleStatementManagedRuleGroupStatementArgs(
name="AWSManagedRulesCommonRuleSet",
vendor_name="AWS",
rule_action_overrides=[
{
"actionToUse": { "allow": {} },
"name": "SizeRestrictions_BODY"
}
]
),
),
visibility_config=aws.wafv2.WebAclRuleVisibilityConfigArgs(
cloudwatch_metrics_enabled=True,
metric_name="AWS-AWSManagedRulesCommonRuleSet",
sampled_requests_enabled=True,
),
override_action=aws.wafv2.WebAclRuleOverrideActionArgs(none=aws.wafv2.WebAclRuleOverrideActionNoneArgs())
),
This was fixed in https://github.com/pulumi/pulumi-aws/pull/3948. It'll be released in release 6.36.0
What happened?
After pulumi updated with below pulumi code, and it was update successfully. But it stilled update differ again in re-run time, seems the stack info update saved.
Example
Output of
pulumi about
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).