ebs_block_device configuration changes not tracked after initial resource creation

eneiss commented 1 year ago

Description

While the EBS block device is created with properties corresponding to those described in the ebs_block_device block when creating the ressource with terraform apply for the first time, subsequent plan/applies no longer track changes in ebs_block_device properties. The same changes are correctly applied to root_block_device, but not to ebs_block_device.

[x] ✋ I have searched the open/closed issues and my issue is not listed.

Versions

Module version [Required]:
Terraform version:
```
Terraform v1.5.5
on linux_amd64
```

Provider version(s):

provider registry.terraform.io/hashicorp/aws v5.12.0

Reproduction Code

Spoiler (standalone example)

```tf ################################################################################ # Terraform & Provider Config ################################################################################ terraform { required_providers { aws = { source = "hashicorp/aws" version = "~> 5.12" } } required_version = ">= 1.5.0" } provider "aws" { region = local.region } ################################################################################ # Main Config & Resources ################################################################################ locals { region = "us-east-1" azs = slice(data.aws_availability_zones.available.names, 0, 2) # Once resources created, comment this >>>>>>>>>>>>> root_ebs_size = 30 second_ebs_size = 5 volume_type = "gp3" foo_tag_value = "bar" ## And uncomment this >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> # root_ebs_size = 40 # second_ebs_size = 10 # volume_type = "gp2" # foo_tag_value = "foobar" } module "ec2-instance" { source = "terraform-aws-modules/ec2-instance/aws" version = "5.2.1" name = "test-ec2-ebs" ami = data.aws_ami.amazon_linux.id instance_type = "t2.micro" subnet_id = module.vpc.private_subnets[0] enable_volume_tags = false root_block_device = [ { volume_type = local.volume_type volume_size = local.root_ebs_size tags = { Name = "my-root-block" Foo = local.foo_tag_value } }, ] ebs_block_device = [ { device_name = "/dev/sdf" volume_type = local.volume_type volume_size = local.second_ebs_size tags = { Name = "my-second-block" MountPoint = "/mnt/data" Foo = local.foo_tag_value } } ] } ################################################################################ # Supporting Resources ################################################################################ module "vpc" { source = "terraform-aws-modules/vpc/aws" version = "5.1.1" name = "test-ec2-ebs-vpc" cidr = "10.0.0.0/16" azs = local.azs private_subnets = ["10.0.0.0/24"] } module "security_group" { source = "terraform-aws-modules/security-group/aws" version = "~> 4.0" name = "test-ec2-ebs-sg" description = "Security group for EBS test instance" vpc_id = module.vpc.vpc_id ingress_cidr_blocks = ["0.0.0.0/0"] ingress_rules = ["http-80-tcp", "all-icmp"] egress_rules = ["all-all"] } ################################################################################ # Data Sources ################################################################################ data "aws_availability_zones" "available" {} data "aws_ami" "amazon_linux" { most_recent = true owners = ["amazon"] filter { name = "name" values = ["amzn-ami-hvm-*-x86_64-gp2"] } } ```

Steps to reproduce the behavior:

Init and apply the provided code once to create all resources.
(Optional) Run aws ec2 describe-volumes to confirm that both EBS volumes have been created successfully and with the provided configuration (tags, volume size and type).
Comment out the first locals block and uncomment the block below as marked in the code. This applies changes to both root_block_device and ebs_block_device configuration.
Run terraform apply and notice the planned changes. These changes only apply for root_block_device even though ebs_block_device is also impacted by the locals changing.
(Optional) Run aws ec2 describe-volumes to confirm that changes were only made on the root EBS and not the additional one.

Notes:

[x] I am not using workspaces
[x] I have cleared the local cache

Expected behavior

Both the root and additional EBS provisioned by the EC2 module should be updated according to their configuration changes after their initial provisioning.

Actual behavior

Only the root EBS is updated according to changes in its configuration. Changes in the configuration of the additional volume designated by ebs_block_device are not recorded by Terraform in plans/applies after the initial resource creation, and are in fact not applied on the actual EBS either.

Terminal Output

Terraform will perform the following actions:

  # module.ec2-instance.aws_instance.this[0] will be updated in-place
  ~ resource "aws_instance" "this" {
        id                                   = "i-01394ad2314c8a751"
        tags                                 = {
            "Name" = "test-ec2-ebs"
        }
        # (29 unchanged attributes hidden)

      ~ root_block_device {
          ~ tags                  = {
              ~ "Foo"  = "bar" -> "foobar"
                "Name" = "my-root-block"
            }
          ~ volume_size           = 30 -> 40
          ~ volume_type           = "gp3" -> "gp2"
            # (6 unchanged attributes hidden)
        }

        # (9 unchanged blocks hidden)
    }

EBS configuration right after creation, with the initial set of parameters:

Spoiler

Output of `aws ec2 describe-volumes`: ```json { "Volumes": [ { "Attachments": [ { "AttachTime": "2023-08-12T22:56:38+00:00", "Device": "/dev/sdf", "InstanceId": "i-01394ad2314c8a751", "State": "attached", "VolumeId": "vol-0cd6731f8963735e4", "DeleteOnTermination": true } ], "AvailabilityZone": "us-east-1a", "CreateTime": "2023-08-12T22:56:38.674000+00:00", "Encrypted": false, "Size": 5, "SnapshotId": "", "State": "in-use", "VolumeId": "vol-0cd6731f8963735e4", "Iops": 3000, "Tags": [ { "Key": "Foo", "Value": "bar" }, { "Key": "Name", "Value": "my-second-block" }, { "Key": "MountPoint", "Value": "/mnt/data" } ], "VolumeType": "gp3", "MultiAttachEnabled": false, "Throughput": 125 }, { "Attachments": [ { "AttachTime": "2023-08-12T22:56:38+00:00", "Device": "/dev/xvda", "InstanceId": "i-01394ad2314c8a751", "State": "attached", "VolumeId": "vol-0baa3cfa2625a395e", "DeleteOnTermination": true } ], "AvailabilityZone": "us-east-1a", "CreateTime": "2023-08-12T22:56:38.578000+00:00", "Encrypted": false, "Size": 30, "SnapshotId": "snap-0aed4eaafe64ffb14", "State": "in-use", "VolumeId": "vol-0baa3cfa2625a395e", "Iops": 3000, "Tags": [ { "Key": "Foo", "Value": "bar" }, { "Key": "Name", "Value": "my-root-block" } ], "VolumeType": "gp3", "MultiAttachEnabled": false, "Throughput": 125 } ] } ```

EBS configuration after commenting out the initial set of parameters and uncommenting the new values, then using terraform apply:

Spoiler

Output of `aws ec2 describe-volumes`: ```json { "Volumes": [ { "Attachments": [ { "AttachTime": "2023-08-12T22:56:38+00:00", "Device": "/dev/sdf", "InstanceId": "i-01394ad2314c8a751", "State": "attached", "VolumeId": "vol-0cd6731f8963735e4", "DeleteOnTermination": true } ], "AvailabilityZone": "us-east-1a", "CreateTime": "2023-08-12T22:56:38.674000+00:00", "Encrypted": false, "Size": 5, "SnapshotId": "", "State": "in-use", "VolumeId": "vol-0cd6731f8963735e4", "Iops": 3000, "Tags": [ { "Key": "Foo", "Value": "bar" }, { "Key": "Name", "Value": "my-second-block" }, { "Key": "MountPoint", "Value": "/mnt/data" } ], "VolumeType": "gp3", "MultiAttachEnabled": false, "Throughput": 125 }, { "Attachments": [ { "AttachTime": "2023-08-12T22:56:38+00:00", "Device": "/dev/xvda", "InstanceId": "i-01394ad2314c8a751", "State": "attached", "VolumeId": "vol-0baa3cfa2625a395e", "DeleteOnTermination": true } ], "AvailabilityZone": "us-east-1a", "CreateTime": "2023-08-12T22:56:38.578000+00:00", "Encrypted": false, "Size": 40, "SnapshotId": "snap-0aed4eaafe64ffb14", "State": "in-use", "VolumeId": "vol-0baa3cfa2625a395e", "Iops": 120, "Tags": [ { "Key": "Foo", "Value": "foobar" }, { "Key": "Name", "Value": "my-root-block" } ], "VolumeType": "gp2", "MultiAttachEnabled": false } ] } ```

Additional context

Issue #322 shows part of the problem, but it seems to apply to more than one single attribute of ebs_block_device and might more likely be an issue of the whole block ignoring subsequent configuration changes.

dstockstad commented 1 year ago

Was also hit by this. Changed volume_size only and it doesn't pick up the change.

github-actions[bot] commented 1 year ago

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days

venkateshk111 commented 1 year ago

I have similar issue, any changes to _ebs_blockdevice "alone" is not being recognized when i try terraform plan or apply , however if i make any changes to both _root_blockdevice and _ebs_blockdevice than the changes tend to reflect.

my case im trying to modify the encryption keys (_kms_keyid) to existing EBS volume.

github-actions[bot] commented 11 months ago

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days

github-actions[bot] commented 10 months ago

This issue was automatically closed because of stale in 10 days

github-actions[bot] commented 9 months ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

terraform-aws-modules / terraform-aws-ec2-instance