search

terraform-google-modules / terraform-google-cloud-storage

Creates one or more Cloud Storage buckets and assigns basic permissions on them to arbitrary users
https://registry.terraform.io/modules/terraform-google-modules/cloud-storage/google
Apache License 2.0
167 stars 551 forks source link

Upgrading gcp module version destroys bucket #346

Open dspeck1 opened 1 week ago

dspeck1 commented 1 week ago

TL;DR

Upgraded terraform-google-cloud storage version from 1.7.0 to the latest 6.1.0 and getting this error. I am not using a list in my code. 

  # google_storage_bucket_iam_binding.cutouts-bucket-ro-iam-binding must be replaced
-/+ resource "google_storage_bucket_iam_binding" "cutouts-bucket-ro-iam-binding" {
      ~ bucket  = "b/rubin-cutouts-dev-us-central1-output" -> "rubin-cutouts-dev-output" # forces replacement
      ~ etag    = "CAs=" -> (known after apply)
      ~ id      = "b/rubin-cutouts-dev-us-central1-output/roles/storage.objectViewer" -> (known after apply)
        # (2 unchanged attributes hidden)

Expected behavior

Upgrade the provider version and not have terraform delete the bucket.

Observed behavior

Terraform wants to delete the bucket.

Terraform Configuration

module "gcs_bucket" {
  source  = "terraform-google-modules/cloud-storage/google"
  version = ">= 6.1.0"

  project_id           = var.project_id
  names                = var.suffix_name
  prefix               = var.prefix_name
  set_admin_roles      = var.set_admin_roles
  admins               = var.admins
  versioning           = var.versioning
  bucket_policy_only   = var.bucket_policy_only
  bucket_admins        = var.bucket_admins
  bucket_creators      = var.bucket_creators
  bucket_viewers       = var.bucket_viewers
  creators             = var.creators
  encryption_key_names = var.encryption_key_names
  folders              = var.folders
  force_destroy        = var.force_destroy
  labels               = var.labels
  lifecycle_rules      = var.lifecycle_rules
  location             = var.location
  set_creator_roles    = var.set_creator_roles
  set_viewer_roles     = var.set_viewer_roles
  storage_class        = var.storage_class
  viewers              = var.viewers
}

Terraform Version

terraform version
Terraform v1.9.5
on linux_amd64
+ provider registry.terraform.io/hashicorp/google v5.44.0
+ provider registry.terraform.io/hashicorp/google-beta v5.44.0
+ provider registry.terraform.io/hashicorp/null v3.2.3
+ provider registry.terraform.io/hashicorp/random v3.6.3
+ provider registry.terraform.io/hashicorp/template v2.2.

Additional information

No response

daniel-cit commented 2 days ago

Hi @dspeck1 thanks for your report.

The Terraform Google Cloud Storage Module uses Semantic Versioning for the releases created, which means there are braking changes from v1 to v6.

Your case looks like the change describe in the documentation regarding Upgrading to v4.0.

Cloud you try the instructions and see if they fix your issue?