Cloudfront Distribution after import attempts to make changes [0.9.8] #1194

hashibot · 2017-07-20T15:20:21Z

This issue was originally opened by @ahharu as hashicorp/terraform#15600. It was migrated here as a result of the provider split. The original body of the issue is below.

PROVIDER ISSUES

After importing a resource in terraform using terraform import and having into our tf files a configuration that matches remote config in AWS it wants to delete and then add the configuration.

Terraform Version

0.9.8

Debug Output

~ aws_cloudfront_distribution.statics
    cache_behavior.#:                                                                                    "0" => "2"
    cache_behavior.322762713.allowed_methods.#:                                                          "0" => "2"
    cache_behavior.322762713.allowed_methods.0:                                                          "" => "GET"
    cache_behavior.322762713.allowed_methods.1:                                                          "" => "HEAD"
    cache_behavior.322762713.cached_methods.#:                                                           "0" => "2"
    cache_behavior.322762713.cached_methods.0:                                                           "" => "GET"
    cache_behavior.322762713.cached_methods.1:                                                           "" => "HEAD"
    cache_behavior.322762713.compress:                                                                   "" => "false"
    cache_behavior.322762713.default_ttl:                                                                "" => "86400"
    cache_behavior.322762713.forwarded_values.#:                                                         "0" => "1"
    cache_behavior.322762713.forwarded_values.563318458.cookies.#:                                       "0" => "1"
    cache_behavior.322762713.forwarded_values.563318458.cookies.2625240281.forward:                      "" => "none"
    cache_behavior.322762713.forwarded_values.563318458.cookies.2625240281.whitelisted_names.#:          "0" => "0"
    cache_behavior.322762713.forwarded_values.563318458.headers.#:                                       "0" => "1"
    cache_behavior.322762713.forwarded_values.563318458.headers.0:                                       "" => "Origin"
    cache_behavior.322762713.forwarded_values.563318458.query_string:                                    "" => "false"
    cache_behavior.322762713.forwarded_values.563318458.query_string_cache_keys.#:                       "0" => "0"
    cache_behavior.322762713.lambda_function_association.#:                                              "0" => "0"
    cache_behavior.322762713.max_ttl:                                                                    "" => "31536000"
    cache_behavior.322762713.min_ttl:                                                                    "" => "0"
    cache_behavior.322762713.path_pattern:                                                               "" => "eviewer/*"
    cache_behavior.322762713.smooth_streaming:                                                           "" => "false"
    cache_behavior.322762713.target_origin_id:                                                           "" => "S3-ofertia-static-content"
    cache_behavior.322762713.trusted_signers.#:                                                          "0" => "0"
    cache_behavior.322762713.viewer_protocol_policy:                                                     "" => "allow-all"
    cache_behavior.4105325411.allowed_methods.#:                                                         "0" => "2"
    cache_behavior.4105325411.allowed_methods.0:                                                         "" => "GET"
    cache_behavior.4105325411.allowed_methods.1:                                                         "" => "HEAD"
    cache_behavior.4105325411.cached_methods.#:                                                          "0" => "2"
    cache_behavior.4105325411.cached_methods.0:                                                          "" => "GET"
    cache_behavior.4105325411.cached_methods.1:                                                          "" => "HEAD"
    cache_behavior.4105325411.compress:                                                                  "" => "false"
    cache_behavior.4105325411.default_ttl:                                                               "" => "86400"
    cache_behavior.4105325411.forwarded_values.#:                                                        "0" => "1"
    cache_behavior.4105325411.forwarded_values.563318458.cookies.#:                                      "0" => "1"
    cache_behavior.4105325411.forwarded_values.563318458.cookies.2625240281.forward:                     "" => "none"
    cache_behavior.4105325411.forwarded_values.563318458.cookies.2625240281.whitelisted_names.#:         "0" => "0"
    cache_behavior.4105325411.forwarded_values.563318458.headers.#:                                      "0" => "1"
    cache_behavior.4105325411.forwarded_values.563318458.headers.0:                                      "" => "Origin"
    cache_behavior.4105325411.forwarded_values.563318458.query_string:                                   "" => "false"
    cache_behavior.4105325411.forwarded_values.563318458.query_string_cache_keys.#:                      "0" => "0"
    cache_behavior.4105325411.lambda_function_association.#:                                             "0" => "0"
    cache_behavior.4105325411.max_ttl:                                                                   "" => "31536000"
    cache_behavior.4105325411.min_ttl:                                                                   "" => "0"
    cache_behavior.4105325411.path_pattern:                                                              "" => "web/*"
    cache_behavior.4105325411.smooth_streaming:                                                          "" => "false"
    cache_behavior.4105325411.target_origin_id:                                                          "" => "S3-ofertia-static-content"
    cache_behavior.4105325411.trusted_signers.#:                                                         "0" => "0"
    cache_behavior.4105325411.viewer_protocol_policy:                                                    "" => "allow-all"
    default_cache_behavior.1805859333.allowed_methods.#:                                                 "2" => "0"
    default_cache_behavior.1805859333.allowed_methods.0:                                                 "HEAD" => ""
    default_cache_behavior.1805859333.allowed_methods.1:                                                 "GET" => ""
    default_cache_behavior.1805859333.cached_methods.#:                                                  "2" => "0"
    default_cache_behavior.1805859333.cached_methods.0:                                                  "HEAD" => ""
    default_cache_behavior.1805859333.cached_methods.1:                                                  "GET" => ""
    default_cache_behavior.1805859333.compress:                                                          "false" => "false"
    default_cache_behavior.1805859333.default_ttl:                                                       "86400" => "0"
    default_cache_behavior.1805859333.forwarded_values.#:                                                "1" => "0"
    default_cache_behavior.1805859333.forwarded_values.563318458.cookies.#:                              "1" => "0"
    default_cache_behavior.1805859333.forwarded_values.563318458.cookies.2625240281.forward:             "none" => ""
    default_cache_behavior.1805859333.forwarded_values.563318458.cookies.2625240281.whitelisted_names.#: "0" => "0"
    default_cache_behavior.1805859333.forwarded_values.563318458.headers.#:                              "1" => "0"
    default_cache_behavior.1805859333.forwarded_values.563318458.headers.0:                              "Origin" => ""
    default_cache_behavior.1805859333.forwarded_values.563318458.query_string:                           "false" => "false"
    default_cache_behavior.1805859333.forwarded_values.563318458.query_string_cache_keys.#:              "0" => "0"
    default_cache_behavior.1805859333.lambda_function_association.#:                                     "0" => "0"
    default_cache_behavior.1805859333.max_ttl:                                                           "31536000" => "0"
    default_cache_behavior.1805859333.min_ttl:                                                           "604800" => "0"
    default_cache_behavior.1805859333.smooth_streaming:                                                  "false" => "false"
    default_cache_behavior.1805859333.target_origin_id:                                                  "S3-ofertiadk-static-content" => ""
    default_cache_behavior.1805859333.trusted_signers.#:                                                 "0" => "0"
    default_cache_behavior.1805859333.viewer_protocol_policy:                                            "allow-all" => ""
    default_cache_behavior.983534757.allowed_methods.#:                                                  "0" => "2"
    default_cache_behavior.983534757.allowed_methods.0:                                                  "" => "GET"
    default_cache_behavior.983534757.allowed_methods.1:                                                  "" => "HEAD"
    default_cache_behavior.983534757.cached_methods.#:                                                   "0" => "2"
    default_cache_behavior.983534757.cached_methods.0:                                                   "" => "GET"
    default_cache_behavior.983534757.cached_methods.1:                                                   "" => "HEAD"
    default_cache_behavior.983534757.compress:                                                           "" => "false"
    default_cache_behavior.983534757.default_ttl:                                                        "" => "86400"
    default_cache_behavior.983534757.forwarded_values.#:                                                 "0" => "1"
    default_cache_behavior.983534757.forwarded_values.563318458.cookies.#:                               "0" => "1"
    default_cache_behavior.983534757.forwarded_values.563318458.cookies.2625240281.forward:              "" => "none"
    default_cache_behavior.983534757.forwarded_values.563318458.cookies.2625240281.whitelisted_names.#:  "0" => "0"
    default_cache_behavior.983534757.forwarded_values.563318458.headers.#:                               "0" => "1"
    default_cache_behavior.983534757.forwarded_values.563318458.headers.0:                               "" => "Origin"
    default_cache_behavior.983534757.forwarded_values.563318458.query_string:                            "" => "false"
    default_cache_behavior.983534757.forwarded_values.563318458.query_string_cache_keys.#:               "0" => "0"
    default_cache_behavior.983534757.lambda_function_association.#:                                      "0" => "0"
    default_cache_behavior.983534757.max_ttl:                                                            "" => "31536000"
    default_cache_behavior.983534757.min_ttl:                                                            "" => "0"
    default_cache_behavior.983534757.smooth_streaming:                                                   "" => "false"
    default_cache_behavior.983534757.target_origin_id:                                                   "" => "S3-ofertiadk-static-content"
    default_cache_behavior.983534757.trusted_signers.#:                                                  "0" => "0"
    default_cache_behavior.983534757.viewer_protocol_policy:                                             "" => "allow-all"
    origin.#:                                                                                            "1" => "2"
    origin.2237230307.custom_header.#:                                                                   "0" => "0"
    origin.2237230307.custom_origin_config.#:                                                            "0" => "0"
    origin.2237230307.domain_name:                                                                       "" => "ofertia-static-content.s3.amazonaws.com"
    origin.2237230307.origin_id:                                                                         "" => "S3-ofertia-static-content"
    origin.2237230307.origin_path:                                                                       "" => "/dk"
    origin.2237230307.s3_origin_config.#:                                                                "0" => "0"
    origin.3712337220.custom_header.#:                                                                   "0" => "0"
    origin.3712337220.custom_origin_config.#:                                                            "0" => "0"
    origin.3712337220.domain_name:                                                                       "ofertiadk-static-content.s3.amazonaws.com" => "ofertiadk-static-content.s3.amazonaws.com"
    origin.3712337220.origin_id:                                                                         "S3-ofertiadk-static-content" => "S3-ofertiadk-static-content"
    origin.3712337220.origin_path:                                                                       "" => ""
    origin.3712337220.s3_origin_config.#:                                                                "0" => "0"

Expected Behavior

Should detect it and show no changes

Steps to Reproduce

terraform import a cloudfront distribution

terraform plan

The text was updated successfully, but these errors were encountered:

anmiles · 2017-08-09T14:16:25Z

I imported existing cloudfront distribution and then launched terraform plan.
It plans removing and re-creating default_cache_behavior and origin, like this:
...
origin.1997651515.custom_origin_config.1702400468.http_port: "" => "80" origin.1997651515.custom_origin_config.1702400468.https_port: "" => "443"
...
origin.689845181.custom_origin_config.1328413836.http_port: "80" => "0" origin.689845181.custom_origin_config.1328413836.https_port: "443" => "0"

fransr · 2017-10-06T22:35:23Z

We have a similar issue creating a CloudFront instance and then rerunning terraform after creation. It always wants us to switch these settings (version 0.10.7 "aws" (1.0.0)) every time you run it:

Terraform will perform the following actions:

  ~ aws_cloudfront_distribution.s3_distribution
      viewer_certificate.1540335073.acm_certificate_arn:            "" => ""
      viewer_certificate.1540335073.cloudfront_default_certificate: "true" => "false"
      viewer_certificate.1540335073.iam_certificate_id:             "" => ""
      viewer_certificate.1540335073.minimum_protocol_version:       "TLSv1" => ""
      viewer_certificate.1540335073.ssl_support_method:             "" => ""
      viewer_certificate.2654384193.acm_certificate_arn:            "" => ""
      viewer_certificate.2654384193.cloudfront_default_certificate: "" => "true"
      viewer_certificate.2654384193.iam_certificate_id:             "" => ""
      viewer_certificate.2654384193.minimum_protocol_version:       "" => "SSLv3"
      viewer_certificate.2654384193.ssl_support_method:             "" => ""

Or .tf-resource for cloudfront looks like this:

resource "aws_cloudfront_distribution" "s3_distribution" {
  origin {
    domain_name = "${aws_iam_user.customer.name}.s3.amazonaws.com"
    origin_id   = "${aws_iam_user.customer.name}"
    origin_path = "/media"
    s3_origin_config {
      origin_access_identity = "${aws_cloudfront_origin_access_identity.oai.cloudfront_access_identity_path}"
    }
  }

  enabled             = true
  comment             = "${aws_iam_user.customer.name}"
  default_root_object = "index.html"

  default_cache_behavior {
    allowed_methods  = ["GET", "HEAD"]
    cached_methods   = ["GET", "HEAD"]
    target_origin_id = "${aws_iam_user.customer.name}"

    forwarded_values {
      query_string = false
      headers = [ "Origin", "Access-Control-Request-Headers", "Access-Control-Request-Method" ]
      cookies {
        forward = "none"
      }
    }
    viewer_protocol_policy = "allow-all"
    min_ttl                = "0"
    default_ttl            = "86400"
    max_ttl                = "31536000"
  }

  price_class = "${var.CLOUDFRONT_PRICE_CLASS}"

  restrictions {
    geo_restriction {
      restriction_type = "none"
    }
  }

  viewer_certificate {
    cloudfront_default_certificate = true
  }
}

Edit: I took a look on the distribution myself that was created by terraform and aws cloudfront get-distribution-config --id XXX said:

        "ViewerCertificate": {
            "CloudFrontDefaultCertificate": true, 
            "MinimumProtocolVersion": "TLSv1",

so I changed my .tf to:

  viewer_certificate {
    cloudfront_default_certificate = true
    minimum_protocol_version = "TLSv1"
  }

and that solved it for me. My guess is the default value SSLv3 either is not sent in, or is ignored by CloudFront which will set TLSv1, that's why it never showed the state to be synced.

…ributes for better difference handling References: * #7709 * #5526 * #4338 * #3842 * #3766 * #3256 * #1194 * #824 * #416 The usage of `TypeSet` for single container block attributes can cause unnecessary problems with Terraform's difference logic and makes plan output unnecessarily more difficult to read. Here we adjust these to `TypeList`. Converted the following from `Type: schema.TypeSet` and `MaxItems: 1` to `Type: schema.TypeList`: * `default_cache_behavior` configuration block * `default_cache_behavior` configuration block `forwarded_values` configuration block * `default_cache_behavior` configuration block `forwarded_values` configuration block `cookies` configuration block * `logging_config` configuration block * `origin` configuration block `custom_origin_config` configuration block * `origin` configuration block `s3_origin_config` configuration block * `ordered_cache_behavior` configuration block `forwarded_values` configuration block * `ordered_cache_behavior` configuration block `forwarded_values` configuration block `cookies` configuration block * `restrictions` configuration block * `restrictions` configuration block `geo_restriction` configuration block * `viewer_certificate` configuration block The usage of `TypeList` for arguments where ordering does not matter causes unnecessary hassle for operators to match their configuration to the CloudFront API. Here we replace these with `TypeSet` to ignore ordering. Converted the following from `Type: schema.TypeList` to `Type: schema.TypeSet`: * `default_cache_behavior` configuration block `allowed_methods` argument * `default_cache_behavior` configuration block `cached_methods` argument * `origin` configuration block `custom_origin_config` configuration block `origin_ssl_protocols` argument * `restrictions` configuration block `geo_restriction` configuration block `locations` argument This change was verified with a live configuration outside the acceptance testing framework with Terraform 0.11 as effectively a no-op for the most common use case configurations that do not later reference these attributes. ```console $ terraform apply ... aws_cloudfront_distribution.test: Creating... active_trusted_signers.%: "" => "<computed>" arn: "" => "<computed>" caller_reference: "" => "<computed>" default_cache_behavior.#: "0" => "1" default_cache_behavior.1848826977.allowed_methods.#: "0" => "7" default_cache_behavior.1848826977.allowed_methods.0: "" => "DELETE" default_cache_behavior.1848826977.allowed_methods.1: "" => "GET" default_cache_behavior.1848826977.allowed_methods.2: "" => "HEAD" default_cache_behavior.1848826977.allowed_methods.3: "" => "OPTIONS" default_cache_behavior.1848826977.allowed_methods.4: "" => "PATCH" default_cache_behavior.1848826977.allowed_methods.5: "" => "POST" default_cache_behavior.1848826977.allowed_methods.6: "" => "PUT" default_cache_behavior.1848826977.cached_methods.#: "0" => "2" default_cache_behavior.1848826977.cached_methods.0: "" => "GET" default_cache_behavior.1848826977.cached_methods.1: "" => "HEAD" default_cache_behavior.1848826977.compress: "" => "false" default_cache_behavior.1848826977.default_ttl: "" => "100" default_cache_behavior.1848826977.field_level_encryption_id: "" => "" default_cache_behavior.1848826977.forwarded_values.#: "0" => "1" default_cache_behavior.1848826977.forwarded_values.2510654351.cookies.#: "0" => "1" default_cache_behavior.1848826977.forwarded_values.2510654351.cookies.1870923232.forward: "" => "all" default_cache_behavior.1848826977.forwarded_values.2510654351.cookies.1870923232.whitelisted_names.#: "0" => "0" default_cache_behavior.1848826977.forwarded_values.2510654351.headers.#: "0" => "0" default_cache_behavior.1848826977.forwarded_values.2510654351.query_string: "" => "false" default_cache_behavior.1848826977.forwarded_values.2510654351.query_string_cache_keys.#: "0" => "0" default_cache_behavior.1848826977.lambda_function_association.#: "0" => "0" default_cache_behavior.1848826977.max_ttl: "" => "100" default_cache_behavior.1848826977.min_ttl: "" => "100" default_cache_behavior.1848826977.smooth_streaming: "" => "true" default_cache_behavior.1848826977.target_origin_id: "" => "myCustomOrigin" default_cache_behavior.1848826977.trusted_signers.#: "0" => "0" default_cache_behavior.1848826977.viewer_protocol_policy: "" => "allow-all" domain_name: "" => "<computed>" enabled: "" => "true" etag: "" => "<computed>" hosted_zone_id: "" => "<computed>" http_version: "" => "http2" in_progress_validation_batches: "" => "<computed>" is_ipv6_enabled: "" => "false" last_modified_time: "" => "<computed>" ordered_cache_behavior.#: "0" => "2" ordered_cache_behavior.0.allowed_methods.#: "0" => "7" ordered_cache_behavior.0.allowed_methods.1012961568: "" => "POST" ordered_cache_behavior.0.allowed_methods.1040875975: "" => "GET" ordered_cache_behavior.0.allowed_methods.1445840968: "" => "HEAD" ordered_cache_behavior.0.allowed_methods.1741119464: "" => "PATCH" ordered_cache_behavior.0.allowed_methods.348445828: "" => "DELETE" ordered_cache_behavior.0.allowed_methods.3982006612: "" => "OPTIONS" ordered_cache_behavior.0.allowed_methods.4024585617: "" => "PUT" ordered_cache_behavior.0.cached_methods.#: "0" => "2" ordered_cache_behavior.0.cached_methods.1040875975: "" => "GET" ordered_cache_behavior.0.cached_methods.1445840968: "" => "HEAD" ordered_cache_behavior.0.compress: "" => "false" ordered_cache_behavior.0.default_ttl: "" => "50" ordered_cache_behavior.0.forwarded_values.#: "0" => "1" ordered_cache_behavior.0.forwarded_values.2555876073.cookies.#: "0" => "1" ordered_cache_behavior.0.forwarded_values.2555876073.cookies.2625240281.forward: "" => "none" ordered_cache_behavior.0.forwarded_values.2555876073.cookies.2625240281.whitelisted_names.#: "0" => "0" ordered_cache_behavior.0.forwarded_values.2555876073.headers.#: "0" => "0" ordered_cache_behavior.0.forwarded_values.2555876073.query_string: "" => "true" ordered_cache_behavior.0.forwarded_values.2555876073.query_string_cache_keys.#: "0" => "0" ordered_cache_behavior.0.max_ttl: "" => "50" ordered_cache_behavior.0.min_ttl: "" => "50" ordered_cache_behavior.0.path_pattern: "" => "images1/*.jpg" ordered_cache_behavior.0.target_origin_id: "" => "myCustomOrigin" ordered_cache_behavior.0.viewer_protocol_policy: "" => "allow-all" ordered_cache_behavior.1.allowed_methods.#: "0" => "7" ordered_cache_behavior.1.allowed_methods.1012961568: "" => "POST" ordered_cache_behavior.1.allowed_methods.1040875975: "" => "GET" ordered_cache_behavior.1.allowed_methods.1445840968: "" => "HEAD" ordered_cache_behavior.1.allowed_methods.1741119464: "" => "PATCH" ordered_cache_behavior.1.allowed_methods.348445828: "" => "DELETE" ordered_cache_behavior.1.allowed_methods.3982006612: "" => "OPTIONS" ordered_cache_behavior.1.allowed_methods.4024585617: "" => "PUT" ordered_cache_behavior.1.cached_methods.#: "0" => "2" ordered_cache_behavior.1.cached_methods.1040875975: "" => "GET" ordered_cache_behavior.1.cached_methods.1445840968: "" => "HEAD" ordered_cache_behavior.1.compress: "" => "false" ordered_cache_behavior.1.default_ttl: "" => "51" ordered_cache_behavior.1.forwarded_values.#: "0" => "1" ordered_cache_behavior.1.forwarded_values.2555876073.cookies.#: "0" => "1" ordered_cache_behavior.1.forwarded_values.2555876073.cookies.2625240281.forward: "" => "none" ordered_cache_behavior.1.forwarded_values.2555876073.cookies.2625240281.whitelisted_names.#: "0" => "0" ordered_cache_behavior.1.forwarded_values.2555876073.headers.#: "0" => "0" ordered_cache_behavior.1.forwarded_values.2555876073.query_string: "" => "true" ordered_cache_behavior.1.forwarded_values.2555876073.query_string_cache_keys.#: "0" => "0" ordered_cache_behavior.1.max_ttl: "" => "51" ordered_cache_behavior.1.min_ttl: "" => "51" ordered_cache_behavior.1.path_pattern: "" => "images2/*.jpg" ordered_cache_behavior.1.target_origin_id: "" => "myCustomOrigin" ordered_cache_behavior.1.viewer_protocol_policy: "" => "allow-all" origin.#: "0" => "1" origin.1857972443.custom_header.#: "0" => "0" origin.1857972443.custom_origin_config.#: "0" => "1" origin.1857972443.custom_origin_config.3832794885.http_port: "" => "80" origin.1857972443.custom_origin_config.3832794885.https_port: "" => "443" origin.1857972443.custom_origin_config.3832794885.origin_keepalive_timeout: "" => "5" origin.1857972443.custom_origin_config.3832794885.origin_protocol_policy: "" => "http-only" origin.1857972443.custom_origin_config.3832794885.origin_read_timeout: "" => "30" origin.1857972443.custom_origin_config.3832794885.origin_ssl_protocols.#: "0" => "2" origin.1857972443.custom_origin_config.3832794885.origin_ssl_protocols.0: "" => "SSLv3" origin.1857972443.custom_origin_config.3832794885.origin_ssl_protocols.1: "" => "TLSv1" origin.1857972443.domain_name: "" => "www.example.com" origin.1857972443.origin_id: "" => "myCustomOrigin" origin.1857972443.origin_path: "" => "" origin.1857972443.s3_origin_config.#: "0" => "0" price_class: "" => "PriceClass_All" restrictions.#: "0" => "1" restrictions.811065190.geo_restriction.#: "0" => "1" restrictions.811065190.geo_restriction.1303118592.locations.#: "0" => "4" restrictions.811065190.geo_restriction.1303118592.locations.0: "" => "US" restrictions.811065190.geo_restriction.1303118592.locations.1: "" => "CA" restrictions.811065190.geo_restriction.1303118592.locations.2: "" => "GB" restrictions.811065190.geo_restriction.1303118592.locations.3: "" => "DE" restrictions.811065190.geo_restriction.1303118592.restriction_type: "" => "whitelist" retain_on_delete: "" => "false" status: "" => "<computed>" viewer_certificate.#: "0" => "1" viewer_certificate.69840937.acm_certificate_arn: "" => "" viewer_certificate.69840937.cloudfront_default_certificate: "" => "true" viewer_certificate.69840937.iam_certificate_id: "" => "" viewer_certificate.69840937.minimum_protocol_version: "" => "TLSv1" viewer_certificate.69840937.ssl_support_method: "" => "" aws_cloudfront_distribution.test: Creation complete after 0s (ID: E3K1GJF3SSNJRN) Apply complete! Resources: 1 added, 0 changed, 0 destroyed. $ cp ~/go/bin/terraform-provider-aws .terraform/plugins/darwin_amd64/terraform-provider-aws_v1.60.0_x4; terraform init # this binary is an updated Terraform AWS Provider built with these changes $ terraform apply # Here we see no state migration required aws_cloudfront_distribution.test: Refreshing state... (ID: E3K1GJF3SSNJRN) Apply complete! Resources: 0 added, 0 changed, 0 destroyed. $ terraform state show aws_cloudfront_distribution.test # Here we see a successful state refresh with the new layout id = E3K1GJF3SSNJRN active_trusted_signers.% = 2 active_trusted_signers.enabled = false active_trusted_signers.items.# = 0 aliases.# = 0 arn = arn:aws:cloudfront::187416307283:distribution/E3K1GJF3SSNJRN caller_reference = 2019-02-25T14:51:42.674464-05:00 custom_error_response.# = 0 default_cache_behavior.# = 1 default_cache_behavior.0.allowed_methods.# = 7 default_cache_behavior.0.allowed_methods.1012961568 = POST default_cache_behavior.0.allowed_methods.1040875975 = GET default_cache_behavior.0.allowed_methods.1445840968 = HEAD default_cache_behavior.0.allowed_methods.1741119464 = PATCH default_cache_behavior.0.allowed_methods.348445828 = DELETE default_cache_behavior.0.allowed_methods.3982006612 = OPTIONS default_cache_behavior.0.allowed_methods.4024585617 = PUT default_cache_behavior.0.cached_methods.# = 2 default_cache_behavior.0.cached_methods.1040875975 = GET default_cache_behavior.0.cached_methods.1445840968 = HEAD default_cache_behavior.0.compress = false default_cache_behavior.0.default_ttl = 100 default_cache_behavior.0.field_level_encryption_id = default_cache_behavior.0.forwarded_values.# = 1 default_cache_behavior.0.forwarded_values.0.cookies.# = 1 default_cache_behavior.0.forwarded_values.0.cookies.0.forward = all default_cache_behavior.0.forwarded_values.0.cookies.0.whitelisted_names.# = 0 default_cache_behavior.0.forwarded_values.0.headers.# = 0 default_cache_behavior.0.forwarded_values.0.query_string = false default_cache_behavior.0.forwarded_values.0.query_string_cache_keys.# = 0 default_cache_behavior.0.lambda_function_association.# = 0 default_cache_behavior.0.max_ttl = 100 default_cache_behavior.0.min_ttl = 100 default_cache_behavior.0.smooth_streaming = true default_cache_behavior.0.target_origin_id = myCustomOrigin default_cache_behavior.0.trusted_signers.# = 0 default_cache_behavior.0.viewer_protocol_policy = allow-all default_root_object = domain_name = dot6h04nf0cmx.cloudfront.net enabled = true etag = E33ZADXZHBHVXT hosted_zone_id = Z2FDTNDATAQYW2 http_version = http2 in_progress_validation_batches = 0 is_ipv6_enabled = false last_modified_time = 2019-02-26 02:22:40.558 +0000 UTC logging_config.# = 0 ordered_cache_behavior.# = 2 ordered_cache_behavior.0.allowed_methods.# = 7 ordered_cache_behavior.0.allowed_methods.1012961568 = POST ordered_cache_behavior.0.allowed_methods.1040875975 = GET ordered_cache_behavior.0.allowed_methods.1445840968 = HEAD ordered_cache_behavior.0.allowed_methods.1741119464 = PATCH ordered_cache_behavior.0.allowed_methods.348445828 = DELETE ordered_cache_behavior.0.allowed_methods.3982006612 = OPTIONS ordered_cache_behavior.0.allowed_methods.4024585617 = PUT ordered_cache_behavior.0.cached_methods.# = 2 ordered_cache_behavior.0.cached_methods.1040875975 = GET ordered_cache_behavior.0.cached_methods.1445840968 = HEAD ordered_cache_behavior.0.compress = false ordered_cache_behavior.0.default_ttl = 50 ordered_cache_behavior.0.field_level_encryption_id = ordered_cache_behavior.0.forwarded_values.# = 1 ordered_cache_behavior.0.forwarded_values.0.cookies.# = 1 ordered_cache_behavior.0.forwarded_values.0.cookies.0.forward = none ordered_cache_behavior.0.forwarded_values.0.cookies.0.whitelisted_names.# = 0 ordered_cache_behavior.0.forwarded_values.0.headers.# = 0 ordered_cache_behavior.0.forwarded_values.0.query_string = true ordered_cache_behavior.0.forwarded_values.0.query_string_cache_keys.# = 0 ordered_cache_behavior.0.lambda_function_association.# = 0 ordered_cache_behavior.0.max_ttl = 50 ordered_cache_behavior.0.min_ttl = 50 ordered_cache_behavior.0.path_pattern = images1/*.jpg ordered_cache_behavior.0.smooth_streaming = false ordered_cache_behavior.0.target_origin_id = myCustomOrigin ordered_cache_behavior.0.trusted_signers.# = 0 ordered_cache_behavior.0.viewer_protocol_policy = allow-all ordered_cache_behavior.1.allowed_methods.# = 7 ordered_cache_behavior.1.allowed_methods.1012961568 = POST ordered_cache_behavior.1.allowed_methods.1040875975 = GET ordered_cache_behavior.1.allowed_methods.1445840968 = HEAD ordered_cache_behavior.1.allowed_methods.1741119464 = PATCH ordered_cache_behavior.1.allowed_methods.348445828 = DELETE ordered_cache_behavior.1.allowed_methods.3982006612 = OPTIONS ordered_cache_behavior.1.allowed_methods.4024585617 = PUT ordered_cache_behavior.1.cached_methods.# = 2 ordered_cache_behavior.1.cached_methods.1040875975 = GET ordered_cache_behavior.1.cached_methods.1445840968 = HEAD ordered_cache_behavior.1.compress = false ordered_cache_behavior.1.default_ttl = 51 ordered_cache_behavior.1.field_level_encryption_id = ordered_cache_behavior.1.forwarded_values.# = 1 ordered_cache_behavior.1.forwarded_values.0.cookies.# = 1 ordered_cache_behavior.1.forwarded_values.0.cookies.0.forward = none ordered_cache_behavior.1.forwarded_values.0.cookies.0.whitelisted_names.# = 0 ordered_cache_behavior.1.forwarded_values.0.headers.# = 0 ordered_cache_behavior.1.forwarded_values.0.query_string = true ordered_cache_behavior.1.forwarded_values.0.query_string_cache_keys.# = 0 ordered_cache_behavior.1.lambda_function_association.# = 0 ordered_cache_behavior.1.max_ttl = 51 ordered_cache_behavior.1.min_ttl = 51 ordered_cache_behavior.1.path_pattern = images2/*.jpg ordered_cache_behavior.1.smooth_streaming = false ordered_cache_behavior.1.target_origin_id = myCustomOrigin ordered_cache_behavior.1.trusted_signers.# = 0 ordered_cache_behavior.1.viewer_protocol_policy = allow-all origin.# = 1 origin.1857972443.custom_header.# = 0 origin.1857972443.custom_origin_config.# = 1 origin.1857972443.custom_origin_config.0.http_port = 80 origin.1857972443.custom_origin_config.0.https_port = 443 origin.1857972443.custom_origin_config.0.origin_keepalive_timeout = 5 origin.1857972443.custom_origin_config.0.origin_protocol_policy = http-only origin.1857972443.custom_origin_config.0.origin_read_timeout = 30 origin.1857972443.custom_origin_config.0.origin_ssl_protocols.# = 2 origin.1857972443.custom_origin_config.0.origin_ssl_protocols.1162609714 = TLSv1 origin.1857972443.custom_origin_config.0.origin_ssl_protocols.2159350162 = SSLv3 origin.1857972443.domain_name = www.example.com origin.1857972443.origin_id = myCustomOrigin origin.1857972443.origin_path = origin.1857972443.s3_origin_config.# = 0 price_class = PriceClass_All restrictions.# = 1 restrictions.0.geo_restriction.# = 1 restrictions.0.geo_restriction.0.locations.# = 4 restrictions.0.geo_restriction.0.locations.3034033770 = DE restrictions.0.geo_restriction.0.locations.3047936762 = US restrictions.0.geo_restriction.0.locations.3589570027 = CA restrictions.0.geo_restriction.0.locations.4191192820 = GB restrictions.0.geo_restriction.0.restriction_type = whitelist retain_on_delete = false status = Deployed tags.% = 0 viewer_certificate.# = 1 viewer_certificate.0.acm_certificate_arn = viewer_certificate.0.cloudfront_default_certificate = true viewer_certificate.0.iam_certificate_id = viewer_certificate.0.minimum_protocol_version = TLSv1 viewer_certificate.0.ssl_support_method = web_acl_id = ``` Output from acceptance testing: ``` --- PASS: TestAccAWSCloudFrontDistribution_Origin_EmptyOriginID (1.04s) --- PASS: TestAccAWSCloudFrontDistribution_Origin_EmptyDomainName (1.12s) --- PASS: TestAccAWSCloudFrontDistribution_orderedCacheBehavior (1082.43s) --- PASS: TestAccAWSCloudFrontDistribution_HTTP11Config (1082.47s) --- PASS: TestAccAWSCloudFrontDistribution_noCustomErrorResponseConfig (1083.16s) --- PASS: TestAccAWSCloudFrontDistribution_noOptionalItemsConfig (1083.56s) --- PASS: TestAccAWSCloudFrontDistribution_S3OriginWithTags (1084.20s) --- PASS: TestAccAWSCloudFrontDistribution_IsIPV6EnabledConfig (1089.11s) --- PASS: TestAccAWSCloudFrontDistribution_S3Origin (1090.38s) --- PASS: TestAccAWSCloudFrontDistribution_customOrigin (1092.54s) --- PASS: TestAccAWSCloudFrontDistribution_multiOrigin (1093.67s) ```

bflad · 2019-02-27T19:55:42Z

Hi folks 👋 Sorry for the trouble with the aws_cloudfront_distribution resource. Since its original implementation, there were many configuration blocks that did not benefit from certain difference simplifications and arguments that were incorrectly using ordered lists instead of sets. Usually these type of implementation details surface in unexpected ways during Terraform runs as diffs didn't match during apply error in Terraform 0.11 and prior. (Aside: in Terraform 0.12 and later, these types of errors will include much better diagnostic information rather than dumping the raw differences.)

The configuration block simplifications and fixes were applied to the resource logic in version 2.0.0 of the Terraform AWS Provider, which will be releasing very shortly. Existing configurations should mostly work as they did previously, but aws_cloudfront_distribution resource updates and recreations should perform more reliably now without these errors. Since there were a large amount of varying diffs didn't match during apply reports, we are opting to close all these issues which appear to fall under this category.

We encourage everyone to file a new GitHub issue once upgraded to version 2.0.0 of the Terraform AWS Provider, should there be any further problems, so we can appropriately triage them. Thanks for your understanding and hope the upgrade is helpful. 😄

ghost · 2020-03-31T17:44:45Z

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

hashibot mentioned this issue Jul 20, 2017

Cloudfront Distribution after import attempts to make changes [0.9.8] hashicorp/terraform#15600

Closed

Ninir added the bug Addresses a defect in current functionality. label Jul 26, 2017

bflad added the service/cloudfront Issues and PRs that pertain to the cloudfront service. label Jan 28, 2018

bflad mentioned this issue Feb 26, 2019

resource/aws_cloudfront_distribution: Adjust TypeSet and TypeList attributes for better difference handling #7732

Merged

bflad closed this as completed in #7732 Feb 27, 2019

bflad added this to the v2.0.0 milestone Feb 27, 2019

ghost locked and limited conversation to collaborators Mar 31, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Cloudfront Distribution after import attempts to make changes [0.9.8] #1194

Cloudfront Distribution after import attempts to make changes [0.9.8] #1194

hashibot commented Jul 20, 2017 •

edited by Ninir

Loading

anmiles commented Aug 9, 2017

fransr commented Oct 6, 2017 •

edited

Loading

bflad commented Feb 27, 2019

ghost commented Mar 31, 2020

Cloudfront Distribution after import attempts to make changes [0.9.8] #1194

Cloudfront Distribution after import attempts to make changes [0.9.8] #1194

Comments

hashibot commented Jul 20, 2017 • edited by Ninir Loading

PROVIDER ISSUES

Terraform Version

Debug Output

Expected Behavior

Steps to Reproduce

anmiles commented Aug 9, 2017

fransr commented Oct 6, 2017 • edited Loading

bflad commented Feb 27, 2019

ghost commented Mar 31, 2020

hashibot commented Jul 20, 2017 •

edited by Ninir

Loading

fransr commented Oct 6, 2017 •

edited

Loading