DNS validation records are always created and destroyed when creating aws_acm_certificate with aws_route53_record #13317
Labels
bug
Addresses a defect in current functionality.
service/acm
Issues and PRs that pertain to the acm service.
service/route53
Issues and PRs that pertain to the route53 service.
Milestone
Community Note
Terraform Version
$ terraform -v
Terraform v0.12.24
Affected Resource(s)
Terraform Configuration Files
The following has been created as a module based on various examples on the internet and an attempt to use for_each to avoid a changing order triggering the resources to be tainted on every run. It didn't work. This does as much autodiscovery as I could possibly get it to do, but it still always creates and destroys validation records even when nothing has changed. This works similar to:
https://github.com/cloudposse/terraform-aws-acm-request-certificate
vars.tf
main.tf
locals.tf
Debug Output
Just running the terraform multiple times causes all validation records to always destroy and create, even when using for_each. I've tried everything... I don't know what debug output here can do to help.
Panic Output
N/A
Expected Behavior
The acm certificate and validation records should only be recreated and destroyed when they change.
Actual Behavior
The acm certification and validation records are recreated and destroyed on every run even when nothing has changed.
Steps to Reproduce
terraform apply
Important Factoids
Nothing important to note.
References
aws_acm_certificate subject_alternative_names & domain_validation_options get returned in a different order each time #8531 - this is exactly the issue that drove me to write the above terraform, but for_each still causes revalidation.
Research: aws_acm_certificate redesign #13053 - I would love whatever mechanism is chosen to work with for_each.
edit: typos and clarity
The text was updated successfully, but these errors were encountered: