-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error: Provider produced inconsistent final plan - invalid new value for .rule: planned set element #23936
Comments
Workaround: |
We are encountering this issue as well. It seems to be a problem only if the default action for the webacl is block. |
Also for Terraform AWS Provider 4.15.1 |
Also for
FWIW It seems like there's some inconsistency with what TF picks up from AWS vs how it thinks it should be represented because when i run a
|
I am running into this when updating a custom response body when rules are blocking.
If I switch all rules from block to count during the update, it takes the changes. I then switch back to blocking after that and all is well. |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Community Note
Related:
aws_wafv2_web_acl
#27175aws_wafv2_web_acl
configurations #27273aws_wafv2_web_acl
description/tag changes result in inconsistent final plan #27479Terraform CLI and Terraform AWS Provider Version
Terraform v1.1.7
on darwin_amd64
Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.
Actual Behavior
│ Error: Provider produced inconsistent final plan
│
│ When expanding the plan for module.wafv2-acl[0].aws_wafv2_web_acl.acl to include new values learned so far during apply, provider "registry.terraform.io/hashicorp/aws" produced an
│ invalid new value for .rule: planned set element
...
does not correlate with any element in actual.
│
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
Steps to Reproduce
terraform apply
Important Factoids
When I add the "version" value to the .rule i can get most of the managed rules to update, however one particular AWS managed rule set which has no "Version" value the error happens "AWSManagedRulesAmazonIpReputationList"
I have tried with "Default" set as version value but the resource is not found
References
Reason for trying to fix with adding the undocumented value "version" was found following related article #21732
The text was updated successfully, but these errors were encountered: