Extra/Unnecessary API Call on creating ec2 instance for cpu_credits

[dbgeek]

Terraform Version

• tf v0.11.7
• AWS provider v1.23.0

Community Note

Unnecessary modify instance of cpu_credits after launch a ec2 instance

I will provide a pull request.

Description

Our setup is that we do not have modify-instance privilege in aws. Looks like when we launching ec2-instance with cpu_credits = unlimited terraform do a unnecessary modify to set cpu_credits = unlimited againt after just launch it.

We get status code: 403 from AWS as we do not have modify instance priviliges.

* aws_instance.instance: [WARN] Error updating Instance credit specification: UnauthorizedOperation: You are not authorized to perform this operation.
	status code: 403, request id: 17d16cb3-254e-4253-91ea-dab59e56674c

Code change to not make the modify of instance after launch of instance

if d.HasChange("credit_specification") => if d.HasChange("credit_specification") && !d.IsNewResource()

After getting status code: 403 we run terraform plan again and then we get No changes. Infrastructure is up-to-date. and that is correct as ec2-instance got the correct configuration of cpu_credit when we launch the instance.

From debug logging we see this

....
....
....
....
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4: 2018/06/20 22:13:17 [DEBUG] Matching ^aws: with Name
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4: 2018/06/20 22:13:17 [DEBUG] Run configuration: {
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   BlockDeviceMappings: [{
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:       DeviceName: "/dev/sda1",
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:       Ebs: {
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:         DeleteOnTermination: true,
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:         VolumeSize: 50
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:       }
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:     }],
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   CreditSpecification: {
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:     CpuCredits: "unlimited"
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   },
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   DisableApiTermination: false,
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   EbsOptimized: false,
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   IamInstanceProfile: {
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:     Name: "teams-instance-profiles-tx-reliability-InstanceProfile"
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   },
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   ImageId: "ami-6f0f3316",
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   InstanceType: "t2.small",
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   MaxCount: 1,
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   MinCount: 1,
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   Monitoring: {
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:     Enabled: false
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   },
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   NetworkInterfaces: [{
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:       DeviceIndex: 0,
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:       Groups: ["sg-6ff93214"],
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:       SubnetId: "subnet-276fde50"
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:     }],
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   Placement: {
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:     AvailabilityZone: "",
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:     GroupName: ""
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   },
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:   TagSpecifications: [{
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:       ResourceType: "instance",
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:       Tags: [{
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:           Key: "Team",
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:           Value: "txapps"
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:         },{
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:           Key: "Name",
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:           Value: "cpucred-test"
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:         }]
2018-06-20T22:13:17.751+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4:     }]
2018-06-20T22:13:17.752+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4: }
2018-06-20T22:13:17.752+0200 [DEBUG] plugin.terraform-provider-aws_v1.23.0_x4: 2018/06/20 22:13:17 [DEBUG] Waiting for state to become: [success]
....
....
....
....
....

2018/06/20 22:13:39 [DEBUG] Modifying credit specification for Instance (i-0df3b40f7853f522d)

Affected Resource(s)

• aws_instance

Potential Terraform Configuration

provider "aws" {}

resource "aws_instance" "instance" {
  ami                    = "${var.image}"
  subnet_id              = "${var.subnet_id}"
  instance_type          = "t2.small"
  vpc_security_group_ids = ["${var.security_group_ids}"]

  credit_specification {
    cpu_credits = "unlimited"
  }

  tags {
    Name = "cpucred-test"
    Team = "${var.team}"
  }

  root_block_device {
    volume_size = 50
  }

  iam_instance_profile = "${var.iam_instance_profile}"
}

[bflad]

The fix for this has been merged into master and will release with version 1.24.0 of the AWS provider, very shortly.

[bflad]

This has been released in version 1.24.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!