Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use tfedit to stop directly using deprecated S3 resources #688

Merged
merged 1 commit into from
Oct 25, 2022

Conversation

GaryGSC
Copy link
Member

@GaryGSC GaryGSC commented Oct 25, 2022

We still use deprecated resources indirectly in our modules, but this takes us from 26 deprecated usages down to 14, overall.

Refs: #678

(We still use deprecated resources indirectly in our modules.)
@GaryGSC GaryGSC requested a review from a team October 25, 2022 22:16
@github-actions
Copy link

Terraform Plan:

will create 8 resources:

  • aws_s3_bucket_acl - my_s3_bucket_logs
  • aws_s3_bucket_lifecycle_configuration - my_s3_bucket
  • aws_s3_bucket_lifecycle_configuration - my_s3_bucket_logs
  • aws_s3_bucket_logging - my_s3_bucket
  • aws_s3_bucket_server_side_encryption_configuration - my_s3_bucket
  • aws_s3_bucket_server_side_encryption_configuration - my_s3_bucket_logs
  • aws_s3_bucket_versioning - my_s3_bucket
  • local_file - appspec_json

will update 2 resources:

  • aws_alb_listener - https
  • aws_alb_listener - test_listener

will replace (delete then create) 1 resource:

  • aws_ecs_task_definition - task_def

see details

Copy link
Contributor

@stuft2 stuft2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@GaryGSC
Copy link
Member Author

GaryGSC commented Oct 25, 2022

BTW, tfedit's README suggests migrating state (by using terraform import or a tool called tfmigrate) to keep Terraform from thinking it needs to create new resources for S3. For a deployed application, we might want to look into that. For this template, I didn't bother.

@GaryGSC GaryGSC merged commit 5785ae2 into dev Oct 25, 2022
@GaryGSC GaryGSC deleted the s3-via-tfedit branch October 26, 2022 02:22
@GaryGSC
Copy link
Member Author

GaryGSC commented Oct 26, 2022

I see now that the S3 Terraform documentation says:

Each of the new aws_s3_bucket_* resources relies on S3 API calls that utilize a PUT action in order to modify the target S3 bucket. These calls follow standard HTTP methods for REST APIs, and therefore should handle situations where the target configuration already exists. While it is not strictly necessary to import new aws_s3_bucket_* resources where the updated configuration matches the configuration used in previous versions of the AWS provider, skipping this step will lead to a diff in the first plan after a configuration change indicating that any new aws_s3_bucket_* resources will be created, making it more difficult to determine whether the appropriate actions will be taken.

These new resources should be identical to the existing configuration, so we can skip terraform import but we'll have to deal with a larger plan when we initially make the change.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants