Provider produced inconsistent final plan - aws_s3_bucket_replication_configuration

[barakseri1]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

Terraform version: 1.0.5
aws provider version: 4.5.0

Affected Resource(s)

• aws_s3_bucket_replication_configuration

Terraform Configuration Files

Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.

.
.
.
resource "aws_s3_bucket" "source" {
    provider = aws.source
    bucket = "${var.source_bucket_name}-${var.source_region}"
    tags = var.tags
}

resource "aws_s3_bucket" "destination" {
    bucket = "${var.source_bucket_name}-${var.dc}"
    tags = var.tags
}
.
.
.
resource "aws_s3_bucket_replication_configuration" "replication" {
  depends_on = [aws_s3_bucket_versioning.source]
  provider = aws.source
  role   = aws_iam_role.replication.arn
  bucket = aws_s3_bucket.source.id


  rule {
    filter {}
    status = "Enabled"
    priority = 1
    delete_marker_replication {
      status = "Enabled"
    }

    destination {
      bucket        = aws_s3_bucket.destination.arn
    }
  }
}

Debug Output

https://gist.github.com/barakseri1/53b2a8d3f3887ebc363d7a84c4f6d277

Panic Output

Expected Behavior

Actual Behavior

Steps to Reproduce

First apply creates the resources as expected.
Following applies result in the error provided

1. terraform apply

Important Factoids

References

• #0000

[anGie44]

Likely related to #23487

[anGie44]

Hi @barakseri1 , thank you for raising this issue. Are you running the first apply with v4.4.0 of the provider and then upgrading to v4.5.0 and running an apply again? Or the steps above are all done with v4.5.0 of the provider? The former is the case in the issue i've linked to above but wanted to double check as I do see a persistent non-empty plan when using the config you've provided but I'm not getting a inconsistent final plan when i solely use v4.5.0 of the provider.

[anGie44]

One way to work around this for the time being is to provide an id for the rule at creation time so that the upstream AWS API doesn't calculate one for you and thus prevent a diff in terraform

[barakseri1]

Thanks @anGie44 , sorry for missing that duplicate issue.
Indeed the first apply was with v4.3.0 and the consequent with 4.5.0.

I will try to delete the replication and try again both with 4.5.0, and also will try the workaround you suggested

[anGie44]

No worries @barakseri1 ! this one brings to light the bug with the id parameter which wasn't seen in the previous issue.

Yes please reach out if you're seeing any additional unexpected behaviors even with the workaround, ty!

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.