-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Using certain features when creating s3 bucket lifecycle rules on all files throws errors #23228
Comments
We're having a very similar issue to this and found the same work around. The nuance we're running into now is that the workaround (
So it gets us around the error, but it isn't a great long term solution. |
The new challenge here is getting the resource to work well for |
@kjschiroo I stop getting resource churn by adding an ignore_changes on the aws_s3_bucket_likecycle_configuration resource. HTH resource "aws_s3_bucket_lifecycle_configuration" "this" {
bucket = aws_s3_bucket.this.bucket
rule {
filter {} # Workaround for https://github.com/hashicorp/terraform-provider-aws/issues/23228
status = "Enabled"
id = "${local.prefix}-rotation"
# delete if objects are older than noncurrent_days and older than n-newer_noncurrent_versions
noncurrent_version_expiration {
noncurrent_days = 30
newer_noncurrent_versions = 2
}
# move to standard IA if older than 30 days for all noncurrent versions
noncurrent_version_transition {
storage_class = "STANDARD_IA"
noncurrent_days = 30
}
}
# Stops resource churn from above workaround - https://github.com/hashicorp/terraform-provider-aws/issues/23228
lifecycle {
ignore_changes = [rule[0].filter]
}
} |
Hi @kjschiroo @kjschiroo , a couple more questions for verification. (1) is the source S3 bucket relatively new or has it existed for a while before moving to v4.x of the provider? (2) do you mind providing a snippet of what the AWS CLI returns with
thanks in advance! |
Hi @anGie44 (1) Both actually. We initially discovered it with buckets that had existed for a while but recreated a minimal example that had a brand new bucket. Here is that minimal example for reference: terraform {
required_version = ">= 1.1"
# plus the backend s3 stuff
}
provider "aws" {
region = "us-west-2"
}
resource "aws_s3_bucket" "b" {
bucket = "a-rogue-bucket-appears"
}
resource "aws_s3_bucket_lifecycle_configuration" "bucket_config" {
bucket = aws_s3_bucket.b.bucket
rule {
id = "expiring"
status = "Enabled"
expiration {
days = 60
}
filter {
prefix = "stuff_that_ages/"
}
}
rule {
id = "transitioning"
status = "Enabled"
noncurrent_version_transition {
noncurrent_days = 30
storage_class = "GLACIER"
}
filter {
# Including or excluding prefix doesn't appear to make a difference
prefix = ""
}
}
} (2) Here is what I get back:
Does that help? |
Fantastic, thank you @kjschiroo exactly what i needed! So from what I'm seeing, I think we need to make sure that terraform configs map to those JSON values as close as possible so that with what you've provided in (2), the second rule filter should be While |
@anGie44 I can confirm you are correct. Pinning down to v4.0 makes it show an empty plan. |
I think this needs reopened. I can see the docs were updated to say that if no filter is specified it'll default to resource "aws_s3_bucket_lifecycle_configuration" "this" {
bucket = aws_s3_bucket.this.bucket
rule {
filter {} # Workaround for https://github.com/hashicorp/terraform-provider-aws/issues/23228
status = "Enabled"
id = "${local.prefix}-rotation"
# delete if objects are older than noncurrent_days and older than n-newer_noncurrent_versions
noncurrent_version_expiration {
noncurrent_days = 30
newer_noncurrent_versions = 2
}
# move to standard IA if older than 30 days for all noncurrent versions
noncurrent_version_transition {
storage_class = "STANDARD_IA"
noncurrent_days = 30
}
}
} If I take the empty |
Hi @reelacmnaes, thank you for providing feedback. So per the AWS S3 API documentation available here and as seen in the snippet that follows
the |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Community Note
Description
When I try to create my S3 bucket lifecycle rule with noncurrent expiration and transition rules on all objects in a bucket, I get the following error
Failing code
This is the code that produces the above error (some of it is omitted for brevity)
Working code
By adding an empty
filter {}
block to the aws_s3_bucket_lifecycle_configuration resource, the error stops appearing, and the configuration applies successfully (again, some code missing for brevity):Here is my AWS provider config:
I think the provider just needs to be updated to default to Lifecycle V2 rules? Though I appreciate that it might not be as straightforward as that.
Affected Resources
aws_s3_bucket_lifecycle_configuration
The text was updated successfully, but these errors were encountered: