r/s3_bucket_lifecycle_configuration: noncurrent_version_transition.newer_noncurrent_versions reads as zero but cannot be set to zero, causing drift

[Nuru]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

Terraform v1.1.6
on darwin_amd64
+ provider registry.terraform.io/hashicorp/aws v4.2.0

Affected Resource(s)

• aws_s3_bucket_lifecycle_configuration

Terraform Configuration Files

provider "aws" {
  region = "us-east-2"
}

resource "aws_s3_bucket" "example" {
  bucket = "aws-provider-issue-23375"
}

resource "aws_s3_bucket_lifecycle_configuration" "example" {
  bucket = aws_s3_bucket.example.id

  rule {
    id     = "rule"
    status = "Enabled"

    filter {}

    expiration {
      date = "2024-01-01T00:00:00Z"
    }

    noncurrent_version_transition {
      noncurrent_days = 120
      storage_class   = "GLACIER"
    }
  }
}

output "lifecycle" {
  # Note: the JSON translation is just to get rid of type conversion functions and produce prettier output.
  # Even without the JSON conversion, the null vs. 0 problem remains.
  value = jsondecode(jsonencode(aws_s3_bucket_lifecycle_configuration.example.rule))
}

Expected Behavior

• I expect after a successful terraform apply a subsequent terraform apply will show no changes.
• I expect that whatever value is displayed as output should be valid input for writable arguments.

Actual Behavior

1. After first apply, output shows newer_noncurrent_versions = null.

2. With second apply, Terraform changes newer_noncurrent_versions to 0:

Changes to Outputs:
  ~ lifecycle = [
      ~ {
          ~ noncurrent_version_transition     = [
              ~ {
                  ~ newer_noncurrent_versions = null -> 0
                    # (2 unchanged elements hidden)
                },
            ]
            # (8 unchanged elements hidden)
...

3. A similar change to the lifecycle_configuration resource is reported under the warning "Objects have changed outside of Terraform".

Side note:, there is also a change reported in aws_s3_bucket.example, and if I had a bucket policy, I would see #22314, but I want to limit this issue to newer_noncurrent_versions specifically.

If I try to work around this by setting

    noncurrent_version_transition {
      newer_noncurrent_versions = 0
      noncurrent_days = 120
      storage_class   = "GLACIER"
    }

I get the error

Error: expected rule.0.noncurrent_version_transition.0.newer_noncurrent_versions to be at least (1), got 0

If I explicitly set newer_noncurrent_versions = null, it still shows up as 0 in the plan and output after the first apply.

Note that the expiration block works more like expected

Unlike the noncurrent_version_transition, the expiration block works more like expected. When I set

    expiration {
      date = "2024-01-01T00:00:00Z"
    }

The output is

    "expiration" = [
      {
        "date" = "2024-01-01T00:00:00Z"
        "days" = 0
        "expired_object_delete_marker" = false
      },
    ]

the first time and there is no drift. Furthermore, despite what the documentation says, I can write

    expiration {
      date = "2024-01-01T00:00:00Z"
      days = 0

      expired_object_delete_marker = false
    }

in the code and it will be accepted and not drift. Also, if I put null for days and expired_object_delete_marker it will behave the same as if I did not include them in the block, which is the expected and desired behavior.

Another aside: The documentation says date "should be in GMT ISO 8601 Format" but the input does not accept a date like YYYY-MM-DD and the error message says date should be in "RFC3339 time format". Please clean up the documentation.

Steps to Reproduce

1. terraform apply -auto-approve
2. terraform apply

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.