terraform-provider-aws: Using the aws_serverlessapplicationrepository_cloudformation_stack resource works the first time, but subsequent updates fail.

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave “+1” or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

Terraform v0.13.5

Affected Resource(s)

aws_serverlessapplicationrepository_cloudformation_stack

Terraform Configuration Files

data aws_serverlessapplicationrepository_application directory_app {
  application_id   = var.app_id
  semantic_version = var.app_semver
}

resource aws_serverlessapplicationrepository_cloudformation_stack directory_index_stack {
  count = var.disabled || ! var.enable_default_directory_index ? 0 : 1
  name  = "${var.stack_name}-${var.stage}-directory-index"

  tags = var.tags

  application_id = data.aws_serverlessapplicationrepository_application.directory_app.application_id
  capabilities   = data.aws_serverlessapplicationrepository_application.directory_app.required_capabilities

  parameters = {
    Version = var.version
  }
}

Expected Behavior

Running 2 times should not cause an error.

Actual Behavior

Doing a terraform apply the second time results in an error: Error: error creating Serverless Application Repository CloudFormation Stack (arn:aws:cloudformation:::stack/<stack_name>/) change set: unexpected state ‘FAILED’, wanted target ‘CREATE_COMPLETE’. last error: %!s()

Looking in cloudformation, the change set is Status: Failed, Status Reason: No updates are to be performed.

Steps to Reproduce

terraform apply (my example is using Lambda at edge functions if this makes a difference)
terraform apply a second time

Important Factoids

References

About this issue

Original URL
State: open
Created 4 years ago
Reactions: 60
Comments: 20 (5 by maintainers)

Commits related to this issue

service/serverlessapplicationrepository: Add issue and pull request labeling Reference: https://github.com/hashicorp/terraform-provider-aws/issues/16485 — committed to hashicorp/terraform-provider-aws by bflad 4 years ago
service/serverlessapplicationrepository: Add issue and pull request labeling (#16486) Reference: https://github.com/hashicorp/terraform-provider-aws/issues/16485 — committed to hashicorp/terraform-provider-aws by bflad 4 years ago

Most upvoted comments

So - interesting that there seems to be a second issue. For applications that require parameters (my real use case, not the hello-world one)… once i hard coded the CAPABILITY_IAM for this stack, I noticed a new bug. It seems that the parameters are not being persisted. Terraform refresh pulls back 4 parameters, even though there are 7 parameters in the configuration. I’ve not noticed anything strange about the parameters being dropped vs. kept, but something to look into. I’ll try to dig deeper but the result is that this component is still not working for me given this second issue.

I can confirm that this problem still exists in the latest version of the provider even after almost 2 year. As @cdhesse said, if you have more than 4 parameters, somehow the plan only refreshes up to 4 parameters from current stack that exists in AWS, and the rest of the parameters are treated as new, hence a diff is calculated. But when you apply the plan, since the diff that was calculated is not the reality, apply errors out with change set: unexpected state 'FAILED', wanted target 'CREATE_COMPLETE'. last error: No updates are to be performed error

kgns on Oct 10, 2022

Also seeing this issue.

We’ve deployed a stack using

resource "aws_serverlessapplicationrepository_cloudformation_stack" "salesforceIntegrationLambda" {
    name            = "salesforceIntegrationLambda"
    application_id  = "arn:aws:serverlessrepo:us-west-2:821825267871:applications/AmazonConnectSalesforceLambda"

    capabilities = [ 
        "CAPABILITY_IAM",
        "CAPABILITY_NAMED_IAM"
    ]

    parameters = {
      ...
   }
}

which creates a cloudformation stack called serverlessrepo-salesforceIntegrationLambda.

However, on the second terraform apply, we get a failure. Checking CloudTrail, I can see that a cloudformation.DescribeStacks API call is failing with the error Stack with id aws-serverless-repository-salesforceIntegrationLambda does not exist - it seems to be looking for the wrong stack name?

simonhanmer on May 27, 2021

My temporary solution for this was to add a tag with a random string. this forces an update on every apply though, so it’s not ideal.

resource "aws_serverlessapplicationrepository_cloudformation_stack" "some_app" {
  tags = {
    RollMe = random_string.rollme.result
  }
}

resource "random_string" "rollme" {
  length  = 16
  special = false

  keepers = {
    uuid = "${uuid()}"
  }
}

Amir-Ahmad on Jan 24, 2023

My work around to this issue. just use the local .json or .yml CloudFormation template with terraform aws_cloudformationn_stack resource. Then terraform apply works fine without destroying the CloudFormation stack resource.

taiseii on Jan 18, 2023