terraform-provider-aws: v3.20.0 breaks already running AWS Back configuration

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave “+1” or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

Terraform v0.12.29

provider.aws v3.20.0
provider.datadog v2.17.0
provider.external v2.0.0
provider.local v2.0.0
provider.null v3.0.0

Terraform v0.13.5

provider registry.terraform.io/arnvid/appstream v1.0.8
provider registry.terraform.io/hashicorp/archive v2.0.0
provider registry.terraform.io/hashicorp/aws v3.20.0
provider registry.terraform.io/hashicorp/local v2.0.0
provider registry.terraform.io/hashicorp/random v3.0.0
provider registry.terraform.io/hashicorp/template v2.2.0
provider registry.terraform.io/hashicorp/time v0.6.0

Affected Resource(s)

aws_backup_plan

Terraform Configuration Files

resource "aws_backup_plan" "default" {
  name = "deep_default_backup_plan"
  rule {
    rule_name         = "default"
    target_vault_name = aws_backup_vault.this.id
    schedule          = "cron(0 0 * * ? *)"
    lifecycle {
      delete_after = "14"
    }
  }
}```

### Expected Behavior

Plan to create or update a backup plan

### Actual Behavior

Error: expected rule.0.lifecycle.0.delete_after to be at least (90), got 14

### References
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/backup_plan

For lifecycle the following attributes are supported:

cold_storage_after - (Optional) Specifies the number of days after creation that a recovery point is moved to cold storage.
delete_after - (Optional) Specifies the number of days after creation that a recovery point is deleted. Must be 90 days greater than cold_storage_after.

* #0000

About this issue

Original URL
State: closed
Created 4 years ago
Reactions: 57
Comments: 16 (4 by maintainers)

Most upvoted comments

FWIW, going back to 3.19 (not3.20)… worked for me

provider "aws" {
  # Pinned due to https://github.com/hashicorp/terraform-provider-aws/issues/16583
  version = "~> 3.0,!= 3.20"
  region  = var.region
}

XDanny322 on Dec 4, 2020

Hi @arnvid et al., we’ve merged in a fix that will prevent these plan-time validations. Expect it out in v3.21.0 of the AWS Provider, likely out this Thursday.

anGie44 on Dec 9, 2020

Hey guys, no need to add “+1” comments. Just add yourself to the thumbs up emoji reaction to the main issue description. That helps the team prioritize issues w/o constant comment spam that doesn’t add anything to the technical discussion.

dthvt on Dec 8, 2020

Setting it to 90 removes the error but shows this little thing: - rule { - lifecycle { - cold_storage_after = 0 -> null - delete_after = 30 -> null } } + rule { + lifecycle { + delete_after = 90 }

arnvid on Dec 4, 2020