Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Unexpected triggering of GetSubscriptionAttributes after deleting an aws_sns_topic_subscription resource #38338

Open
emansawalhaa opened this issue Jul 11, 2024 · 2 comments
Open

[Bug] Unexpected triggering of GetSubscriptionAttributes after deleting an aws_sns_topic_subscription resource #38338

emansawalhaa opened this issue Jul 11, 2024 · 2 comments
Labels
bug Addresses a defect in current functionality. service/sns Issues and PRs that pertain to the sns service.

Comments

@emansawalhaa
Copy link

Terraform Core Version

1.5.7

AWS Provider Version

5.57.0

Affected Resource(s)

Hi All,

We're encountering a strange issue with Terraform (TF). After deleting any aws_sns_topic_subscription, TF generates an error related to the subscription's deletion (Subscription does not exist). Specifically, we've observed that the GetSubscriptionAttributes operation is triggered on the deleted subscriptions after they are unsubscribed.

This behavior is quite annoying, as it appears in CloudTrail logs. While it doesn't significantly affect the deletion process (TF successfully executes the deletion), errors about non-existent subscriptions are generated.

Could someone clarify if this behavior is expected? Why is TF checking the attributes of a deleted subscription's ARN after it has been unsubscribed/deleted?

thanks,

Expected Behavior

GetSubscriptionAttributes should not be triggered after an aws_sns_topic_subscription is deleted.

Actual Behavior

After deleting an aws_sns_topic_subscription, we consistently observe a Subscription does not exist error in the Terraform (TF) logs.

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

resource "aws_sqs_queue" "terraform_queue" {
  name                       = eman-queue"
  delay_seconds              = 0
  max_message_size           = 262144
  receive_wait_time_seconds  = 0
  visibility_timeout_seconds = 120
  message_retention_seconds  = 1209600
  fifo_queue                 = false
}

resource "aws_sns_topic_subscription" "this" {
  topic_arn = "arn:aws:sns:us-east-1:123456789101:eman-test-topic"
  protocol  = "sqs"
  endpoint  = aws_sqs_queue.terraform_queue.arn
}

Steps to Reproduce

  1. Enable TF_LOG_PROVIDER to capture detailed logs.
  2. Delete the aws_sns_topic_subscription resource using Terraform configuration.
  3. Review the Terraform apply logs.
  4. Observe the error message "Subscription does not exist" in the logs, which appears after the deletion of the resource.

Debug Output

After enabling debug mode (TF_LOG_PROVIDER), you can observe the error in the Terraform logs:

2024-07-11T14:10:57.891Z [DEBUG] provider.terraform-provider-aws_v5.57.0_x5: [DEBUG] Waiting for state to become: []
2024-07-11T14:10:57.892Z [DEBUG] provider.terraform-provider-aws_v5.57.0_x5: HTTP ............
2024-07-11T14:10:57.899Z [DEBUG] provider.terraform-provider-aws_v5.57.0_x5: HTTP Response Received: http.status_code=404  .........
<Error>
   <Type>Sender</Type>
   <Code>NotFound</Code>
   <Message>Subscription does not exist</Message>
 </Error>
 <RequestId>xx0dedc6-xxxx-xxxx-a806-b2cf1axf1cxx</RequestId>
</ErrorResponse>
2024-07-11T14:10:57.899Z [DEBUG] provider.terraform-provider-aws_v5.57.0_x5: request failed ......, NotFound: Subscription does not exist: rpc.method=GetSubscriptionAttributes tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/aws-sdk-go-base/v2@v2.0.0-beta.54/logging/tf_logger.go:45 a ........

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

None
@emansawalhaa emansawalhaa added the bug Addresses a defect in current functionality. label Jul 11, 2024
@github-actions GitHub Actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

@github-actions github-actions bot added service/sns Issues and PRs that pertain to the sns service. service/sqs Issues and PRs that pertain to the sqs service. labels Jul 11, 2024
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Jul 11, 2024
@justinretzolk justinretzolk removed service/sqs Issues and PRs that pertain to the sqs service. needs-triage Waiting for first response or review from a maintainer. labels Jul 22, 2024
@acwwat
Copy link
Contributor

acwwat commented Sep 8, 2024

@emansawalhaa For clarification, is it the correct interpretation that applying the Terraform configuration after removing the aws_sns_topic_subscription resource is successful (i.e. the subscription is deleted successfully), but you see an error in the log and CloudTrail for a failed call to the FindSubscriptionAttributesByARN API with a 404 response?

If so, this behavior is expected. During deletion, the Terraform resource code calls the Unsubscribe API which is asynchronous. It then needs to check for completion by polling for a a subscription attribute until the API returns a 404 indicating that the subscription is deleted. You can safely ignore the "error".

You may see similar pattern with other Terraform resources.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/sns Issues and PRs that pertain to the sns service.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@acwwat @justinretzolk @emansawalhaa