Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

r/aws_instance: Add support for launch template #10807

Merged
merged 5 commits into from
Jul 21, 2021
Merged

r/aws_instance: Add support for launch template #10807

merged 5 commits into from
Jul 21, 2021

Conversation

gordonbondon
Copy link
Contributor

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Closes #4264

Copy of my previous PR #4543, because I've accidentally deleted my fork and was not able to rebase it.

Release note for CHANGELOG:

resource/aws_instance: Add support for launch template

Output from acceptance testing:

$ make testacc TEST=./aws TESTARGS='-run=TestAccAWSInstance_LaunchTemplate'
Password:
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -count 1 -parallel 20 -run=TestAccAWSInstance_LaunchTemplate -timeout 120m
=== RUN   TestAccAWSInstance_LaunchTemplate
--- PASS: TestAccAWSInstance_LaunchTemplate (647.24s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	647.332s

...

@gordonbondon gordonbondon requested a review from a team November 8, 2019 18:53
@ghost ghost added size/XL Managed by automation to categorize the size of a PR. service/ec2 Issues and PRs that pertain to the ec2 service. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. labels Nov 8, 2019
@bflad bflad added the enhancement Requests to existing resources that expand the functionality or scope. label Nov 8, 2019
@jfavaron
Copy link

So is this going to get merged or what?

Copy link
Contributor

@007 007 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm looking forward to see this get merged.

aws/resource_aws_instance.go Outdated Show resolved Hide resolved
aws/resource_aws_instance.go Outdated Show resolved Hide resolved
aws/resource_aws_instance_test.go Outdated Show resolved Hide resolved
aws/resource_aws_instance_test.go Outdated Show resolved Hide resolved
aws/resource_aws_instance_test.go Outdated Show resolved Hide resolved
aws/resource_aws_instance_test.go Outdated Show resolved Hide resolved
aws/resource_aws_instance_test.go Outdated Show resolved Hide resolved
aws/resource_aws_instance_test.go Outdated Show resolved Hide resolved
* `instance_type` - (Required) The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance.
* `instance_type` - (Optional) The type of instance to start. Can be set here or
in Launch Template. If type is not set here or in provided `launch_template` instance type will
default to `m1.small`. Updates to this field will trigger a stop/start of the EC2
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems suboptimal - is there an option for "required somewhere" where it won't get a default?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Currently, there is no way in terraform to require one of two fields to be set during plan time. So we either can faile during apply time if both settings are empty or rely on API defaults. What do you think?

I'm not sure where I've previously gotten info about m1.small being default for launch templates, might not be true anymore. I seems to be a default for Cloud formation https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@gordonbondon the Terraform Plugin SDK recently added ExactlyOneOf to the Schema type:

// ExactlyOneOf is a set of schema keys that, when set, only one of the
// keys in that list can be specified. It will error if none are
// specified as well.

Its usage is a little awkward since its per-attribute and not at the resource level, but adding it to both schema attributes (e.g. ExactlyOneOf: []string{"instance_type", "launch_template"}) should automatically trigger a plan-time error.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bflad great! I'll add it. I also needed this for ami_id.

Though there's still a case where launch_template is provided, but no instance type is defined in this launch template - then it will also use defaults from RunInstances api https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html which is m1.small right now.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@bflad @007 I've updated resource to use AtLeastOneOf for ami and instance_type. AWS API allows overriding both of this params when launching instance from template (docs), so they can be set together with launch template specification and I wanted to preserve this behaviour.

Resource will fail plan time if ami is not set and it's missing in template. For instance_type it will be set to API default (doc). I guess I can add log warning mentioning this.

website/docs/r/instance.html.markdown Outdated Show resolved Hide resolved
@julian-alarcon
Copy link

I hope that his could be added to the next version.

@stefansundin
Copy link
Contributor

I am wondering if it would make sense to make the syntax compatible with aws_spot_fleet_request. With it, this is how you reference the launch template (docs):

resource "aws_spot_fleet_request" "foo" {
  # ...

  launch_template_config {
    launch_template_specification {
      id      = aws_launch_template.foo.id
      version = aws_launch_template.foo.latest_version
    }
  }
}

So that one could copy paste this block to an aws_instance and it would have the same effect. Anyway, just a thought.

@gordonbondon
Copy link
Contributor Author

@stefansundin I made this change to use the same syntax as in autoscaling groups - docs. Not sure which one is better.

@aairbag
Copy link

aairbag commented Jan 20, 2021

What is the status on merging this feature?

Base automatically changed from master to main January 23, 2021 00:56
@breathingdust breathingdust requested a review from a team as a code owner January 23, 2021 00:56
@alexremn
Copy link

I really hope that soon this change would be merged.

@svd100
Copy link

svd100 commented Mar 22, 2021

It seems to me this is quite an essential feature, especially for large organisations that aim to save money using spot instances. Wondering why this one remains waiting in the 'pipeline'. Are there other dependencies/issues that need fixing first?

@gwvandesteeg
Copy link

Looks like some merge issues, any update or ETA?

@gordonbondon
Copy link
Contributor Author

I've rebased this PR for a couple of years, but there was no interest in merging it. So I've stopped doing that. But if there is any interest from terraform-aws team, I'll happily fix any merge issues and retest it.

I would suggest adding more 👍 to original issue #4264 to get it prioritized.

@gdavison gdavison self-assigned this Jun 18, 2021
@gdavison
Copy link
Contributor

Thanks for your patience on this, @gordonbondon. I'm going to be reviewing this PR within the next week. Can you give it one final rebase, please?

@arnvid
Copy link

arnvid commented Jun 21, 2021

@gdavison & @gordonbondon - I have rebuilt this PR towards the latest master. There were some things that needed a little refactoring. How can I best contribute this to this PR?

@arnvid
Copy link

arnvid commented Jun 21, 2021

Currently the PR recreates the instances on each run due to:
~ user_data = "af47197aa6292d1d11de92416007c69209047a97" -> (known after apply) # forces replacement

arnvid added a commit to arnvid/terraform-provider-aws-hashicorp that referenced this pull request Jun 21, 2021
arnvid added a commit to arnvid/terraform-provider-aws-hashicorp that referenced this pull request Jun 21, 2021
@arnvid
Copy link

arnvid commented Jun 21, 2021

I also get a second run with Tags being updated/nulled.

 # aws_instance.instances will be updated in-place
  ~ resource "aws_instance" "instances" {
        id                                   = "i-00c34ae12db05d7d9"
      ~ tags                                 = {
          - "Environment" = "lab" -> null
          - "Name"        = "aws-provider-test" -> null
          - "Terraform"   = "true" -> null
        }
      ~ tags_all                             = {
          - "Environment" = "lab"
          - "Name"        = "aws-provider-test"
          - "Terraform"   = "true"
        } -> (known after apply)
        # (26 unchanged attributes hidden)

arnvid added a commit to arnvid/terraform-provider-aws-hashicorp that referenced this pull request Jun 21, 2021
@github-actions github-actions bot added the service/autoscaling Issues and PRs that pertain to the autoscaling service. label Jul 19, 2021
@github-actions github-actions bot added the provider Pertains to the provider itself, rather than any interaction with AWS. label Jul 20, 2021
Copy link
Contributor

@gdavison gdavison left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🚀

Acceptance test results:

--- PASS: TestAccAWSInstanceDataSource_rootInstanceStore (80.72s)
--- PASS: TestAccAWSInstanceDataSource_PlacementGroup (92.78s)
--- PASS: TestAccAWSInstanceDataSource_blockDevices (95.44s)
--- PASS: TestAccAWSInstanceDataSource_basic (105.10s)
--- PASS: TestAccAWSInstanceDataSource_tags (106.01s)
--- PASS: TestAccAWSInstanceDataSource_secondaryPrivateIPs (110.53s)
--- PASS: TestAccAWSInstanceDataSource_gp3ThroughputDevice (113.41s)
--- PASS: TestAccAWSInstanceDataSource_keyPair (114.32s)
--- PASS: TestAccAWSInstanceDataSource_AzUserData (115.16s)
--- PASS: TestAccAWSInstanceDataSource_VPC (120.25s)
--- PASS: TestAccAWSInstanceDataSource_RootBlockDevice_KmsKeyId (120.23s)
--- PASS: TestAccAWSInstanceDataSource_privateIP (122.98s)
--- PASS: TestAccAWSInstanceDataSource_SecurityGroups (127.12s)
--- PASS: TestAccAWSInstanceDataSource_EbsBlockDevice_KmsKeyId (128.32s)
--- PASS: TestAccAWSInstanceDataSource_gp2IopsDevice (134.69s)
--- PASS: TestAccAWSInstanceDataSource_VPCSecurityGroups (147.51s)
--- PASS: TestAccAWSAutoScalingGroup_Name_Generated (57.53s)
--- PASS: TestAccAWSInstanceDataSource_GetUserData_NoUserData (181.11s)
--- PASS: TestAccAWSInstanceDataSource_GetUserData (185.48s)
--- PASS: TestAccAWSAutoScalingGroup_NamePrefix (65.84s)
--- PASS: TestAccAWSInstanceDataSource_creditSpecification (109.06s)
--- PASS: TestAccAWSInstanceDataSource_metadataOptions (103.88s)
--- PASS: TestAccAWSInstanceDataSource_getPasswordData_falseToTrue (197.94s)
--- PASS: TestAccAWSAutoScalingGroup_VpcUpdates (72.77s)
--- PASS: TestAccAWSInstanceDataSource_enclaveOptions (115.11s)
--- PASS: TestAccAWSInstanceDataSource_getPasswordData_trueToFalse (216.38s)
--- PASS: TestAccAWSInstanceDataSource_blockDeviceTags (117.70s)
--- PASS: TestAccAWSInstancesDataSource_tags (114.55s)
--- PASS: TestAccAWSInstancesDataSource_basic (125.24s)
--- PASS: TestAccAWSAutoScalingGroup_terminationPolicies (121.40s)
--- PASS: TestAccAWSAutoScalingGroup_serviceLinkedRoleARN (57.99s)
--- PASS: TestAccAWSInstancesDataSource_instanceStateNames (133.84s)
--- PASS: TestAccAWSAutoScalingGroup_withMetrics (74.74s)
--- PASS: TestAccAWSAutoScalingGroup_MaxInstanceLifetime (79.24s)
--- PASS: TestAccAWSAutoScalingGroup_withPlacementGroup (144.15s)
--- PASS: TestAccAWSAutoScalingGroup_launchTemplate (56.47s)
--- PASS: TestAccAWSAutoScalingGroup_LaunchTemplate_IAMInstanceProfile (76.43s)
--- PASS: TestAccAWSAutoScalingGroup_classicVpcZoneIdentifier (102.45s)
--- PASS: TestAccAWSAutoScalingGroup_ALB_TargetGroups (156.83s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy (65.07s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_CapacityRebalance (57.70s)
--- PASS: TestAccAWSAutoScalingGroup_suspendingProcesses (195.30s)
--- PASS: TestAccAWSAutoScalingGroup_enablingMetrics (204.25s)
--- PASS: TestAccAWSAutoScalingGroup_tags (257.53s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandAllocationStrategy (43.73s)
--- PASS: TestAccAWSAutoScalingGroup_InstanceRefresh_Triggers (177.05s)
--- PASS: TestAccAWSAutoScalingGroup_WithLoadBalancer (278.56s)
--- PASS: TestAccAWSAutoScalingGroup_initialLifecycleHook (211.36s)
--- PASS: TestAccAWSAutoScalingGroup_basic (302.58s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_UpdateToZeroOnDemandBaseCapacity (79.22s)
--- PASS: TestCreateAutoScalingGroupInstanceRefreshInput (0.00s)
--- PASS: TestCreateAutoScalingGroupInstanceRefreshInput/empty_list (0.00s)
--- PASS: TestCreateAutoScalingGroupInstanceRefreshInput/nil (0.00s)
--- PASS: TestCreateAutoScalingGroupInstanceRefreshInput/defaults (0.00s)
--- PASS: TestCreateAutoScalingGroupInstanceRefreshInput/instance_warmup_only (0.00s)
--- PASS: TestCreateAutoScalingGroupInstanceRefreshInput/instance_warmup_zero (0.00s)
--- PASS: TestCreateAutoScalingGroupInstanceRefreshInput/instance_warmup_empty_string (0.00s)
--- PASS: TestCreateAutoScalingGroupInstanceRefreshInput/min_healthy_percentage_only (0.00s)
--- PASS: TestCreateAutoScalingGroupInstanceRefreshInput/preferences (0.00s)
--- PASS: TestPutWarmPoolInput (0.00s)
--- PASS: TestPutWarmPoolInput/empty_interface (0.00s)
--- PASS: TestPutWarmPoolInput/nil (0.00s)
--- PASS: TestPutWarmPoolInput/only_pool_state (0.00s)
--- PASS: TestPutWarmPoolInput/0_min_size (0.00s)
--- PASS: TestPutWarmPoolInput/-1_max_prepared_size (0.00s)
--- PASS: TestPutWarmPoolInput/all_values (0.00s)
--- PASS: TestFlattenWarmPoolConfiguration (0.00s)
--- PASS: TestFlattenWarmPoolConfiguration/empty_interface (0.00s)
--- PASS: TestFlattenWarmPoolConfiguration/only_pool_state (0.00s)
--- PASS: TestFlattenWarmPoolConfiguration/only_max_group_prepared_capacity (0.00s)
--- PASS: TestFlattenWarmPoolConfiguration/all_values (0.00s)
--- PASS: TestFetchRootDevice (0.00s)
--- PASS: TestFetchRootDevice/device_name_in_mappings (0.00s)
--- PASS: TestFetchRootDevice/device_name_not_in_mappings (0.00s)
--- PASS: TestFetchRootDevice/no_images (0.00s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_SpotAllocationStrategy (82.44s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_LaunchTemplateSpecification_LaunchTemplateName (60.78s)
--- SKIP: TestAccAWSInstance_inEc2Classic (1.92s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandBaseCapacity (99.71s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_OnDemandPercentageAboveBaseCapacity (86.59s)
--- PASS: TestAccAWSAutoScalingGroup_launchTemplate_update (213.63s)
--- PASS: TestAccAWSAutoScalingGroup_InstanceRefresh_Basic (249.02s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_LaunchTemplateSpecification_Version (92.17s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_Override_InstanceType_With_LaunchTemplateSpecification (66.43s)
--- PASS: TestAccAWSInstance_EbsBlockDevice_InvalidIopsForVolumeType (13.58s)
--- PASS: TestAccAWSInstance_EbsBlockDevice_InvalidThroughputForVolumeType (13.61s)
--- PASS: TestAccAWSAutoScalingGroup_launchTempPartitionNum (62.10s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_Override_InstanceType (84.24s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_SpotInstancePools (114.37s)
--- PASS: TestAccAWSInstance_GP2WithIopsValue (17.03s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_InstancesDistribution_SpotMaxPrice (122.83s)
--- PASS: TestAccAWSAutoScalingGroup_InstanceRefresh_Start (291.23s)
--- PASS: TestAccAWSInstance_inDefaultVpcBySgName (96.65s)
--- PASS: TestAccAWSInstance_basic (88.43s)
--- SKIP: TestAccAWSInstance_outpost (1.05s)
--- PASS: TestAccAWSInstance_EbsBlockDevice_KmsKeyArn (103.53s)
--- PASS: TestAccAWSInstance_inDefaultVpcBySgId (107.70s)
--- PASS: TestAccAWSAutoScalingGroup_TargetGroupArns (353.86s)
--- PASS: TestAccAWSAutoScalingGroup_ALB_TargetGroups_ELBCapacity (343.18s)
--- PASS: TestAccAWSInstance_GP2IopsDevice (80.24s)
--- PASS: TestAccAWSAutoScalingGroup_LoadBalancers (286.58s)
--- PASS: TestAccAWSInstance_ipv6AddressCountAndSingleAddressCausesError (18.32s)
--- PASS: TestAccAWSInstance_noAMIEphemeralDevices (80.12s)
--- PASS: TestAccAWSInstance_rootInstanceStore (92.61s)
--- PASS: TestAccAWSAutoScalingGroup_WarmPool (353.49s)
--- PASS: TestAccAWSInstance_RootBlockDevice_KmsKeyArn (114.34s)
--- PASS: TestAccAWSInstance_blockDevices (114.13s)
--- PASS: TestAccAWSAutoScalingGroup_WithLoadBalancer_ToTargetGroup (459.48s)
--- PASS: TestAccAWSAutoScalingGroup_MixedInstancesPolicy_LaunchTemplate_Override_WeightedCapacity (190.22s)
--- PASS: TestAccAWSInstance_userDataBase64 (129.62s)
--- PASS: TestAccAWSInstance_atLeastOneOtherEbsVolume (168.56s)
--- PASS: TestAccAWSInstance_dedicatedInstance (110.65s)
--- PASS: TestAccAWSInstance_disableApiTermination (131.15s)
--- PASS: TestAccAWSInstance_ipv6_supportAddressCount (111.32s)
--- PASS: TestAccAWSInstance_placementGroup (116.87s)
--- PASS: TestAccAWSInstance_sourceDestCheck (153.19s)
--- PASS: TestAccAWSInstance_NetworkInstanceVPCSecurityGroupIDs (121.02s)
--- PASS: TestAccAWSInstance_NetworkInstanceSecurityGroups (126.03s)
--- PASS: TestAccAWSInstance_tags (128.75s)
--- PASS: TestAccAWSInstance_NetworkInstanceRemovingAllSecurityGroups (132.88s)
--- PASS: TestAccAWSInstance_privateIP (98.85s)
--- PASS: TestAccAWSInstance_withIamInstanceProfile (108.57s)
--- PASS: TestAccAWSInstance_associatePublicIPAndPrivateIP (101.01s)
--- PASS: TestAccAWSInstance_Empty_PrivateIP (101.20s)
--- PASS: TestAccAWSInstance_keyPairCheck (91.68s)
--- PASS: TestAccAWSInstance_withIamInstanceProfilePath (119.42s)
--- PASS: TestAccAWSInstance_blockDeviceTags_ebsAndRoot (143.11s)
--- PASS: TestAccAWSInstance_rootBlockDeviceMismatch (112.48s)
--- PASS: TestAccAWSInstance_EbsRootDevice_basic (108.66s)
--- PASS: TestAccAWSInstance_blockDeviceTags_volumeTags (191.57s)
--- PASS: TestAccAWSInstance_ipv6_supportAddressCountWithIpv4 (216.11s)
--- PASS: TestAccAWSInstance_blockDeviceTags_withAttachedVolume (218.03s)
--- PASS: TestAccAWSInstance_changeInstanceType (166.64s)
--- PASS: TestAccAWSInstance_EbsRootDevice_ModifySize (161.42s)
--- PASS: TestAccAWSInstance_EbsRootDevice_ModifyIOPS_Io1 (135.62s)
--- PASS: TestAccAWSInstance_forceNewAndTagsDrift (187.02s)
--- PASS: TestAccAWSInstance_EbsRootDevice_MultipleBlockDevices_ModifyDeleteOnTermination (114.09s)
--- PASS: TestAccAWSInstance_EbsRootDevice_ModifyIOPS_Io2 (134.15s)
--- PASS: TestAccAWSInstance_EbsRootDevice_ModifyThroughput_Gp3 (134.79s)
--- PASS: TestAccAWSInstance_EbsRootDevice_ModifyType (148.59s)
--- PASS: TestAccAWSInstance_EbsRootDevice_ModifyAll (136.10s)
--- PASS: TestAccAWSInstance_EbsRootDevice_MultipleBlockDevices_ModifySize (139.25s)
--- PASS: TestAccAWSInstance_EbsRootDevice_ModifyDeleteOnTermination (151.29s)
--- PASS: TestAccAWSInstance_primaryNetworkInterface (133.58s)
--- PASS: TestAccAWSInstance_instanceProfileChange (266.40s)
--- PASS: TestAccAWSInstance_primaryNetworkInterfaceSourceDestCheck (133.36s)
--- PASS: TestAccAWSInstance_NewNetworkInterface_PrivateIPAndSecondaryPrivateIPs (74.39s)
--- PASS: TestAccAWSInstance_associatePublic_defaultPrivate (95.16s)
--- PASS: TestAccAWSInstance_addSecondaryInterface (195.42s)
--- PASS: TestAccAWSInstance_associatePublic_defaultPublic (126.90s)
--- PASS: TestAccAWSInstance_associatePublic_overridePublic (124.94s)
--- PASS: TestAccAWSInstance_addSecurityGroupNetworkInterface (189.42s)
--- PASS: TestAccAWSInstance_associatePublic_overridePrivate (124.01s)
--- PASS: TestAccAWSInstance_associatePublic_explicitPublic (131.88s)
--- PASS: TestAccAWSInstance_LaunchTemplate_OverrideTemplate (111.04s)
--- PASS: TestAccAWSInstance_NewNetworkInterface_EmptyPrivateIPAndSecondaryPrivateIPsUpdate (167.56s)
--- PASS: TestAccAWSInstance_associatePublic_explicitPrivate (139.16s)
--- PASS: TestAccAWSInstance_NewNetworkInterface_PublicIPAndSecondaryPrivateIPs (204.41s)
--- PASS: TestAccAWSInstance_LaunchTemplate_SetSpecificVersion (119.83s)
--- PASS: TestAccAWSInstance_NewNetworkInterface_PrivateIPAndSecondaryPrivateIPsUpdate (159.53s)
--- PASS: TestAccAWSInstance_LaunchTemplate_ModifyTemplate_DefaultVersion (125.96s)
--- PASS: TestAccAWSInstance_LaunchTemplate_SwapIDAndName (118.71s)
--- PASS: TestAccAWSInstance_EbsRootDevice_MultipleDynamicEBSBlockDevices (298.85s)
--- PASS: TestAccAWSInstance_LaunchTemplate_UpdateTemplateVersion (179.08s)
--- PASS: TestAccAWSInstance_creditSpecification_isNotAppliedToNonBurstable (91.28s)
--- PASS: TestAccAWSInstance_creditSpecification_unknownCpuCredits_t2 (113.75s)
--- PASS: TestAccAWSInstance_creditSpecification_unspecifiedDefaultsToStandard (120.58s)
--- PASS: TestAccAWSInstance_CreditSpecification_UnspecifiedToEmpty_NonBurstable (124.48s)
--- PASS: TestAccAWSInstance_creditSpecificationT3_standardCpuCredits (106.08s)
--- PASS: TestAccAWSInstance_creditSpecificationT3_unlimitedCpuCredits (110.29s)
--- PASS: TestAccAWSInstance_creditSpecification_standardCpuCredits (137.94s)
--- PASS: TestAccAWSInstance_NewNetworkInterface_EmptyPrivateIPAndSecondaryPrivateIPs (327.27s)
--- PASS: TestAccAWSInstance_creditSpecificationT3_unspecifiedDefaultsToUnlimited (130.58s)
--- PASS: TestAccAWSInstance_creditSpecification_unlimitedCpuCredits (145.61s)
--- PASS: TestAccAWSInstance_getPasswordData_trueToFalse (192.49s)
--- PASS: TestAccAWSInstance_getPasswordData_falseToTrue (216.49s)
--- PASS: TestInstanceHostIDSchema (0.00s)
--- PASS: TestInstanceCpuCoreCountSchema (0.00s)
--- PASS: TestInstanceCpuThreadsPerCoreSchema (0.00s)
--- PASS: TestAccAWSInstance_creditSpecificationT3_updateCpuCredits (148.33s)
--- PASS: TestAccAWSInstance_creditSpecification_updateCpuCredits (176.39s)
--- PASS: TestAccAWSInstance_LaunchTemplate_basic (317.90s)
--- PASS: TestAccAWSInstance_UserData_EmptyStringToUnspecified (126.43s)
--- PASS: TestAccAWSInstance_metadataOptions (110.05s)
--- PASS: TestAccAWSInstance_UserData_UnspecifiedToEmptyString (123.99s)
--- PASS: TestAccAWSInstance_CapacityReservation_unspecifiedDefaultsToOpen (112.43s)
--- PASS: TestAccAWSInstance_CapacityReservation_Preference_none (100.56s)
--- PASS: TestAccAWSInstance_CapacityReservation_Preference_open (115.19s)
--- PASS: TestAccAWSInstance_GP3RootBlockDevice (99.60s)
--- FAIL: TestAccAWSInstance_CapacityReservation_modifyPreference (134.83s)
--- FAIL: TestAccAWSInstance_CapacityReservation_modifyTarget (134.23s)
--- PASS: TestAccAWSInstance_hibernation (197.42s)
--- PASS: TestAccAWSInstance_creditSpecification_unknownCpuCredits_t3 (324.53s)
--- PASS: TestAccAWSInstance_CreditSpecification_Empty_NonBurstable (362.54s)
--- PASS: TestAccAWSInstance_CapacityReservation_TargetId (212.02s)
--- PASS: TestAccAWSInstance_disappears (349.49s)
--- PASS: TestAccAWSInstance_creditSpecification_standardCpuCredits_t2Tot3Taint (430.36s)
--- PASS: TestAccAWSInstance_creditSpecification_unlimitedCpuCredits_t2Tot3Taint (402.65s)
--- PASS: TestAccAWSInstance_enclaveOptions (398.60s)

The two failures are pre-existing intermittent failures

@gdavison gdavison merged commit 27eba3b into hashicorp:main Jul 21, 2021
@github-actions github-actions bot added this to the v3.51.0 milestone Jul 21, 2021
@gordonbondon gordonbondon deleted the instance-launch-template branch July 22, 2021 09:15
@gordonbondon
Copy link
Contributor Author

@gdavison thank you for taking care of rebasing! I managed to do it locally but had some issues with integration tests : (

@github-actions
Copy link

This functionality has been released in v3.51.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@alikhajeh1
Copy link

alikhajeh1 commented Jul 23, 2021

@gordonbondon I think prior to this change, the skip_credentials_validation=true and skip_requesting_account_id=true worked as expected. However, in 3.51.0, I'm seeing "error reading Instance Launch Template Id Tag: AuthFailure: AWS was not able to validate the provided access credentials" even when launch_template is not used (see following before/after examples). I was under the assumption that the 5 different skip_ arguments could be used to turn-off the need for AWS creds during testing (we have integration tests in https://github.com/infracost/infracost that started to fail this morning).

This was just FYI, I'll open a separate issue about it.

3.50.0 behavior

With this example, terraform plan worked ok:


terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "3.50.0"
    }
  }
}

provider "aws" {
  region                      = "us-east-1"
  skip_credentials_validation = true
  skip_requesting_account_id  = true
  access_key                  = "mock_access_key"
  secret_key                  = "mock_secret_key"
}

resource "aws_instance" "web_app" {
  ami           = "ami-12312312"
  instance_type = "m5.4xlarge"
}

3.51.0 behavior, where terraform plan fails

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "3.51.0"
    }
  }
}

provider "aws" {
  region                      = "us-east-1"
  skip_credentials_validation = true
  skip_requesting_account_id  = true
  access_key                  = "mock_access_key"
  secret_key                  = "mock_secret_key"
}

resource "aws_instance" "web_app" {
  ami           = "ami-12312312"
  instance_type = "m5.4xlarge"
}

terraform plan produces this error:

│ Error: 1 error occurred:
│ 	* error reading Instance Launch Template Id Tag: AuthFailure: AWS was not able to validate the provided access credentials
│ 	status code: 401, request id: 123123-123123-123123-123-123123
│   with aws_instance.web_app,
│   on main.tf line 18, in resource "aws_instance" "web_app":
│   18: resource "aws_instance" "web_app" {

cc @aliscott

@ryancragun
Copy link
Contributor

ryancragun commented Jul 23, 2021

Dropping this for others, but after upgrading from 3.50.0 to 3.51.0 we started to see this with basic aws_instance resources
error reading Instance Launch Template Id Tag: UnauthorizedOperation: You are not authorized to perform this operation. status code: 403

This was resolved by adding ec2:DescribeTags to the instance policy, which previously was not required.

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 23, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
documentation Introduces or discusses updates to documentation. enhancement Requests to existing resources that expand the functionality or scope. provider Pertains to the provider itself, rather than any interaction with AWS. service/autoscaling Issues and PRs that pertain to the autoscaling service. service/ec2 Issues and PRs that pertain to the ec2 service. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Feature: Add support for launch_template in aws_instance resource