Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reapplying the module fails instead of recognizing the resource was already created #151

Open
1 task done
FromOopsToOps opened this issue Dec 2, 2024 · 0 comments
Open
1 task done

Comments

@FromOopsToOps
Copy link

Description

After I have applied this module separately, when I try to use the outputs as a dependency on another module it fails. After some debugging it seems that happens because the module doesn't recognize that the resource was already created; when applying the module it tries to recreate and fails. Due to this there's no working output when using it as a dependency.

  • ✋ I have searched the open/closed issues and my issue is not listed.

Versions

  • Module version [Required]: 3.4.1

  • Terraform version:
    1.9.8

  • Provider version(s):
    1.9.8

Reproduction Code [Required]

`terraform {
source = "tfr:///terraform-aws-modules/cloudfront/aws?version=3.4.1"
}

inputs = {

aliases = ["REDACTED"]
enabled = true
price_class = "PriceClass_All"
comment = "CloudFront distribution for REDACTED"

origin = {
default = {
# this domain_name has to come from the ingress created, it's the external address
domain_name = "REDACTED"
custom_origin_config = {
http_port = 80
https_port = 443
origin_protocol_policy = "http-only"
origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"]
}
}
}

Default behavior settings for the CloudFront distribution

default_cache_behavior = {
allowed_methods = ["HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH"]
cached_methods = ["GET", "HEAD"]
target_origin_id = "default"
compress = true
query_string = true
headers = ["All"]
cookies = true
viewer_protocol_policy = "redirect-to-https"
}

TLS settings

viewer_certificate = {
acm_certificate_arn = "arn:aws:acm:us-east-1:REDACTED:certificate/1c0214ca-79aa-4464-8aa1-cde78662daa4"
ssl_support_method = "sni-only"
minimum_protocol_version = "TLSv1.2_2021"
}
}`

Steps to reproduce the behavior:

terragrunt init
terragrunt apply (it creates the resource)
terragrunt apply (yes, again)

Expected behavior

It recognizes the resource was already created/is already present and says "no changes necessary".

Actual behavior

Fails with:

`11:36:20.232 STDOUT terraform: aws_cloudfront_distribution.this[0]: Creating...
11:36:22.285 STDERR terraform: ╷
11:36:22.285 STDERR terraform: │ Error: creating CloudFront Distribution: operation error CloudFront: CreateDistributionWithTags, https response error StatusCode: 409, RequestID: 1003c07e-63d0-48c6-9544-26c8a9024baa, CNAMEAlreadyExists: One or more of the CNAMEs you provided are already associated with a different resource.
11:36:22.286 STDERR terraform: │
11:36:22.286 STDERR terraform: │ with aws_cloudfront_distribution.this[0],
11:36:22.287 STDERR terraform: │ on main.tf line 27, in resource "aws_cloudfront_distribution" "this":
11:36:22.287 STDERR terraform: │ 27: resource "aws_cloudfront_distribution" "this" {
11:36:22.287 STDERR terraform: │
11:36:22.287 STDERR terraform: ╵
11:36:22.348 ERROR terraform invocation failed in ./.terragrunt-cache/Q4C3-dRrWqLZwxSZSTjnx5xx6ko/K7Kc_OM-fzl2cNlFeY9nSnMCIW0
11:36:22.349 ERROR error occurred:

  • Failed to execute "terraform apply" in ./.terragrunt-cache/Q4C3-dRrWqLZwxSZSTjnx5xx6ko/K7Kc_OM-fzl2cNlFeY9nSnMCIW0

    │ Error: creating CloudFront Distribution: operation error CloudFront: CreateDistributionWithTags, https response error StatusCode: 409, RequestID: 1003c07e-63d0-48c6-9544-26c8a9024baa, CNAMEAlreadyExists: One or more of the CNAMEs you provided are already associated with a different resource.

    │ with aws_cloudfront_distribution.this[0],
    │ on main.tf line 27, in resource "aws_cloudfront_distribution" "this":
    │ 27: resource "aws_cloudfront_distribution" "this" {

    exit status 1`

Additional context

What I'm trying to achieve; have a terragrunt/terraform script that, based on certain input, creates a Cloudfront distribution and uses the output cloudfront_distribution_domain_name as input to also create a Cloudflare CNAME entry.
This works if it's the first time I'm running the cloudfront terragrunt; but if I want to keep reapplying updates to the subsequent Cloudflare module with "terragrunt run-all apply" to pull the output from the Cloudfront module it fails stating that there's no output. There's no output because the Cloudfront module fails to recognize the resource is already created and pass along the outputs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant