'Terraform plan showing changes that already apply
I have a pipeline that create users in rabbitmq, minio, keycloak, and others applications using terraform, but in Minio i have a problem that is: I run terraform in first time, the pipeline creates bucket, policy and user (so far, so good), but when i run other times, terraform plan show changes that don't exist, becouse i already run pipeline and don't have any changes, as the image show:
Below my terraform code for Minio:
# Create a bucket.
resource "minio_bucket" "bucket" {
name = var.namespace
}
resource "minio_user" "user1" {
access_key = var.namespace
secret_key = var.password
policies = [
minio_canned_policy.policy1.name
# Note: using a data source here!
#data.minio_canned_policy.console_admin.name,
]
/*groups = [
minio_group.group2.name,
]*/
depends_on = [
minio_canned_policy.policy1,
]
}
# Create a policy.
resource "minio_canned_policy" "policy1" {
name = "policy1"
policy = <<EOT
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:GetBucketLocation",
"s3:ListAllMyBuckets"
],
"Resource": "arn:aws:s3:::${minio_bucket.bucket.name}*"
},
{
"Effect": "Allow",
"Action": ["s3:ListBucket"],
"Resource": ["arn:aws:s3:::${minio_bucket.bucket.name}"]
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:DeleteObject"
],
"Resource": ["arn:aws:s3:::${minio_bucket.bucket.name}/*"]
}
]
}
EOT
}
In rabbitmq, keycloak, for example, all things works fine.
Someone have any idea to resolve this?
Thanks!!
Solution 1:[1]
Try to use an array as it wants in this place:
- "Resource": "arn:aws:s3:::${minio_bucket.bucket.name}*"
+ "Resource": ["arn:aws:s3:::${minio_bucket.bucket.name}*"]
Maybe the other detected change will go away after that. If not, it would look like a bug in the provider.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | xy2 |