Diff's didn't match during apply: associate_public_ip_address

[rhettg]

Terraform Version

0.6.16

Affected Resource(s)

• aws_instance

Terraform Configuration Files

resource "aws_instance" "vpn" {
    ami = "${var.vpn_base_ami}"
    instance_type = "${var.vpn_instance_type}"

    subnet_id = "${aws_subnet.public.id}"
    vpc_security_group_ids = ["${aws_security_group.vpn.id}"]
    associate_public_ip_address = true

    key_name = "${var.key_name}"

    user_data = "${template_file.vpn_user_data.rendered}"

    # A few of these fields are due to:
    # https://github.com/hashicorp/terraform/issues/5956
    lifecycle {
        ignore_changes = ["user_data", "associate_public_ip_address", "source_dest_check"]
    }

    tags {
        Name = "vpn0-${var.name}"
        Environment = "${var.name}"
    }
}

This is happening from a module I wrote. You can see it here: https://github.com/rhettg/tf_aws_lab/blob/master/vpn.tf

Debug Output

https://gist.github.com/rhettg/40ce52f8ffaea3d3541f379bb1052a50

Expected Behavior

I wanted to replace the VPN instance, so I tainted it:

$ terraform taint -module=vp aws_instance.vpn

It should have destroyed it and recreated

Actual Behavior

The host was destroyed, but then I got the above error.

Retrying the command will create the new instance.

Steps to Reproduce

Please list the steps required to reproduce the issue, for example:

1. terraform taint -module=vpc_lab aws_instance.vpn
2. terraform apply

References

I think this is related to #5956

[rhettg]

I'm not sure how this related, but while reproducing this, I made a change to an unrelated s3 bucket policy (in json) which resulted in the following error:

Error applying plan:

1 error(s) occurred:

* aws_s3_bucket.lab: diffs didn't match during apply. This is a bug with Terraform and should be reported as a GitHub Issue.

Please include the following information in your report:

    Terraform Version: 0.6.16
    Resource ID: aws_s3_bucket.lab
    Mismatch reason: attribute mismatch: policy
    Diff One (usually from plan): *terraform.InstanceDiff{Attributes:map[string]*terraform.ResourceAttrDiff{"policy":*terraform.ResourceAttrDiff{Old:"{\"Id\":\"Policy1415115909152\",\"Statement\":[{\"Action\":\"s3:*\",\"Condition\":{\"StringEquals\":{\"aws:sourceVpc\":\"vpc-0eb90f69\"}},\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":[\"arn:aws:s3:::dcos-lab-rhettg/*\",\"arn:aws:s3:::dcos-lab-rhettg\"],\"Sid\":\"Access-from-specific-VPC\"}],\"Version\":\"2012-10-17\"}", New:"Error parsing JSON: invalid character '$' looking for beginning of value", NewComputed:false, NewRemoved:false, NewExtra:"${template_file.bucket_policy.rendered}", RequiresNew:false, Type:0x0}}, Destroy:false, DestroyTainted:false}
    Diff Two (usually from apply): *terraform.InstanceDiff{Attributes:map[string]*terraform.ResourceAttrDiff(nil), Destroy:false, DestroyTainted:false}

Somehow the JSON wasn't being rendered. When I tried it again, the problem went away.

To be really clear, the JSON wasn't invalid, and I made no changes that resulted in it parsing correctly.

[mitchellh]

This should be fixed in later versions of 0.7.x

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.