Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: aws_ram_principal_association principal account deleted 90days empty result #36070

Closed
mike-morris-emis opened this issue Mar 4, 2024 · 3 comments · Fixed by #36062
Closed

[Bug]: aws_ram_principal_association principal account deleted 90days empty result #36070

mike-morris-emis opened this issue Mar 4, 2024 · 3 comments · Fixed by #36062
Labels
bug Addresses a defect in current functionality. service/ram Issues and PRs that pertain to the ram service.
Milestone
v5.41.0

Comments

@mike-morris-emis
Copy link

mike-morris-emis commented Mar 4, 2024
edited
Loading

Terraform Core Version

v5.39.0

AWS Provider Version

v5.39.0

Affected Resource(s)

aws account principals referenced within aws_ram_principal_association that have been deleted after 90 days cause "Error: Process completed with exit code 1." when doing a plan, apply

if the principal is removed from terraform source within a list and plan, still get the same error message.
had to manually remove the object via command line from the statefile

terraform state rm aws_ram_principal_association.dns_example[\"123456789100\"]

had 5+ like this

Expected Behavior

would expect terraform plan to give notice that it would attempt create/add the principal into aws aws_ram_principal_association and or error that principal not present in aws

would expect the removal of the principal within terraform code (using a list to create) would pass and allow the apply in which the principal would be removed from the statefile

Actual Behaviour

terraform error and blocked pipeline with "empty result"

Relevant Error/Panic Output Snippet

│ Error: reading RAM Resource Share (arn:aws:ram:eu-west-2:***:resource-share/11111111-1111-1111-1111-111111111111) Principal Association (123456789100): empty result
│ 
│   with aws_ram_principal_association.dns_example["123456789100"],
│   on RAM.tf line 111, in resource "aws_ram_principal_association" "dns_example":
│  959: resource "aws_ram_principal_association" "dns_example" {
│ 
╵

Terraform Configuration Files

existing code

## create a variable to nicely share the share with
variable "dns-example-principals" {
  description = "List of principal account numbers"
  type        = list(string)
  default = [
    "111111111111", // dev-example-1
    "123456789100", // dev-example-100 this account was deleted
    "222222222222", // dev-example-2
    "333333333333", // dev-example-3
  ]
}

## List of account ids to share this resolver with
resource "aws_ram_principal_association" "dns_example" {
  for_each           = toset(var.dns-example-principals)
  principal          = each.value
  resource_share_arn = aws_ram_resource_share.dns_example.arn
}

code created to remove principal, error'd

## create a variable to nicely share the share with
variable "dns-example-principals" {
  description = "List of principal account numbers"
  type        = list(string)
  default = [
    "111111111111", // dev-example-1
    // "123456789100", // dev-example-100 this account was deleted
    "222222222222", // dev-example-2
    "333333333333", // dev-example-3
  ]
}

## List of account ids to share this resolver with
resource "aws_ram_principal_association" "dns_example" {
  for_each           = toset(var.dns-example-principals)
  principal          = each.value
  resource_share_arn = aws_ram_resource_share.dns_example.arn
}

Steps to Reproduce

would need an account to be deleted and wait for 90days for removal from aws

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

None
@mike-morris-emis mike-morris-emis added the bug Addresses a defect in current functionality. label Mar 4, 2024
@github-actions github-actions bot added the service/ram Issues and PRs that pertain to the ram service. label Mar 4, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented Mar 4, 2024

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Mar 4, 2024
@justinretzolk justinretzolk removed the needs-triage Waiting for first response or review from a maintainer. label Mar 8, 2024
ewbankkit added a commit to acwwat/terraform-provider-aws that referenced this issue Mar 14, 2024
@ewbankkit
Add CHANGELOG entry for hashicorp#36070.
4085948
@ewbankkit ewbankkit mentioned this issue Mar 14, 2024
Merged
@github-actions github-actions bot added this to the v5.41.0 milestone Mar 14, 2024
@github-actions GitHub Actions
Copy link

This functionality has been released in v5.41.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions GitHub Actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Apr 14, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/ram Issues and PRs that pertain to the ram service.
Projects
None yet
Milestone
v5.41.0
2 participants
@justinretzolk @mike-morris-emis