Terraform-provider-aws: Import does not work for resources accessible from endpoint different from region

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

Terraform v0.11.13

• provider.aws v2.4.0

Affected Resource(s)

• aws_opsworks_custom_layer
• aws_opsworks_rails_app_layer
• aws_opsworks_xxx_layer
• aws_opsworks_instance

Terraform Configuration Files

resource "aws_opsworks_stack" "app" {
  name                         = "${var.opsworks_stack_name}"
  region                       = "eu-west-1"
  service_role_arn             = "${aws_iam_role.opsworks.arn}"
  default_instance_profile_arn = "${aws_iam_instance_profile.opsworks.arn}"
  use_custom_cookbooks         = true
  use_opsworks_security_groups = true
  manage_berkshelf             = false
  berkshelf_version            = ""
  hostname_theme               = "Europe_Cities"
  default_os                   = "Amazon Linux 2018.03"
  default_root_device_type     = "ebs"
  default_ssh_key_name         = "${var.ec2_default_keypair}"
  color                        = "rgb(45, 114, 184)"

  ...

  lifecycle {
    ignore_changes = ["custom_json"]
  }
}

resource "aws_opsworks_rails_app_layer" "rails_app" {
  name = "Rails App Server"
  short_name = "rails-app"
  stack_id                = "${aws_opsworks_stack.app.id}"
  auto_assign_elastic_ips = false
  auto_assign_public_ips  = true
  auto_healing            = true
}

resource "aws_opsworks_custom_layer" "rails_console" {
  name       = "For Rails Consoles"
  short_name = "rails console"
  stack_id   = "${aws_opsworks_stack.app.id}"
}

provider "aws" {
  region = "eu-west-1"
}

Debug Output

https://gist.github.com/begault/a65cef85542bc19e4569904f2bdc443e

Panic Output

Expected Behavior

The API endpoint for resources can be overridden and the host can be: Host: opsworks.us-east-1.amazonaws.com even if the default region is eu-west-1

Actual Behavior

When using Opsworks console, I get the following url : .../opsworks/home?region=eu-west-1&endpoint=us-east-1/....
This is due to Opsworks history. All API endpoints are pointing to us-east-1, even if the instances are in eu-west-1.

When I want to import a layer or another type of resource, I get the following error:

2019/04/02 14:40:44 [DEBUG] plugin: waiting for all plugin processes to complete...
Error: aws_opsworks_custom_layer.rails_app (import id: 00000000-0000-0000-0000-000000000000): 1 error(s) occurred:

* import aws_opsworks_custom_layer.rails_app result: 00000000-0000-0000-0000-000000000000: import aws_opsworks_custom_layer.rails_app (id: 00000000-0000-0000-0000-000000000000): Terraform detected a resource with this ID doesn't
exist. Please verify the ID is correct. You cannot import non-existent
resources using Terraform import.

When checking the endpoint of the aws API request, I notice that the endpoint region used is the default region given and cannot be overridden independently.

See: https://gist.github.com/begault/a65cef85542bc19e4569904f2bdc443e#file-terraform_layers_output-txt-L231

Where the host used is: Host: opsworks.eu-west-1.amazonaws.com

The import task does not find the resource as it's not looking to the right endpoint.

Steps to Reproduce

This bug is hard to reproduce as you need to have an Opsworks architecture which has been created before the endpoint regions opening.

Important Factoids

References

• #0000