Terraform: Moving a resource drops the "data." prefix from data source
Terraform Version
Terraform v0.11.8
Terraform Configuration Files
my terraform code includes the following:
data "aws_iam_policy_document" "assume-role" {
statement {
actions = ["sts:AssumeRole"]
principals {
type = "${var.principal_type}"
identifiers = ["${var.principal_identifiers}"]
}
}
}
This results in remote state that looks like this:
"data.aws_iam_policy_document.assume-role": {
"type": "aws_iam_policy_document",
"depends_on": [],
"primary": {
"id": "1903849331",
"attributes": {
"id": "1903849331",
"json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n }\n }\n ]\n}",
"statement.#": "1",
"statement.0.actions.#": "1",
"statement.0.actions.2528466339": "sts:AssumeRole",
"statement.0.condition.#": "0",
"statement.0.effect": "Allow",
"statement.0.not_actions.#": "0",
"statement.0.not_principals.#": "0",
"statement.0.not_resources.#": "0",
"statement.0.principals.#": "1",
"statement.0.principals.1134724139.identifiers.#": "1",
"statement.0.principals.1134724139.identifiers.3655884555": "ec2.amazonaws.com",
"statement.0.principals.1134724139.type": "Service",
"statement.0.resources.#": "0",
"statement.0.sid": ""
},
"meta": {},
"tainted": false
},
"deposed": [],
"provider": "provider.aws"
}
If I use terraform state mv to rename this resource, the data. prefix is lost.
terraform command:
terraform state mv \
-state=example.json \
module.iam.aws_iam_policy_document.assume-role \
module.master.module.iam.aws_iam_policy_document.assume-role
Resulting state:
"aws_iam_policy_document.assume-role": {
"type": "aws_iam_policy_document",
"depends_on": [],
"primary": {
"id": "1903849331",
"attributes": {
"id": "1903849331",
"json": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Sid\": \"\",\n \"Effect\": \"Allow\",\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n }\n }\n ]\n}",
"statement.#": "1",
"statement.0.actions.#": "1",
"statement.0.actions.2528466339": "sts:AssumeRole",
"statement.0.condition.#": "0",
"statement.0.effect": "Allow",
"statement.0.not_actions.#": "0",
"statement.0.not_principals.#": "0",
"statement.0.not_resources.#": "0",
"statement.0.principals.#": "1",
"statement.0.principals.1134724139.identifiers.#": "1",
"statement.0.principals.1134724139.identifiers.3655884555": "ec2.amazonaws.com",
"statement.0.principals.1134724139.type": "Service",
"statement.0.resources.#": "0",
"statement.0.sid": ""
},
"meta": {},
"tainted": false
},
"deposed": [],
"provider": "provider.aws"
},
Expected Behavior
The resource should have been moved correctly
Actual Behavior
The resource lost the data. prefix which causes this error when running terraform:
* module.master.module.iam.aws_iam_policy_document.assume-role: aws_iam_policy_document.assume-role: unknown resource type: aws_iam_policy_document
Steps to Reproduce
- Generate state using a data source (I used
aws_iam_policy_document) - Refactor the code to require moving resources in the existing state
- Move the state with
terraform state mvto reflect the new code - Run
terraform apply
This should cause the error
Additional Context
References
- #9996
robinbowes
All 5 comments
To simplify things for those reading, this appears to be a reintroduction of a bug from 0.7 (#9996)
Based on this comment it seems the bug was reintroduced in 0.9.
2rs2ts
on 17 Oct 2018
Same issue here, moving a module seems to corrupt some data sources. In my case terraform state rm <resource> followed by terraform refresh appears to have fixed it.
joerx
on 19 Oct 2018
Terraform v0.11.2
+ provider.aws v1.24.0
+ provider.external v1.0.0
+ provider.null v1.0.0
+ provider.template v1.0.0
Experiencing the same issue.
I can confirm that following @joerx suggestion of deleting all the affected resources followed by a refresh seems to work as a suitable (if somewhat painful, as identifying all the incorrectly named data resources took longer than expected) workaround.
neechbear
on 21 Oct 2018
pretty sure this is the same issue as #14315
majormoses
on 15 Nov 2018
I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 13 Aug 2019
Related issues
thebenwaters
ยท
3Comments
rkulagowski
ยท
3Comments
zeninfinity
ยท
3Comments
c4milo
ยท
3Comments
ronnix
ยท
3Comments
Most helpful comment
Same issue here, moving a module seems to corrupt some data sources. In my case
terraform state rm <resource>followed byterraform refreshappears to have fixed it.