[Bug]: Recently added VPC support for Grafana workspaces doesn't modify existing resource?

[zestysoft]

Terraform Core Version

1.1.5

AWS Provider Version

4.47.0

Affected Resource(s)

aws_grafana_workspace

Expected Behavior

When adding VPC specific details to the resource, resource should get updated.

Actual Behavior

Terraform shows as succeeding to apply, but AWS resource remains unchanged.

Relevant Error/Panic Output Snippet

$ terraform apply

Terraform will perform the following actions:

  # aws_grafana_workspace.grafana will be updated in-place
  ~ resource "aws_grafana_workspace" "grafana" {
        id                        = "g-9abfb96592"
        name                      = "g-9abfb96592"
        tags                      = {}
        # (12 unchanged attributes hidden)


      + vpc_configuration {
          + security_group_ids = [
              + "sg-0c7c2131501f0e15c",
              + "sg-0e8dc4f9232bd6dc0",
            ]
          + subnet_ids         = [
              + "subnet-02db1f1bf3bad6030",
              + "subnet-079a48f1613061982",
              + "subnet-0e8d27ef65a83b429",
            ]
        }
        # (1 unchanged block hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_grafana_workspace.grafana: Modifying... [id=g-9abfb96592]
aws_grafana_workspace.grafana: Modifications complete after 3s [id=g-9abfb96592]

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

$ terraform plan

Terraform will perform the following actions:

  # aws_grafana_workspace.grafana will be updated in-place
  ~ resource "aws_grafana_workspace" "grafana" {
        id                        = "g-9abfb96592"
        name                      = "g-9abfb96592"
        tags                      = {}
        # (12 unchanged attributes hidden)


      + vpc_configuration {
          + security_group_ids = [
              + "sg-0c7c2131501f0e15c",
              + "sg-0e8dc4f9232bd6dc0",
            ]
          + subnet_ids         = [
              + "subnet-02db1f1bf3bad6030",
              + "subnet-079a48f1613061982",
              + "subnet-0e8d27ef65a83b429",
            ]
        }
        # (1 unchanged block hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Terraform Configuration Files

terraform {
  required_providers {
    aws = {
    }
}

provider "aws" {
  region  = "us-east-1"
}

resource "aws_grafana_workspace" "grafana" {
  account_access_type      = "CURRENT_ACCOUNT"
  authentication_providers = ["SAML"]
  permission_type          = "CUSTOMER_MANAGED"
  role_arn                 = aws_iam.role.grafana.arn

  data_sources = [
    "AMAZON_OPENSEARCH_SERVICE",
  ]

  vpc_configuration {
    security_group_ids = [
      module.opensearch.security_group_id,
      aws_security_group.grafana.id,
    ]
    subnet_ids = module.opensearch.subnet_ids
  }
}

Steps to Reproduce

Create aws grafana workspace without VPC settings and wait for it to complete.

Attempt to add VPC settings after.

or

Create aws grafana workspace without VPC settings with aws provider < 4.47.0
manually add vpc settings via the AWS console
update provider version to 4.47.0
terraform rm aws_grafana_workspace
terraform import aws_grafana_workspace (this works)
update tf file from state
attempt to modify something in the VPC settings -- like add a security group or add a subnet -- tf will see that changes are needed and will show as applied, but no changes happen.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

No

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[zestysoft]

#28244

[DrFaust92]

ill try to take a look

[DrFaust92]

able to confirm the issue, have a PR i the works

[github-actions]

This functionality has been released in v4.51.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.