Ignore Task Def Changes with Service Connect TLS Results in Plan Error

[logadams]

Description

In the Service Module if one specifies ignore_task_definition_changes=true along with service connect tls configuration one will get an error. I believe this is due to a mismatch between the two different resources that the ignore_task_definition_changes creates and how they handle the dynamic block differently.

See L254 vs L574

• ✋ I have searched the open/closed issues and my issue is not listed.

⚠️ Note

Before you submit an issue, please perform the following first:

1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
2. Re-initialize the project root to pull down modules: terraform init
3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

• Module version [Required]: 6.2.1

• Terraform version:

Reproduction Code [Required]

module "service" {
  ignore_task_definition_changes = true
  service_connect_configuration = {
   service = [{
      tls = {
         role_arn = ""
         issuer_cert_authority = {
            aws_pca_authority_arn = ""
         }
      }
   }]
  }
}

Steps to reproduce the behavior:

1. Specify tls configuration block while also specifying ignore_task_definition_changes=true

Expected behavior

Should behave the same as when specifying ignore_task_definition_changes=false

Actual behavior

Terraform plan error due to incorrect dynamic block handling

Terminal Output Screenshot(s)

Additional context

[szhekpisov-katanox]

I also experience issues with ignore_task_definition_changes=true - I create service and task definition via terraform, and when I update task definition with GitHub Actions, terraform attempts to rewrite it back with default settings. I expected that ignore_task_definition_changes=true will respect it, but it seems it's not.
I tried to delete manually service and task definition from AWS console, and then repeat the process - it didn't help.

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.