I am using CDKTF (Typescript) to deploy AWS infrastructure. This resource gets added, then removed, every other deploy.
aws.iamPolicyAttachment.IamPolicyAttachment
I tracked the issue down to terraform without CDKTF. I "cd"ed into the directory “cdktf.out/stacks/<my_stack>” and ran “terraform apply” twice. The first time, my policy is attached. The second time, my policy is removed.
I’ve been using CDKTF for a while and I have not yet experienced this before.
Is running “terraform apply” expected to produce different results every other run?
The resulting Terraform configuration and/or plan outputs would help identify why you are seeing the changes.
This might be something like data source that attempts to locate a managed resource from the same configuration. When that’s attempted, the data source output will flip-flop between the resource not existing at first, then existing in the next plan, and so on.