If I create the following resource, it creates fine:
resource “aws_instance” “test1” {
ami = “ami-0d2841e5b2fb45b4f”
availability_zone = “us-east-1d”
instance_type = “t2.micro”
key_name = “myKey”
security_groups = [“sg-0d314f8dfa1447aef”]
subnet_id = “subnet-0d6bfa3702ae6b71f”
tags = {
Name = “test1”
Environment = “PROD”
Description = “VM to test terraform vm deployment”
}
}
Once successfully created, if I run “terraform plan” - without any modifications to the .tf file - it wants to replace the instance because of this:
~ security_groups = [ # forces replacement
+ “sg-0d314f8dfa1447aef”,
]
But that is the exact security group that was originally assigned to it when it was created. Even the terraform.tfstate file shows the security group assigned is the same. This happens on v0.12.29 and 0.13.0. If I remove the “security_groups” line from the aws_instance resource AFTER the instance is created, running “terraform plan” shows no updates will occur. Am I doing something wrong? This seems like a bug.