Table of Contents |
---|
...
Introduction
If Part of the 2023 Cornell AWS Direct Connect Architecture Migration process creates new tags on Cornell AWS VPCs that use Direct Connect. Those tags, prefixed by "cit:", can cause Terraform to hiccup if you use Terraform to manage AWS network resources.
You , you will likely see that Terraform would like to delete the "cit:" tags on those resources when you next run a Terraform plan/apply. See example Terraform plan output for what that looks like:
Code Block |
---|
# tf plan aws_vpc.blank-vpc: Refreshing state... [id=vpc-cde7e0a8] ... aws_route_table_association.v2-private-1: Refreshing state... [id=rtbassoc-08f9e7ea923cc8454] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # aws_subnet.example will be updated in-place ~ resource "aws_subnet" "example" { id = "subnet-0d705338215b4d08b" ~ tags = { - "cit:dc-arch-migration-description" = "No change." -> null - "cit:dc-arch-migration-target" = "no" -> null - "cit:dc-arch-version" = "v1" -> null - "cit:subnet-type" = "public" -> null # (1 unchanged element hidden) } ~ tags_all = { - "cit:dc-arch-migration-description" = "No change." -> null - "cit:dc-arch-migration-target" = "no" -> null - "cit:dc-arch-version" = "v1" -> null - "cit:subnet-type" = "public" -> null # (1 unchanged element hidden) } # (14 unchanged attributes hidden) } Plan: 0 to add, 1 to change, 0 to destroy. |
Note |
---|
Please don't delete those |
...
tags! They are important to the migration to the v2 Direct Connect architecture. If you delete the tags, they will be recreated before the migration proceeds. |
Tell Terraform to Ignore the Tags
You can tell Terraform to ignore those tags by adding a lifecycle
stanza to the resource and using setting the ignore_changes
attribute as shown below:
Code Block |
---|
resource "aws_subnet" "example" { cidr_block = "10.92.117.128/25" vpc_id = aws_vpc.example.id ... tags = { Name = "example-subnet" } lifecycle { ignore_changes = [ tags["cit:dc-arch-migration-description"], tags["cit:dc-arch-migration-target"], tags["cit:dc-arch-version"], tags["cit:dc-vgw"], tags["cit:subnet-type"], tags["cit:tgw-attachment-target"], ] } } |
The next time you run Terraform plan/apply, Terraform will ignore any of those tags.
References
- Terraform