Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Control Tower update API issue with order of governed regions

0

Hello, I imported my Control Tower in my terraform state. But unfortunately it fails while it only ask to change the order of governedRegions. Is there an issue with the API , am I the only one with that issue ? Thank you

Terraform will perform the following actions:

  # aws_controltower_landing_zone.this will be updated in-place
  ~ resource "aws_controltower_landing_zone" "this" {
        id                       = "***REMOVED***"
      ~ manifest_json            = jsonencode(
          ~ {
              ~ governedRegions       = [
                    "eu-west-1",
                  - "eu-central-1",
                    "us-east-1",
                  + "eu-central-1",
                ]
                # (4 unchanged attributes hidden)
            }
        )
        tags                     = {}
        # (5 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_controltower_landing_zone.this: Modifying... [id=***REMOVED***]
╷
│ Error: updating ControlTower Landing Zone (***REMOVED***): operation error ControlTower: UpdateLandingZone, https response error StatusCode: 400, RequestID: *****SOME*UUID*******, ValidationException: The LandingZoneManifest that you provided is not compliant with the LandingZoneManifest schema. For information about formatting, see https://docs.aws.amazon.com/controltower/latest/userguide/lz-api-launch.html.
  • Oleksii Bebych EXPERT
    2 years ago

    please accept the answer if it was useful

Topics
Management & Governance
Tags
AWS Control TowerTerraform
Language
English
asked 2 years ago350 views
1 Answer
0

here is the bug https://github.com/hashicorp/terraform-provider-aws/issues/35763

EXPERT
answered 2 years ago
  • Adrien
    2 years ago

    that github issue is related to terraform not able to compare and see that the data is the same. My issue was that I used strings in my json for durations(error 400 from AWS) , which matches the expected format in the TF provider but generate a new change for each plan/apply like mentioned in the issue you linked.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content