[Bug]: Cloudtrail creation with kms alias arn is not possible #33928
Description
Terraform Core Version
1.6.1
AWS Provider Version
5.20.1
Affected Resource(s)
resource "aws_cloudtrail
Expected Behavior
I should be able to create an aws_cloudtrail with kms alias in arn format as it mentioned here https://docs.aws.amazon.com/awscloudtrail/latest/userguide/create-kms-key-policy-for-cloudtrail-update-trail.html
Actual Behavior
The key id where the alias targets, will be used in the service and always showing up as a change in terraform plan and getting applied. (Successfully, the trail is exist and working, but in the terraform always there is a change and getting recreated.)
Relevant Error/Panic Output Snippet
~ resource "aws_cloudtrail" "test" {
id = "test"
~ kms_key_id = "arn:aws:kms:******:******:key/******" -> "arn:aws:kms:****:******:alias/kms-test"
name = "test"
tags = {}
# (11 unchanged attributes hidden)
}Terraform Configuration Files
- create a kms key with alias for cloudtrail
- try to create a trail with the previous kms key's alias
Steps to Reproduce
- terraform init
- terraform plan
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
I cannot