aws_instance ignores timeouts.update #42876
Description
Terraform and AWS Provider Version
Terraform v1.11.0
on darwin_arm64
+ provider registry.terraform.io/hashicorp/aws v5.95.0Affected Resource(s) or Data Source(s)
aws_instance
Expected Behavior
During the update state (or when the TF logs shows that the instance is modifying), Terraform should adhere to the value set to the timeouts.update attribute.
aws_instance.dev: Modifying... [id=i-09****]
aws_instance.dev: Still modifying... [id=i-09******, 10s elapsed]
For example, if I set it to timeouts.update to 1 second, then the instance should fail almost immediately if it continues modifying past 1 second
Actual Behavior
Terraform ignores the timeouts.update attribute and continues modifying/updating past it, or it fails before it reaches the default 10 minutes.
Relevant Error/Panic Output
Terraform will perform the following actions:
# aws_instance.dev will be updated in-place
~ resource "aws_instance" "dev" {
id = "i-09********"
~ instance_type = "t2.medium" -> "t2.micro"
tags = {
"Provisioned" = "true"
"Name" = "TIMEOUT_TEST"
}
# (38 unchanged attributes hidden)
~ timeouts {
~ read = "1s" -> "2s"
~ update = "1s" -> "2s"
}
# (8 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
aws_instance.dev: Modifying... [id=i-09********]
aws_instance.dev: Still modifying... [id=i-09********, 10s elapsed]
aws_instance.dev: Still modifying... [id=i-09********, 20s elapsed]
aws_instance.dev: Still modifying... [id=i-09********, 30s elapsed]
aws_instance.dev: Modifications complete after 33s [id=i-09********]
Apply complete! Resources: 0 added, 1 changed, 0 destroyed.Sample Terraform Configuration
Click to expand configuration
resource "aws_instance" "dev" {
ami = var.ami_id
subnet_id = var.subnet_id
instance_type = var.instance_type
iam_instance_profile = var.instance_profile_name
vpc_security_group_ids = [ var.sg_id ]
ebs_optimized = true
root_block_device {
volume_size = var.volume_size
volume_type = var.volume_type
}
tags = local.tags
metadata_options {
instance_metadata_tags = "enabled"
}
lifecycle {
ignore_changes = [ ami ]
}
timeouts {
# create = "1s"
update = "2s"
read = "2s"
# delete = "1s"
}
}Steps to Reproduce
- Apply the configuration
- Change the instance type
- Observe that the instance continues modifying past the time set to timeouts.update
Debug Logging
Click to expand log output
Terraform will perform the following actions:
# aws_instance.dev will be updated in-place
~ resource "aws_instance" "dev" {
id = "i-09********"
~ instance_type = "t2.medium" -> "t2.micro"
tags = {
"Provisioned" = "true"
"Name" = "TIMEOUT_TEST"
}
# (38 unchanged attributes hidden)
~ timeouts {
~ read = "1s" -> "2s"
~ update = "1s" -> "2s"
}
# (8 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
aws_instance.dev: Modifying... [id=i-09********]
aws_instance.dev: Still modifying... [id=i-09********, 10s elapsed]
aws_instance.dev: Still modifying... [id=i-09********, 20s elapsed]
aws_instance.dev: Still modifying... [id=i-09********, 30s elapsed]
aws_instance.dev: Modifications complete after 33s [id=i-09********]
Apply complete! Resources: 0 added, 1 changed, 0 destroyed.GenAI / LLM Assisted Development
n/a
Important Facts and References
The timeouts.create and timeouts.delete work just fine. Enabling them prevents the instance from creating past the set timeout. Update is the only one that isn't properly adhered to, and it's not clear how this behavior should work.
A similar issue was opened in the past, but it got auto-closed
Would you like to implement a fix?
No