provider/aws: ALB gets recreated when no SG is defined

[radeksimko]

Terraform Version

Terraform v0.7.1-dev (dd2740d4fec9d1846026301e0b527a55246ccf52)

Affected Resource(s)

• aws_alb

Terraform Configuration Files

resource "aws_vpc" "main" {
  cidr_block = "10.10.0.0/16"
}

resource "aws_subnet" "first" {
  cidr_block = "10.10.1.0/24"
  vpc_id = "${aws_vpc.main.id}"
}

resource "aws_subnet" "second" {
  cidr_block = "10.10.2.0/24"
  vpc_id = "${aws_vpc.main.id}"
}

resource "aws_alb" "main" {
  name            = "test-alb-tf"
  subnets         = ["${aws_subnet.first.id}", "${aws_subnet.second.id}"]
}

Expected Behavior

$ terraform plan

No diff.

Actual Behavior

$ terraform plan

-/+ aws_alb.main
    dns_name:                   "test-alb-tf-319967521.us-west-2.elb.amazonaws.com" => "<computed>"
    enable_deletion_protection: "false" => "false"
    idle_timeout:               "60" => "60"
    internal:                   "false" => "<computed>"
    name:                       "test-alb-tf" => "test-alb-tf"
    security_groups.#:          "1" => "0" (forces new resource)
    security_groups.289196067:  "sg-81cbcae4" => ""
    subnets.#:                  "2" => "2"
    subnets.6620723:            "subnet-f9297b8d" => "subnet-f9297b8d"
    subnets.704553415:          "subnet-f5c3a873" => "subnet-f5c3a873"
    vpc_id:                     "vpc-fd351998" => "<computed>"
    zone_id:                    "Z1H1FL5HABSF5" => "<computed>"

Steps to Reproduce

1. terraform apply
2. terraform plan

[jen20]

Looks like they assign a default security group - this will need marking as Computed. I'll follow up soon. Tagging #8137 for tracking purposes.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.