Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Missing Tags in ASG and Instances Confirmed in Terraform Plan #14247

Closed
JasonKAls opened this issue May 5, 2017 · 7 comments · Fixed by #14321
Closed

Missing Tags in ASG and Instances Confirmed in Terraform Plan #14247

JasonKAls opened this issue May 5, 2017 · 7 comments · Fixed by #14321

Comments

@JasonKAls
Copy link

JasonKAls commented May 5, 2017

Hi there,

I'm having an issue with my billing tags not appearing on my created instances via an ASG. As you'll see from the HCL code, I have 4 tags. The aws_cost_role and the aws_cost_allocation do not appear what terraform is applied.

Terraform Version

Terraform v0.9.4

Affected Resource(s)

  • aws_autoscaling_group
  • Also affects AWS Instances and possibly the aws_instance though I'm using an ASG instead

Terraform Configuration Files

resource "aws_autoscaling_group" "chef-compliance-asg" {
  depends_on           = ["aws_elb.chef_compliance_elb"]
  name                 = "${var.stack_name}-${var.env}"
  vpc_zone_identifier  = ["${lookup(var.env_subnets, var.env)}"]
  max_size             = "${lookup(var.asg_max, var.env)}"
  min_size             = "${lookup(var.asg_min, var.env)}"
  desired_capacity     = "${lookup(var.asg_desired, var.env)}"
  launch_configuration = "${aws_launch_configuration.chef-compliance-lc.name}"
  load_balancers       = ["${aws_elb.chef_compliance_elb.name}"]
  health_check_type    = "EC2"

  tag {
    key                 = "api_fqdn"
    value               = "compliance-${var.env}.posrip.com"
    propagate_at_launch = true
  }

  tag {
    key                 = "environment"
    value               = "${var.env}"
    propagate_at_launch = true
  }

  tag {
    key                 = "aws_cost_role"
    value               = "${lookup(var.aws_cost_role, var.env)}"
    propagate_at_launch = true
  }

  tag {
    key                 = "aws_cost_allocation"
    value               = "${lookup(var.aws_cost_allocation, var.env)}"
    propagate_at_launch = true
  }
}.

Expected Behavior

Should see all 4 Tags listed for my instances created by my ASG resource

Actual Behavior

Missing both AWS Cost Allocation Tags

Steps to Reproduce

  1. Create ASG resource with both regular tags and Cost Allocation Tags

Below is part of the Debug I found to be interesting.
https://gist.github.com/JasonKAls/5c5dcb2e451a6eedf7560ddbe3873b78
For both missing tags it states the following: Found AWS specific tag aws_cost_allocation (val: prod), ignoring.

Any help would be appreciated!

@JasonKAls
Copy link
Author

Additional Info

Running terraform plan after running terraform apply also indicates the tags are missing:

~ aws_autoscaling_group.chef-compliance-asg
    tag.#:                              "2" => "4"
    tag.1021368698.key:                 "api_fqdn" => "api_fqdn"
    tag.1021368698.propagate_at_launch: "true" => "true"
    tag.1021368698.value:               "compliance.example.com" => "compliance.example.com"
    tag.1375981587.key:                 "" => "aws_cost_role"
    tag.1375981587.propagate_at_launch: "" => "true"
    tag.1375981587.value:               "" => "devops"
    tag.2821508855.key:                 "" => "aws_cost_allocation"
    tag.2821508855.propagate_at_launch: "" => "true"
    tag.2821508855.value:               "" => "prod"
    tag.477549816.key:                  "environment" => "environment"
    tag.477549816.propagate_at_launch:  "true" => "true"
    tag.477549816.value:                "production" => "production"

@grubernaut
Copy link
Contributor

Hey @JasonKAls, thanks for the issue!

Unfortunately there isn't much that we can change here to allow this functionality to work. AWS restricts the aws prefix on tags as shown here: http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html

While this is possible via the AWS Console, Terraform purposefully ignores tags prefixed with aws_ in order to avoid showing spurious diffs when these tags get changed internally by AWS, via OpsWorks for example.

Closing this for now, as it's a known decision made at the Terraform level, but happy to discuss this further if needed. I'm sorry this isn't the answer you were looking for, but hopefully adds some color to why these tags weren't propagating correctly.

@JasonKAls
Copy link
Author

understood...thanks!

@grubernaut
Copy link
Contributor

@JasonKAls forgot to mention above, but because Terraform ignores all tags with the aws_ prefix, this allows users to add those tags manually, or using a third party tool without fear of creating a spurious diff on a subsequent Terraform plan. Hope this helps!

@JasonKAls
Copy link
Author

That does help...Thanks again!

@grubernaut
Copy link
Contributor

@JasonKAls Apologies here. This actually is a bug, we should only be limiting the set of AWS tags that have the prefix aws:, not aws.

See: #14308, as well. Re-opening for a fix.

@grubernaut grubernaut reopened this May 9, 2017
stack72 added a commit that referenced this issue May 9, 2017
We were too greedy with the AWS specific tags ignore function - we
basically were ignoring anything starting with `aws` rather than just
using `aws:`

Fixes: #14308
Fixes: #14247
stack72 added a commit that referenced this issue May 9, 2017
We were too greedy with the AWS specific tags ignore function - we
basically were ignoring anything starting with `aws` rather than just
using `aws:`

Fixes: #14308
Fixes: #14247
@ghost
Copy link

ghost commented Apr 12, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost unassigned stack72 Apr 12, 2020
@ghost ghost locked and limited conversation to collaborators Apr 12, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants