Cannot change subnets of cluster

[gpothier]

Description

Terraform apply fails when attempting to change the subnets of the cluster. Eg. initially create the cluster with 2 subnets, and then attempt to add a third subnet. The plan considers this requires replacing the cluster, but then apply fails because the new cluster is created before the existing one is deleted (the error is Cluster already exists with name: terraform-issue-1707-eks).

Versions

• Terraform:
  Terraform v1.1.3
  on linux_amd64

• Provider(s):

• provider registry.terraform.io/hashicorp/aws v3.71.0
• provider registry.terraform.io/hashicorp/cloudinit v2.2.0
• provider registry.terraform.io/hashicorp/kubernetes v2.7.1
• provider registry.terraform.io/hashicorp/local v2.1.0
• provider registry.terraform.io/hashicorp/null v3.1.0
• provider registry.terraform.io/hashicorp/random v3.1.0
• provider registry.terraform.io/hashicorp/template v2.2.0
• provider registry.terraform.io/hashicorp/tls v3.1.0

• Module:
  v18.0.1

Reproduction

1. Clone this minimal repo: https://github.com/gpothier/terraform-aws-eks-issue-1707 (was initially created for issue 1707, hence the name).
2. Run terraform plan & apply => everything is ok
3. Change the number of subnets in terraform.tfvars (variable autoscaling_azs) from 2 to 3
4. Run terraform plan & apply again => fails

Expected behavior

It should be possible to add subnets of the cluster

Actual behavior

When adding a subnet, apply fails

Terminal Output Screenshot(s)

gpothier@tadzim4:~/ownCloud-Caligrafix/dev/ecaligrafix/terraform-issue-1707 $ ${TF_BIN} apply plan.tfplan
module.eks_cluster.aws_iam_openid_connect_provider.oidc_provider[0]: Destroying... [id=arn:aws:iam::166328510337:oidc-provider/oidc.eks.us-west-2.amazonaws.com/id/97A9A1D3B2128FB24C99446948BE06F2]
module.eks_cluster.aws_iam_openid_connect_provider.oidc_provider[0]: Destruction complete after 0s
module.eks_cluster.aws_eks_cluster.this[0]: Creating...
╷
│ Error: error creating EKS Cluster (terraform-issue-1707-eks): ResourceInUseException: Cluster already exists with name: terraform-issue-1707-eks
│ {
│   RespMetadata: {
│     StatusCode: 409,
│     RequestID: "6f973969-2fe0-4737-ad66-06af60beb1d0"
│   },
│   ClusterName: "terraform-issue-1707-eks",
│   Message_: "Cluster already exists with name: terraform-issue-1707-eks"
│ }
│ 
│   with module.eks_cluster.aws_eks_cluster.this[0],
│   on .terraform/modules/eks_cluster/main.tf line 7, in resource "aws_eks_cluster" "this":
│    7: resource "aws_eks_cluster" "this" {
│ 
╵

Additional context

Follow up to issue #1707

[bryantbiggs]

this is what is intended by the Terraform AWS provider - please see https://github.com/hashicorp/terraform-provider-aws/blob/6d88292341cd2bee5209da539870bf63eb68c26f/internal/service/eks/cluster.go#L219

[gpothier]

I understand that changing subnets requires replacing the cluster (which is far from ideal, but that's another discussion). What I don't understand is why it fails to do so. From what I understand of Terraform, when a resource needs to be replaced, the default behavior is to destroy the existing one before creating the new one, unless lifecycle.create_before_destroy is explicitly set to true. I don't see this flag in the module's source, however Terraform does attempt to create a new cluster before destroying the existing one.

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.