Will “aws_ami” with most_recent=true impact future updates?

1
votes

Given the config below, what happens if I run apply command against the infrastructure if Amazon rolled out a new version of the AMI?

Will the test instance is going to be destroyed and recreated?

so scenario

  1. terraform init
  2. terraform apply
  3. wait N months
  4. terraform plan (or apply)

AM I going to see "forced" recreation of the ec2 instance that was created N months ago using the older version of the AMI which was "recent" back then?

data "aws_ami" "amazon-linux-2" {
 most_recent = true

 filter {
   name   = "owner-alias"
   values = ["amazon"]
 }


 filter {
   name   = "name"
   values = ["amzn2-ami-hvm*"]
 }
}


resource "aws_instance" "test" {
 depends_on = ["aws_internet_gateway.test"]


 ami                         = "${data.aws_ami.amazon-linux-2.id}"
 associate_public_ip_address = true
 iam_instance_profile        = "${aws_iam_instance_profile.test.id}"
 instance_type               = "t2.micro"
 key_name                    = "bflad-20180605"
 vpc_security_group_ids      = ["${aws_security_group.test.id}"]
 subnet_id                   = "${aws_subnet.test.id}"
}

Will "aws_ami" with most_recent=true impact future updates?

2
terraformterraform-provider-awsterraform0.12+
It will be destroyed and recreated as you guessed. You can prevent that by using the ignore_changes lifecycle.ydaetskcoR

2 Answers

1
votes

Yes as per what @ydaetskcoR said you can have a look at the ignore_changes lifecycle and then it would not recreate the instances. https://www.terraform.io/docs/configuration/resources.html#ignore_changes

1
votes

@ydeatskoR and @sogyals429 have the right answer. To be more concrete:

resource "aws_instance" "test" {
  # ... (all the stuff at the top)

  lifecycle {
    ignore_changes = [
      ami,
    ]
  }
}

note: docs moved to: https://www.terraform.io/docs/language/meta-arguments/lifecycle.html#ignore_changes