Introduction
The terraform plan command creates an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure. By default, when Terraform creates a plan it:
- Reads the current state of any already-existing remote objects to make sure that the Terraform state is up-to-date.
- Compares the current configuration to the prior state and noting any differences.
- Proposes a set of change actions that should, if applied, make the remote objects match the configuration.
Problem
The output of terraform plan suggests changes to resources even though you haven't changed any of your code or resources you manage with your terraform code.
Cause
The problem could be related to not having implemented the best practices for provider versions as can be found here.
With every execution of terraform init it will check the provider version configuration and download the provider that matches your configuration.
If your code only has the following provided:
provider "aws" {}
Solution
Make sure you have configured the provider version to a fixed version. This will prevent you from using a different provider version in runs.
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "4.28.0"
}
}
}
provider "aws" {}
In your test environment you can update and test the later provider version before implementing this in production