Amazon web services - terraform null_resource does not trigger S3 bucket update's chained action update CloudFront distribution

mako
July 24, 2023
223 views
0 votes
2 Answers

Before I used the resource aws_s3_object for syncing local files to S3 bucket. Back then updates in S3 triggered updating the connected distribution in CloudFront.

Now I replaced only the resource aws_s3_object mentioned above by null_resource / provisioner "local-exec" in the project. Then terraform apply only detected changes for the S3 bucket and no longer triggered updates for CloudFront.

What I did wrong / was missing here?

The related code:

Before (CloudFront is updated when S3 is updated):

resource "aws_s3_object" "site" {
  for_each     = fileset("./site/", "*")
  bucket       = xyz.id
  key          = each.value
  source       = "./site/${each.value}"
  etag         = filemd5("./site/${each.value}")
  content_type = "text/html;charset=UTF-8"
}

After (only S3 is updated, CloudFront is not updated):

resource "null_resource" "remove_and_upload_to_s3" {
  provisioner "local-exec" {
    command = "aws s3 sync ${path.module}/site s3://${aws_s3_bucket.xyz.id}"
  }
}

Answers

- YoucefLAIDANI
- July 24, 2023 at 4:41 pm
- 0 votes
0
In your CloudFront resource config, try to use depends_on:
```
depends_on = [null_resource.remove_and_upload_to_s3]
```
This will ensure that any changes to the null_resource will trigger an update to the CloudFront resource.
Login or Signup to reply.

- MarkoE
- July 24, 2023 at 4:51 pm
- 0 votes
0
I would probably go for the new resource terraform_data and then use the for_each with aws s3 cp instead of sync:
```
resource "terraform_data" "remove_and_upload_to_s3" {
  for_each     = aws_s3_object.site
  triggers_replace = [
    each.value.etag
  ]

  provisioner "local-exec" {
    command = "aws s3 cp ${path.module}/site/${each.value.source} s3://${aws_s3_bucket.xyz.id}"
  }
}
```
Login or Signup to reply.