[Docs] Add note that using name
property for CloudFront/PublicKey resource may cause dependency issues
#4067
Labels
area/docs
Improvements or additions to documentation
kind/documentation
Improvements or additions to documentation
resolution/fixed
This issue was fixed
When using the
cloudfront/PublicKey
resource, it is not uncommon to also use thecloudfront/KeyGroup
resource.If one sets the
name
property for thePublicKey
resource (https://www.pulumi.com/registry/packages/aws/api-docs/cloudfront/publickey/#name_nodejs), the "delete-before-create" action that Pulumi takes will cause AWS to throw an error since Pulumi is trying to delete the PublicKey while it is still referenced by the KeyGroup. (See code below.)Since KeyGroup references the PublicKey.id (which is AWS-generated), there is no way to avoid this problem by using
dependsOn
resource options or anything.So, the work-arounds are:
namePrefix
property and let the provider autoname the resources.This leads to the suggestion that the documentation for the
name
property should come with a warning that explains that the setting thename
property will lead to issues if the resource has to be replaced - for example because theencodedKey
property value changes - and thePublicKey
is referenced in another resource such as thecloudfront/keyGroup
resource.And suggest to use Pulumi autonaming as explained here, https://www.pulumi.com/docs/concepts/resources/names/#autonaming, or use the resoruce's
namePrefix
property instead.If you want to see the driving issue in action:
The text was updated successfully, but these errors were encountered: