Skip ebs encryption flag for snapshots on launch template.

[jmcarp]

AWS does not allow setting encryption values on ebs block devices
created from a snapshot. This patch lists block devices created from
snapshots from the image and skips the encryption flag on those devices.

[Fixes #4553]

Note: at the moment, this patch silently ignores encryption values for ebs block devices created from a snapshot. We should probably throw an error or warning if the user sets an encryption value. The only problem is that we can't disambiguate between an encryption flag set to false and an empty value with the provider as written. WDYT @bflad ?

[ColinHebert]

What's the status of this one? Can we merge it? @bflad

[shuqichen]

@bflad @terraformbot @tf-release-bot When will this change will be released? I also encountered same issue, and need use this urgent!

[rbreslow]

We encountered this, and it is now blocking some of our issues:

azavea/terraform-aws-ecs-cluster#34

As it stands, aws_launch_template is broken.

[rbreslow]

@bflad?

[shuqichen]

@bflad ?

[schammah]

any plans to merge this?
unable to use aws_launch_template until then

[bflad]

Hi folks 👋 Sorry for the delayed response here.

The implementation in this pull request was an EC2 API lookup, which was a quite complicated workaround for the real issue of the resource schema not appropriately handling an "unspecified" value. An alternate implementation that skips the lookup has been made including the previously failing and now passing acceptance test at: #5632.

[bflad]

#5632 has been merged into master with the fix and will release with version 1.34.0 of the AWS provider, likely later today.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!