No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

Screen Shot 2020-09-29 at 4.30.45 PM.png

QQ:
I am constantly getting my flow log replaced on every `pulumi up`. The resulting diff is:
`~ logDestination: "arn:aws:logs:us-east-1:ACCTNUMBER:log-group:kstream-vpc-dev" =&gt; "arn:aws:logs:us-east-1:ACCTNUMBER:log-group:kstream-vpc-dev:*"`
As you can see, it keeps trying to add the `:*` at the end. The AWS console shows that the ARN DOES have the `:*`
 The code I’m using is:
```const flowLog = new aws.ec2.FlowLog("vpc-flow-log-" + pulumi.getStack(), {
    iamRoleArn: config.require("FLOW_LOG_ARN"),
    logDestination: logGroup.arn,
    trafficType: "ALL",
    vpcId: vpc.id,
    tags: {
        Name: "VPC Flow Logs for " + name
    }
}, {deleteBeforeReplace: true})```
Current package.json dependencies:
```"dependencies": {
    "@pulumi/aws": "^3.5.0",
    "@pulumi/awsx": "^0.22.0",
    "@pulumi/docker": "^2.3.0",
    "@pulumi/pulumi": "^2.10.2"
}```
Any thoughts on correcting this behavior or preventing Pulumi from trying to replace the flow log every time?

p.s. I had to put `deleteBeforeReplace:true` so `pulumi up` would not fail every time.