Hello, we are using the aws-native provider which we try to keep up to date. Sometime, when doing a refresh, it adds attributes to some resources. These attributes are non required attributes which we do not set in our code and the refresh set them to their default value. However, when we do a up after these refreshes, Pulumi wants to recreate the affected resources because the new attribute are flagged as replaceOnChange. I’m not sure to understand what led up to this situation, but the only workaround I’ve found is to manually edit the state to remove these attributes. Is it a known limitation of the native provider? Is there something I can do to help fix these cases when they happen (for example opening a PR to add something somewhere in the provider) ?

Do you have an example of one of these resources this happens to?

Sure, with RDS DbInstance, the

backupTarget

attribute is set to its default value of

region

during refresh, which triggers a re-creation on next up.

Does it also flag the EKS cluster for recreation when only the

deletionProtection

attribute changes?

No, you’re right, this is another issue with the `deletionProtection`: it makes the

kubeconfig

attribute of the Pulumi Kubernetes provider depending on this EKS cluster unknown, and pulumi up wants to destroy all the Kubernetes resources.

Ok, I know what the issue is, I created https://github.com/pulumi/pulumi-aws-native/issues/2390

Thanks for the issues, these describe very clearly and precisely the problems we’re facing 😉 Regarding the issue with the Kubernetes provider, I’m always wondering if the resources will actually be deleted or if I can “safely” let Pulumi run (though I’m blind). I’m wondering, because there is another issue that I cannot simply target the EKS Cluster, else I get an error

error: provider <the Kubernetes provider URN> for resource <a Kubernetes resource URN> has not been registered yet, this is due to a change of providers mixed with --target. Change your program back to the original providers

.