[Bug]: Unable to set the propagate_tags setting for an existing ECS Service Blue Green deployment (Deployment Controller = Code Deploy)

[ItsMeMarty]

Terraform Core Version

1.5.5

AWS Provider Version

5.41.0

Affected Resource(s)

aws_ecs_service

Expected Behavior

When setting the propagate_tags config for an existing BlueGreen deployed ECS service the provider should be able to apply the change as the AWS CLI docs for the UpdateService request state:

For services using the blue/green (CODE_DEPLOY ) deployment controller, only the desired count, deployment configuration, health check grace period, task placement constraints and strategies, enable ECS managed tags option, and propagate tags can be updated using this API.

Actual Behavior

The Provider errors out due to the Blue Green deployment setup with Code Deploy for the ECS service. Stating that the change should be done through Code Deploy instead of Terraform even though the change is allowed by AWS for Blue Green deployed ECS services.

Relevant Error/Panic Output Snippet

Error: updating ECS Service (arn:aws:ecs:REGION:ACCOUNT_ID:service/XXXXXXX/YYYYYYYY): InvalidParameterException: Cannot force a new deployment on services with a CODE_DEPLOY deployment controller. Use AWS CodeDeploy to trigger a new deployment.

Terraform Configuration Files

Relevant ECS resource configs set:

resource "aws_ecs_service" "resource" {
  ...
  launch_type                        = "FARGATE"
  scheduling_strategy                = "REPLICA"
  enable_ecs_managed_tags            = true
  propagate_tags                     = "SERVICE"  # newly added configuration which is not allowed to be applied

  enable_execute_command = true
  force_new_deployment   = true

  deployment_controller {
    type = "CODE_DEPLOY"
  }
  ...
}

Steps to Reproduce

Important note: This should done on an already existing BlueGreen deployed ECS Service. If these settings were set for a brand new BlueGreen ECS Service then it doesn't error out - It only errors out when updating this setting on Services that are already up.

1. Have an already existing BlueGreen ECS service up
2. Add the propagate_tags configuration to the TF resource for the ECS service
3. Run terraform apply

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

• AWS CLI docs on the Update Service call describing how it should be allowed to make the propagate tags update to Blue Green (Code Deploy) ECS services: https://docs.aws.amazon.com/cli/latest/reference/ecs/update-service.html

To add to this issue, updating the appspec file does not work since the PropagateTags property is not support as something to be set within the file. This could have been one of the ways to work around this issue.

Would you like to implement a fix?

None

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.