Terraform ignoring lifecycle ignore_changes for "objects changed outside of terraform.

[geoff-reason]

Terraform 0.15.4
Terraform-provider-aws 3.42.0

I have a simple aws_efs_file_system :

resource "aws_efs_file_system" "storage" {
  creation_token = lower("${var.service_name}-${var.stage}-efs")
  tags = merge(
    var.common_tags,
    {
      "Name" = format("%s", "${var.service_name}-${var.stage}-efs")
    },
  )
}

This was terraformed nicely, however, a terraform apply reports that the filesystem has changed outside of terraform.

  # module.xxx.aws_efs_file_system.storage has been changed
  ~ resource "aws_efs_file_system" "storage" {
        id                              = "fs-xxxxxx"
      ~ size_in_bytes                   = [
          ~ {
              ~ value             = 35123200 -> 35352576
              ~ value_in_standard = 35123200 -> 35352576
                # (1 unchanged element hidden)
            },
        ]
     ...
    }

Ok I thought, an elastic file system is elastic and will expand over time - I'll just add an ignore block:

resource "aws_efs_file_system" "storage" {
  creation_token = lower("${var.service_name}-${var.stage}-efs")
  tags = merge(
    var.common_tags,
    {
      "Name" = format("%s", "${var.service_name}-${var.stage}-efs")
    },
  )
  
  lifecycle {
    ignore_changes = [ size_in_bytes ]
  }
}

Surely now, terraform will be happy with the change underneath. Not so, the next apply reveals the same:

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the last "terraform apply":

  # module.xxx.aws_efs_file_system.storage has been changed
  ~ resource "aws_efs_file_system" "storage" {
        id                              = "fs-xxxxxx"
      ~ size_in_bytes                   = [
          ~ {
              ~ value             = 35123200 -> 35352576
              ~ value_in_standard = 35123200 -> 35352576
                # (1 unchanged element hidden)
            },
        ]
     ...
    }

Doing a terraform apply -refresh-only also doesn't fix this.

I would really expect terraform to ignore fields which I have specified in lifecycle { ignore_changes } block - even in this reconciling of the state file with the refresh. Ultimately some things do change in aws under the covers and there's nothing you can do about it, so there needs to be a way in terraform of truly ignoring those changes.

Another example is aws_iam_policy blocks which AWS can rearrange based on its internal ordering, but aws now seems to complain about order changes.

Seems in this latest version of terraform 0.15 I am fighting with some resources changing outside of terraform a bit.

[geoff-reason]

Duplicate of #28803

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.