aws_launch_template failed when block_device_mappings.ebs.kms_key_id` is set to an empty string

[quentin9696]

Terraform and AWS Provider Version

Terraform v1.13.3
on linux_amd64
+ provider registry.terraform.io/hashicorp/aws v6.16.0

Affected Resource(s) or Data Source(s)

• aws_launch_template

Expected Behavior

Apply sucessfully even if kms_key_id is set to an empty string, as most of other arguments of this resource

Actual Behavior

Give the following error:

Error: "block_device_mappings.0.ebs.0.kms_key_id" cannot be shorter than 1 character

Relevant Error/Panic Output

No response

Sample Terraform Configuration

Click to expand configuration

provider "aws" {
  region = "us-east-1"
}

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "6.16.0"
    }
  }
}

data "aws_ssm_parameter" "this" {
  name = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-ebs"
}


resource "aws_launch_template" "this" {
  name = "failling_asg"

  image_id      = data.aws_ssm_parameter.this.value
  instance_type = "t3.small"

  block_device_mappings {
    device_name = "/dev/xvda"

    ebs {
      delete_on_termination = true
      kms_key_id            = ""
    }
  }
}

Steps to Reproduce

1. apply
2. get the error

Debug Logging

n/a

GenAI / LLM Assisted Development

n/a

Important Facts and References

This code perfectly run with 6.15.0, I guess this is related to the this PR #44505

The current workaround is to change kms_key_id to null instead of empty string. This isn't consistent with most of resources

Would you like to implement a fix?

No

[github-actions]

Community Guidelines

This comment is added to every new Issue to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

• Please vote on this Issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
• Please see our prioritization guide for additional information on how the maintainers handle prioritization.
• Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Issue and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.
• For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.

[cschindlbeck]

Can confirm, same bug with 6.16.0

[cschindlbeck]

This is my PR #44708 we could just allow an empty string as of now to preserve backwards compatibility

[github-actions]

Warning

This Issue has been closed, meaning that any additional comments are much easier for the maintainers to miss. Please assume that the maintainers will not see them.

Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed.