search

RedisLabs / terraform-provider-rediscloud

Terraform Redis Cloud Provider: Deploy, update, and manage Redis Cloud databases as code through HashiCorp Terraform
https://registry.terraform.io/providers/RedisLabs/rediscloud/latest
Apache License 2.0
29 stars 22 forks source link

Cannot create an Essentials database with TLS enabled #539

Open joey-squid opened 1 week ago

joey-squid commented 1 week ago

Terraform Version

Terraform v1.8.2 on darwin_arm64 [...]

Affected Resource(s)

Please list the resources as a list, for example:

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

resource "rediscloud_essentials_subscription" "subscription" {
  name              = "${var.environment}-with-tls"
  plan_id           = data.rediscloud_essentials_plan.plan.id
  payment_method_id = data.rediscloud_payment_method.card.id
}

resource "rediscloud_essentials_database" "redis" {
  subscription_id  = rediscloud_essentials_subscription.subscription.id
  name             = var.environment
  data_persistence = "none"
  enable_tls       = false
  replication = false
  enable_payg_features = true

  # Omitting alerts{} because of #530 
}

Debug Output

Please provider a link to a GitHub Gist containing the complete debug output: https://www.terraform.io/docs/internals/debugging.html. Please do NOT paste the debug output in the issue; just paste a link to the Gist.

Expected Behavior

A Redis database is created with TLS enabled; or, an existing database is updated to enable TLS.

Actual Behavior

Error: 400 BAD_REQUEST - BAD_REQUEST: Bad request detected. Please see additional info for more details

Steps to Reproduce

terraform apply -target module.common.rediscloud_essentials_database.redis I doubt it's relevant that my database and subscription are inside a module.

Important Factoids

I can enable and disable TLS in the console, and I can even do it using the API:

curl -X 'PUT' \
  'https://api.redislabs.com/v1/fixed/subscriptions/2363872/databases/12395251' \
  -H 'accept: application/json' \
  -H 'x-api-key: foo' \
  -H 'x-api-secret-key: bar' \
  -H 'Content-Type: application/json' \
  -d '{
    "enableTls": true
}'

I am also unable to create a database without TLS if I specify enable_payg_features. I don't know what that means but I do know it's required for enable_tls to function. Maybe it shouldn't be?

joey-squid commented 1 week ago

I can confirm that https://github.com/joey-squid/terraform-provider-rediscloud/commit/cc50ef4f0dddec8d92bf0134edd8f03291c0151e resolves the immediate issue for me (please forgive the indentation, my editor isn't configured for Go). Note that I'm on a paid plan (one of the cheapest, but still paid). I'm not sure what needs to happen on free plans.