search

ansible-collections / amazon.aws

Ansible Collection for Amazon AWS
GNU General Public License v3.0
309 stars 340 forks source link

rds_instance enable_performance_insights does not work #1889

Open joaoamaro-vakt opened 12 months ago

joaoamaro-vakt commented 12 months ago

Summary

When restoring a database from a snapshot with the enable_performance_insights set to true, the database does not have it enabled.

Issue Type

Bug Report

Component Name

rds_instance

Ansible Version

ansible 2.9.27
  config file = None
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.9/site-packages/ansible
  executable location = /usr/bin/ansible
  python version = 3.9.18 (main, Aug 26 2023, 11:50:23) [GCC 10.3.1 20211027]

Collection Versions

amazon.aws 7.0.0

AWS SDK versions

Name: boto
Version: 2.49.0
Summary: Amazon Web Services Library
Home-page: https://github.com/boto/boto/
Author: Mitch Garnaat
Author-email: mitch@garnaat.com
License: MIT
Location: /usr/lib/python3.9/site-packages
Requires:
Required-by:
---
Name: boto3
Version: 1.26.0
Summary: The AWS SDK for Python
Home-page: https://github.com/boto/boto3
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /usr/lib/python3.9/site-packages
Requires: botocore, jmespath, s3transfer
Required-by: aws-sam-translator, moto
---
Name: botocore
Version: 1.29.0
Summary: Low-level, data-driven core of boto 3.
Home-page: https://github.com/boto/botocore
Author: Amazon Web Services
Author-email:
License: Apache License 2.0
Location: /usr/lib/python3.9/site-packages
Requires: jmespath, python-dateutil, urllib3
Required-by: aws-xray-sdk, boto3, moto, s3transfer

Configuration

N/A

OS / Environment

Restoring a postgresql RDS snapshot Postgresql version 14.8

Steps to Reproduce

Restore a RDS Snapshot

- name: "Creating {{ database_name }}"
  amazon.aws.rds_instance:
    id: "{{ database_instance }}"
    creation_source: instance
    source_db_instance_identifier: "{{ database_rename }}"
    region: "{{ workload_region }}"
    engine: "{{ database_engine }}"
    engine_version: "{{ database_engine_version }}"
    db_instance_class: "{{ database_instance_class }}"
    db_subnet_group_name: "{{ database_subnet_group_name }}"
    vpc_security_group_ids: "{{ database_security_group_ids }}"
    db_parameter_group_name: "{{ (database_deploy_green | bool) | ternary(database_parameter_group_name_green, database_parameter_group_name) }}"
    aws_access_key: "{{ aws_access_key }}"
    aws_secret_key: "{{ aws_secret_key }}"
    session_token: "{{ security_token }}"
    restore_time: "{{ backup_timestamp_readable }}"
    multi_az: "{{ rds_multi_az | bool }}"
    enable_cloudwatch_logs_exports: "{{ (feature_toggle_rds_cloudwatch_logs | bool) | ternary(rds_cloudwatch_logs_exports_list.split(','), '') | select('string') | list }}"
    deletion_protection: "{{ feature_toggle_rds_delete_protection | bool }}"
    enable_performance_insights: true
    performance_insights_retention_period: "{{ (rds_performance_insights | bool) | ternary(7, 0) }}"
    performance_insights_kms_key_id: "{{ (rds_performance_insights | bool) | ternary(kms_arn, '') }}"
    debug_botocore_endpoint_logs: true
    wait: yes

Expected Results

Performance Insights Enabled

Actual Results

{'changed': True, 'db_instance_identifier': 'db-instance', (...) 'performance_insights_enabled': False, (...), 'failed': False}

Code of Conduct

joaoamaro-vakt commented 12 months ago

Adding that a fix was raised before here #63335 but it seems it was not merged

gravesm commented 11 months ago

@joaoamaro-vakt Thank you for filing an issue. You are using an unsupported version of Ansible. Could you please verify that the bug still happens with Ansible 2.14 or higher? Would you be willing to file a PR to fix this?

calebmckay commented 1 month ago

Also ran into this issue when restoring from a snapshot on ansible-core 2.15.12.

In researching, this appears to be a limitation of boto3 and the RDS API, as none of the restore_db* functions accept arguments related to enhanced monitoring or performance insights. So two separate boto3 calls would be needed: one to restore the instance, and one to modify_db_instance to enable performance insights.

A workaround is to use two consecutive amazon.aws.rds_instance tasks:

- name: "Creating {{ database_name }}"
  amazon.aws.rds_instance:
    id: "{{ database_instance }}"
    <...other parameters...>
    wait: yes
  register: new_rds_instance

- name: "Enabling performance insights on {{ database_name }}"
  amazon.aws.rds_instance:
    id: "{{ new_rds_instance.db_instance_identifier }}"
    enable_performance_insights: true
    performance_insights_retention_period: "{{ (rds_performance_insights | bool) | ternary(7, 0) }}"
    performance_insights_kms_key_id: "{{ (rds_performance_insights | bool) | ternary(kms_arn, '') }}"
    apply_immediately: true