we are using this provider to initialize an AWS RDS database after creation. Recently we needed to rename a database. This action invalidates the connection details of the aws_db_instance resource and the postgresql fails during plan because it tries to connect to the database using those invalid credentials. The credentials will change and be valid again after the apply but we don't get that far.
Changing certain attributes like aws_db_instance.db_name invalidates the RDS instance resource and the exported attributes become invalid, i.e. the attributes do not refer to a valid database connection. The postgresql provider uses the invalid database credentials during plan to check capabilities and fails.
Possible Solution
The postgresql provider supports a flag (e.g. skip_capabilities_check = true) that instructs the provider to not connect to the database during plan phase. After the RDS instance has been changed, the provider can use valid connection details.
So basically whenever there is a change (or potentially other problem with the database) that makes the connection details invalid, there should be a way to ignore this during the plan and get to the actual apply to fix this.
Steps to Reproduce
Create a setup like mentioned in the Terraform code above
Invalidate the database connection details (for example, delete the database outside of TF)
Run the plan
It should fail because the provider attempts to connect to this database during plan. Usually an apply would fix the problem because it recreates the database.
Hi there,
we are using this provider to initialize an AWS RDS database after creation. Recently we needed to rename a database. This action invalidates the connection details of the
aws_db_instance
resource and thepostgresql
fails during plan because it tries to connect to the database using those invalid credentials. The credentials will change and be valid again after the apply but we don't get that far.Terraform Version
Terraform v1.2.6 on linux_amd64
Terraform Configuration Files
Actual Behavior
Changing certain attributes like
aws_db_instance.db_name
invalidates the RDS instance resource and the exported attributes become invalid, i.e. the attributes do not refer to a valid database connection. Thepostgresql
provider uses the invalid database credentials during plan to check capabilities and fails.Possible Solution
The
postgresql
provider supports a flag (e.g.skip_capabilities_check = true
) that instructs the provider to not connect to the database during plan phase. After the RDS instance has been changed, the provider can use valid connection details.So basically whenever there is a change (or potentially other problem with the database) that makes the connection details invalid, there should be a way to ignore this during the plan and get to the actual apply to fix this.
Steps to Reproduce
References