Cannot change elasticsearch user settings or keystore settings after first deployment

blueo commented 2 months ago

Readiness Checklist

[x] I am running the latest version
[x] I checked the documentation and found no answer
[x] I checked to make sure that this issue has not already been filed
[x] I am reporting the issue to the correct repository (for multi-repository projects)

Expected Behavior

When updating user settings, I would expect to be able to update a deployment's user settings after it is created

Current Behavior

Changing any user settings after a deployment has been created results in an error.

The same error will occur if I manually change a setting via the EC UI and then try and run terraform apply again. Seems that terraform only seems to be able to set user settings and not change them.

Also - and I'm not sure if it is related - if I change any keystore settings (e.g. adding a new one) I get the same error:

Terraform definition

Main.tf


terraform {
  required_providers {
    ec = {
      source  = "elastic/ec"
      version = "0.10.0"
    }
  }
}

variable "ec_api_key" {
  sensitive = true
  type = string
}

provider "ec" {
  apikey = var.ec_api_key
}

data "ec_stack" "latest_8" {
  version_regex = "8"
  region        = "ap-southeast-2"
}

locals {
  deployment_name = "tester"

  user_settings =  file("user_settings_default.yml")

  keystore_contents =  {
    "s3.client.default.access_key" = {
      value = "var.s3_client_key"
    }
    "s3.client.default.secret_key" = {
      value = "var.s3_client_secret"
    }
  }

  elasticsearch_hot = {
    "small" = {
      autoscaling   = {}
      size          = "1g"
      size_resource = "memory"
      zone_count    = 1
    }
  }
}

resource "ec_deployment" "default" {
  name                   = local.deployment_name
  region                 = "ap-southeast-2"
  version                = data.ec_stack.latest_8.version
  deployment_template_id = "aws-cpu-optimized-arm"

  elasticsearch = {
    keystore_contents = local.keystore_contents

    hot               = local.elasticsearch_hot["small"]

    config            = {
      user_settings_yaml = local.user_settings
    }
  }
}

user_settings_default.yml

action.auto_create_index: true

Steps to Reproduce

Create a deployment with user settings using config.user_settings_yaml option. In this case I've used the content action.auto_create_index: true
Change the settings (eg change the content to action.auto_create_index: false) and run terraform apply
Observe that settings cannot be applied with error: clusters.cluster_settings_change_prohibited: The requested cluster metadata changes are not permitted..

Context

This is blocking using this provider for managing deployments as no changes to common settings can be made via IaC

Possible Solution

Your Environment

Version used: 0.10.0
Running against Elastic Cloud SaaS or Elastic Cloud Enterprise and version: Elastic Cloud SaaS
Environment name and version (e.g. Go 1.9):
Server type and version:
Operating System and version: osx
Link to your project:

blueo commented 2 months ago

related to https://github.com/elastic/terraform-provider-ec/issues/841 - possibly the same problem but I'm seeing it with user settings/keystore settings

blueo commented 1 month ago

closing as it looks like the same root cause as https://github.com/elastic/terraform-provider-ec/issues/841

elastic / terraform-provider-ec