aws_db_option_group missing settings from the AWS CLI

[dbadrak]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

Certain features for creating DB Options groups for oracle are missing from the AWS provider. Setting a VPC id, or allowing vpc and non-vpc resources.

New or Affected Resource(s)

• aws_db_option_group

Potential Terraform Configuration

resource "aws_db_option_group" "baseline" {
  engine_name = "oracle-ee"
  major_engine_version = "12.1"
  name = "baseline-oracle-ee-12-1"
  option_group_description = "baseline oracle ee option group"

  vpc_id = vpc-12345678
  allows_vpc_and_non_vpc_instance_memberships = true

}

References

• https://docs.aws.amazon.com/cli/latest/reference/rds/create-option-group.html

• 0000

[ljluestc]

resource "aws_db_option_group" "baseline" {
  name                     = "baseline-oracle-ee-12-1"
  major_engine_version     = "12.1"
  option_group_description = "baseline oracle ee option group"
  engine_name              = "oracle-ee"
}

# Use a local-exec provisioner to run AWS CLI commands after the resource is created
resource "null_resource" "update_option_group" {
  triggers = {
    option_group_id = aws_db_option_group.baseline.id
  }

  provisioner "local-exec" {
    command = <<-EOT
      aws rds modify-option-group \
        --option-group-name ${aws_db_option_group.baseline.name} \
        --options "OptionName=VPCSecurityGroupMemberships,Port=1521,OptionSettings=[{Name=VPCSecurityGroupMemberships,Value=vpc-12345678},{Name=AllowVpcAndNonVpcInstanceMemberships,Value=true}]"
    EOT
  }
}

first create the aws_db_option_group resource with the basic settings.

use a null_resource with a local-exec provisioner to run an AWS CLI command (aws rds modify-option-group) after the aws_db_option_group resource is created.

The AWS CLI command modifies the option group and sets the VPC ID (vpc-12345678) and allows VPC and non-VPC instance memberships (AllowVpcAndNonVpcInstanceMemberships=true).