Closed aakrem closed 3 years ago
Same for me with slightly different versions and config. Main config difference is using apply_method = "immediate"
.
My versions are: terraform: 0.12.26 terraform aws provider: 2.67 (terragrunt: 0.23.14)
With Terraform v0.12.24
, we are experiencing the same issue even though nothing has changed in our aws_docdb_cluster_parameter_group
:
# module.documentdb.aws_docdb_cluster_parameter_group.docdb will be updated in-place
~ resource "aws_docdb_cluster_parameter_group" "docdb" {
arn = "arn:aws:rds:us-east-1:647340561633:cluster-pg:alulastagingswarm-docdb-param-group"
description = "Managed by Terraform"
family = "docdb3.6"
id = "alulastagingswarm-docdb-param-group"
name = "alulastagingswarm-docdb-param-group"
tags = {}
+ parameter {
+ apply_method = "pending-reboot"
+ name = "tls"
+ value = "enabled"
}
}
The thing here appears to be a parameter on the resourceAwsDocDBClusterParameterGroupRead function inside the resource. On the line with the input definition for the DescribeDBClusterParameters API call have Source set to "user"
describeParametersOpts := &docdb.DescribeDBClusterParametersInput{
DBClusterParameterGroupName: aws.String(d.Id()),
Source: aws.String("user"),
}
As far I could check using awscli, getting rid of it return all values (change
Without source set to user.
aws docdb describe-db-cluster-parameters --db-cluster-parameter-group-name <NAME> | jq '.Parameters[] | "name=\(.ParameterName) type=\(.Source)"'
"name=audit_logs type=user"
"name=change_stream_log_retention_duration type=system"
"name=profiler type=user"
"name=profiler_sampling_rate type=system"
"name=profiler_threshold_ms type=user"
"name=tls type=system"
"name=ttl_monitor type=system"
With source set to user:
aws docdb describe-db-cluster-parameters --db-cluster-parameter-group-name <NAME> --source user | jq '.Parameters[] | "name=\(.ParameterName) type=\(.Source)"'
"name=audit_logs type=user"
"name=profiler type=user"
"name=profiler_threshold_ms type=user"
I'm observing the same problem.
Terraform v0.12.27 provider.aws v3.5.0
We have exactly the same issue. This issue makes usage of terraform for DocumentDb stuff slightly useless. @YakDriver do you have any plans to fix it or at least, could you please provide us with any suitable workaround?
Thanks in advance
Now it can read only tls parameter. All other parameters are type system
"name=audit_logs type=system"
"name=change_stream_log_retention_duration type=system"
"name=profiler type=system"
"name=profiler_sampling_rate type=system"
"name=profiler_threshold_ms type=system"
"name=tls type=user"
"name=ttl_monitor type=system"
Any update on this issue? Our terraform apply keeps showing changes because of this, so we had to ignore this and apply anyway. This has already lead to issues in production.
Same problem.
I've just hit this too, on terraform 0.14 and provider 3.32.0. It breaks the expected idempotency of plan+apply cycles.
This has been released in version 3.36.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.
For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!
Terraform keeps displaying that actions will be performed on aws_docdb_cluster_parameter_group
module definition:
~ terraform plan
I found in other github similar issues that it might be the "Enabled" value and should try true, 1 .. I tried 1, "1", true, "true" and all of them showed same behaviour.
terraform version: 0.12.21 terraform aws provier version: 2.62.0