search

hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.74k stars 9.1k forks source link

Changing OpenSearch/ElasticSearch advanced_security_options causes cluster recreation #24843

Open arturkasperek opened 2 years ago

arturkasperek commented 2 years ago

Terraform for some reason wanna recreate the domain when I'm changing access for a domain from open into fine-grained access. However, in AWS console it's possible to enable fine-grained access without cluster recreation:

Zrzut ekranu 2022-05-18 o 10 25 56 Zrzut ekranu 2022-05-18 o 10 26 23

Terraform CLI and Terraform AWS Provider Version

Terraform 0.14.9 AWS plugin version 4.14.0

Affected Resource(s)

aws_elasticsearch_domain

Terraform Configuration Files

resource "aws_elasticsearch_domain" "es" {
  ...
  advanced_security_options {
    enabled = true # changed from false
  }
}

Expected Behavior

Terraform should only modify cluster

Actual Behavior

Terraform wanna recreate cluster

nsvijay04b1 commented 2 years ago

Hi,

Please update if this is being handled. Same issue for us.

smodi2-tmo commented 1 year ago

I am also facing the same issue. It should be updated in place. AWS Cloudformation does update in place https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-opensearchservice-domain.html#cfn-opensearchservice-domain-advancedsecurityoptions

almeida-matheus commented 2 months ago

any updates?

breathingdust commented 1 month ago

https://github.com/hashicorp/terraform-provider-aws/blob/0e580829bfdbaf572f66d1ad8dd2d2c2d0b130c3/internal/service/opensearch/domain.go#L91-L97