search

hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.73k stars 9.09k forks source link

[Bug]: cannot use aws_backup_selection to assign a documentdb cluster. #29199

Open kar0v opened 1 year ago

kar0v commented 1 year ago

Terraform Core Version

1.3.7

AWS Provider Version

4.32.0

Affected Resource(s)

Cannot assign a documentdb cluster to an AWS backup plan as a resource. Although this is possible via the console, this is not possible via Terraform.

Data source: 

data "aws_docdb_orderable_db_instance" "web-apps-cluster-docdb" {
  engine         = "docdb"
  license_model  = "na"
  preferred_instance_classes = ["db.t3.medium"]
}
$ terraform plan

  + create

Terraform will perform the following actions:

  # aws_backup_selection.web-apps-cluster-docdb will be created
  + resource "aws_backup_selection" "web-apps-cluster-docdb" {
      + iam_role_arn  = "arn:aws:iam::**********************:role/service-role/AWSBackupDefaultServiceRole"
      + id            = (known after apply)
      + name          = "production_documentdb_backups"
      + not_resources = (known after apply)
      + plan_id       = "066497f1-5d08-4f96-8eae-4da4bb82a1b1"
      + resources     = [
          + "db.t3.medium",
        ]

      + condition {
          + string_equals {
              + key   = (known after apply)
              + value = (known after apply)
            }

          + string_like {
              + key   = (known after apply)
              + value = (known after apply)
            }

          + string_not_equals {
              + key   = (known after apply)
              + value = (known after apply)
            }

          + string_not_like {
              + key   = (known after apply)
              + value = (known after apply)
            }
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Expected Behavior

Should have created the plan per the terraform apply command

Actual Behavior

Did not assign the resource to the backup plan as expected. Failed to find the data source.

Relevant Error/Panic Output Snippet

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

aws_backup_selection.web-apps-cluster-docdb: Creating...
╷
│ Error: error creating Backup Selection: InvalidParameterValueException: Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified.
│ {
│   RespMetadata: {
│     StatusCode: 400,
│     RequestID: "748684b6-69ba-44f8-a881-092e6b4536eb"
│   },
│   Message_: "Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified."
│ }
│ 
│   with aws_backup_selection.web-apps-cluster-docdb,
│   on main.tf line 136, in resource "aws_backup_selection" "web-apps-cluster-docdb":
│  136: resource "aws_backup_selection" "web-apps-cluster-docdb" {
│ 
╵

Terraform Configuration Files

2023-02-01T13:19:33.399+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: -----------------------------------------------------
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: [DEBUG] [aws-sdk-go] DEBUG: Response Backup/CreateBackupSelection Details:
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: ---[ RESPONSE ]--------------------------------------
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: HTTP/2.0 400 Bad Request
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: Content-Length: 153
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: Content-Type: application/json
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: Date: Wed, 01 Feb 2023 11:19:33 GMT
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: X-Amzn-Errortype: InvalidParameterValueException:http://internal.amazon.com/coral/com.amazonaws.services.cryo/
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: X-Amzn-Requestid: 9e8efa36-f6e2-42d9-a916-27d41765d0ea
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: 
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: 
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: -----------------------------------------------------
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: [DEBUG] [aws-sdk-go] {"Code":null,"Context":null,"Message":"Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified.","Type":null}
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: [DEBUG] [aws-sdk-go] DEBUG: Validate Response Backup/CreateBackupSelection failed, attempt 0/25, error InvalidParameterValueException: Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified.
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: {
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5:   RespMetadata: {
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5:     StatusCode: 400,
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5:     RequestID: "9e8efa36-f6e2-42d9-a916-27d41765d0ea"
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5:   },
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5:   Message_: "Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified."
2023-02-01T13:19:33.617+0200 [DEBUG] provider.terraform-provider-aws_v4.32.0_x5: }
2023-02-01T13:19:33.618+0200 [ERROR] provider.terraform-provider-aws_v4.32.0_x5: Response contains error diagnostic: diagnostic_detail= diagnostic_severity=ERROR diagnostic_summary="error creating Backup Selection: InvalidParameterValueException: Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified.
{
  RespMetadata: {
    StatusCode: 400,
    RequestID: "9e8efa36-f6e2-42d9-a916-27d41765d0ea"
  },
  Message_: "Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified."
}" tf_proto_version=5.3 tf_req_id=5d2c4afc-4414-f191-e50d-9058a912ecca @module=sdk.proto tf_resource_type=aws_backup_selection tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/terraform-plugin-go@v0.14.0/tfprotov5/internal/diag/diagnostics.go:55 tf_provider_addr=registry.terraform.io/hashicorp/aws timestamp=2023-02-01T13:19:33.617+0200
2023-02-01T13:19:33.618+0200 [ERROR] vertex "aws_backup_selection.web-apps-cluster-docdb" error: error creating Backup Selection: InvalidParameterValueException: Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified.
{
  RespMetadata: {
    StatusCode: 400,
    RequestID: "9e8efa36-f6e2-42d9-a916-27d41765d0ea"
  },
  Message_: "Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified."
}
╷
│ Error: error creating Backup Selection: InvalidParameterValueException: Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified.
│ {
│   RespMetadata: {
│     StatusCode: 400,
│     RequestID: "9e8efa36-f6e2-42d9-a916-27d41765d0ea"
│   },
│   Message_: "Invalid resource selection: 'db.t3.medium'. AWS partition and service vendor code must be specified."
│ }
│ 
│   with aws_backup_selection.web-apps-cluster-docdb,
│   on main.tf line 136, in resource "aws_backup_selection" "web-apps-cluster-docdb":
│  136: resource "aws_backup_selection" "web-apps-cluster-docdb" {
│ 
╵
2023-02-01T13:19:33.624+0200 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-02-01T13:19:33.635+0200 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/hashicorp/aws/4.32.0/linux_amd64/terraform-provider-aws_v4.32.0_x5 pid=37398
2023-02-01T13:19:33.635+0200 [DEBUG] provider: plugin exited

Steps to Reproduce

try to assign a documentdb resource to a backup plan via the data source

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

None

github-actions[bot] commented 1 year ago

Community Note

Voting for Prioritization

Volunteering to Work on This Issue

justinretzolk commented 1 year ago

Hey @kar0v 👋 Thank you for taking the time to raise this! Perhaps I'm missing something (admittedly, this isn't an area of AWS that I've spent a lot of time with), but based on the API documentation, it appears that the resources argument expects a list of ARNs, rather than a list of DB instance types. When you said you're able to do this in the AWS console, are you passing db.t3.medium there as well?

kar0v commented 1 year ago

Hello @justinretzolk, thank you for looking into this. I did not need to provide any db.t3.medium selection in the console. I just selected the cluster name and it worked. I tried providing the cluster ARN/ID like data.aws_docdb_orderable_db_instance.web-apps-cluster-docdb.id, but then terraform complained that this is not part the datasource. I've already used this aws_backup_selection with an RDS resource, which I could provide the ARN for via 

resource "aws_backup_selection" "production_aurora_cluster" {
  iam_role_arn = data.aws_iam_role.production_aws_backup_default_service_role.arn
  name         = "production_aurora_backups"
  plan_id      = aws_backup_plan.aurora-backup-plan.id

  resources = [
    #data.terraform_remote_state.core.outputs.production_rds_aurora_cluster_arn
    data.aws_rds_cluster.production_cluster_name.arn
  ]
}

And I do not know how to provide the DocumentDB ARN.