[Bug]: Not possible to delete an RDS Cluster instance that is imported by ARN

[luchees]

Terraform Core Version

1.5.1

AWS Provider Version

5.1.0

Affected Resource(s)

aws_rds_cluster_instance

Expected Behavior

aws_rds_cluster_instance is deleted by using DbClusterIdentifier

Actual Behavior

aws_rds_cluster_instance is trying to be deleted by using the ARN.

This causes the RDS DeleteInstance of an imported by ARN instance to fail because there the id is the ARN and not the Identifier.

Relevant Error/Panic Output Snippet

code: log.Printf("[DEBUG] Deleting RDS Cluster Instance: %s", d.Id())
https://github.com/hashicorp/terraform-provider-aws/blob/7c7e3f73eb6366c487b60bda86a4bc184cc9170c/internal/service/rds/cluster_instance.go#L537C2-L537C65

Logs:

aws_rds_cluster_instance.rds_instance1: Destroying... [id=arn:aws:rds:eu-west-1:xxxxx:db:wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1]
╷
│ Error: deleting RDS Cluster Instance (arn:aws:rds:eu-west-1:xxxxx:db:wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1): InvalidParameterValue: The parameter DBInstanceIdentifier is not a valid identifier because it is longer than 63 characters.
│       status code: 400, request id: e4008ce5-ac55-46f5-afa9-f26db654b10c

### Terraform Configuration Files

locals {
  suffix = "1"
}
provider "aws" {
  region = "eu-west-1"
}

terraform {
  required_version = "= 1.5.5"

  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "= 5.12.0"
    }
  }
}

module "vpc" {
  source  = "terraform-aws-modules/vpc/aws"
  version = "4.0.1"

  name = "test"
  cidr = "172.33.0.0/16"
  azs = [
    "eu-west-1a",
    "eu-west-1b"
  ]
  public_subnets = [
    "172.33.10.0/24",
    "172.33.20.0/24"
  ]
  private_subnets = [
    "172.33.110.0/24",
    "172.33.120.0/24"
  ]

  enable_nat_gateway = false
}

resource "aws_db_subnet_group" "rds" {
  description = "Terraform managed DB subnet group."
  subnet_ids = [
    module.vpc.private_subnets[0],
    module.vpc.private_subnets[1]
  ]
}

resource "aws_rds_cluster" "rds" {
  cluster_identifier   = "test-cluster-1"
  engine               = "aurora-postgresql"
  engine_version       = "15.2"
  db_subnet_group_name = aws_db_subnet_group.rds.name
  snapshot_identifier  = ""
  deletion_protection  = false
  apply_immediately    = false
  master_username      = "test"
  master_password      = "verysecure123"
  skip_final_snapshot  = true
}

resource "aws_rds_cluster_instance" "rds_instance1" {
  identifier           = "wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-${local.suffix}"
  cluster_identifier   = aws_rds_cluster.rds.cluster_identifier
  instance_class       = "db.t4g.medium"
  engine               = aws_rds_cluster.rds.engine
  engine_version       = aws_rds_cluster.rds.engine_version
  availability_zone    = "eu-west-1a"
  db_subnet_group_name = aws_rds_cluster.rds.db_subnet_group_name
}

Steps to Reproduce

terraform apply Apply the template and deploy the cluster with the instances terraform state rm aws_rds_cluster_instance.rds_instance1 Remove the instance from the state terraform import aws_rds_cluster_instance.rds_instance1 arn:aws:rds:eu-west-1:xxxxxxxxx:db:wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1 Add the instance from the state by using the ARN

locals {
  suffix = "2"
}

Change the suffix in the locals block

terraform apply Run terraform apply again

Debug Output

aws_rds_cluster_instance.rds_instance1: Destroying... [id=arn:aws:rds:eu-west-1:xxxxx:db:wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1]
╷
│ Error: deleting RDS Cluster Instance (arn:aws:rds:eu-west-1:xxxxx:db:wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1): InvalidParameterValue: The parameter DBInstanceIdentifier is not a valid identifier because it is longer than 63 characters.
│       status code: 400, request id: e4008ce5-ac55-46f5-afa9-f26db654b10c

It is using the ARN to delete instead of the ID wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1

This is because the state is using the id": "arn:aws:rds:eu-west-1:xxxxx:db:wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1", instead of id": "wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1",

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

No

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[acwwat]

In your steps to reproduce, you are importing using the ARN:

terraform import aws_rds_cluster_instance.rds_instance1 arn:aws:rds:eu-west-1:xxxxxxxxx:db:wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1

But according to the v5.1.0 provider documentation, import requires the identifier i.e. the wancloud-eu-west-1devops-acceptance-devops-acceptance-1-az1-1 part only. Without the logs it's hard to tell if the import has failed, but that might explain why it's trying to delete using the ARN and not the DBInstanceIdentifier.