Open yogesh2580 opened 1 year ago
Voting for Prioritization
Volunteering to Work on This Issue
Hey @yogesh2580 š Thanks for taking the time to raise this! Can you supply debug logging (redacted as needed)?
Hi @justinretzolk , Thanks for updating me about the debug logs, below are the part of debug logs 2023-09-15T12:37:35.501+0530 [DEBUG] ProviderTransformer: "module.postgres.aws_secretsmanager_secret_version.secret" (terraform.NodeValidatableResource) needs provider["registry.terraform.io/hashicorp/aws"] 2023-09-15T12:37:36.909+0530 [DEBUG] ProviderTransformer: "module.postgres.aws_secretsmanager_secret_rotation.secret (expand)" (terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2023-09-15T12:43:20.437+0530 [DEBUG] provider.terraform-provider-aws_v5.11.0_x5: HTTP Response Received: aws.sdk=aws-sdk-go http.response.body="{"__type":"Inva*****tion","Message":"You cannot specify both rotation frequency and schedule expression together."} " http.response.header.content_type=application/x-amz-json-1.1 http.response_content_length=127 tf_mux_provider=*schema.GRPCProviderServer @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.33/logger.go:144 aws.service="Secrets Manager" http.duration=774 http.response.header.x_amzn_requestid=2461d76c-27da-401a-bc2c-07d6a8255e34 @module=aws aws.operation=RotateSecret aws.region=us-east-1 http.response.header.date="Fri, 15 Sep 2023 07:13:20 GMT" tf_provider_addr=registry.terraform.io/hashicorp/aws tf_resource_type=aws_secretsmanager_secret_rotation http.status_code=400 tf_req_id=71fa9681-4936-9880-a92c-d154a73089f5 tf_rpc=ApplyResourceChange timestamp=2023-09-15T12:43:20.437+0530 2023-09-15T12:43:20.437+0530 [ERROR] provider.terraform-provider-aws_v5.11.0_x5: Response contains error diagnostic: diagnostic_detail= diagnostic_severity=ERROR tf_proto_version=5.3 @caller=github.com/hashicorp/terraform-plugin-go@v0.18.0/tfprotov5/internal/diag/diagnostics.go:58 @module=sdk.proto tf_resource_type=aws_secretsmanager_secret_rotation diagnostic_summary="updating Secrets Manager Secret Rotation (arn:aws:secretsmanager:us-east-1:598693051713:secret:iac/datafabric/development/datafabric/pdfrb-8332-cy-v2_ad-Twauro): InvalidParameterException: You cannot specify both rotation frequency and schedule expression together." tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=71fa9681-4936-9880-a92c-d154a73089f5 tf_rpc=ApplyResourceChange timestamp=2023-09-15T12:43:20.437+0530
2023-09-15T12:43:20.448+0530 [ERROR] vertex "module.postgres.aws_secretsmanager_secret_rotation.secret[0]" error: updating Secrets Manager Secret Rotation (arn:aws:secretsmanager:us-east-1:598693051713:secret:iac/datafabric/development/datafabric/pdfrb-8332-cy-v2-6uTjoe): InvalidParameterException: You cannot specify both rotation frequency and schedule expression together. 2023-09-15T12:43:20.453+0530 [DEBUG] provider.terraform-provider-aws_v5.11.0_x5: HTTP Response Received: @caller=github.com/hashicorp/aws-sdk-go-base/v2/awsv1shim/v2@v2.0.0-beta.33/logger.go:144 aws.operation=RotateSecret tf_provider_addr=registry.terraform.io/hashicorp/aws http.duration=790 tf_req_id=56dd66a1-f752-245a-2ad4-5d00ca5080ae http.response_content_length=127 tf_rpc=ApplyResourceChange @module=aws aws.region=us-east-1 aws.service="Secrets Manager" http.response.body="{"__type":"Inva*****tion","Message":"You cannot specify both rotation frequency and schedule expression together."}
Just curious, was it originally created with < 5.7 AWS provider? Because when I created it with 5.3 AWS provider and updated the provider to 5.7, I also got the same error InvalidParameterException: You cannot specify both rotation frequency and schedule expression together.
But if I created it fresh with 5.7 AWS provider, then no issue.
I see this error in AWS provider 5.16.2 as well.
InvalidParameterException: You cannot specify both rotation frequency and schedule expression together.
Seeing the same 5.26.0, I'm guessing the original PR didn't fix the original issue fully.
Terraform Core Version
1.5.4
AWS Provider Version
5.11.0
Affected Resource(s)
aws_secretsmanager_secret_rotation.
Expected Behavior
secret rotation should have changed from frequency to cron based/ rate based error
Actual Behavior
Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
Steps to Reproduce
terraform init terraform apply
Debug Output
Panic Output
No response
Important Factoids
No response
References
There was a ticket for the same issue previously, it says the fix has been provided in the 5.7.0 version of the aws provider. the issue is still exist on 5.11.0 version of the aws provider. https://github.com/hashicorp/terraform-provider-aws/issues/30540
Would you like to implement a fix?
None