Terraform error while updating a cross-region replica broker "Global broker attribute [Optional[engineVersion]] cannot be modified in Replica broker directly." while engine_version is required field in the aws_mq_broker resource

[nkhalilian]

I use the below resource to provision a primary broker along with a replica broker in another region. The update to the primary broker goes through fine but the replica broker update fails with "Global broker attribute [Optional[engineVersion]] cannot be modified in Replica broker directly.". Given the engine_version is a required field in aws_mq_broker resource, I can't get rid of it for when I update the replica.

Terraform Core Version

">= 1.3.0"

AWS Provider Version

"~> 5.42"

Affected Resource(s)

Resource: aws_mq_broker

Expected Behavior

Update the replica broker even though the engine version is specified.

Actual Behavior

Plan erros with: Error: updating MQ Broker (b-aff7b593-111d-437e-93cb-be17c0e75dd5) configuration: operation error mq: UpdateBroker, https response error StatusCode: 400, RequestID: b4477a83-f7a1-4bdd-b950-db7e5a92e666, BadRequestException: Global broker attribute [Optional[engineVersion]] cannot be modified in Replica broker directly.

Relevant Error/Panic Output Snippet

Error: updating MQ Broker (b-aff7b593-111d-437e-93cb-be17c0e75dd5) configuration: operation error mq: UpdateBroker, https response error StatusCode: 400, RequestID: b4477a83-f7a1-4bdd-b950-db7e5a92e666, BadRequestException: Global broker attribute [Optional[engineVersion]] cannot be modified in Replica broker directly.

Terraform Configuration Files

resource "aws_mq_broker" "mq_broker" {
  broker_name                = local.service_name
  engine_type                = "ActiveMQ"
  engine_version             = var.mq_engine_version
  host_instance_type         = var.mq_instance_type
  security_groups            = [aws_security_group.mq_sg.id]
  subnet_ids                 = [local.subnet_ids[0],local.subnet_ids[1]]
  authentication_strategy    = "simple"
  deployment_mode            = "ACTIVE_STANDBY_MULTI_AZ"
  auto_minor_version_upgrade = true
  publicly_accessible        = false
  apply_immediately          = true
  tags                       = var.default_tags

  data_replication_mode               =  var.mq_primary_broker ? null : "CRDR" 
  data_replication_primary_broker_arn =  var.mq_primary_broker ? null : var.data_replication_primary_broker_arn

  logs {
    audit   = true
    general = true
  }
  user {
    username       = "admin"
    password       = random_password.mq_password.result
    console_access = true
    groups         = ["admins"]
  }
  user {
    username         = "RepUser"
    password         = var.mq_primary_broker ? random_password.mq_repuser_password[0].result : var.replication_user_pass
    replication_user = true
  }
  configuration {
    id       = aws_mq_configuration.mq_config.id
    revision = aws_mq_configuration.mq_config.latest_revision
  }
lifecycle {
    ignore_changes = [
      user,
      subnet_ids,
    ]
    prevent_destroy = true
    }
    depends_on = [ aws_mq_configuration.mq_config ]
}

Steps to Reproduce

Run the plan to create a replica broker.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

No

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.