Swisk commented 3 months ago

Terraform Core Version

1.8.5

AWS Provider Version

5.44.0

Affected Resource(s)

aws_redshift_cluster

Expected Behavior

We expect the cluster to gracefully transition to use an AWS managed secret for the admin credentials.

Actual Behavior

Redshift cluster was unable to be modified.

Note that destroying and recreating the cluster worked, so it seems that the modification of an existing cluster is not properly implemented.

Relevant Error/Panic Output Snippet

╷
│ Error: modifying Redshift Cluster (datahub-redshift-uat): InvalidParameterValue: The parameter MasterUserPassword must be provided and must not be blank.
│       status code: 400, request id: 07d902e8-4812-4cb3-bf4f-89173ede7f95
│
│   with module.redshift.aws_redshift_cluster.redshift_cluster,
│   on ../modules/redshift/main.tf line 6, in resource "aws_redshift_cluster" "redshift_cluster":
│    6: resource "aws_redshift_cluster" "redshift_cluster" {
│

Terraform Configuration Files

resource "aws_redshift_cluster" "initial" {
  cluster_identifier = "tf-redshift-cluster"
  database_name      = "mydb"
  master_username    = "exampleuser"
  master_password     = "examplepassword"
  node_type          = "dc1.large"
  cluster_type       = "single-node"

  manage_master_password = true
}

resource "aws_redshift_cluster" "subsequent" {
  cluster_identifier = "tf-redshift-cluster"
  database_name      = "mydb"
  master_username    = "exampleuser"
  node_type          = "dc1.large"
  cluster_type       = "single-node"

  manage_master_password = true
}

Steps to Reproduce

Create a redshift cluster using the master_password argument. Subsequently modify the resource to use the manage_master_password argument instead.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

None

github-actions[bot] commented 3 months ago

Community Note

Voting for Prioritization

Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
Please see our prioritization guide for information on how we prioritize.
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

If you are interested in working on this issue, please leave a comment.
If this would be your first contribution, please review the contribution guide.

ressom commented 2 months ago

I just experienced this today.

A workaround is to click-ops the change from not-managed to managed in the AWS Console and then re-run plan / apply.

hashicorp / terraform-provider-aws

[Bug]: Migrating exisitng AWS Redshift Cluster to managed master password is not supported #38429

Terraform Core Version

AWS Provider Version

Affected Resource(s)

Expected Behavior

Actual Behavior

Relevant Error/Panic Output Snippet

Terraform Configuration Files

Steps to Reproduce

Debug Output

Panic Output

Important Factoids

References

Would you like to implement a fix?

Community Note