search

hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.76k stars 9.11k forks source link

[Bug]: r/aws_redshiftserverless_namespace: removing kms_key_id from config has no effect and can lead to problems #39269

Open marcinbelczewski opened 2 weeks ago

marcinbelczewski commented 2 weeks ago

Terraform Core Version

1.9.5

AWS Provider Version

5.66.0

Affected Resource(s)

Expected Behavior

The KmsKeyId in the Namespace, once set to a non-default value, cannot be unset. So when kms_key_id attribute is removed from resource config, the expected behavior should be to either prevent the change or replace the resource.

Actual Behavior

Apply results in "No changes. Your infrastructure matches the configuration.". KmsKeyId is removed from the configuration while still being associated with the namespace. Subsequent terraform plan also does not highlight a potential drift. This means that the truth about the resource is unavailable in the resource config. Committing the config to VCS, might result in further problems and confusion.

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

resource "aws_kms_key" "test" {}

resource "aws_redshiftserverless_namespace" "test" {
  namespace_name = "test"
  kms_key_id = aws_kms_key.test.arn 
}

Steps to Reproduce

  1. Apply the config above
  2. Remove kms_key_id from the config and apply again.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

Yes

github-actions[bot] commented 2 weeks ago

Community Note

Voting for Prioritization

Volunteering to Work on This Issue