Adding `secondary_ip_range` to existing redis instance results in `Invalid value: auto`

hspens commented 10 months ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

Terraform v1.6.6
on darwin_arm64
+ provider registry.terraform.io/hashicorp/archive v2.4.1
+ provider registry.terraform.io/hashicorp/google v5.10.0
+ provider registry.terraform.io/hashicorp/google-beta v5.10.0
+ provider registry.terraform.io/hashicorp/helm v2.12.1
+ provider registry.terraform.io/hashicorp/kubernetes v2.25.1
+ provider registry.terraform.io/hashicorp/random v3.6.0
+ provider registry.terraform.io/hashicorp/time v0.10.0

Affected Resource(s)

google_redis_instance

Terraform Configuration Files

resource "google_redis_instance" "instance" {
  name          = "instance-a"
  project       = var.cluster_project
  redis_version = "REDIS_6_X"
  region        = "europe-north1"

  tier               = "STANDARD_HA"
  read_replicas_mode = "READ_REPLICAS_ENABLED"
  replica_count      = 1
  memory_size_gb     = 5

  authorized_network      = data.google_compute_network.host_network.id
  transit_encryption_mode = "SERVER_AUTHENTICATION"
  connect_mode            = "PRIVATE_SERVICE_ACCESS"
  auth_enabled            = true

  timeouts {
    create = var.redis_create_timeout
    update = var.redis_update_timeout
    delete = var.redis_delete_timeout
  }

  maintenance_policy {
    weekly_maintenance_window {
      day = var.maintenance_day
      start_time {
        hours   = var.maintenance_hour
        minutes = 0
        seconds = 0
        nanos   = 0
      }
    }
  }

  labels = {
    service = "service-a"
    team    = "team-a"
  }

  depends_on = [
    google_kms_crypto_key_iam_member.crypto_key_iam
  ]

  customer_managed_key = google_kms_crypto_key.crypto_key.id
}

Debug Output

Error: Error updating Instance "projects/{project-id}/locations/europe-north1/instances/{instance-id}": googleapi: Error 400: > Secondary IP Range can not be updated on instances that use read replicas com.google.apps.framework.request.StatusException: generic::INVALID_ARGUMENT: > Secondary IP Range can not be updated on instances that use read replicas Details:
[
  {
    "@type": "type.googleapis.com/google.rpc.BadRequest",
    "fieldViolations": [
      {
        "description": "Invalid value: auto",
       "field": "instance.secondary_ip_range"
     }
    ]
  }
]

Expected Behavior

It should have worked since the secondary_ip_range was set to auto prior to terraform apply.

Actual Behavior

Failes.

Steps to Reproduce

Create the above redis instance without specifying any value for seconday_ip_range
terraform apply
Add secondary_ip_range = "auto"
terraform apply will now report 1 addition, secondary_ip_range = auto but the terraform state already indicate it's set to auto.
Apply fails with above error message

Important Factoids

The initial creation didn't specify a secondary_ip_range, so I assume auto was used implicitly under the hood. Setting it explicitly to auto after the instance has been created results in an error.

It works if secondary_ip_range is set explicitly to null.

b/319824812

edwardmedia commented 10 months ago

I can repro. It appears secondary_ip_range needs to be set ForceNew()

AmandaHassoun commented 5 months ago

hey @edwardmedia , any updates on this? We're also running into the same error..

hashicorp / terraform-provider-google