search

rubrikinc / terraform-provider-polaris

Terraform provider for the Polaris platform
MIT License
2 stars 9 forks source link

Changes to an Archival Location's tags causes the polaris_aws_archival_location.archival_location resource to be replaced rather than modified. #174

Open DamaniN opened 1 month ago

DamaniN commented 1 month ago

Expected Behavior

Updating the tags on the polaris_aws_archival_location.archival_location resource will modify the Archival Location in place rather than modifying it.

Current Behavior

Updating the tags on the polaris_aws_archival_location.archival_location resource causes the Archival Location to be deleted in RSC and replaced with a new one. This would delete any backups in that Archival Location. If the Archival Location is attached to an SLA Domain the change would fail outright.

Failure Information (for bugs)

Changing this:

resource "polaris_aws_archival_location" "archival_location" {
  account_id     = module.polaris-aws-cloud-native.rsc_aws_cnp_account_id
  name           = "KMS Based Archival Location - Terraform"
  bucket_prefix  = "myawsomebucket"
  kms_master_key = aws_kms_key.kms_key.arn
}

To this:

resource "polaris_aws_archival_location" "archival_location" {
  account_id     = module.polaris-aws-cloud-native.rsc_aws_cnp_account_id
  name           = "KMS Based Archival Location - Terraform"
  bucket_prefix  = "myawsomebucket"
  kms_master_key = aws_kms_key.kms_key.arn
  bucket_tags = {
    "Environment" = "Terraform"
  } 
}

Causes this during the terraform plan stage:

  # polaris_aws_archival_location.archival_location must be replaced
-/+ resource "polaris_aws_archival_location" "archival_location" {
      ~ bucket_tags       = { # forces replacement
          + "Environment" = "Terraform"
        }
      ~ connection_status = "CONNECTED" -> (known after apply)
      ~ id                = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX" -> (known after apply)
      ~ location_template = "SOURCE_REGION" -> (known after apply)
        name              = "KMS Based Archival Location - Terraform"
        # (4 unchanged attributes hidden)
    }

Plan: 1 to add, 0 to change, 1 to destroy.

Steps to Reproduce

See above.

Context

Please provide any relevant information about your setup. This is important in case the issue is not reproducible except for under certain conditions.

 terraform --version
Terraform v1.5.6
on darwin_arm64
+ provider registry.terraform.io/hashicorp/aws v5.26.0
+ provider registry.terraform.io/rubrikinc/polaris v0.8.0-beta.16

Failure Logs

  # polaris_aws_archival_location.archival_location must be replaced
-/+ resource "polaris_aws_archival_location" "archival_location" {
      ~ bucket_tags       = { # forces replacement
          + "Environment" = "Terraform"
        }
      ~ connection_status = "CONNECTED" -> (known after apply)
      ~ id                = "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX" -> (known after apply)
      ~ location_template = "SOURCE_REGION" -> (known after apply)
        name              = "KMS Based Archival Location - Terraform"
        # (4 unchanged attributes hidden)
    }

Plan: 1 to add, 0 to change, 1 to destroy.
johan3141592 commented 2 weeks ago

@DamaniN thank you for reporting this. The problem is caused by the RSC GraphQL API not supporting updates of the bucket tags of an AWS cloud native archival location. As a workaround the bucket_tags field has been marked as ForceNew.

When the API adds support for updating bucket tags we can fix this issue in the TF provider.