search

terraform-aws-modules / terraform-aws-rds-aurora

Terraform module to create AWS RDS Aurora resources 🇺🇦
https://registry.terraform.io/modules/terraform-aws-modules/rds-aurora/aws
Apache License 2.0
382 stars 551 forks source link

Terraform requires final_snapshot_identifier when skip_final_snapshot is true #409

Closed mmoreno43 closed 9 months ago

mmoreno43 commented 9 months ago

Description

Hello,

We are running the Aurora RDS module to create a database for us. When we tried to destroy the Terraform code we ran into an issue where skip_final_snapshot is set to false by default. We modified our code so that skip_final_snapshot is true. When running Terraform again we are still getting the same error.

We ran the following commands:

⚠️ Note

Before you submit an issue, please perform the following first:

  1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
  2. Re-initialize the project root to pull down modules: terraform init
  3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

Reproduction Code [Required]

module "cluster" {
  source  = "terraform-aws-modules/rds-aurora/aws"

  name           = "stcs-postgres-cluster"
  availability_zones = ["us-west-2a"]
  engine         = "aurora-postgresql"
  engine_version = "14.6"
  instance_class = "db.r6g.large"
  instances = {
    one = {
        identifier = "postgres-writer-instance-1"
    }
    two = {
        identifier = "postgres-reader-instance-1"
    }
  }

  vpc_id               = data.terraform_remote_state.all.outputs.module_paas_vpc_id
  subnets              = [
    data.terraform_remote_state.all.outputs.module_paas_subnet_01_id,
    data.terraform_remote_state.all.outputs.module_paas_subnet_02_id
   ]

  db_subnet_group_name = "stcs-postgres-subnet-group"
  create_db_subnet_group = true

  security_group_rules = {
    ingress0 = {
      cidr_blocks = ["10.0.0.0/8"]
    }
    ingress1 = {
      cidr_blocks = ["172.20.0.0/16"]
    }
    ingress2 = {
      cidr_blocks = ["192.168.0.0/16"]
    }
  }

  storage_encrypted   = true
  apply_immediately   = true # Apply changes immediately or defer until maint window
  monitoring_interval = 10

  master_username = "admin"
  #master_username = data.vault_generic_secret.rds_creds.data["RDS_POSTGRES_MASTER_USER_NAME"]
  master_password = "admin1234tempwillchange"
  #master_password = data.vault_generic_secret.rds_creds.data["RDS_POSTGRES_MASTER_PASSWORD"]
  manage_master_user_password = false

  enabled_cloudwatch_logs_exports = ["postgresql"]

  skip_final_snapshot = true

  tags = {
  }
}

Steps to reproduce the behavior:

Are you using workspaces?

Have you cleared the local cache (see Notice section above)?

List steps in order that led up to the issue you encountered

Expected behavior

The expected behavior is that Terraform will destroy the cluster if skip_final_snapshot = true.

Actual behavior

The actual behavior is that Terraform will does not destroy the cluster if skip_final_snapshot = true.

Terminal Output Screenshot(s)

terraform3

bryantbiggs commented 9 months ago

check your error message, its saying that you are not skipping the final snapshot which is why it wants an ID

mmoreno43 commented 9 months ago

Hello, I thought I was skipping the final snapshot by providing skip_final_snapshot = true in my code?

davidvasandani commented 8 months ago

@bryantbiggs we are running into the same issue. We don't want a final snapshot.

github-actions[bot] commented 7 months ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.