cluster_members property is empty and leads to cluster/instance recreation without making any configuration changes

[mmihaylov]

Description

I am trying to run terraform plan without configuration changes I get notified that RDS resources will be recreated.

• [x] ✋ I have searched the open/closed issues and my issue is not listed.

Versions

• Module version [Required]: 9.3.0
• Terraform version: 1.8.0
• Provider version(s): 5.42.0 (aws provider)

Reproduction Code [Required]

module "aurora" {
  create  = true
  source  = "terraform-aws-modules/rds-aurora/aws"
  version = "9.3.0"

  name                        = "db-cluster-dev"
  engine                      = "aurora-postgresql"
  engine_version              = "15.4"
  database_name               = "my-database-name"
  manage_master_user_password = false
  master_username             = length(data.aws_secretsmanager_secret_version.rds_secret_version) == 1 ? jsondecode(data.aws_secretsmanager_secret_version.rds_secret_version[0].secret_string)["username"] : ""
  master_password             = length(data.aws_secretsmanager_secret_version.rds_secret_version) == 1 ? jsondecode(data.aws_secretsmanager_secret_version.rds_secret_version[0].secret_string)["password"] : ""
  storage_type                = "aurora"

  instances = {
    1 = {
      identifier              = "db-cluster-dev-instance-1"
      instance_class          = "db.t3.medium"
      publicly_accessible     = false
      db_parameter_group_name = "db-parameter-group-dev"
      promotion_tier          = 1
    }
  }

  vpc_id                 = data.terraform_remote_state.network.outputs.vpc.vpc_id
  vpc_security_group_ids = [data.terraform_remote_state.network.outputs.sg.id]
  create_security_group  = false

  create_db_subnet_group = true
  db_subnet_group_name   = "db-subnet-group-dev"
  subnets                = data.terraform_remote_state.network.outputs.vpc.private_subnets

  backup_retention_period      = 7
  copy_tags_to_snapshot        = true
  preferred_backup_window      = "04:30-05:00"
  auto_minor_version_upgrade   = true
  preferred_maintenance_window = "thu:22:59-thu:23:29"
  apply_immediately            = false
  delete_automated_backups     = false
  deletion_protection          = true
  skip_final_snapshot          = false
  final_snapshot_identifier    = "db-cluster-dev-final-snapshot-${uuid()}"
  snapshot_identifier          = try(data.aws_db_cluster_snapshot.final_snapshot.0.id, var.rds_aurora.initial_snapshot)

  create_db_parameter_group          = true
  db_parameter_group_use_name_prefix = false
  db_parameter_group_name            = "db-parameter-group-dev"
  db_parameter_group_family          = "aurora-postgresql15"
  db_parameter_group_description     = "My custom parameter group"
  db_parameter_group_parameters = [
    {
      name         = "shared_preload_libraries"
      value        = "pg_stat_statements,pg_cron"
      apply_method = "pending-reboot"
    }
  ]

  tags = {
    "tag1"   = "value1",
    "tag2"   = "value3",
    "tag3"   = "value3"
  }
}

output "rds_aurora" {
  description = "RDS Aurora properties"
  value = {
    cluster_arn             = module.aurora.cluster_arn
    cluster_id              = module.aurora.cluster_id
    cluster_endpoint        = module.aurora.cluster_endpoint
    cluster_reader_endpoint = module.aurora.cluster_reader_endpoint
    cluster_database_name   = module.aurora.cluster_database_name
    cluster_members         = module.aurora.cluster_members
  }
}

Steps to reproduce the behavior:

1. Destroy the resources using terraform destroy. Validate that they are not existing in AWS console. Additionally downlowd from S3 the state file and validate they are not present there too.
2. Create new resources using the above script.
3. Validate in AWS console that resources are created as expected. (aws_rds_cluster, aws_rds_cluster_instance, aws_db_parameter_group, aws_db_subnet_group)
4. Download new state file and compare with the previous. Newly created resources are present in the new state file.
5. Try new plan without making changes.

Expected behavior

No changes to be planned/applied.

Actual behavior

In the new state aws_rds_cluster's property cluster_members is []. Terraform warns me that in cluster_members has been added new item and wants to recreate aws_rds_cluster and aws_rds_cluster_instance resources.

Terminal Output Screenshot(s)

Terraform detected the following changes made outside of Terraform since the last "terraform apply" which may have affected this plan:

  # module.aurora.aws_rds_cluster.this[0] has changed
  ~ resource "aws_rds_cluster" "this" {
      ~ cluster_members                     = [
          + "db-cluster-dev-instance-1",
        ]
        id                                  = "db-cluster-dev"
        tags                                = {
            "tag1" = "value1"
            "tag2"  = "value2"
            "tag3"  = "value3"
        }
        # (50 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

Additional context

[mmihaylov]

The module itself has a variable called "cluster_members". It is not passed as variable. On the other hand I am passing "instances". Based on this the module creates aws_rds_cluster_instance resources. For each of the property "cluster_identifier" is assigned to the aws_rds_cluster's id. However, looking from the other angle, aws_rds_clustrer's property "cluster_members" remains []. Could this be the reason causing this issue?

[github-actions[bot]]

This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days

[github-actions[bot]]

This issue was automatically closed because of stale in 10 days

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.