Aurora upgrade can not be triggered

[Wyifei]

Description

I want to upgrade Aurora PostgraSQL version from 12.9 to 14.6. I updated the terraform script and apply the change, but the terraform hang in "still modifying" status for more than one hour. Check the Aurora status from AWS console and found that the Aurora upgrade doesn't no start at all.

• [x] ✋ I have searched the open/closed issues and my issue is not listed.

⚠️ Note

Before you submit an issue, please perform the following first:

1. Remove the local .terraform directory (! ONLY if state is stored remotely, which hopefully you are following that best practice!): rm -rf .terraform/
2. Re-initialize the project root to pull down modules: terraform init
3. Re-attempt your terraform plan or apply and check if the issue still persists

Versions

• Module version [Required]: 7.71

• Terraform version: 1.4.6

• Provider version(s): provider registry.terraform.io/hashicorp/aws v5.55.0

Reproduction Code [Required]

module "aurora_event_db" { source = "terraform-aws-modules/rds-aurora/aws"

create_random_password and allowed_security_groups is not supported in latest version of Terraform module

version = "7.7.1"

name = "${var.projectname}-${var.environment}-${var.region}-event-db" engine = "aurora-postgresql" engine_version = "14.6" allow_major_version_upgrade = true auto_minor_version_upgrade = false preferred_maintenance_window = "mon:04:00-mon:05:00" preferred_backup_window = "00:00-01:00" backup_retention_period = 30 kms_key_id = aws_kms_external_key.event_db_key.arn

deletion_protection = true

instance_class = var.environment == "prod" ? "db.t3.large" : "db.t3.medium" instances = { event_1 = { identifier = "${var.projectname}-${var.environment}-${var.region}-event-db-1" availability_zone = data.aws_subnet.az1.availability_zone } event_2 = { identifier = "${var.projectname}-${var.environment}-${var.region}-event-db-2" availability_zone = data.aws_subnet.az2.availability_zone } event_3 = { identifier = "${var.projectname}-${var.environment}-${var.region}-event-db-3" availability_zone = data.aws_subnet.az3.availability_zone } }

vpc_id = data.aws_vpc.default.id db_subnet_group_name = "${var.projectname}-${var.environment}-${var.region}-event-db" create_db_subnet_group = true subnets = [ data.aws_subnet.az1.id, data.aws_subnet.az2.id, data.aws_subnet.az3.id ]

create_security_group = true allowed_security_groups = [data.aws_security_group.compute.id] iam_database_authentication_enabled = true master_username = local.credentials.role_name master_password = local.credentials.password create_random_password = false

apply_immediately = true

create_db_cluster_parameter_group = true db_cluster_parameter_group_name = "${var.projectname}-${var.environment}-${var.region}-event-db-14" db_cluster_parameter_group_family = "aurora-postgresql14" db_cluster_parameter_group_parameters = [ { name = "log_min_duration_statement" value = 4000 apply_method = "immediate" }, { name = "rds.force_ssl" value = 1 apply_method = "immediate" } ]

create_db_parameter_group = true db_parameter_group_name = "${var.projectname}-${var.environment}-${var.region}-event-db-14" db_parameter_group_family = "aurora-postgresql14" db_cluster_parameter_group_use_name_prefix = false db_parameter_group_parameters = [ { name = "log_min_duration_statement" value = 4000 apply_method = "immediate" } ]

db_cluster_db_instance_parameter_group_name = "${var.projectname}-${var.environment}-${var.region}-event-db-14"

create_monitoring_role = true iam_role_name = "${var.projectname}-${var.environment}-${var.region}-event-db-monitoring" iam_role_force_detach_policies = true enabled_cloudwatch_logs_exports = ["postgresql"] }

Steps to reproduce the behavior:

Expected behavior

The Aurora upgrade could be trigged normally.

Actual behavior

The upgrade didn't start at all and the terraform will fail after around 1 hour as below prompt:

module.aurora_event_db.aws_rds_cluster.this[0]: Still modifying... [id=meid-dev-eu-central-1-event-db, 1h3m31s elapsed] module.aurora_event_db.aws_rds_cluster.this[0]: Still modifying... [id=meid-dev-eu-central-1-event-db, 1h3m41s elapsed] module.aurora_event_db.aws_rds_cluster.this[0]: Still modifying... [id=meid-dev-eu-central-1-event-db, 1h3m51s elapsed] ╷ │ Error: updating RDS Cluster (meid-dev-eu-central-1-event-db): InternalFailure: │ status code: 500, request id: 653b0c3e-4446-4f3f-ab93-6c274d2abbd7 │ │ with module.aurora_event_db.aws_rds_cluster.this[0], │ on .terraform/modules/aurora_event_db/main.tf line 61, in resource "aws_rds_cluster" "this": │ 61: resource "aws_rds_cluster" "this" { │ ╵ Releasing state lock. This may take a few moments...

Terminal Output Screenshot(s)

Additional context

[Wyifei]

BTW, I also tested with version 9.3.1, the upgrade sill can't be trigged.