Description
- [x ] ✋ I have searched the open/closed issues and my issue is not listed.
Versions
- Module version [Required]:
10.2.0
- Terraform version:
Terraform v1.14.3
on linux_amd64
Terraform v1.14.3
on linux_amd64
+ provider registry.terraform.io/grafana/grafana v4.31.2
+ provider registry.terraform.io/hashicorp/aws v6.41.0
+ provider registry.terraform.io/hashicorp/external v2.3.5
+ provider registry.terraform.io/hashicorp/local v2.8.0
+ provider registry.terraform.io/hashicorp/null v3.2.4
+ provider registry.terraform.io/hashicorp/random v3.8.1
+ provider registry.terraform.io/hashicorp/time v0.13.1
+ provider registry.terraform.io/hashicorp/tls v4.2.1
Reproduction Code [Required]
module "aurora" {
source = "terraform-aws-modules/rds-aurora/aws"
version = "10.2.0"
name = "main"
engine = "aurora-postgresql"
engine_version = "17.4"
deletion_protection = true
storage_type = "aurora-iopt1"
manage_master_user_password = false
master_username = "postgres"
# before upgrade master_password was used
master_password_wo = "3cfa91c3-f2f1-45f2-ac31-e1cfab318af4" # irrelevant, changed in secret
master_password_wo_version = 1
vpc_id = var.vpc_id
create_db_subnet_group = false
db_subnet_group_name = var.database_subnet_group_name
# vpc_security_group_ids = [var.]
security_group_name = "main-db"
security_group_ingress_rules = merge(
{
for cidr in var.private_subnets_cidr_blocks :
"private_subnets_${replace(cidr, "/", "_")}" => {
cidr_ipv4 = cidr
}
},
{
vpn_security_group_ingress = {
referenced_security_group_id = var.vpn_security_group_id
}
},
{
for cidr in local.default_vpc_dms_cidrs :
"default_vpc_dms_${replace(cidr, "/", "_")}" => {
cidr_ipv4 = cidr
}
}
)
cluster_instance_class = "db.t4g.medium"
instances = {
1 = {
instance_class = "db.t4g.medium",
monitoring_interval = 15
}
}
apply_immediately = true
skip_final_snapshot = true
cluster_parameter_group = {
name = "main-aurora-postgresql17"
family = "aurora-postgresql17"
description = "Main db parameter group"
parameters = [
{
name = "shared_preload_libraries"
value = "pg_stat_statements,pg_cron"
apply_method = "pending-reboot"
}
]
}
enabled_cloudwatch_logs_exports = ["postgresql"]
create_cloudwatch_log_group = true
cloudwatch_log_group_tags = {
Sensitivity = "high"
}
cluster_performance_insights_enabled = true
cluster_performance_insights_retention_period = 7
cluster_monitoring_interval = 15
tags = {
"Service Name" = "PostgreSQL Main"
}
}
Steps to reproduce the behavior:
Upgrading from 9.16.1 to 10.2.0, using terraform workspaces.
After experiencing this problem on our QA environment upgrade I have deleted .terraform and re-initialised.
Planning stage worked, applying these changes caused the error described in Actual behaviour.
This screenshot is relevant for the changes causing the error (I think/hope)
Expected behavior
Works by replacing the security group and creating new resources.
Actual behavior
│ Error: Provider produced inconsistent final plan
│
│ When expanding the plan for
│ module.rds.module.aurora.aws_rds_cluster.this[0] to include new values
│ learned so far during apply, provider "registry.terraform.io/hashicorp/aws"
│ produced an invalid new value for .vpc_security_group_ids: planned set
│ element cty.StringVal("sg-02023378255734fcc") does not correlate with any
│ element in actual.
│
│ This is a bug in the provider, which should be reported in the provider's
│ own issue tracker.
A subsequent run completed with two deposed objects being deleted.
# module.rds.module.aurora.aws_iam_role.rds_enhanced_monitoring[0] (deposed object e5128492) will be destroyed
# (left over from a partially-failed replacement of this instance)
# module.rds.module.aurora.aws_security_group.this[0] (deposed object f536029b) will be destroyed
# (left over from a partially-failed replacement of this instance)
Terminal Output Screenshot(s)
Additional context
Description
Versions
10.2.0Reproduction Code [Required]
Steps to reproduce the behavior:
Upgrading from 9.16.1 to 10.2.0, using terraform workspaces.
After experiencing this problem on our QA environment upgrade I have deleted .terraform and re-initialised.
Planning stage worked, applying these changes caused the error described in Actual behaviour.
This screenshot is relevant for the changes causing the error (I think/hope)
Expected behavior
Works by replacing the security group and creating new resources.
Actual behavior
A subsequent run completed with two deposed objects being deleted.
Terminal Output Screenshot(s)
Additional context