Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

RDS Not Passing db_subnet_group_name with restore_to_point_in_time #16821

Closed
cyrusv opened this issue Dec 17, 2020 · 5 comments · Fixed by #16830
Closed

RDS Not Passing db_subnet_group_name with restore_to_point_in_time #16821

cyrusv opened this issue Dec 17, 2020 · 5 comments · Fixed by #16830
Labels
bug Addresses a defect in current functionality. service/rds Issues and PRs that pertain to the rds service.
Milestone
v3.22.0

Comments

@cyrusv
Copy link
Contributor

cyrusv commented Dec 17, 2020
edited
Loading

I'm on - Using previously-installed hashicorp/aws v3.20.0
Terraform v0.14.1
I'm using Postgres engine in RDS.
I'm trying practice disaster recovery scenario using restore_to_point_in_time

The actions are:

  1. Put aws_db_instance in a module along with some aws_security_group, aws_db_subnet_group, and CNAME records.
  2. Create DB instance and networking instances by calling the module
  3. Try to create additional instance with new instance ID to stand in parallel next to the previous one

Step 3 works if I specify db_name and I don't have any restore_to_point_in_time block, so it works with manual snapshot recovery. When I do the exact same exercise with restore_to_point_in_time block, I get an error that indicates Terraform is trying to use the default subnet_group:

Error: error creating DB Instance: InvalidParameterCombination: The DB instance and EC2 security group are in different VPCs. The DB instance is in vpc-090dcc71c69483dc8 and the EC2 security group is in vpc-8731f3fe
	status code: 400, request id: dff07802-7e7d-43f0-a68b-85b5e1d22a7a

When I double check my tf plan, though, it claims to be putting everything into the correct db_subnet_group_name and the correct vpc_security_group_ids (which makes sense, bc I didn't change any of this code switching from manual snapshot restoration to restore-to-point-in-time).

Terraform CLI and Terraform AWS Provider Version

I'm on - Using previously-installed hashicorp/aws v3.20.0
Terraform v0.14.2

Affected Resource(s)

  • aws_db_instance
  • for Postgres

Terraform Configuration Files

Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.

resource "aws_db_instance" "postgres" {
  name                            = null//var.db_name
  identifier                      = "${local.base_instance_id}-${data.aws_region.current.name}"
  instance_class                  = var.db_instance_class
  allocated_storage               = var.db_allocated_storage
  storage_type                    = var.db_storage_type
  engine                          = "postgres"
  engine_version                  = var.db_engine_version
  username                        = var.db_username
  password                        = var.db_password
  multi_az                        = var.db_multi_az
  auto_minor_version_upgrade      = var.db_auto_minor_version_upgrade
  db_subnet_group_name            = "${local.base_instance_id}-subnet"
  vpc_security_group_ids          = [aws_security_group.security-group.id]
  backup_retention_period         = var.db_backup_retention_period
  enabled_cloudwatch_logs_exports = var.db_cloudwatch_log_exports
  parameter_group_name            = aws_db_parameter_group.param-group.name
  maintenance_window              = var.db_maintenance_window
  snapshot_identifier             = var.snapshot_identifier

  restore_to_point_in_time   {
    restore_time = "2020-12-17T14:35:26Z"
    source_db_instance_identifier = "test-instance"
    source_dbi_resource_id = null
    use_latest_restorable_time = null
  }

  skip_final_snapshot = false
  final_snapshot_identifier       = "${var.db_name}-${data.aws_region.current.name}-final"
  storage_encrypted               = var.storage_encrypted

  lifecycle {
    ignore_changes = [
      snapshot_identifier]
  }
}

It looks like the VpcSecurityGroupIds is getting filled with some default I never specified:

2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5: 2020/12/17 10:56:22 [DEBUG] DB Instance restore to point in time configuration: {
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   AutoMinorVersionUpgrade: true,
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   CopyTagsToSnapshot: false,
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   DBInstanceClass: "db.t3.xlarge",
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   DBParameterGroupName: "terraform-20201217182845638500000002",
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   DeletionProtection: false,
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   EnableCloudwatchLogsExports: ["postgresql","upgrade"],
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   Engine: "postgres",
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   MultiAZ: true,
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   PubliclyAccessible: false,
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   RestoreTime: 2020-12-17 14:35:26 +0000 UTC,
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   SourceDBInstanceIdentifier: "test-encrypted-us-west-2",
2020-12-17T10:56:22.929-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   StorageType: "gp2",
2020-12-17T10:56:22.930-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   TargetDBInstanceIdentifier: "restored-us-west-2",
2020-12-17T10:56:22.930-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5:   VpcSecurityGroupIds: ["sg-02813f90c43d9c990"]   <--------------suspicious
2020-12-17T10:56:22.930-0800 [DEBUG] plugin.terraform-provider-aws_v3.21.0_x5: }
@ghost ghost added the service/rds Issues and PRs that pertain to the rds service. label Dec 17, 2020
@github-actions github-actions bot added the needs-triage Waiting for first response or review from a maintainer. label Dec 17, 2020
@cyrusv cyrusv changed the title RDS Not Respecting db_subnet_group_name when Also Using restore_to_point_in_time RDS Not Passing db_subnet_group_name with restore_to_point_in_time Dec 17, 2020
@ewbankkit
Copy link
Contributor

ewbankkit commented Dec 17, 2020
edited
Loading

Looks like a typo in the code

terraform-provider-aws/aws/resource_aws_db_instance.go

Lines 1152 to 1154 in e5e68dd

if v, ok := d.GetOk("subnet_group_name"); ok {
input.DBSubnetGroupName = aws.String(v.(string))
}

The attribute is named db_subnet_group_name.

Related:

@ewbankkit ewbankkit added bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Dec 17, 2020
@cyrusv
Copy link
Contributor Author

cyrusv commented Dec 17, 2020
edited
Loading

Thanks for looking! I put a PR: #16830

cyrusv added a commit to cyrusv/terraform-provider-aws that referenced this issue Dec 17, 2020
@cyrusv
hashicorp#16821 Fix spelling of db_subnet_group_name in restore_to_po…
c5a922f 
…int_in_time
@cyrusv cyrusv mentioned this issue Dec 17, 2020
Merged
anGie44 added a commit that referenced this issue Dec 18, 2020
@anGie44
Merge pull request #16830 from cyrusv/cyrus-restore-rds-db-subnet-group
c84391e 
r/aws_db_instance Bugfix: Pass db_subnet_group_name in restore_to_point_in_time (Issue #16821)
@anGie44 anGie44 added this to the v3.22.0 milestone Dec 18, 2020
@anGie44
Copy link
Contributor

anGie44 commented Dec 18, 2020

Thanks again @cyrusv 👍 The fix has been merged and will release with the forthcoming v3.22.0 of the Terraform AWS Provider.

@ghost
Copy link

ghost commented Dec 18, 2020

This has been released in version 3.22.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@ghost
Copy link

ghost commented Jan 17, 2021

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked as resolved and limited conversation to collaborators Jan 17, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/rds Issues and PRs that pertain to the rds service.
Projects
None yet
Milestone
v3.22.0
3 participants
@cyrusv @ewbankkit @anGie44