Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

r/aws_redshift_cluster: Trigger ForceNew aws_redshift_cluster on encrypted change #1120

Merged
merged 1 commit into from
Jul 11, 2017
Merged

r/aws_redshift_cluster: Trigger ForceNew aws_redshift_cluster on encrypted change #1120

merged 1 commit into from
Jul 11, 2017

Conversation

minamijoyo
Copy link
Contributor

Fixes #1119

@stack72 stack72 added the bug Addresses a defect in current functionality. label Jul 11, 2017
@stack72
Copy link
Contributor

stack72 commented Jul 11, 2017

Hi @minamijoyo

I am going to pull this locally and add a test that shows this works as expected. Hope this is ok with you?

Thanks

Paul

@stack72
Copy link
Contributor

stack72 commented Jul 11, 2017

ok, I take that back - this is going to be difficult to add an automated test for :)

@stack72 stack72 merged commit 30496ea into hashicorp:master Jul 11, 2017
@minamijoyo
Copy link
Contributor Author

@stack72 Thank you for reviewing and merging. And I'm very sorry for troubling you. An automated test is not easy because it takes a long time to regenerate the cluster, but as long as I tried it manually it works as I expected.

I will attach manual test logs for confirmation.
Note: some outputs are omitted for security reasons.

provider "aws" {}

resource "aws_redshift_cluster" "default" {
  cluster_identifier  = "tf-redshift-cluster"
  master_username     = "foo"
  master_password     = "Mustbe8characters"
  node_type           = "dc1.large"
  cluster_type        = "single-node"
  skip_final_snapshot = true
  encrypted           = false # Change this false to true
}
$ terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

aws_redshift_cluster.default: Refreshing state... (ID: tf-redshift-cluster)
The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed. Cyan entries are data sources to be read.

Note: You didn't specify an "-out" parameter to save this plan, so when
"apply" is called, Terraform can't guarantee this is what will execute.


-/+ aws_redshift_cluster.default (new resource required)
      allow_version_upgrade:               "true" => "true"
      automated_snapshot_retention_period: "1" => "1"
      availability_zone:                   "ap-northeast-1a" => "<computed>"
      bucket_name:                         "" => "<computed>"
      cluster_identifier:                  "tf-redshift-cluster" => "tf-redshift-cluster"
      cluster_parameter_group_name:        "default.redshift-1.0" => "<computed>"
      cluster_public_key:                  "### omitted here for security reasons ###" => "<computed>"
      cluster_revision_number:             "1369" => "<computed>"
      cluster_security_groups.#:           "0" => "<computed>"
      cluster_subnet_group_name:           "default" => "<computed>"
      cluster_type:                        "single-node" => "single-node"
      cluster_version:                     "1.0" => "1.0"
      database_name:                       "" => "<computed>"
      enable_logging:                      "false" => "false"
      encrypted:                           "false" => "true" (forces new resource)
      endpoint:                            "### omitted here for security reasons ###" => "<computed>"
      enhanced_vpc_routing:                "false" => "<computed>"
      iam_roles.#:                         "0" => "<computed>"
      kms_key_id:                          "" => "<computed>"
      master_password:                     "<sensitive>" => "<sensitive>" (attribute changed)
      master_username:                     "foo" => "foo"
      node_type:                           "dc1.large" => "dc1.large"
      number_of_nodes:                     "1" => "1"
      port:                                "5439" => "5439"
      preferred_maintenance_window:        "tue:14:30-tue:15:00" => "<computed>"
      publicly_accessible:                 "true" => "true"
      s3_key_prefix:                       "" => "<computed>"
      skip_final_snapshot:                 "true" => "true"
      vpc_security_group_ids.#:            "0" => "<computed>"


Plan: 1 to add, 0 to change, 1 to destroy.

$ terraform apply
aws_redshift_cluster.default: Refreshing state... (ID: tf-redshift-cluster)
aws_redshift_cluster.default: Destroying... (ID: tf-redshift-cluster)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 10s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 20s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 30s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 40s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 50s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 1m0s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 1m10s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 1m20s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 1m30s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 1m40s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 1m50s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 2m0s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 2m10s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 2m20s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 2m30s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 2m40s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 2m50s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 3m0s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 3m10s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 3m20s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 3m30s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 3m40s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 3m50s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 4m0s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 4m10s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 4m20s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 4m30s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 4m40s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 4m50s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 5m0s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 5m10s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 5m20s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 5m30s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 5m40s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 5m50s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 6m0s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 6m10s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 6m20s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 6m30s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 6m40s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 6m50s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 7m0s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 7m10s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 7m20s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 7m30s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 7m40s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 7m50s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 8m0s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 8m10s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 8m20s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 8m30s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 8m40s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 8m50s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 9m0s elapsed)
aws_redshift_cluster.default: Still destroying... (ID: tf-redshift-cluster, 9m10s elapsed)
aws_redshift_cluster.default: Destruction complete
aws_redshift_cluster.default: Creating...
  allow_version_upgrade:               "" => "true"
  automated_snapshot_retention_period: "" => "1"
  availability_zone:                   "" => "<computed>"
  bucket_name:                         "" => "<computed>"
  cluster_identifier:                  "" => "tf-redshift-cluster"
  cluster_parameter_group_name:        "" => "<computed>"
  cluster_public_key:                  "" => "<computed>"
  cluster_revision_number:             "" => "<computed>"
  cluster_security_groups.#:           "" => "<computed>"
  cluster_subnet_group_name:           "" => "<computed>"
  cluster_type:                        "" => "single-node"
  cluster_version:                     "" => "1.0"
  database_name:                       "" => "<computed>"
  enable_logging:                      "" => "false"
  encrypted:                           "" => "true"
  endpoint:                            "" => "<computed>"
  enhanced_vpc_routing:                "" => "<computed>"
  iam_roles.#:                         "" => "<computed>"
  kms_key_id:                          "" => "<computed>"
  master_password:                     "<sensitive>" => "<sensitive>"
  master_username:                     "" => "foo"
  node_type:                           "" => "dc1.large"
  number_of_nodes:                     "" => "1"
  port:                                "" => "5439"
  preferred_maintenance_window:        "" => "<computed>"
  publicly_accessible:                 "" => "true"
  s3_key_prefix:                       "" => "<computed>"
  skip_final_snapshot:                 "" => "true"
  vpc_security_group_ids.#:            "" => "<computed>"
aws_redshift_cluster.default: Still creating... (10s elapsed)
aws_redshift_cluster.default: Still creating... (20s elapsed)
aws_redshift_cluster.default: Still creating... (30s elapsed)
aws_redshift_cluster.default: Still creating... (40s elapsed)
aws_redshift_cluster.default: Still creating... (50s elapsed)
aws_redshift_cluster.default: Still creating... (1m0s elapsed)
aws_redshift_cluster.default: Still creating... (1m10s elapsed)
aws_redshift_cluster.default: Still creating... (1m20s elapsed)
aws_redshift_cluster.default: Still creating... (1m30s elapsed)
aws_redshift_cluster.default: Still creating... (1m40s elapsed)
aws_redshift_cluster.default: Still creating... (1m50s elapsed)
aws_redshift_cluster.default: Still creating... (2m0s elapsed)
aws_redshift_cluster.default: Still creating... (2m10s elapsed)
aws_redshift_cluster.default: Still creating... (2m21s elapsed)
aws_redshift_cluster.default: Still creating... (2m31s elapsed)
aws_redshift_cluster.default: Still creating... (2m41s elapsed)
aws_redshift_cluster.default: Still creating... (2m51s elapsed)
aws_redshift_cluster.default: Still creating... (3m1s elapsed)
aws_redshift_cluster.default: Still creating... (3m11s elapsed)
aws_redshift_cluster.default: Still creating... (3m21s elapsed)
aws_redshift_cluster.default: Still creating... (3m31s elapsed)
aws_redshift_cluster.default: Creation complete (ID: tf-redshift-cluster)

Apply complete! Resources: 1 added, 0 changed, 1 destroyed.

The state of your infrastructure has been saved to the path
below. This state is required to modify and destroy your
infrastructure, so keep it safe. To inspect the complete state
use the `terraform show` command.

State path:

$ aws redshift describe-clusters --cluster-identifier tf-redshift-cluster | jq -r ".Clusters[0].Encrypted"
true

Thanks.

@ghost
Copy link

ghost commented Apr 11, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 11, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Changing encrypted in aws_redshift_cluster does not trigger ForceNew
2 participants
@minamijoyo @stack72