Skip to content

[Bug]: RDS engine_lifecycle_support changes are incorrectly allowed #40870

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
[Bug]: RDS engine_lifecycle_support changes are incorrectly allowed#40870
Labels
bugAddresses a defect in current functionality.service/rdsIssues and PRs that pertain to the rds service.
@gygitlab

Description

@gygitlab
gygitlab
opened on Jan 10, 2025

Terraform Core Version

1.10.4

AWS Provider Version

5.82.2

Affected Resource(s)

  • aws_db_instance

Expected Behavior

The engine_lifecycle_support setting, added in v5.59.0 allows for users to configure the Support lifecycle for the instance - Extended or Standard.

However, as detailed in the documentation. This can only be set for new or restored database instances - Once set it's permanent.

Therefore the Terraform AWS Provider should block any attempt to change this setting on an existing RDS instance.

Actual Behavior

The Terraform AWS Provider currently does allow for this setting to be changed.

Curiously it does so without error. It spins for some time seemingly making the change and then completes as successful. However the setting on the instance remains the same. This in turn causes a clash, every time from then now Terraform will attempt to change the setting again.

Relevant Error/Panic Output Snippet

No error but the Provider attempts to do it each time in recursive style as the server quietly ignores the change.

Terraform Configuration Files

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.59"
    }
  }
}

provider "aws" {
  region = "us-east-1"
}

resource "aws_db_instance" "example" {
  identifier = "example-db"
 
  # Engine settings
  engine                   = "postgres"
  engine_version           = "16"
  engine_lifecycle_support = "open-source-rds-extended-support"
  
  # Required basic settings
  instance_class      = "db.t3.micro"
  allocated_storage   = 20
  storage_type        = "gp2"
  
  # Required for creation
  username            = "admin"
  password            = "temporary-password-123"
  
  # Skip final snapshot for test/example purposes
  skip_final_snapshot = true
}

Steps to Reproduce

  • Create an RDS instance with engine_lifecycle_support configured to open-source-rds-extended-support
  • After creation change engine_lifecycle_support to open-source-rds-extended-support-disabled
  • Note that Terraform accepts and attempts the change. After some working it reports success
  • Now try again after the last run. Notice that Terraform attempts to do the same change again, as it was quietly rejected by the server

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

No

Metadata

Assignees

No one assigned

    Labels

    bugAddresses a defect in current functionality.service/rdsIssues and PRs that pertain to the rds service.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions