Fix aws_db_instance to not recreate each time
Several of the arguments were optional, and if omitted, they are calculated. Mark them as such in the schema to avoid triggering an update. Go back to storing the password in the state file. Without doing so, there's no way for Terraform to know the password has changed. It should be hashed, but then interpolating the password yields a hash instead of the password. Make the `name` parameter optional. It's not required in any engine, and in some (MS SQL Server) it's not allowed at all. Drop the `skip_final_snapshot` argument. If `final_snapshot_identifier` isn't specified, then don't make a final snapshot. As things were, it was possible to create a resource with neither of these arguments specified which would later fail when it was to be deleted since the RDS API requires exactly one of the two. Resolves issue #689.
This commit is contained in:
parent
045e23e55f
commit
254b25a64f
|
@ -21,7 +21,7 @@ func resourceAwsDbInstance() *schema.Resource {
|
|||
Schema: map[string]*schema.Schema{
|
||||
"name": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Required: true,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
|
@ -70,18 +70,21 @@ func resourceAwsDbInstance() *schema.Resource {
|
|||
"availability_zone": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
Computed: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"backup_retention_period": &schema.Schema{
|
||||
Type: schema.TypeInt,
|
||||
Optional: true,
|
||||
Computed: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"backup_window": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
Computed: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
|
@ -94,18 +97,21 @@ func resourceAwsDbInstance() *schema.Resource {
|
|||
"maintenance_window": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
Computed: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"multi_az": &schema.Schema{
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
Computed: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"port": &schema.Schema{
|
||||
Type: schema.TypeInt,
|
||||
Optional: true,
|
||||
Computed: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
|
@ -133,12 +139,6 @@ func resourceAwsDbInstance() *schema.Resource {
|
|||
},
|
||||
},
|
||||
|
||||
"skip_final_snapshot": &schema.Schema{
|
||||
Type: schema.TypeBool,
|
||||
Optional: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
"final_snapshot_identifier": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
|
@ -154,6 +154,7 @@ func resourceAwsDbInstance() *schema.Resource {
|
|||
"parameter_group_name": &schema.Schema{
|
||||
Type: schema.TypeString,
|
||||
Optional: true,
|
||||
Computed: true,
|
||||
ForceNew: true,
|
||||
},
|
||||
|
||||
|
@ -189,10 +190,6 @@ func resourceAwsDbInstanceCreate(d *schema.ResourceData, meta interface{}) error
|
|||
EngineVersion: d.Get("engine_version").(string),
|
||||
}
|
||||
|
||||
// Special treatment for the password, as we don't want that
|
||||
// saved into the state file
|
||||
d.Set("password", "")
|
||||
|
||||
if attr, ok := d.GetOk("backup_retention_period"); ok {
|
||||
opts.BackupRetentionPeriod = attr.(int)
|
||||
opts.SetBackupRetentionPeriod = true
|
||||
|
@ -344,10 +341,11 @@ func resourceAwsDbInstanceDelete(d *schema.ResourceData, meta interface{}) error
|
|||
|
||||
opts := rds.DeleteDBInstance{DBInstanceIdentifier: d.Id()}
|
||||
|
||||
if d.Get("skip_final_snapshot").(bool) {
|
||||
finalSnapshot := d.Get("final_snapshot_identifier").(string)
|
||||
if finalSnapshot == "" {
|
||||
opts.SkipFinalSnapshot = true
|
||||
} else {
|
||||
opts.FinalDBSnapshotIdentifier = d.Get("final_snapshot_identifier").(string)
|
||||
opts.FinalDBSnapshotIdentifier = finalSnapshot
|
||||
}
|
||||
|
||||
log.Printf("[DEBUG] DB Instance destroy configuration: %v", opts)
|
||||
|
|
|
@ -39,8 +39,6 @@ func TestAccAWSDBInstance(t *testing.T) {
|
|||
"aws_db_instance.bar", "password", ""),
|
||||
resource.TestCheckResourceAttr(
|
||||
"aws_db_instance.bar", "username", "foo"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"aws_db_instance.bar", "skip_final_snapshot", "true"),
|
||||
resource.TestCheckResourceAttr(
|
||||
"aws_db_instance.bar", "security_group_names.3322503515", "secfoobarbaz-test-terraform"),
|
||||
resource.TestCheckResourceAttr(
|
||||
|
@ -159,8 +157,6 @@ resource "aws_db_instance" "bar" {
|
|||
password = "barbarbarbar"
|
||||
username = "foo"
|
||||
|
||||
skip_final_snapshot = true
|
||||
|
||||
security_group_names = ["${aws_db_security_group.bar.name}"]
|
||||
parameter_group_name = "default.mysql5.6"
|
||||
}
|
||||
|
|
|
@ -37,10 +37,13 @@ The following arguments are supported:
|
|||
* `engine_version` - (Required) The engine version to use.
|
||||
* `identifier` - (Required) The name of the RDS instance
|
||||
* `instance_class` - (Required) The instance type of the RDS instance.
|
||||
* `final_snapshot_identifier` - (Optional) The name of your final DB snapshot.
|
||||
* `name` - (Required) The DB name to create.
|
||||
* `password` - (Required) Password for the master DB user. Note that this will be stored
|
||||
in the state file.
|
||||
* `final_snapshot_identifier` - (Optional) The name of your final DB snapshot
|
||||
when this DB instance is deleted. If omitted, no final snapshot will be
|
||||
made.
|
||||
* `name` - (Optional) The DB name to create. If omitted, no database is created
|
||||
initially.
|
||||
* `password` - (Required) Password for the master DB user. Note that this may
|
||||
show up in logs, and it will be stored in the state file.
|
||||
* `username` - (Required) Username for the master DB user.
|
||||
* `availability_zone` - (Optional) The AZ for the RDS instance.
|
||||
* `backup_retention_period` - (Optional) The days to retain backups for.
|
||||
|
@ -51,7 +54,6 @@ The following arguments are supported:
|
|||
* `port` - (Optional) The port on which the DB accepts connections.
|
||||
* `publicly_accessible` - (Optional) Bool to control if instance is publicly accessible.
|
||||
* `vpc_security_group_ids` - (Optional) List of VPC security groups to associate.
|
||||
* `skip_final_snapshot` - (Optional) Enables skipping the final snapshot on deletion.
|
||||
* `security_group_names` - (Optional) List of DB Security Groups to associate.
|
||||
* `db_subnet_group_name` - (Optional) Name of DB subnet group
|
||||
* `parameter_group_name` - (Optional) Name of the DB parameter group to associate.
|
||||
|
|
Loading…
Reference in New Issue