Giter VIP home page Giter VIP logo

Comments (8)

kostasns avatar kostasns commented on July 17, 2024 1

No, those are indeed empty, meaning not populated in HTTP request.

from terraform-provider-aws.

kostasns avatar kostasns commented on July 17, 2024 1

Thank you and apologies for misleading you, I could've phrased it better.

from terraform-provider-aws.

github-actions avatar github-actions commented on July 17, 2024

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

from terraform-provider-aws.

justinretzolk avatar justinretzolk commented on July 17, 2024

Hey @kostasns 👋 Thank you for taking the time to raise this! Based on the error returned from the AWS API, I suspect this may be configuration related. Can you supply a sample Terraform configuration that can be used to reproduce this? If you're able to provide them, debug logs (redacted as needed) are also often useful.

from terraform-provider-aws.

kostasns avatar kostasns commented on July 17, 2024

Hi @justinretzolk , sure thing. Let me put something together.

from terraform-provider-aws.

kostasns avatar kostasns commented on July 17, 2024

This is a working example, you will need to provide variables for your specific environment.

  • Set 'domain_join' to true and create an instance. Instance should be created with 'Joined' status under directory
  • Set 'domain_join' to false and run terraform apply to receive error I've provided (debug log below).
terraform {
  required_version = ">= 1.5.0, < 2.0.0"

  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 5.0"
    }
  }
}

provider "aws" {
  region = "eu-central-1"
  default_tags {
    tags = {
      environment  = "test"
    }
  }
}

data "aws_secretsmanager_secret" "domain_join" {
  name = ""
}

variable "domain_join" {
  type    = bool
  default = true
}

variable "domain_fqdn" {
  type    = string
  default = ""
}

variable "domain_ou" {
  type    = string
  default = ""
}

variable "domain_dns_ips" {
  type    = list(string)
  default = []
}

variable "name" {
  type        = string
  default = "github-example"
}

variable "subnet_ids" {
  type = list(string)
  default = []
}

variable "vpc_id" {
  type = string
  default = ""
}



resource "aws_db_subnet_group" "this" {
  name       = var.name
  subnet_ids = var.subnet_ids
}

resource "aws_security_group" "rds" {
  name        = "${var.name}-sg"
  description = "Security Group for RDS ${var.name}"
  vpc_id      = var.vpc_id
}

resource "aws_security_group_rule" "allow_all_outbound" {
  type              = "egress"
  security_group_id = aws_security_group.rds.id

  from_port   = 0
  to_port     = 0
  protocol    = "-1"
  cidr_blocks = ["0.0.0.0/0"]
}


resource "aws_db_instance" "this" {
  identifier     = var.name
  engine         = "sqlserver-ee"
  engine_version = "16.00"
  instance_class = "db.t3.xlarge"

  username = "admin"
  manage_master_user_password = true

  domain_fqdn            = var.domain_join ? var.domain_fqdn : null
  domain_ou              = var.domain_join ? var.domain_ou : null
  domain_auth_secret_arn = var.domain_join ? data.aws_secretsmanager_secret.domain_join.arn : null
  domain_dns_ips         = var.domain_join ? var.domain_dns_ips : null

  db_subnet_group_name   = aws_db_subnet_group.this.name
  ca_cert_identifier     = "rds-ca-rsa4096-g1"
  vpc_security_group_ids = [aws_security_group.rds.id]

  auto_minor_version_upgrade      = true
  allow_major_version_upgrade     = false
  enabled_cloudwatch_logs_exports = toset(["agent", "error"])
  multi_az                        = false

  storage_type       = "gp3"
  allocated_storage  = 50

  publicly_accessible = false
  license_model       = "license-included"
  skip_final_snapshot = true
  apply_immediately   = true
  deletion_protection = false

}

DEBUG log

2024-03-25T09:52:50.842+0200 [INFO]  backend/local: apply calling Apply
2024-03-25T09:52:50.842+0200 [DEBUG] Building and walking apply graph for NormalMode plan
2024-03-25T09:52:50.843+0200 [DEBUG] ProviderTransformer: "aws_security_group_rule.allow_all_outbound (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.843+0200 [DEBUG] ProviderTransformer: "aws_security_group.rds (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.843+0200 [DEBUG] ProviderTransformer: "aws_db_instance.this (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.843+0200 [DEBUG] ProviderTransformer: "aws_db_subnet_group.this (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.844+0200 [DEBUG] ProviderTransformer: "data.aws_secretsmanager_secret.domain_join (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.844+0200 [DEBUG] ProviderTransformer: "aws_db_instance.this" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.844+0200 [DEBUG] ReferenceTransformer: "aws_security_group_rule.allow_all_outbound (expand)" references: []
2024-03-25T09:52:50.844+0200 [DEBUG] ReferenceTransformer: "var.domain_fqdn" references: []
2024-03-25T09:52:50.845+0200 [DEBUG] ReferenceTransformer: "var.domain_dns_ips" references: []
2024-03-25T09:52:50.845+0200 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/hashicorp/aws\"]" references: []
2024-03-25T09:52:50.845+0200 [DEBUG] ReferenceTransformer: "aws_security_group.rds (expand)" references: []
2024-03-25T09:52:50.845+0200 [DEBUG] ReferenceTransformer: "aws_db_instance.this (expand)" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "var.name" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "var.subnet_ids" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "var.domain_join" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "aws_db_instance.this" references: [var.domain_join var.domain_dns_ips aws_db_subnet_group.this (expand) var.domain_join var.domain_fqdn var.domain_join var.domain_ou aws_security_group.rds (expand) var.domain_join data.aws_secretsmanager_secret.domain_join (expand) var.name]
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "aws_db_subnet_group.this (expand)" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "data.aws_secretsmanager_secret.domain_join (expand)" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "var.domain_ou" references: []
2024-03-25T09:52:50.847+0200 [DEBUG] ReferenceTransformer: "var.vpc_id" references: []
2024-03-25T09:52:50.847+0200 [DEBUG] pruneUnusedNodes: aws_security_group_rule.allow_all_outbound (expand) is no longer needed, removing
2024-03-25T09:52:50.847+0200 [DEBUG] Starting graph walk: walkApply
2024-03-25T09:52:50.848+0200 [DEBUG] created provider logger: level=debug
2024-03-25T09:52:50.851+0200 [INFO]  provider: configuring client automatic mTLS
2024-03-25T09:52:50.859+0200 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe args=[.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe]
2024-03-25T09:52:51.771+0200 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe pid=26124
2024-03-25T09:52:51.771+0200 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe
2024-03-25T09:52:52.069+0200 [INFO]  provider.terraform-provider-aws_v5.42.0_x5.exe: configuring server automatic mTLS: timestamp=2024-03-25T09:52:52.063+0200
2024-03-25T09:52:52.082+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: plugin address: address=127.0.0.1:10000 network=tcp timestamp=2024-03-25T09:52:52.082+0200
2024-03-25T09:52:52.082+0200 [DEBUG] provider: using plugin: version=5
2024-03-25T09:52:52.797+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Configuring Terraform AWS Provider: @caller=github.com/hashicorp/terraform-provider-aws/internal/conns/config.go:134 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_rpc=ConfigureProvider @module=aws tf_mux_provider=*schema.GRPCProviderServer timestamp=2024-03-25T09:52:52.797+0200
2024-03-25T09:52:52.797+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Resolving credentials provider: @module=aws.aws-base tf_provider_addr=registry.terraform.io/hashicorp/aws @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 tf_mux_provider=*schema.GRPCProviderServer tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:52.797+0200
2024-03-25T09:52:52.797+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Loading configuration: @module=aws.aws-base tf_mux_provider=*schema.GRPCProviderServer tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:52.797+0200
2024-03-25T09:52:52.803+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieving credentials: @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 @module=aws.aws-base tf_mux_provider=*schema.GRPCProviderServer tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:52.803+0200
2024-03-25T09:52:52.804+0200 [INFO]  provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieved credentials: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:39 @module=aws.aws-base tf_aws.credentials_source="SharedConfigCredentials: \.aws\credentials" tf_mux_provider=*schema.GRPCProviderServer tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:52.803+0200
2024-03-25T09:52:52.804+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Loading configuration: tf_mux_provider=*schema.GRPCProviderServer tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_rpc=ConfigureProvider @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 @module=aws.aws-base timestamp=2024-03-25T09:52:52.803+0200
2024-03-25T09:52:52.810+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Creating AWS SDK v1 session: tf_mux_provider=*schema.GRPCProviderServer tf_rpc=ConfigureProvider @caller=github.com/hashicorp/terraform-provider-aws/internal/conns/config.go:158 @module=aws tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff timestamp=2024-03-25T09:52:52.810+0200
2024-03-25T09:52:52.819+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieving AWS account details: tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_mux_provider=*schema.GRPCProviderServer tf_provider_addr=registry.terraform.io/hashicorp/aws @module=aws tf_rpc=ConfigureProvider @caller=github.com/hashicorp/terraform-provider-aws/internal/conns/config.go:173 timestamp=2024-03-25T09:52:52.819+0200
2024-03-25T09:52:52.819+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieving caller identity from STS: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 tf_rpc=ConfigureProvider @module=aws.aws-base tf_mux_provider=*schema.GRPCProviderServer timestamp=2024-03-25T09:52:52.819+0200
2024-03-25T09:52:52.820+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Request Sent: http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************N5MG/20240325/<region>/sts/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date;x-amz-security-token, Signature=*****" @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 @module=aws.aws-base http.request.header.x_amz_security_token=***** rpc.method=GetCallerIdentity rpc.service=STS tf_aws.signing_region= tf_mux_provider=*schema.GRPCProviderServer tf_rpc=ConfigureProvider http.request.body="Action=GetCallerIdentity&Version=2011-06-15
" http.request.header.content_type=application/x-www-form-urlencoded tf_aws.sdk=aws-sdk-go-v2 http.request.header.x_amz_date=20240325T075252Z rpc.system=aws-api http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.5.7 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go-v2/1.26.0 os/windows lang/go#1.21.8 md/GOOS#windows md/GOARCH#amd64 api/sts#1.28.5" http.request.header.amz_sdk_invocation_id=9feb1c9f-b9e5-4eaf-8b8e-07e6e3dd93c4 http.url=https://sts.<region>.amazonaws.com/ tf_provider_addr=registry.terraform.io/hashicorp/aws http.request.header.amz_sdk_request="attempt=1; max=25" http.request_content_length=43 net.peer.name=sts.<region>.amazonaws.com tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff aws.region=<region> http.method=POST timestamp=2024-03-25T09:52:52.820+0200
2024-03-25T09:52:53.764+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Response Received: @module=aws.aws-base http.duration=943 http.response.header.date="Mon, 25 Mar 2024 07:52:53 GMT" rpc.system=aws-api tf_provider_addr=registry.terraform.io/hashicorp/aws tf_rpc=ConfigureProvider @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 http.response_content_length=437 rpc.method=GetCallerIdentity tf_aws.signing_region= tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff http.response.body="<GetCallerIdentityResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
  <GetCallerIdentityResult>
    <Arn>arn:aws:sts::<account_id>:<assumed_role></Arn>
    <UserId><userId></UserId>
    <Account><account_id></Account>
  </GetCallerIdentityResult>
  <ResponseMetadata>
    <RequestId><request_id</RequestId>
  </ResponseMetadata>
</GetCallerIdentityResponse>
" http.response.header.content_type=text/xml http.status_code=200 tf_mux_provider=*schema.GRPCProviderServer aws.region=<region> http.response.header.x_amzn_requestid=40114559-277f-481c-8347-62335303cc19 rpc.service=STS tf_aws.sdk=aws-sdk-go-v2 timestamp=2024-03-25T09:52:53.764+0200
2024-03-25T09:52:53.765+0200 [INFO]  provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieved caller identity from STS: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=<request_id> @module=aws.aws-base tf_mux_provider=*schema.GRPCProviderServer @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:39 tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:53.764+0200
2024-03-25T09:52:53.779+0200 [WARN]  Provider "registry.terraform.io/hashicorp/aws" produced an invalid plan for aws_db_instance.this, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .iam_database_authentication_enabled: planned value cty.False for a non-computed attribute
      - .domain_dns_ips: planned value cty.SetValEmpty(cty.String) for a non-computed attribute
      - .monitoring_interval: planned value cty.NumberIntVal(0) for a non-computed attribute
      - .tags: planned value cty.MapValEmpty(cty.String) for a non-computed attribute
      - .custom_iam_instance_profile: planned value cty.StringVal("") for a non-computed attribute
      - .storage_encrypted: planned value cty.False for a non-computed attribute
      - .customer_owned_ip_enabled: planned value cty.False for a non-computed attribute
      - .delete_automated_backups: planned value cty.True for a non-computed attribute
      - .domain: planned value cty.StringVal("") for a non-computed attribute
      - .domain_iam_role_name: planned value cty.StringVal("") for a non-computed attribute
      - .max_allocated_storage: planned value cty.NumberIntVal(0) for a non-computed attribute
      - .copy_tags_to_snapshot: planned value cty.False for a non-computed attribute
      - .replicate_source_db: planned value cty.StringVal("") for a non-computed attribute
      - .performance_insights_enabled: planned value cty.False for a non-computed attribute
aws_db_instance.this: Modifying... [id=<db_id>]
2024-03-25T09:52:53.780+0200 [INFO]  Starting apply for aws_db_instance.this
2024-03-25T09:52:53.780+0200 [DEBUG] aws_db_instance.this: applying the planned Update change
2024-03-25T09:52:53.783+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: [DEBUG] Waiting for state to become: [success]
2024-03-25T09:52:53.784+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Request Sent: @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:45 http.method=POST http.request.body="Action=ModifyDBInstance&ApplyImmediately=true&DBInstanceIdentifier=github-example&DeletionProtection=false&DomainAuthSecretArn=&DomainFqdn=danskenet.net&DomainOu=&Version=2014-10-31
" http.request.header.x_amz_security_token=***** rpc.system=aws-api tf_resource_type=aws_db_instance aws.region=<region> http.request.header.amz_sdk_request="attempt=1; max=25" tf_aws.signing_region= http.request.header.amz_sdk_invocation_id=90cbc416-885b-4fb9-8ce7-c35007cbf0fb http.request_content_length=181 http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.5.7 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go-v2/1.26.0 os/windows lang/go#1.21.8 md/GOOS#windows md/GOARCH#amd64 api/rds#1.76.0" tf_req_id=10955a1d-b5c8-42e6-e0d7-db2832b73b8c http.request.header.x_amz_date=20240325T075253Z rpc.service=RDS tf_mux_provider=*schema.GRPCProviderServer tf_rpc=ApplyResourceChange http.request.header.content_type=application/x-www-form-urlencoded net.peer.name=rds.<region>.amazonaws.com http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************N5MG/20240325/<region>/rds/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date;x-amz-security-token, Signature=*****" http.url=https://rds.<region>.amazonaws.com/ tf_provider_addr=registry.terraform.io/hashicorp/aws @module=aws rpc.method=ModifyDBInstance tf_aws.sdk=aws-sdk-go-v2 timestamp=2024-03-25T09:52:53.784+0200
2024-03-25T09:52:54.204+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Response Received: rpc.method=ModifyDBInstance tf_aws.sdk=aws-sdk-go-v2 http.response.header.strict_transport_security=max-age=31536000 http.response.header.x_amzn_requestid=8052b4f2-8ca3-4554-8285-7b7e21253e86 tf_req_id=10955a1d-b5c8-42e6-e0d7-db2832b73b8c http.response.header.date="Mon, 25 Mar 2024 07:52:54 GMT" http.status_code=400 rpc.service=RDS tf_mux_provider=*schema.GRPCProviderServer @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:45 @module=aws http.response.body="<ErrorResponse xmlns="http://rds.amazonaws.com/doc/2014-10-31/"><Error><Type>Sender</Type><Code>InvalidParameterCombination</Code><Message>Ensure all of the self-managed Active Directory parameters have been passed in.</Message></Error><RequestId>8052b4f2-8ca3-4554-8285-7b7e21253e86</RequestId></ErrorResponse>
" tf_aws.signing_region= tf_provider_addr=registry.terraform.io/hashicorp/aws tf_resource_type=aws_db_instance tf_rpc=ApplyResourceChange aws.region=<region> http.duration=406 http.response.header.content_type=text/xml rpc.system=aws-api timestamp=2024-03-25T09:52:54.203+0200
2024-03-25T09:52:54.207+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: request failed with unretryable error https response error StatusCode: 400, RequestID: 8052b4f2-8ca3-4554-8285-7b7e21253e86, api error InvalidParameterCombination: Ensure all of the self-managed Active Directory parameters have been passed in.: @module=aws rpc.method=ModifyDBInstance aws.region=<region> rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=10955a1d-b5c8-42e6-e0d7-db2832b73b8c rpc.service=RDS tf_mux_provider=*schema.GRPCProviderServer tf_resource_type=aws_db_instance tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:45 timestamp=2024-03-25T09:52:54.204+0200
2024-03-25T09:52:54.207+0200 [ERROR] provider.terraform-provider-aws_v5.42.0_x5.exe: Response contains error diagnostic: diagnostic_detail= diagnostic_severity=ERROR diagnostic_summary="updating RDS DB Instance (github-example): operation error RDS: ModifyDBInstance, https response error StatusCode: 400, RequestID: 8052b4f2-8ca3-4554-8285-7b7e21253e86, api error InvalidParameterCombination: Ensure all of the self-managed Active Directory parameters have been passed in." tf_proto_version=5.4 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=10955a1d-b5c8-42e6-e0d7-db2832b73b8c @caller=github.com/hashicorp/[email protected]/tfprotov5/internal/diag/diagnostics.go:58 @module=sdk.proto tf_resource_type=aws_db_instance tf_rpc=ApplyResourceChange timestamp=2024-03-25T09:52:54.206+0200
2024-03-25T09:52:54.216+0200 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2024-03-25T09:52:54.216+0200 [ERROR] vertex "aws_db_instance.this" error: updating RDS DB Instance (github-example): operation error RDS: ModifyDBInstance, https response error StatusCode: 400, RequestID: 8052b4f2-8ca3-4554-8285-7b7e21253e86, api error InvalidParameterCombination: Ensure all of the self-managed Active Directory parameters have been passed in.
╷
│ Error: updating RDS DB Instance (github-example): operation error RDS: ModifyDBInstance, https response error StatusCode: 400, RequestID: 8052b4f2-8ca3-4554-8285-7b7e21253e86, api error InvalidParameterCombination: Ensure all of the self-managed Active Directory parameters have been passed in.
│
│   with aws_db_instance.this,
│   on main.tf line 87, in resource "aws_db_instance" "this":
│   87: resource "aws_db_instance" "this" {
│
╵
2024-03-25T09:52:54.225+0200 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2024-03-25T09:52:54.269+0200 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe pid=26124
2024-03-25T09:52:54.269+0200 [DEBUG] provider: plugin exited

from terraform-provider-aws.

justinretzolk avatar justinretzolk commented on July 17, 2024

Thank you for the updates here @kostasns. I've got one more question before I'll mark this as triaged and waiting for prioritization.

Looking at the following line from the debug logging you sent over, I noticed both DomainAuthSecretArn and DomainOu are empty. Were those removed as part of redaction before you pasted the logs over? The AWS documentation seems to indicate both of those are required for self-managed Active Directory.

2024-03-25T09:52:53.784+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Request Sent: @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:45 http.method=POST http.request.body="Action=ModifyDBInstance&ApplyImmediately=true&DBInstanceIdentifier=github-example&DeletionProtection=false&DomainAuthSecretArn=&DomainFqdn=danskenet.net&DomainOu=&Version=2014-10-31"

from terraform-provider-aws.

justinretzolk avatar justinretzolk commented on July 17, 2024

@kostasns I see where I was missing you now (I'd misread and was looking at it backwards); thank you for the clarification 🙂. I'll remove the triage label so this can wait for prioritization by someone on the team.

from terraform-provider-aws.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.