Comments (8)
No, those are indeed empty, meaning not populated in HTTP request.
from terraform-provider-aws.
Thank you and apologies for misleading you, I could've phrased it better.
from terraform-provider-aws.
Community Note
Voting for Prioritization
- Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
- Please see our prioritization guide for information on how we prioritize.
- Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
Volunteering to Work on This Issue
- If you are interested in working on this issue, please leave a comment.
- If this would be your first contribution, please review the contribution guide.
from terraform-provider-aws.
Hey @kostasns 👋 Thank you for taking the time to raise this! Based on the error returned from the AWS API, I suspect this may be configuration related. Can you supply a sample Terraform configuration that can be used to reproduce this? If you're able to provide them, debug logs (redacted as needed) are also often useful.
from terraform-provider-aws.
Hi @justinretzolk , sure thing. Let me put something together.
from terraform-provider-aws.
This is a working example, you will need to provide variables for your specific environment.
- Set 'domain_join' to true and create an instance. Instance should be created with 'Joined' status under directory
- Set 'domain_join' to false and run terraform apply to receive error I've provided (debug log below).
terraform {
required_version = ">= 1.5.0, < 2.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.0"
}
}
}
provider "aws" {
region = "eu-central-1"
default_tags {
tags = {
environment = "test"
}
}
}
data "aws_secretsmanager_secret" "domain_join" {
name = ""
}
variable "domain_join" {
type = bool
default = true
}
variable "domain_fqdn" {
type = string
default = ""
}
variable "domain_ou" {
type = string
default = ""
}
variable "domain_dns_ips" {
type = list(string)
default = []
}
variable "name" {
type = string
default = "github-example"
}
variable "subnet_ids" {
type = list(string)
default = []
}
variable "vpc_id" {
type = string
default = ""
}
resource "aws_db_subnet_group" "this" {
name = var.name
subnet_ids = var.subnet_ids
}
resource "aws_security_group" "rds" {
name = "${var.name}-sg"
description = "Security Group for RDS ${var.name}"
vpc_id = var.vpc_id
}
resource "aws_security_group_rule" "allow_all_outbound" {
type = "egress"
security_group_id = aws_security_group.rds.id
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
resource "aws_db_instance" "this" {
identifier = var.name
engine = "sqlserver-ee"
engine_version = "16.00"
instance_class = "db.t3.xlarge"
username = "admin"
manage_master_user_password = true
domain_fqdn = var.domain_join ? var.domain_fqdn : null
domain_ou = var.domain_join ? var.domain_ou : null
domain_auth_secret_arn = var.domain_join ? data.aws_secretsmanager_secret.domain_join.arn : null
domain_dns_ips = var.domain_join ? var.domain_dns_ips : null
db_subnet_group_name = aws_db_subnet_group.this.name
ca_cert_identifier = "rds-ca-rsa4096-g1"
vpc_security_group_ids = [aws_security_group.rds.id]
auto_minor_version_upgrade = true
allow_major_version_upgrade = false
enabled_cloudwatch_logs_exports = toset(["agent", "error"])
multi_az = false
storage_type = "gp3"
allocated_storage = 50
publicly_accessible = false
license_model = "license-included"
skip_final_snapshot = true
apply_immediately = true
deletion_protection = false
}
DEBUG log
2024-03-25T09:52:50.842+0200 [INFO] backend/local: apply calling Apply
2024-03-25T09:52:50.842+0200 [DEBUG] Building and walking apply graph for NormalMode plan
2024-03-25T09:52:50.843+0200 [DEBUG] ProviderTransformer: "aws_security_group_rule.allow_all_outbound (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.843+0200 [DEBUG] ProviderTransformer: "aws_security_group.rds (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.843+0200 [DEBUG] ProviderTransformer: "aws_db_instance.this (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.843+0200 [DEBUG] ProviderTransformer: "aws_db_subnet_group.this (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.844+0200 [DEBUG] ProviderTransformer: "data.aws_secretsmanager_secret.domain_join (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.844+0200 [DEBUG] ProviderTransformer: "aws_db_instance.this" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/hashicorp/aws"]
2024-03-25T09:52:50.844+0200 [DEBUG] ReferenceTransformer: "aws_security_group_rule.allow_all_outbound (expand)" references: []
2024-03-25T09:52:50.844+0200 [DEBUG] ReferenceTransformer: "var.domain_fqdn" references: []
2024-03-25T09:52:50.845+0200 [DEBUG] ReferenceTransformer: "var.domain_dns_ips" references: []
2024-03-25T09:52:50.845+0200 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/hashicorp/aws\"]" references: []
2024-03-25T09:52:50.845+0200 [DEBUG] ReferenceTransformer: "aws_security_group.rds (expand)" references: []
2024-03-25T09:52:50.845+0200 [DEBUG] ReferenceTransformer: "aws_db_instance.this (expand)" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "var.name" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "var.subnet_ids" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "var.domain_join" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "aws_db_instance.this" references: [var.domain_join var.domain_dns_ips aws_db_subnet_group.this (expand) var.domain_join var.domain_fqdn var.domain_join var.domain_ou aws_security_group.rds (expand) var.domain_join data.aws_secretsmanager_secret.domain_join (expand) var.name]
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "aws_db_subnet_group.this (expand)" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "data.aws_secretsmanager_secret.domain_join (expand)" references: []
2024-03-25T09:52:50.846+0200 [DEBUG] ReferenceTransformer: "var.domain_ou" references: []
2024-03-25T09:52:50.847+0200 [DEBUG] ReferenceTransformer: "var.vpc_id" references: []
2024-03-25T09:52:50.847+0200 [DEBUG] pruneUnusedNodes: aws_security_group_rule.allow_all_outbound (expand) is no longer needed, removing
2024-03-25T09:52:50.847+0200 [DEBUG] Starting graph walk: walkApply
2024-03-25T09:52:50.848+0200 [DEBUG] created provider logger: level=debug
2024-03-25T09:52:50.851+0200 [INFO] provider: configuring client automatic mTLS
2024-03-25T09:52:50.859+0200 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe args=[.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe]
2024-03-25T09:52:51.771+0200 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe pid=26124
2024-03-25T09:52:51.771+0200 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe
2024-03-25T09:52:52.069+0200 [INFO] provider.terraform-provider-aws_v5.42.0_x5.exe: configuring server automatic mTLS: timestamp=2024-03-25T09:52:52.063+0200
2024-03-25T09:52:52.082+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: plugin address: address=127.0.0.1:10000 network=tcp timestamp=2024-03-25T09:52:52.082+0200
2024-03-25T09:52:52.082+0200 [DEBUG] provider: using plugin: version=5
2024-03-25T09:52:52.797+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Configuring Terraform AWS Provider: @caller=github.com/hashicorp/terraform-provider-aws/internal/conns/config.go:134 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_rpc=ConfigureProvider @module=aws tf_mux_provider=*schema.GRPCProviderServer timestamp=2024-03-25T09:52:52.797+0200
2024-03-25T09:52:52.797+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Resolving credentials provider: @module=aws.aws-base tf_provider_addr=registry.terraform.io/hashicorp/aws @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 tf_mux_provider=*schema.GRPCProviderServer tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:52.797+0200
2024-03-25T09:52:52.797+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Loading configuration: @module=aws.aws-base tf_mux_provider=*schema.GRPCProviderServer tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:52.797+0200
2024-03-25T09:52:52.803+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieving credentials: @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 @module=aws.aws-base tf_mux_provider=*schema.GRPCProviderServer tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:52.803+0200
2024-03-25T09:52:52.804+0200 [INFO] provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieved credentials: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:39 @module=aws.aws-base tf_aws.credentials_source="SharedConfigCredentials: \.aws\credentials" tf_mux_provider=*schema.GRPCProviderServer tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:52.803+0200
2024-03-25T09:52:52.804+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Loading configuration: tf_mux_provider=*schema.GRPCProviderServer tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_rpc=ConfigureProvider @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 @module=aws.aws-base timestamp=2024-03-25T09:52:52.803+0200
2024-03-25T09:52:52.810+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Creating AWS SDK v1 session: tf_mux_provider=*schema.GRPCProviderServer tf_rpc=ConfigureProvider @caller=github.com/hashicorp/terraform-provider-aws/internal/conns/config.go:158 @module=aws tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff timestamp=2024-03-25T09:52:52.810+0200
2024-03-25T09:52:52.819+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieving AWS account details: tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff tf_mux_provider=*schema.GRPCProviderServer tf_provider_addr=registry.terraform.io/hashicorp/aws @module=aws tf_rpc=ConfigureProvider @caller=github.com/hashicorp/terraform-provider-aws/internal/conns/config.go:173 timestamp=2024-03-25T09:52:52.819+0200
2024-03-25T09:52:52.819+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieving caller identity from STS: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 tf_rpc=ConfigureProvider @module=aws.aws-base tf_mux_provider=*schema.GRPCProviderServer timestamp=2024-03-25T09:52:52.819+0200
2024-03-25T09:52:52.820+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Request Sent: http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************N5MG/20240325/<region>/sts/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date;x-amz-security-token, Signature=*****" @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 @module=aws.aws-base http.request.header.x_amz_security_token=***** rpc.method=GetCallerIdentity rpc.service=STS tf_aws.signing_region= tf_mux_provider=*schema.GRPCProviderServer tf_rpc=ConfigureProvider http.request.body="Action=GetCallerIdentity&Version=2011-06-15
" http.request.header.content_type=application/x-www-form-urlencoded tf_aws.sdk=aws-sdk-go-v2 http.request.header.x_amz_date=20240325T075252Z rpc.system=aws-api http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.5.7 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go-v2/1.26.0 os/windows lang/go#1.21.8 md/GOOS#windows md/GOARCH#amd64 api/sts#1.28.5" http.request.header.amz_sdk_invocation_id=9feb1c9f-b9e5-4eaf-8b8e-07e6e3dd93c4 http.url=https://sts.<region>.amazonaws.com/ tf_provider_addr=registry.terraform.io/hashicorp/aws http.request.header.amz_sdk_request="attempt=1; max=25" http.request_content_length=43 net.peer.name=sts.<region>.amazonaws.com tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff aws.region=<region> http.method=POST timestamp=2024-03-25T09:52:52.820+0200
2024-03-25T09:52:53.764+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Response Received: @module=aws.aws-base http.duration=943 http.response.header.date="Mon, 25 Mar 2024 07:52:53 GMT" rpc.system=aws-api tf_provider_addr=registry.terraform.io/hashicorp/aws tf_rpc=ConfigureProvider @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:47 http.response_content_length=437 rpc.method=GetCallerIdentity tf_aws.signing_region= tf_req_id=a5ff8b4a-47ec-c8d6-d3ae-0df9dfccb5ff http.response.body="<GetCallerIdentityResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">
<GetCallerIdentityResult>
<Arn>arn:aws:sts::<account_id>:<assumed_role></Arn>
<UserId><userId></UserId>
<Account><account_id></Account>
</GetCallerIdentityResult>
<ResponseMetadata>
<RequestId><request_id</RequestId>
</ResponseMetadata>
</GetCallerIdentityResponse>
" http.response.header.content_type=text/xml http.status_code=200 tf_mux_provider=*schema.GRPCProviderServer aws.region=<region> http.response.header.x_amzn_requestid=40114559-277f-481c-8347-62335303cc19 rpc.service=STS tf_aws.sdk=aws-sdk-go-v2 timestamp=2024-03-25T09:52:53.764+0200
2024-03-25T09:52:53.765+0200 [INFO] provider.terraform-provider-aws_v5.42.0_x5.exe: Retrieved caller identity from STS: tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=<request_id> @module=aws.aws-base tf_mux_provider=*schema.GRPCProviderServer @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:39 tf_rpc=ConfigureProvider timestamp=2024-03-25T09:52:53.764+0200
2024-03-25T09:52:53.779+0200 [WARN] Provider "registry.terraform.io/hashicorp/aws" produced an invalid plan for aws_db_instance.this, but we are tolerating it because it is using the legacy plugin SDK.
The following problems may be the cause of any confusing errors from downstream operations:
- .iam_database_authentication_enabled: planned value cty.False for a non-computed attribute
- .domain_dns_ips: planned value cty.SetValEmpty(cty.String) for a non-computed attribute
- .monitoring_interval: planned value cty.NumberIntVal(0) for a non-computed attribute
- .tags: planned value cty.MapValEmpty(cty.String) for a non-computed attribute
- .custom_iam_instance_profile: planned value cty.StringVal("") for a non-computed attribute
- .storage_encrypted: planned value cty.False for a non-computed attribute
- .customer_owned_ip_enabled: planned value cty.False for a non-computed attribute
- .delete_automated_backups: planned value cty.True for a non-computed attribute
- .domain: planned value cty.StringVal("") for a non-computed attribute
- .domain_iam_role_name: planned value cty.StringVal("") for a non-computed attribute
- .max_allocated_storage: planned value cty.NumberIntVal(0) for a non-computed attribute
- .copy_tags_to_snapshot: planned value cty.False for a non-computed attribute
- .replicate_source_db: planned value cty.StringVal("") for a non-computed attribute
- .performance_insights_enabled: planned value cty.False for a non-computed attribute
aws_db_instance.this: Modifying... [id=<db_id>]
2024-03-25T09:52:53.780+0200 [INFO] Starting apply for aws_db_instance.this
2024-03-25T09:52:53.780+0200 [DEBUG] aws_db_instance.this: applying the planned Update change
2024-03-25T09:52:53.783+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: [DEBUG] Waiting for state to become: [success]
2024-03-25T09:52:53.784+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Request Sent: @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:45 http.method=POST http.request.body="Action=ModifyDBInstance&ApplyImmediately=true&DBInstanceIdentifier=github-example&DeletionProtection=false&DomainAuthSecretArn=&DomainFqdn=danskenet.net&DomainOu=&Version=2014-10-31
" http.request.header.x_amz_security_token=***** rpc.system=aws-api tf_resource_type=aws_db_instance aws.region=<region> http.request.header.amz_sdk_request="attempt=1; max=25" tf_aws.signing_region= http.request.header.amz_sdk_invocation_id=90cbc416-885b-4fb9-8ce7-c35007cbf0fb http.request_content_length=181 http.user_agent="APN/1.0 HashiCorp/1.0 Terraform/1.5.7 (+https://www.terraform.io) terraform-provider-aws/5.42.0 (+https://registry.terraform.io/providers/hashicorp/aws) aws-sdk-go-v2/1.26.0 os/windows lang/go#1.21.8 md/GOOS#windows md/GOARCH#amd64 api/rds#1.76.0" tf_req_id=10955a1d-b5c8-42e6-e0d7-db2832b73b8c http.request.header.x_amz_date=20240325T075253Z rpc.service=RDS tf_mux_provider=*schema.GRPCProviderServer tf_rpc=ApplyResourceChange http.request.header.content_type=application/x-www-form-urlencoded net.peer.name=rds.<region>.amazonaws.com http.request.header.authorization="AWS4-HMAC-SHA256 Credential=ASIA************N5MG/20240325/<region>/rds/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-date;x-amz-security-token, Signature=*****" http.url=https://rds.<region>.amazonaws.com/ tf_provider_addr=registry.terraform.io/hashicorp/aws @module=aws rpc.method=ModifyDBInstance tf_aws.sdk=aws-sdk-go-v2 timestamp=2024-03-25T09:52:53.784+0200
2024-03-25T09:52:54.204+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Response Received: rpc.method=ModifyDBInstance tf_aws.sdk=aws-sdk-go-v2 http.response.header.strict_transport_security=max-age=31536000 http.response.header.x_amzn_requestid=8052b4f2-8ca3-4554-8285-7b7e21253e86 tf_req_id=10955a1d-b5c8-42e6-e0d7-db2832b73b8c http.response.header.date="Mon, 25 Mar 2024 07:52:54 GMT" http.status_code=400 rpc.service=RDS tf_mux_provider=*schema.GRPCProviderServer @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:45 @module=aws http.response.body="<ErrorResponse xmlns="http://rds.amazonaws.com/doc/2014-10-31/"><Error><Type>Sender</Type><Code>InvalidParameterCombination</Code><Message>Ensure all of the self-managed Active Directory parameters have been passed in.</Message></Error><RequestId>8052b4f2-8ca3-4554-8285-7b7e21253e86</RequestId></ErrorResponse>
" tf_aws.signing_region= tf_provider_addr=registry.terraform.io/hashicorp/aws tf_resource_type=aws_db_instance tf_rpc=ApplyResourceChange aws.region=<region> http.duration=406 http.response.header.content_type=text/xml rpc.system=aws-api timestamp=2024-03-25T09:52:54.203+0200
2024-03-25T09:52:54.207+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: request failed with unretryable error https response error StatusCode: 400, RequestID: 8052b4f2-8ca3-4554-8285-7b7e21253e86, api error InvalidParameterCombination: Ensure all of the self-managed Active Directory parameters have been passed in.: @module=aws rpc.method=ModifyDBInstance aws.region=<region> rpc.system=aws-api tf_aws.sdk=aws-sdk-go-v2 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=10955a1d-b5c8-42e6-e0d7-db2832b73b8c rpc.service=RDS tf_mux_provider=*schema.GRPCProviderServer tf_resource_type=aws_db_instance tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:45 timestamp=2024-03-25T09:52:54.204+0200
2024-03-25T09:52:54.207+0200 [ERROR] provider.terraform-provider-aws_v5.42.0_x5.exe: Response contains error diagnostic: diagnostic_detail= diagnostic_severity=ERROR diagnostic_summary="updating RDS DB Instance (github-example): operation error RDS: ModifyDBInstance, https response error StatusCode: 400, RequestID: 8052b4f2-8ca3-4554-8285-7b7e21253e86, api error InvalidParameterCombination: Ensure all of the self-managed Active Directory parameters have been passed in." tf_proto_version=5.4 tf_provider_addr=registry.terraform.io/hashicorp/aws tf_req_id=10955a1d-b5c8-42e6-e0d7-db2832b73b8c @caller=github.com/hashicorp/[email protected]/tfprotov5/internal/diag/diagnostics.go:58 @module=sdk.proto tf_resource_type=aws_db_instance tf_rpc=ApplyResourceChange timestamp=2024-03-25T09:52:54.206+0200
2024-03-25T09:52:54.216+0200 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2024-03-25T09:52:54.216+0200 [ERROR] vertex "aws_db_instance.this" error: updating RDS DB Instance (github-example): operation error RDS: ModifyDBInstance, https response error StatusCode: 400, RequestID: 8052b4f2-8ca3-4554-8285-7b7e21253e86, api error InvalidParameterCombination: Ensure all of the self-managed Active Directory parameters have been passed in.
╷
│ Error: updating RDS DB Instance (github-example): operation error RDS: ModifyDBInstance, https response error StatusCode: 400, RequestID: 8052b4f2-8ca3-4554-8285-7b7e21253e86, api error InvalidParameterCombination: Ensure all of the self-managed Active Directory parameters have been passed in.
│
│ with aws_db_instance.this,
│ on main.tf line 87, in resource "aws_db_instance" "this":
│ 87: resource "aws_db_instance" "this" {
│
╵
2024-03-25T09:52:54.225+0200 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2024-03-25T09:52:54.269+0200 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/hashicorp/aws/5.42.0/windows_amd64/terraform-provider-aws_v5.42.0_x5.exe pid=26124
2024-03-25T09:52:54.269+0200 [DEBUG] provider: plugin exited
from terraform-provider-aws.
Thank you for the updates here @kostasns. I've got one more question before I'll mark this as triaged and waiting for prioritization.
Looking at the following line from the debug logging you sent over, I noticed both DomainAuthSecretArn
and DomainOu
are empty. Were those removed as part of redaction before you pasted the logs over? The AWS documentation seems to indicate both of those are required for self-managed Active Directory.
2024-03-25T09:52:53.784+0200 [DEBUG] provider.terraform-provider-aws_v5.42.0_x5.exe: HTTP Request Sent: @caller=github.com/hashicorp/aws-sdk-go-base/[email protected]/logging/tf_logger.go:45 http.method=POST http.request.body="Action=ModifyDBInstance&ApplyImmediately=true&DBInstanceIdentifier=github-example&DeletionProtection=false&DomainAuthSecretArn=&DomainFqdn=danskenet.net&DomainOu=&Version=2014-10-31"
from terraform-provider-aws.
@kostasns I see where I was missing you now (I'd misread and was looking at it backwards); thank you for the clarification 🙂. I'll remove the triage label so this can wait for prioritization by someone on the team.
from terraform-provider-aws.
Related Issues (20)
- [New Data Source]: `aws_eks_access_policies` to return available EKS Access Policies HOT 1
- [Bug]: Cannot use 'for_each' meta argument with deployments HOT 4
- [Enhancement]: Custom ssl certificate for `aws_amplify_domain_association` HOT 2
- [Enhancement]: aws_s3_bucket_intelligent_tiering_configuration support to skip archive access tierings HOT 1
- [New Service]: Chatbot HOT 3
- [New Resource]: `aws_ec2_image_deregistration_protection` HOT 1
- [Enhancement]: Provide possibility to use lambda version in aws_api_gateway_integration HOT 4
- [New Data Source]: `aws_transfer_security_policies` HOT 1
- Guardrails for Amazon Bedrock HOT 1
- Amazon Bedrock Agents Simplified Schema and Return of Control HOT 1
- Model Evaluation on Amazon Bedrock HOT 1
- [Enhancement]: Add data source aws_sns_topic_subscriptions HOT 2
- [Enhancement]: Ability to manage IPAM default scope instances HOT 1
- [Enhancement]: aws_sagemaker_user_profile lack of profile name in attributes HOT 1
- [New Resource]: `aws_securitylake_delegated_administrator` HOT 1
- [Bug]: aws service catalog provisioned product not creating product and getting timed out HOT 3
- [Enhancement]: Add Dynatrace support to Kinesis Firehose HOT 4
- AutoFlEx flattening of `float32` HOT 3
- [Bug]: DMS DocumentDB replication config fails with DocumentDB is not supported HOT 2
- [Docs]: aws_verifiedpermissions_policy contains placeholder information HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-aws.