terraform-aws-rds-aurora
terraform-aws-rds-aurora copied to clipboard
terraform-aws-modules
KMS_KEY_ID recreates database everytime
How do we solve the problem of kms_key_id field?
When creating the rds for the first time kms_key_id = arn.
Then running terraform again, kms_key_id = is not the id and hence it force replaces. since arn is being passed.
Is there a way we could add a ignore change lifecyle for the kms_key_id
I can create a PR if you'd like.
Thank you.
I guess it would be possible to use a lifecycle hook to ignore changes, but to be honest the issue here is that you're passing a ID not an ARN, so the setting was never valid and in that case ignoring the change seems misguided at best, and pointless at worst.
The preferred solution would be to distroy the instance, and recreate it with a correctly-specified ARN. Or if your DB is in-use and cannot be replaced then don't update the ARN leaving it without encryption at rest.
This issue has been automatically marked as stale because it has been open 30 days with no activity. Remove stale label or comment or this issue will be closed in 10 days
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue was automatically closed because of stale in 10 days
I'm going to lock this issue because it has been closed for 30 days β³. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.