driftctl icon indicating copy to clipboard operation
driftctl copied to clipboard

Published 20 hours ago verified publisher icon snyk

aws_elasticache_cluster resources created in terraform listed as unmanaged

Open ellianaC opened this issue 2 years ago • 1 comments

Description Noticed that a couple of aws_elasticache_cluster resources listed as unmanaged by a driftctl scan existed in our terraform configurations. Reproduced the issue by creating a new "aws_elasticache_replication_group" and running terraform apply, and then running a driftctl scan which listed it as unmanaged. It's seems like aws_elasticache_replication_group makes aws_elasticache_cluster resources, but they're managed by aws_elasticache_replication_group -> there's some reference to this in the docs https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/elasticache_replication_group.

Environment

  • OS:
  • driftctl version: 0.34.0
  • terraform version: v1.1.6
  • terraform providers versions: aws@ 3.74.3,

How to reproduce Terraform Config:

terraform {
    required_version = "1.1.6"
    required_providers {
        aws = {
            source  = "hashicorp/aws"
            version = "= 3.74.3"
        }
    }
 
}
provider "aws" {
  region = "us-east-1"
}
resource "aws_security_group" "redis" {
  name = "redis-security-group"
  ingress {
    from_port = 6379
    to_port   = 6379
    protocol  = "tcp"
    cidr_blocks = [
      "10.0.1.0/24"
    ]
  }
}
data "aws_ssm_parameter" "redis_password" {
  name = "password"
}
resource "aws_elasticache_replication_group" "main10" {
  engine         = "redis"
  engine_version = "5.0.6"
  automatic_failover_enabled    = true
  availability_zones            = ["us-east-1a"]
  replication_group_id          = "groupName"
  replication_group_description = "a redis cluster"
  node_type                     = "cache.t2.micro"
  parameter_group_name          = "default.redis5.0.cluster.on"
  port                          = 6379
  security_group_ids            = [aws_security_group.redis.id]
  auth_token                 = data.aws_ssm_parameter.redis.value
  cluster_mode {
    replicas_per_node_group = 1
    num_node_groups         = 1
  }
}

Then run terraform apply, then driftctl scan driftctl output:

aws_elasticache_cluster:
    - main10-0001-001
    - main10-0001-002

ellianaC avatar Jun 17 '22 19:06 ellianaC

Hey @ellianaC, thanks for opening this issue. Bear in mind of all our supported resources in our documentation. As you can see, we don't support yet the aws_elasticache_replication_group resource type. Thus, even though it generates resources that we support, they are not explicitly written in your state file which is our way to reconcile resources between your state and your cloud provider. Hope it makes sense.

wbeuil avatar Jun 20 '22 09:06 wbeuil