terraform-google-sql-db icon indicating copy to clipboard operation
terraform-google-sql-db copied to clipboard

Published 20 hours ago verified publisher icon terraform-google-modules

Module breaks when activation_policy = "NEVER"

Open kpocius opened this issue 2 years ago • 1 comments

TL;DR

If you set activation_policy = "NEVER" the module stops working because it can't read the default user for a shut down instance.

Expected behavior

Instance gets shut down and terraform plan/apply reports no changes.

Observed behavior

│ Error: Error when reading or editing SQL User "default" in instance "dev-db": googleapi: Error 400: Invalid request: Invalid request since instance is not running., invalid
│
│   with module.dev-db-postgresql.google_sql_user.default[0],
│   on .terraform/modules/dev-db-postgresql/modules/postgresql/main.tf line 188, in resource "google_sql_user" "default":
│  188: resource "google_sql_user" "default" {

Terraform Configuration

N/A

Terraform Version

N/A

Additional information

This was already reported in https://github.com/terraform-google-modules/terraform-google-sql-db/issues/286 but closed as stale.

We would like to shut down some unused databases without destroying them, but currently it is not possible.

kpocius avatar Aug 04 '22 20:08 kpocius

Is there any status update on this?

KeisajR avatar Aug 11 '22 12:08 KeisajR

As far as I understand, you're able to set the activation_policy as NEVER as long as the instance is running. Any changes after that result in errors because the resources dependent on the google_sql_database_instance resource are unable to access it since the instance is shut down.

Are you experiencing this error even when the instance is running? If so, is that only on PG or other engines as well?

g-awmalik avatar Sep 12 '22 22:09 g-awmalik

When the instance is running, it applies correctly, but every consecutive plan results in error. Only tried with PG, not sure what's the behavior on other DBs.

kpocius avatar Sep 13 '22 05:09 kpocius

I understand now and that's exactly what I tested. The reason consecutive plans fail is because the instance has been shutdown and currently the google_sql_database_instance data source does not give us a status for the instance which we could potentially used to do conditional checks (provider limitation).

This needs to be resolved at the provider level which is already being discussed. I'm going to close this for now and follow this discussion internally.

g-awmalik avatar Sep 13 '22 21:09 g-awmalik