Terraform-provider-aws: aws_db_parameter_group plan shows changes even after applying
_This issue was originally opened by @joshma as hashicorp/terraform#12513. It was migrated here as part of the provider split. The original body of the issue is below._
Terraform Version
Terraform v0.8.8
Affected Resource(s)
Please list the resources as a list, for example:
- aws_db_parameter_group
Terraform Configuration Files
resource "aws_db_parameter_group" "my_db" {
name = "my-db-name"
family = "postgres9.4"
parameter {
name = "max_standby_archive_delay"
# 48 hours in milliseconds
value = "172800000"
}
parameter {
name = "max_standby_streaming_delay"
# 48 hours in milliseconds
value = "172800000"
}
parameter {
name = "max_connections"
value = "250"
apply_method = "pending-reboot"
}
parameter {
name = "client_encoding"
value = "UTF8"
apply_method = "pending-reboot"
}
parameter {
name = "shared_preload_libraries"
value = "pg_stat_statements"
apply_method = "pending-reboot"
}
parameter {
name = "rds.force_admin_logging_level"
value = "notice"
}
parameter {
name = "rds.force_autovacuum_logging_level"
value = "notice"
}
parameter {
name = "rds.force_ssl"
value = "1"
apply_method = "pending-reboot"
}
}
Expected Behavior
After running terraform apply, terraform plan should show no changes.
Actual Behavior
terraform plan shows client_encoding getting updated:
~ module.my_module.aws_db_parameter_group.my_db
parameter.#: "7" => "8"
parameter.1060480147.apply_method: "pending-reboot" => "pending-reboot"
parameter.1060480147.name: "max_connections" => "max_connections"
parameter.1060480147.value: "250" => "250"
parameter.1124637299.apply_method: "" => "pending-reboot"
parameter.1124637299.name: "" => "client_encoding"
parameter.1124637299.value: "" => "UTF8"
parameter.1338002971.apply_method: "immediate" => "immediate"
parameter.1338002971.name: "max_standby_archive_delay" => "max_standby_archive_delay"
parameter.1338002971.value: "172800000" => "172800000"
parameter.2349693848.apply_method: "pending-reboot" => "pending-reboot"
parameter.2349693848.name: "rds.force_ssl" => "rds.force_ssl"
parameter.2349693848.value: "1" => "1"
parameter.321609972.apply_method: "immediate" => "immediate"
parameter.321609972.name: "rds.force_autovacuum_logging_level" => "rds.force_autovacuum_logging_level"
parameter.321609972.value: "notice" => "notice"
parameter.3896701117.apply_method: "immediate" => "immediate"
parameter.3896701117.name: "rds.force_admin_logging_level" => "rds.force_admin_logging_level"
parameter.3896701117.value: "notice" => "notice"
parameter.3962180947.apply_method: "pending-reboot" => "pending-reboot"
parameter.3962180947.name: "shared_preload_libraries" => "shared_preload_libraries"
parameter.3962180947.value: "pg_stat_statements" => "pg_stat_statements"
parameter.969787585.apply_method: "immediate" => "immediate"
parameter.969787585.name: "max_standby_streaming_delay" => "max_standby_streaming_delay"
parameter.969787585.value: "172800000" => "172800000"
It could be useful to note that, inspecting .tfstate, parameter.1124637299 is NOT being saved.
hashibot
All 7 comments
I believe I've found the cause of this issue. This occurs when attempting to set a parameter to the RDS system default.
When the resourceAwsDbParameterGroupRead function calls the AWS API, it only queries the user-customized parameters (see here). Then when Terraform does the diff between the current state and the config, it sees that a change needs to be applied, when it does not.
If I get time, I'll write up a test for this and see if I can find a good fix. My inclination would be to query for all DB parameters, and take the (fairly minor) performance hit. However, that probably involves writing some extra logic to make sure we don't show a diff of all the things. I'll take a look.
billputer
on 14 Jun 2017
Ah okay, @billputer do you know of any way to confirm that UTF8 is the default on RDS Postgres? Your explanation makes sense; if I can verify that it's the default I'd probably just leave it off (and that resolves my problem at least). I couldn't find any docs, wondering if you had found some.
Thanks for looking into this!
joshma
on 16 Jun 2017
You can look up the system defaults using the AWS CLI command describe-engine-default-parameters.
aws rds describe-engine-default-parameters --db-parameter-group-family postgres9.5
We're doing the same for now, just leaving off the default params.
billputer
on 16 Jun 2017
@billputer I'm running into this pretty hard in our environment. How far did you get in a fix for this, if anywhere? If you have notes or a partial implementation that you can share, I'd be glad to try and run it to completion.
handlerbot
on 18 Sep 2017
@handlerbot The easy fix is to not set the params that are system defaults. In our case, we simply removed the client_encoding parameter from our configuration.
billputer
on 20 Sep 2017
I've opened #3182, which should serve as a complete solution to this problem.
paddycarver
on 29 Jan 2018
I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.
If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 8 Apr 2020
Related issues
hashibot
ยท
3Comments
ghost
ยท
3Comments
EmmN
ยท
3Comments
hashibot
ยท
3Comments
hashibot
ยท
3Comments
Most helpful comment
You can look up the system defaults using the AWS CLI command describe-engine-default-parameters.
aws rds describe-engine-default-parameters --db-parameter-group-family postgres9.5We're doing the same for now, just leaving off the default params.