Terraform-provider-aws: Error while enabling enhanced monitoring on AWS Maria DB RDS.

Created on 6 Nov 2017  ยท  6Comments  ยท  Source: hashicorp/terraform-provider-aws

_This issue was originally opened by @bcavarun as hashicorp/terraform#16568. It was migrated here as a result of the provider split. The original body of the issue is below._

Hi there,

Terraform Version

0.9.5

Terraform Configuration Files

resource "aws_iam_role" "rds-enhanced-monitoring-role" {
name = "-rds-monitoring-role"
assume_role_policy = < {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": "monitoring.rds.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
EOF
}

resource "aws_iam_role_policy" "rds-enhanced-monitoring-policy" {
depends_on = ["aws_iam_role.rds-enhanced-monitoring-role"]
name = "enhanced-monitoring-attachment"
role = "${aws_iam_role.rds-enhanced-monitoring-role.name}"
policy = < {
"Version": "2012-10-17",
"Statement": [
{
"Sid": "EnableCreationAndManagementOfRDSCloudwatchLogGroups",
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:PutRetentionPolicy"
],
"Resource": [
"arn:aws:logs:::log-group:RDS"
]
},
{
"Sid": "EnableCreationAndManagementOfRDSCloudwatchLogStreams",
"Effect": "Allow",
"Action": [
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams",
"logs:GetLogEvents"
],
"Resource": [
"arn:aws:logs:::log-group:RDS:log-stream:*"
]
}
]
}
EOF
}

Debug Output

enhancedmonitoring

Expected Behavior

Database should have got Enhanced Monitoring turned on.

Actual Behavior

It threw error that Role Value is required but the role got created in AWS and I am able to attach that role using AWS Console.

Steps to Reproduce

Please list the full steps required to reproduce the issue, for example:

  1. Create a database using terraform
  2. Attach monitoring role to the database, below are the parameters which I am passing,
  3. monitoring_interval = "10"
  4. monitoring_role_arn = "${aws_iam_role.rds-enhanced-monitoring-role.arn}"

Important Factoids

If I create a fresh database, it works fine. but if I try to attach monitoring role on an existing database, I get the above mentioned error

References

Are there any other GitHub issues (open or closed) or Pull Requests that should be linked here? For example:

  • hashicorp/terraform#6017
bug servicrds
Source
picture hashibot
👍2

Most helpful comment

I'm having the same issue at the moment.

picture bjoernHeneka on 14 Dec 2017
👍2

All 6 comments

Value of monitoring_interval and monitoring_role_arn in terraform.tfstate file
"monitoring_interval": "10", "monitoring_role_arn": "arn:aws:iam::<AWS_ACCOUNT_NO>:role/rds-monitoring-role",
Above role is created in AWS and I am able to attach it to db by AWS console.

But when I am trying using terraform it gives following error
`Error applying plan:

1 error(s) occurred:

  • aws_db_instance.rds_db_instance: 1 error(s) occurred:

  • aws_db_instance.rds_db_instance: Error modifying DB Instance maria-db: InvalidParameterCombination: A MonitoringRoleARN value is required if you specify a MonitoringInterval value other than 0.
    status code: 400, request id: bad65ae0-8de3-42aa

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.
`

bcavarun picture bcavarun on 21 Nov 2017

I'm having the same issue at the moment.

bjoernHeneka picture bjoernHeneka on 14 Dec 2017
👍2

Fix submitted: https://github.com/terraform-providers/terraform-provider-aws/pull/9747

bflad picture bflad on 13 Aug 2019

The fix for this has been merged and will release in version 2.25.0 of the Terraform AWS Provider, in about a week.

bflad picture bflad on 15 Aug 2019

This has been released in version 2.25.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

hashibot[bot] picture hashibot[bot] on 23 Aug 2019

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

hashibot[bot] picture hashibot[bot] on 1 Nov 2019
Was this page helpful?
0 / 5 - 0 ratings

Related issues

jch254 picture jch254  ยท  37Comments
hashibot picture hashibot  ยท  50Comments
charles-at-geospock picture charles-at-geospock  ยท  44Comments
cjeanneret picture cjeanneret  ยท  39Comments
hashibot picture hashibot  ยท  58Comments