Clint ccb9693994 Merge pull request #5676 from Originate/mb-ensure-iops-is-provided
provider/aws: Provide iops when changing storage type to io1 on RDS
2016-03-23 08:31:21 -05:00

988 lines
27 KiB

package aws
import (
func resourceAwsDbInstance() *schema.Resource {
return &schema.Resource{
Create: resourceAwsDbInstanceCreate,
Read: resourceAwsDbInstanceRead,
Update: resourceAwsDbInstanceUpdate,
Delete: resourceAwsDbInstanceDelete,
Schema: map[string]*schema.Schema{
"name": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
"arn": &schema.Schema{
Type: schema.TypeString,
Computed: true,
"username": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
"password": &schema.Schema{
Type: schema.TypeString,
Optional: true,
"engine": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
StateFunc: func(v interface{}) string {
value := v.(string)
return strings.ToLower(value)
"engine_version": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
"storage_encrypted": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
ForceNew: true,
"allocated_storage": &schema.Schema{
Type: schema.TypeInt,
Optional: true,
Computed: true,
"storage_type": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
"identifier": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
ValidateFunc: validateRdsId,
"instance_class": &schema.Schema{
Type: schema.TypeString,
Required: true,
"availability_zone": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
ForceNew: true,
"backup_retention_period": &schema.Schema{
Type: schema.TypeInt,
Optional: true,
Computed: true,
"backup_window": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
"iops": &schema.Schema{
Type: schema.TypeInt,
Optional: true,
"license_model": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
"maintenance_window": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
StateFunc: func(v interface{}) string {
if v != nil {
value := v.(string)
return strings.ToLower(value)
return ""
"multi_az": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Computed: true,
"port": &schema.Schema{
Type: schema.TypeInt,
Optional: true,
Computed: true,
ForceNew: true,
"publicly_accessible": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Computed: true,
"vpc_security_group_ids": &schema.Schema{
Type: schema.TypeSet,
Optional: true,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
Set: schema.HashString,
"security_group_names": &schema.Schema{
Type: schema.TypeSet,
Optional: true,
Elem: &schema.Schema{Type: schema.TypeString},
Set: schema.HashString,
"final_snapshot_identifier": &schema.Schema{
Type: schema.TypeString,
Optional: true,
ValidateFunc: func(v interface{}, k string) (ws []string, es []error) {
value := v.(string)
if !regexp.MustCompile(`^[0-9A-Za-z-]+$`).MatchString(value) {
es = append(es, fmt.Errorf(
"only alphanumeric characters and hyphens allowed in %q", k))
if regexp.MustCompile(`--`).MatchString(value) {
es = append(es, fmt.Errorf("%q cannot contain two consecutive hyphens", k))
if regexp.MustCompile(`-$`).MatchString(value) {
es = append(es, fmt.Errorf("%q cannot end in a hyphen", k))
"skip_final_snapshot": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Default: true,
"copy_tags_to_snapshot": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Default: false,
"db_subnet_group_name": &schema.Schema{
Type: schema.TypeString,
Optional: true,
ForceNew: true,
Computed: true,
"parameter_group_name": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
"address": &schema.Schema{
Type: schema.TypeString,
Computed: true,
"endpoint": &schema.Schema{
Type: schema.TypeString,
Computed: true,
"status": &schema.Schema{
Type: schema.TypeString,
Computed: true,
// apply_immediately is used to determine when the update modifications
// take place.
// See
"apply_immediately": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Computed: true,
"replicate_source_db": &schema.Schema{
Type: schema.TypeString,
Optional: true,
"replicas": &schema.Schema{
Type: schema.TypeList,
Computed: true,
Elem: &schema.Schema{Type: schema.TypeString},
"snapshot_identifier": &schema.Schema{
Type: schema.TypeString,
Computed: false,
Optional: true,
Elem: &schema.Schema{Type: schema.TypeString},
"auto_minor_version_upgrade": &schema.Schema{
Type: schema.TypeBool,
Optional: true,
Default: true,
"allow_major_version_upgrade": &schema.Schema{
Type: schema.TypeBool,
Computed: false,
Optional: true,
"monitoring_role_arn": &schema.Schema{
Type: schema.TypeString,
Optional: true,
Computed: true,
"monitoring_interval": &schema.Schema{
Type: schema.TypeInt,
Optional: true,
Default: 0,
"tags": tagsSchema(),
func resourceAwsDbInstanceCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).rdsconn
tags := tagsFromMapRDS(d.Get("tags").(map[string]interface{}))
identifier := d.Get("identifier").(string)
// Generate a unique ID for the user
if identifier == "" {
identifier = resource.PrefixedUniqueId("tf-")
// SQL Server identifier size is max 15 chars, so truncate
if engine := d.Get("engine").(string); engine != "" {
if strings.Contains(strings.ToLower(engine), "sqlserver") {
identifier = identifier[:15]
d.Set("identifier", identifier)
if v, ok := d.GetOk("replicate_source_db"); ok {
opts := rds.CreateDBInstanceReadReplicaInput{
SourceDBInstanceIdentifier: aws.String(v.(string)),
CopyTagsToSnapshot: aws.Bool(d.Get("copy_tags_to_snapshot").(bool)),
DBInstanceClass: aws.String(d.Get("instance_class").(string)),
DBInstanceIdentifier: aws.String(identifier),
Tags: tags,
if attr, ok := d.GetOk("iops"); ok {
opts.Iops = aws.Int64(int64(attr.(int)))
if attr, ok := d.GetOk("port"); ok {
opts.Port = aws.Int64(int64(attr.(int)))
if attr, ok := d.GetOk("availability_zone"); ok {
opts.AvailabilityZone = aws.String(attr.(string))
if attr, ok := d.GetOk("storage_type"); ok {
opts.StorageType = aws.String(attr.(string))
if attr, ok := d.GetOk("publicly_accessible"); ok {
opts.PubliclyAccessible = aws.Bool(attr.(bool))
if attr, ok := d.GetOk("db_subnet_group_name"); ok {
opts.DBSubnetGroupName = aws.String(attr.(string))
if attr, ok := d.GetOk("monitoring_role_arn"); ok {
opts.MonitoringRoleArn = aws.String(attr.(string))
if attr, ok := d.GetOk("monitoring_interval"); ok {
opts.MonitoringInterval = aws.Int64(int64(attr.(int)))
log.Printf("[DEBUG] DB Instance Replica create configuration: %#v", opts)
_, err := conn.CreateDBInstanceReadReplica(&opts)
if err != nil {
return fmt.Errorf("Error creating DB Instance: %s", err)
} else if _, ok := d.GetOk("snapshot_identifier"); ok {
opts := rds.RestoreDBInstanceFromDBSnapshotInput{
DBInstanceClass: aws.String(d.Get("instance_class").(string)),
DBInstanceIdentifier: aws.String(d.Get("identifier").(string)),
DBSnapshotIdentifier: aws.String(d.Get("snapshot_identifier").(string)),
AutoMinorVersionUpgrade: aws.Bool(d.Get("auto_minor_version_upgrade").(bool)),
Tags: tags,
CopyTagsToSnapshot: aws.Bool(d.Get("copy_tags_to_snapshot").(bool)),
if attr, ok := d.GetOk("availability_zone"); ok {
opts.AvailabilityZone = aws.String(attr.(string))
if attr, ok := d.GetOk("db_subnet_group_name"); ok {
opts.DBSubnetGroupName = aws.String(attr.(string))
if attr, ok := d.GetOk("engine"); ok {
opts.Engine = aws.String(attr.(string))
if attr, ok := d.GetOk("iops"); ok {
opts.Iops = aws.Int64(int64(attr.(int)))
if attr, ok := d.GetOk("license_model"); ok {
opts.LicenseModel = aws.String(attr.(string))
if attr, ok := d.GetOk("multi_az"); ok {
opts.MultiAZ = aws.Bool(attr.(bool))
if attr, ok := d.GetOk("option_group_name"); ok {
opts.OptionGroupName = aws.String(attr.(string))
if attr, ok := d.GetOk("port"); ok {
opts.Port = aws.Int64(int64(attr.(int)))
if attr, ok := d.GetOk("publicly_accessible"); ok {
opts.PubliclyAccessible = aws.Bool(attr.(bool))
if attr, ok := d.GetOk("tde_credential_arn"); ok {
opts.TdeCredentialArn = aws.String(attr.(string))
if attr, ok := d.GetOk("storage_type"); ok {
opts.StorageType = aws.String(attr.(string))
log.Printf("[DEBUG] DB Instance restore from snapshot configuration: %s", opts)
_, err := conn.RestoreDBInstanceFromDBSnapshot(&opts)
if err != nil {
return fmt.Errorf("Error creating DB Instance: %s", err)
var sgUpdate bool
if attr := d.Get("vpc_security_group_ids").(*schema.Set); attr.Len() > 0 {
sgUpdate = true
if attr := d.Get("security_group_names").(*schema.Set); attr.Len() > 0 {
sgUpdate = true
if sgUpdate {
log.Printf("[INFO] DB is restoring from snapshot with default security, but custom security should be set, will now update after snapshot is restored!")
// wait for instance to get up and then modify security
log.Printf("[INFO] DB Instance ID: %s", d.Id())
"[INFO] Waiting for DB Instance to be available")
stateConf := &resource.StateChangeConf{
Pending: []string{"creating", "backing-up", "modifying", "resetting-master-credentials",
"maintenance", "renaming", "rebooting", "upgrading"},
Target: []string{"available"},
Refresh: resourceAwsDbInstanceStateRefreshFunc(d, meta),
Timeout: 40 * time.Minute,
MinTimeout: 10 * time.Second,
Delay: 30 * time.Second, // Wait 30 secs before starting
// Wait, catching any errors
_, err := stateConf.WaitForState()
if err != nil {
return err
err = resourceAwsDbInstanceUpdate(d, meta)
if err != nil {
return err
} else {
if _, ok := d.GetOk("allocated_storage"); !ok {
return fmt.Errorf(` aws_db_instance: %s: "allocated_storage": required field is not set`, d.Get("name").(string))
if _, ok := d.GetOk("engine"); !ok {
return fmt.Errorf(` aws_db_instance: %s: "engine": required field is not set`, d.Get("name").(string))
if _, ok := d.GetOk("password"); !ok {
return fmt.Errorf(` aws_db_instance: %s: "password": required field is not set`, d.Get("name").(string))
if _, ok := d.GetOk("username"); !ok {
return fmt.Errorf(` aws_db_instance: %s: "username": required field is not set`, d.Get("name").(string))
opts := rds.CreateDBInstanceInput{
AllocatedStorage: aws.Int64(int64(d.Get("allocated_storage").(int))),
DBName: aws.String(d.Get("name").(string)),
DBInstanceClass: aws.String(d.Get("instance_class").(string)),
DBInstanceIdentifier: aws.String(d.Get("identifier").(string)),
MasterUsername: aws.String(d.Get("username").(string)),
MasterUserPassword: aws.String(d.Get("password").(string)),
Engine: aws.String(d.Get("engine").(string)),
EngineVersion: aws.String(d.Get("engine_version").(string)),
StorageEncrypted: aws.Bool(d.Get("storage_encrypted").(bool)),
AutoMinorVersionUpgrade: aws.Bool(d.Get("auto_minor_version_upgrade").(bool)),
Tags: tags,
CopyTagsToSnapshot: aws.Bool(d.Get("copy_tags_to_snapshot").(bool)),
attr := d.Get("backup_retention_period")
opts.BackupRetentionPeriod = aws.Int64(int64(attr.(int)))
if attr, ok := d.GetOk("multi_az"); ok {
opts.MultiAZ = aws.Bool(attr.(bool))
if attr, ok := d.GetOk("maintenance_window"); ok {
opts.PreferredMaintenanceWindow = aws.String(attr.(string))
if attr, ok := d.GetOk("backup_window"); ok {
opts.PreferredBackupWindow = aws.String(attr.(string))
if attr, ok := d.GetOk("license_model"); ok {
opts.LicenseModel = aws.String(attr.(string))
if attr, ok := d.GetOk("parameter_group_name"); ok {
opts.DBParameterGroupName = aws.String(attr.(string))
if attr := d.Get("vpc_security_group_ids").(*schema.Set); attr.Len() > 0 {
var s []*string
for _, v := range attr.List() {
s = append(s, aws.String(v.(string)))
opts.VpcSecurityGroupIds = s
if attr := d.Get("security_group_names").(*schema.Set); attr.Len() > 0 {
var s []*string
for _, v := range attr.List() {
s = append(s, aws.String(v.(string)))
opts.DBSecurityGroups = s
if attr, ok := d.GetOk("storage_type"); ok {
opts.StorageType = aws.String(attr.(string))
if attr, ok := d.GetOk("db_subnet_group_name"); ok {
opts.DBSubnetGroupName = aws.String(attr.(string))
if attr, ok := d.GetOk("iops"); ok {
opts.Iops = aws.Int64(int64(attr.(int)))
if attr, ok := d.GetOk("port"); ok {
opts.Port = aws.Int64(int64(attr.(int)))
if attr, ok := d.GetOk("availability_zone"); ok {
opts.AvailabilityZone = aws.String(attr.(string))
if attr, ok := d.GetOk("publicly_accessible"); ok {
opts.PubliclyAccessible = aws.Bool(attr.(bool))
if attr, ok := d.GetOk("monitoring_role_arn"); ok {
opts.MonitoringRoleArn = aws.String(attr.(string))
if attr, ok := d.GetOk("monitoring_interval"); ok {
opts.MonitoringInterval = aws.Int64(int64(attr.(int)))
log.Printf("[DEBUG] DB Instance create configuration: %#v", opts)
var err error
err = resource.Retry(5*time.Minute, func() *resource.RetryError {
_, err = conn.CreateDBInstance(&opts)
if err != nil {
if awsErr, ok := err.(awserr.Error); ok {
if awsErr.Code() == "InvalidParameterValue" && strings.Contains(awsErr.Message(), "ENHANCED_MONITORING") {
return resource.RetryableError(awsErr)
return resource.NonRetryableError(err)
return nil
if err != nil {
return fmt.Errorf("Error creating DB Instance: %s", err)
log.Printf("[INFO] DB Instance ID: %s", d.Id())
"[INFO] Waiting for DB Instance to be available")
stateConf := &resource.StateChangeConf{
Pending: []string{"creating", "backing-up", "modifying", "resetting-master-credentials",
"maintenance", "renaming", "rebooting", "upgrading"},
Target: []string{"available"},
Refresh: resourceAwsDbInstanceStateRefreshFunc(d, meta),
Timeout: 40 * time.Minute,
MinTimeout: 10 * time.Second,
Delay: 30 * time.Second, // Wait 30 secs before starting
// Wait, catching any errors
_, err := stateConf.WaitForState()
if err != nil {
return err
return resourceAwsDbInstanceRead(d, meta)
func resourceAwsDbInstanceRead(d *schema.ResourceData, meta interface{}) error {
v, err := resourceAwsDbInstanceRetrieve(d, meta)
if err != nil {
return err
if v == nil {
return nil
d.Set("name", v.DBName)
d.Set("username", v.MasterUsername)
d.Set("engine", v.Engine)
d.Set("engine_version", v.EngineVersion)
d.Set("allocated_storage", v.AllocatedStorage)
d.Set("copy_tags_to_snapshot", v.CopyTagsToSnapshot)
d.Set("auto_minor_version_upgrade", v.AutoMinorVersionUpgrade)
d.Set("storage_type", v.StorageType)
d.Set("instance_class", v.DBInstanceClass)
d.Set("availability_zone", v.AvailabilityZone)
d.Set("backup_retention_period", v.BackupRetentionPeriod)
d.Set("backup_window", v.PreferredBackupWindow)
d.Set("license_model", v.LicenseModel)
d.Set("maintenance_window", v.PreferredMaintenanceWindow)
d.Set("publicly_accessible", v.PubliclyAccessible)
d.Set("multi_az", v.MultiAZ)
if v.DBSubnetGroup != nil {
d.Set("db_subnet_group_name", v.DBSubnetGroup.DBSubnetGroupName)
if len(v.DBParameterGroups) > 0 {
d.Set("parameter_group_name", v.DBParameterGroups[0].DBParameterGroupName)
if v.Endpoint != nil {
d.Set("port", v.Endpoint.Port)
d.Set("address", v.Endpoint.Address)
if v.Endpoint.Address != nil && v.Endpoint.Port != nil {
fmt.Sprintf("%s:%d", *v.Endpoint.Address, *v.Endpoint.Port))
d.Set("status", v.DBInstanceStatus)
d.Set("storage_encrypted", v.StorageEncrypted)
if v.MonitoringInterval != nil {
d.Set("monitoring_interval", v.MonitoringInterval)
if v.MonitoringRoleArn != nil {
d.Set("monitoring_role_arn", v.MonitoringRoleArn)
// list tags for resource
// set tags
conn := meta.(*AWSClient).rdsconn
arn, err := buildRDSARN(d.Id(), meta)
if err != nil {
name := "<empty>"
if v.DBName != nil && *v.DBName != "" {
name = *v.DBName
log.Printf("[DEBUG] Error building ARN for DB Instance, not setting Tags for DB %s", name)
} else {
d.Set("arn", arn)
resp, err := conn.ListTagsForResource(&rds.ListTagsForResourceInput{
ResourceName: aws.String(arn),
if err != nil {
log.Printf("[DEBUG] Error retrieving tags for ARN: %s", arn)
var dt []*rds.Tag
if len(resp.TagList) > 0 {
dt = resp.TagList
d.Set("tags", tagsToMapRDS(dt))
// Create an empty schema.Set to hold all vpc security group ids
ids := &schema.Set{
F: schema.HashString,
for _, v := range v.VpcSecurityGroups {
d.Set("vpc_security_group_ids", ids)
// Create an empty schema.Set to hold all security group names
sgn := &schema.Set{
F: schema.HashString,
for _, v := range v.DBSecurityGroups {
d.Set("security_group_names", sgn)
// replica things
var replicas []string
for _, v := range v.ReadReplicaDBInstanceIdentifiers {
replicas = append(replicas, *v)
if err := d.Set("replicas", replicas); err != nil {
return fmt.Errorf("[DEBUG] Error setting replicas attribute: %#v, error: %#v", replicas, err)
d.Set("replicate_source_db", v.ReadReplicaSourceDBInstanceIdentifier)
return nil
func resourceAwsDbInstanceDelete(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).rdsconn
log.Printf("[DEBUG] DB Instance destroy: %v", d.Id())
opts := rds.DeleteDBInstanceInput{DBInstanceIdentifier: aws.String(d.Id())}
skipFinalSnapshot := d.Get("skip_final_snapshot").(bool)
opts.SkipFinalSnapshot = aws.Bool(skipFinalSnapshot)
if !skipFinalSnapshot {
if name, present := d.GetOk("final_snapshot_identifier"); present {
opts.FinalDBSnapshotIdentifier = aws.String(name.(string))
} else {
return fmt.Errorf("DB Instance FinalSnapshotIdentifier is required when a final snapshot is required")
log.Printf("[DEBUG] DB Instance destroy configuration: %v", opts)
if _, err := conn.DeleteDBInstance(&opts); err != nil {
return err
"[INFO] Waiting for DB Instance to be destroyed")
stateConf := &resource.StateChangeConf{
Pending: []string{"creating", "backing-up",
"modifying", "deleting", "available"},
Target: []string{},
Refresh: resourceAwsDbInstanceStateRefreshFunc(d, meta),
Timeout: 40 * time.Minute,
MinTimeout: 10 * time.Second,
Delay: 30 * time.Second, // Wait 30 secs before starting
if _, err := stateConf.WaitForState(); err != nil {
return err
return nil
func resourceAwsDbInstanceUpdate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).rdsconn
req := &rds.ModifyDBInstanceInput{
ApplyImmediately: aws.Bool(d.Get("apply_immediately").(bool)),
DBInstanceIdentifier: aws.String(d.Id()),
requestUpdate := false
if d.HasChange("allocated_storage") {
req.AllocatedStorage = aws.Int64(int64(d.Get("allocated_storage").(int)))
requestUpdate = true
if d.HasChange("allow_major_version_upgrade") {
req.AllowMajorVersionUpgrade = aws.Bool(d.Get("allow_major_version_upgrade").(bool))
requestUpdate = true
if d.HasChange("backup_retention_period") {
req.BackupRetentionPeriod = aws.Int64(int64(d.Get("backup_retention_period").(int)))
requestUpdate = true
if d.HasChange("copy_tags_to_snapshot") {
req.CopyTagsToSnapshot = aws.Bool(d.Get("copy_tags_to_snapshot").(bool))
requestUpdate = true
if d.HasChange("instance_class") {
req.DBInstanceClass = aws.String(d.Get("instance_class").(string))
requestUpdate = true
if d.HasChange("parameter_group_name") {
req.DBParameterGroupName = aws.String(d.Get("parameter_group_name").(string))
requestUpdate = true
if d.HasChange("engine_version") {
req.EngineVersion = aws.String(d.Get("engine_version").(string))
requestUpdate = true
if d.HasChange("iops") {
req.Iops = aws.Int64(int64(d.Get("iops").(int)))
requestUpdate = true
if d.HasChange("backup_window") {
req.PreferredBackupWindow = aws.String(d.Get("backup_window").(string))
requestUpdate = true
if d.HasChange("maintenance_window") {
req.PreferredMaintenanceWindow = aws.String(d.Get("maintenance_window").(string))
requestUpdate = true
if d.HasChange("password") {
req.MasterUserPassword = aws.String(d.Get("password").(string))
requestUpdate = true
if d.HasChange("multi_az") {
req.MultiAZ = aws.Bool(d.Get("multi_az").(bool))
requestUpdate = true
if d.HasChange("publicly_accessible") {
req.PubliclyAccessible = aws.Bool(d.Get("publicly_accessible").(bool))
requestUpdate = true
if d.HasChange("storage_type") {
req.StorageType = aws.String(d.Get("storage_type").(string))
requestUpdate = true
if *req.StorageType == "io1" {
req.Iops = aws.Int64(int64(d.Get("iops").(int)))
if d.HasChange("auto_minor_version_upgrade") {
req.AutoMinorVersionUpgrade = aws.Bool(d.Get("auto_minor_version_upgrade").(bool))
requestUpdate = true
if d.HasChange("monitoring_role_arn") {
req.MonitoringRoleArn = aws.String(d.Get("monitoring_role_arn").(string))
requestUpdate = true
if d.HasChange("monitoring_interval") {
req.MonitoringInterval = aws.Int64(int64(d.Get("monitoring_interval").(int)))
requestUpdate = true
if d.HasChange("vpc_security_group_ids") {
if attr := d.Get("vpc_security_group_ids").(*schema.Set); attr.Len() > 0 {
var s []*string
for _, v := range attr.List() {
s = append(s, aws.String(v.(string)))
req.VpcSecurityGroupIds = s
requestUpdate = true
if d.HasChange("security_group_names") {
if attr := d.Get("security_group_names").(*schema.Set); attr.Len() > 0 {
var s []*string
for _, v := range attr.List() {
s = append(s, aws.String(v.(string)))
req.DBSecurityGroups = s
requestUpdate = true
log.Printf("[DEBUG] Send DB Instance Modification request: %#v", requestUpdate)
if requestUpdate {
log.Printf("[DEBUG] DB Instance Modification request: %#v", req)
_, err := conn.ModifyDBInstance(req)
if err != nil {
return fmt.Errorf("Error modifying DB Instance %s: %s", d.Id(), err)
// separate request to promote a database
if d.HasChange("replicate_source_db") {
if d.Get("replicate_source_db").(string) == "" {
// promote
opts := rds.PromoteReadReplicaInput{
DBInstanceIdentifier: aws.String(d.Id()),
attr := d.Get("backup_retention_period")
opts.BackupRetentionPeriod = aws.Int64(int64(attr.(int)))
if attr, ok := d.GetOk("backup_window"); ok {
opts.PreferredBackupWindow = aws.String(attr.(string))
_, err := conn.PromoteReadReplica(&opts)
if err != nil {
return fmt.Errorf("Error promoting database: %#v", err)
d.Set("replicate_source_db", "")
} else {
return fmt.Errorf("cannot elect new source database for replication")
if arn, err := buildRDSARN(d.Id(), meta); err == nil {
if err := setTagsRDS(conn, d, arn); err != nil {
return err
} else {
return resourceAwsDbInstanceRead(d, meta)
// resourceAwsDbInstanceRetrieve fetches DBInstance information from the AWS
// API. It returns an error if there is a communication problem or unexpected
// error with AWS. When the DBInstance is not found, it returns no error and a
// nil pointer.
func resourceAwsDbInstanceRetrieve(
d *schema.ResourceData, meta interface{}) (*rds.DBInstance, error) {
conn := meta.(*AWSClient).rdsconn
opts := rds.DescribeDBInstancesInput{
DBInstanceIdentifier: aws.String(d.Id()),
log.Printf("[DEBUG] DB Instance describe configuration: %#v", opts)
resp, err := conn.DescribeDBInstances(&opts)
if err != nil {
dbinstanceerr, ok := err.(awserr.Error)
if ok && dbinstanceerr.Code() == "DBInstanceNotFound" {
return nil, nil
return nil, fmt.Errorf("Error retrieving DB Instances: %s", err)
if len(resp.DBInstances) != 1 ||
*resp.DBInstances[0].DBInstanceIdentifier != d.Id() {
if err != nil {
return nil, nil
return resp.DBInstances[0], nil
func resourceAwsDbInstanceStateRefreshFunc(
d *schema.ResourceData, meta interface{}) resource.StateRefreshFunc {
return func() (interface{}, string, error) {
v, err := resourceAwsDbInstanceRetrieve(d, meta)
if err != nil {
log.Printf("Error on retrieving DB Instance when waiting: %s", err)
return nil, "", err
if v == nil {
return nil, "", nil
if v.DBInstanceStatus != nil {
log.Printf("[DEBUG] DB Instance status for instance %s: %s", d.Id(), *v.DBInstanceStatus)
return v, *v.DBInstanceStatus, nil
func buildRDSARN(identifier string, meta interface{}) (string, error) {
iamconn := meta.(*AWSClient).iamconn
region := meta.(*AWSClient).region
// An zero value GetUserInput{} defers to the currently logged in user
resp, err := iamconn.GetUser(&iam.GetUserInput{})
if err != nil {
return "", err
userARN := *resp.User.Arn
accountID := strings.Split(userARN, ":")[4]
arn := fmt.Sprintf("arn:aws:rds:%s:%s:db:%s", region, accountID, identifier)
return arn, nil