-
Notifications
You must be signed in to change notification settings - Fork 108
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AWS Secrets Manager Provider Constantly Adds and Deletes Regional Replication #1079
Comments
Thank you for bringing up this issue @shelby-moore, could you please share the logs with us? |
For sure, here's an excerpt of what gets output repeatedly for each secret with replication being managed:
|
The issue can be reproduced with the provided information:
And |
It looks like the crossplane provider is setting a bunch of unspecified properties to "" in the New state, which are null in the Old state, and that's causing the terraform provider to replace the entire list element. It seems like we need to do a better job distinguishing between null and "zero" values. |
What happened?
On upgrade to 0.47.1 (also observed the same behaviour in 0.46.0), the AWS Secrets Manager provider constantly removes regional replication for secrets and then adds it back. This results in a steep increase in billing costs for the AWS Secrets Manager API. Tailing the logs for the provider will show the constant creation and deletion of replication. Downgrading the provider to 0.43.0 resolved the issue.
How can we reproduce it?
Create a Secret resource with the replica config block set to replicate the secret to an additional region, ex:
What environment did it happen in?
The text was updated successfully, but these errors were encountered: