Unable to use MySQL provider in conjunction with other resources that create MySQL servers

[cyrus-mc]

According to this documentation:

https://www.terraform.io/docs/providers/mysql/index.html

You can use the output of resource (ie: RDS cluster) to within the MySQL provider. What I find is that the RDS cluster has to exist first, else during a plan/apply when it tries to refresh state it defaults to endpoint 127.0.0.1 (which obviously fails).

If the RDS cluster exist then the above documented feature works. This presents a problem as to be able to run this in an automated fashion I would first have to exclude mysql resources, create the RDS cluster and then run again including the MySQL resources. Terraform doesn't support this as it only supports --target to target resources you want, there is no inverse (exclude resources).

Terraform Version

› terraform -v
Terraform v0.11.7
+ provider.aws v1.32.0
+ provider.mysql v1.1.0
+ provider.random v2.0.0

Your version of Terraform is out of date! The latest version
is 0.11.8. You can update by downloading from www.terraform.io/downloads.html

Terraform Configuration Files

/* define the aurora cluster */
resource "aws_rds_cluster" "rds-cluster" {
  cluster_identifier_prefix = "${format("%s-", local.stack)}"

  engine         = "${var.db_engine}"
  //engine_version = "${var.db_engine_version}"
  port           = "${var.db_port}"

  database_name           = "${var.db_name}"
  backup_retention_period = "${var.backup_retention_period}"
  preferred_backup_window = "${var.preferred_backup_window}"
  skip_final_snapshot     = true

  availability_zones     = [ "${data.aws_subnet.selected.*.availability_zone}" ]
  db_subnet_group_name   = "${aws_db_subnet_group.rds-cluster-subnet-group.name}"
  vpc_security_group_ids = ["${aws_security_group.main.id}"]

  iam_database_authentication_enabled = "${var.iam_enabled}"

  master_username = "${var.master_username}"
  master_password = "${random_string.password.result}"

  lifecycle {
    create_before_destroy = true

    /* ignore cause RDS seems to set to all zones regardless */
    ignore_changes = [ "availability_zones" ]
  }

  tags = "${merge(var.tags, local.tags)}"
}

provider "mysql" {
  //"aws_rds_cluster" "rds-cluster"
  endpoint = "${aws_rds_cluster.rds-cluster.endpoint}"
  username = "${aws_rds_cluster.rds-cluster.master_username}"
  password = "${random_string.password.result}"

 // depends_on = [ "aws_rds_cluster.rds-cluster" ]
}


//optional lambda user, using AWSAuthenticationPlugin
resource "mysql_user" "lambda" {
  count = "${var.iam_enabled}"

  user  = "lambda"

  host        = "%"
  auth_plugin = "AWSAuthenticationPlugin"

  depends_on = [ "aws_rds_cluster.rds-cluster", "random_string.password" ]
}

Expected Behavior

Terraform should delay refreshing the data of a provider when its configuration is dependent on other resources.

Actual Behavior

Terraform tries to refresh the state of the MySQL provider and has insufficient connection details. It ends up defaulting to localhost as the endpoint.

[pradeepbhadani]

facing same issue

[apparentlymart]

Hi @cyrus-mc! Sorry things didn't work as expected here.

I think you've hit the same issue discussed in #4149 here. While that issue is old, the Terraform Core team is intending to do some further design iteration on it in order to allow this sort of "multi-layer" configuration where you gradually build up a stack that spans across multiple providers.

At the moment the focus of the Terraform Core team is on the configuration language improvements for the forthcoming Terraform 0.12 release, but we'll return to this issue in future to address this use-case.

Since this problem is already covered by #4149, I'm going to close this just to consolidate the discussion over there. Thanks for sharing your use-case!

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.