Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent modification of backup plan rule.schedule #8737

Closed
carlospgarciat opened this issue May 22, 2019 · 7 comments · Fixed by #10641
Closed

Prevent modification of backup plan rule.schedule #8737

carlospgarciat opened this issue May 22, 2019 · 7 comments · Fixed by #10641
Labels
bug Addresses a defect in current functionality. service/backup Issues and PRs that pertain to the backup service.
Milestone
v2.34.0

Comments

@carlospgarciat
Copy link

carlospgarciat commented May 22, 2019
edited
Loading

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

v0.11.14

Affected Resource(s)

  • aws_backup_plan

Terraform Configuration Files

resource "aws_backup_plan" "this" {
  name = "${var.backup_plan_name}"

  rule = {
    rule_name         = "${var.backup_rule_name}"
    target_vault_name = "${aws_backup_vault.this.name}"
    schedule          = "${var.backup_schedule}" //Example cron(10 12 * * ? *)
    start_window      = "${var.minutes_to_start}" 
    completion_window = "${var.minutes_to_complete}" 
    lifecycle         = {
      cold_storage_after = "${var.cold_storage_after_days}"  
      delete_after = "${var.delete_after_days}"
    }
    recovery_point_tags = {
      BackupType = "${var.backup_type_tag}"
      Enviroment = "${var.enviroment_tag}"
    }
  }
}

Debug Output

Panic Output

1 error occurred:
* module.aws-backup.aws_backup_plan.this: 1 error occurred:
* aws_backup_plan.this: error updating Backup Plan: InvalidParameter: 2 validation error(s) found.

  • missing required field, UpdateBackupPlanInput.BackupPlan.Rules[0].RuleName.
  • missing required field, UpdateBackupPlanInput.BackupPlan.Rules[0].TargetBackupVaultName.

Expected Behavior

The schedule settings should've changed with the configuration that originally created the schedule.

Actual Behavior

The updated schedule does not get applied.

Steps to Reproduce

Create a backup plan with a set schedule. Once created and deployed, change the schedule by adding a minute or changing the hour.

  1. terraform apply

Important Factoids

  • backups fetch resources by tags
  • IAM role has both managed policies for backup and restore

References

  • #0000
@carlospgarciat carlospgarciat changed the title Prevent modification of backup plan schedule Prevent modification of backup plan rule.schedule May 22, 2019
@bflad bflad added the service/backup Issues and PRs that pertain to the backup service. label May 23, 2019
@querry43
Copy link

querry43 commented Jun 5, 2019

I am also running into this bug. My workaround is to manually remove the plan and have terraform recreate it.

Terraform v0.11.14
+ provider.aws v2.13.0

@dannyleesmith
Copy link

dannyleesmith commented Jun 5, 2019
edited
Loading

Also getting this. Changing from:

resource "aws_backup_plan" "advanced" {
  name = "${var.environment}-Advanced"

  rule {
    rule_name         = "Daily"
    target_vault_name = "${aws_backup_vault.advanced.id}"
    schedule          = "cron(0 5 ? * 1-5,7 *)"
    start_window      = 60
    completion_window = 360

    recovery_point_tags = {
      BackupRule  = "Daily"
      BackupVault = "${aws_backup_vault.advanced.id}"
      Environment = "${var.environment}"
    }

    lifecycle {
      delete_after = 7
    }
  }

  rule {
    rule_name         = "Weekly"
    target_vault_name = "${aws_backup_vault.advanced.id}"
    schedule          = "cron(0 5 ? * 6 *)"
    start_window      = 60
    completion_window = 3600

    recovery_point_tags = {
      BackupRule  = "Weekly"
      BackupVault = "${aws_backup_vault.advanced.id}"
      Environment = "${var.environment}"
    }

    lifecycle {
      cold_storage_after = 60
      delete_after       = 180
    }
  }

  tags = {
    BackupPlan      = "${var.environment}-Advanced"
    Environment     = "${var.environment}"
    ServiceProvider = "Rackspace"
    Terraform       = "true"
  }
}

To:

resource "aws_backup_plan" "advanced" {
  name = "${var.environment}-Advanced"

  rule {
    rule_name         = "Daily"
    target_vault_name = "${aws_backup_vault.advanced.id}"
    schedule          = "cron(0 2 ? * 1-5,7 *)" # CHANGE HERE
    start_window      = 60
    completion_window = 360

    recovery_point_tags = {
      BackupRule  = "Daily"
      BackupVault = "${aws_backup_vault.advanced.id}"
      Environment = "${var.environment}"
    }

    lifecycle {
      delete_after = 7
    }
  }

  rule {
    rule_name         = "Weekly"
    target_vault_name = "${aws_backup_vault.advanced.id}"
    schedule          = "cron(0 2 ? * 6 *)" # CHANGE HERE
    start_window      = 60
    completion_window = 3600

    recovery_point_tags = {
      BackupRule  = "Weekly"
      BackupVault = "${aws_backup_vault.advanced.id}"
      Environment = "${var.environment}"
    }

    lifecycle {
      cold_storage_after = 60
      delete_after       = 180
    }
  }

  tags = {
    BackupPlan      = "${var.environment}-Advanced"
    Environment     = "${var.environment}"
    ServiceProvider = "Rackspace"
    Terraform       = "true"
  }
}

Results in:

Error: Error applying plan:

2 error(s) occurred:

* aws_backup_plan.advanced: 1 error(s) occurred:

* aws_backup_plan.advanced: error updating Backup Plan: InvalidParameter: 2 validation error(s) found.
- missing required field, UpdateBackupPlanInput.BackupPlan.Rules[0].RuleName.
- missing required field, UpdateBackupPlanInput.BackupPlan.Rules[0].TargetBackupVaultName.

Terraform v0.11.13
+ provider.aws v2.13.0

UPDATE: on a more basic example this doesn't appear to happen.

This:

resource "aws_backup_plan" "basic" {
  name = "${var.environment}-Basic"

  rule {
    rule_name         = "Daily"
    target_vault_name = "${aws_backup_vault.basic.id}"
    schedule          = "cron(0 5 ? * * *)"
  }
}

To this:

resource "aws_backup_plan" "basic" {
  name = "${var.environment}-Basic"

  rule {
    rule_name         = "Daily"
    target_vault_name = "${aws_backup_vault.basic.id}"
    schedule          = "cron(0 5 ? * * *)"
  }

  rule {
    rule_name         = "Weekly"
    target_vault_name = "${aws_backup_vault.basic.id}"
    schedule          = "cron(0 5 ? * * *)"
  }
}

To this:

resource "aws_backup_plan" "basic" {
  name = "${var.environment}-Basic"

  rule {
    rule_name         = "Daily"
    target_vault_name = "${aws_backup_vault.basic.id}"
    schedule          = "cron(0 6 ? * * *)" # CHANGE HERE
  }

  rule {
    rule_name         = "Weekly"
    target_vault_name = "${aws_backup_vault.basic.id}"
    schedule          = "cron(0 5 ? * * *)"
  }
}

And back to a single rule again causes no errors.

@carlospgarciat
Copy link
Author

carlospgarciat commented Jun 5, 2019
edited
Loading

Updated module syntax and tried using v0.12.1 = Same thing.
PS: The work around works but is a pain to destroy and re-create every time.

@aeschright aeschright added the needs-triage Waiting for first response or review from a maintainer. label Jun 24, 2019
@ewbankkit
Copy link
Contributor

This is the same error as #8431.

@ewbankkit ewbankkit mentioned this issue Oct 26, 2019
Merged
@bflad bflad added bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Oct 29, 2019
@bflad bflad added this to the v2.34.0 milestone Oct 29, 2019
@bflad
Copy link
Contributor

bflad commented Oct 29, 2019

The fixes for these issues has been merged and will release with version 2.34.0 of the Terraform AWS Provider, on Thursday. Thanks to @ewbankkit for the implementation.

@bflad
Copy link
Contributor

bflad commented Oct 31, 2019

This has been released in version 2.34.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

@ghost
Copy link

ghost commented Mar 29, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 29, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/backup Issues and PRs that pertain to the backup service.
Projects
None yet
Milestone
v2.34.0
Development

Successfully merging a pull request may close this issue.

r/aws_backup_plan: Correctly handle changes to recovery_point_tags ewbankkit/terraform-provider-aws
6 participants
@aeschright @bflad @querry43 @ewbankkit @dannyleesmith @carlospgarciat