-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RDS Proxy Support #12690
Comments
Hi - We are currently blocked using RDS proxy @ Adobe due to resource not available in TF. All our AWS code is TF based and we were planning to use RDS Proxy + Aurora. |
@phanimullapudi Please add a 👍 reaction here: #12690 (comment) |
This is now generally available, no longer in preview. https://aws.amazon.com/blogs/aws/amazon-rds-proxy-now-generally-available/ |
Any updates on when support for this could be expected? Like @phanimullapudi some of our work is blocked until the AWS TF provider supports RDS proxy. Thanks! |
@apparentlymart @bflad Is there any reason this couldn't merge? It seems like the tests pass. We're also in a position where we would use this service if we could, but it's blocked until Terraform supports it. |
Hi folks 👋 We are just as excited as you are that this functionality is now generally available. We are beginning work on breaking changes as part of the version 3.0.0 release of the Terraform AWS Provider now. The earliest consideration from the HashiCorp maintainers for review of existing contributions would be after 3.0 is released in (hopefully) two or three weeks. Any prioritization over existing roadmap priorities would need to be made based on our criteria which can be found in the FAQ and we are actively working on next quarter's roadmap so getting those 👍 upvotes in is very helpful. |
Please break out the resource aws_db_proxy_authorisation myuser {
proxy_identifier = aws_db_proxy.default.id
secret_arn = aws_secretsmanager_secret.myuser.arn
} I see this situation as analogous to the way security group rules were broken out from the security group resource. If secrets are managed inline as part of the
This "two stack" workflow is required when managing MySQL users inside a database, because you need to know your RDS hostname before initialising the |
Hi @alexjurkiewicz - I don't think the AWS API deals well with this unfortunately:
@bflad - Any design suggestions here? |
Hi @gazoakley 👋 This functionality is on the maintainer's team roadmap for this quarter, but we haven't set aside a specific timeline to look into it yet. I think we might be able to look into this in about two weeks given some other in-flight work happening. Generally speaking though, if the create API requires certain configuration (as it appears it does in this case), that configuration and handling has to live with the "parent" resource. Attempting to create a "child" association resource in this situation leads to complicated implementation details like we have with the |
I agree this design results in a more complex API for users ("do I use the X block or resource?"), but it supports a broader range of use cases. I see RDS Proxy as being used like security groups, where a "container" proxy is created and output in one Terraform configuration, then authorisations are added to it from other configurations. I hope you decide to support this 🙏 |
Be really great to get support for this resource as well. This is the only item that isn't terraformed in our stack. |
The first resource, |
The second (optional) resource, |
How can I use it as data? I see that data "aws_db_proxy" is not supported. Is there any workaround? |
Hi @nirsv 👋 If you have a use case for looking up RDS DB Proxies via a data source, it might be best to capture that (and other future) functionality in a new, separate feature request. This one will be closed once the |
Support for the If you have bug reports or additional feature requests with the RDS DB Proxy support, please submit new GitHub issues following the templates and we will take a look. 😄 |
This has been released in version 3.9.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Community Note
Description
Amazon RDS Proxy is a fully managed, highly available database proxy for Amazon Relational Database Service (RDS). RDS Proxy makes applications more scalable, more resilient to database failures, and more secure.
New or Affected Resource(s)
aws_db_proxy
aws_db_proxy_default_target_group
aws_db_proxy_target
Potential Terraform Configuration
References
The text was updated successfully, but these errors were encountered: