Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $ terraform apply
- data.aws_ami.dba-ami: Refreshing state...
- data.aws_iam_policy_document.monitoring_rds_assume_role: Refreshing state...
- An execution plan has been generated and is shown below.
- Resource actions are indicated with the following symbols:
- + create
- Terraform will perform the following actions:
- + module.aurora.aws_rds_cluster.this
- id: <computed>
- apply_immediately: "true"
- arn: <computed>
- backup_retention_period: "7"
- cluster_identifier: "aurora-dba"
- cluster_identifier_prefix: <computed>
- cluster_members.#: <computed>
- cluster_resource_id: <computed>
- database_name: <computed>
- db_cluster_parameter_group_name: <computed>
- db_subnet_group_name: "us-west-2-private"
- endpoint: <computed>
- engine: "aurora-postgresql"
- engine_mode: "provisioned"
- engine_version: "9.6.3"
- final_snapshot_identifier: "${var.final_snapshot_identifier_prefix}-${var.name}-${random_id.snapshot_identifier.hex}"
- hosted_zone_id: <computed>
- iam_database_authentication_enabled: "true"
- kms_key_id: <computed>
- master_password: <sensitive>
- master_username: "zdba"
- port: "5432"
- preferred_backup_window: "02:00-03:00"
- preferred_maintenance_window: "sun:05:00-sun:06:00"
- reader_endpoint: <computed>
- skip_final_snapshot: "true"
- storage_encrypted: "true"
- vpc_security_group_ids.#: <computed>
- + module.aurora.aws_rds_cluster_instance.this
- id: <computed>
- apply_immediately: "true"
- arn: <computed>
- auto_minor_version_upgrade: "true"
- availability_zone: <computed>
- cluster_identifier: "${aws_rds_cluster.this.id}"
- db_parameter_group_name: <computed>
- db_subnet_group_name: "us-west-2-private"
- dbi_resource_id: <computed>
- endpoint: <computed>
- engine: "aurora-postgresql"
- engine_version: "9.6.3"
- identifier: "aurora-dba-1"
- identifier_prefix: <computed>
- instance_class: "db.r4.large"
- kms_key_id: <computed>
- monitoring_interval: "0"
- monitoring_role_arn: <computed>
- performance_insights_enabled: "false"
- performance_insights_kms_key_id: <computed>
- port: <computed>
- preferred_backup_window: <computed>
- preferred_maintenance_window: "sun:05:00-sun:06:00"
- promotion_tier: "1"
- publicly_accessible: "false"
- storage_encrypted: <computed>
- writer: <computed>
- + module.aurora.random_id.snapshot_identifier
- id: <computed>
- b64: <computed>
- b64_std: <computed>
- b64_url: <computed>
- byte_length: "4"
- dec: <computed>
- hex: <computed>
- keepers.%: "1"
- keepers.id: "aurora-dba"
- + module.service.aws_iam_access_key.zdba_key
- id: <computed>
- encrypted_secret: <computed>
- key_fingerprint: <computed>
- secret: <computed>
- ses_smtp_password: <computed>
- status: <computed>
- user: "app-zdba"
- + module.service.aws_iam_instance_profile.service-ec2-role
- id: <computed>
- arn: <computed>
- create_date: <computed>
- name: "service-ec2-role"
- path: "/"
- role: "service-ec2-dba-role"
- roles.#: <computed>
- unique_id: <computed>
- + module.service.aws_iam_role.service-ec2-dba-role
- id: <computed>
- arn: <computed>
- assume_role_policy: "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n"
- create_date: <computed>
- force_detach_policies: "true"
- max_session_duration: "3600"
- name: "service-ec2-dba-role"
- path: "/"
- unique_id: <computed>
- + module.service.aws_iam_role_policy_attachment.ec2-dba-role-login-attach
- id: <computed>
- policy_arn: "arn:aws:iam::111111111111:policy/_database_access"
- role: "service-ec2-dba-role"
- + module.service.aws_iam_user.zdba
- id: <computed>
- arn: <computed>
- force_destroy: "false"
- name: "app-zdba"
- path: "/"
- unique_id: <computed>
- + module.service.aws_iam_user_policy_attachment.zdba_policy_attach
- id: <computed>
- policy_arn: "arn:aws:iam::11111111111:policy/_database_access"
- user: "app-zdba"
- + module.service.aws_instance.dba-admin
- id: <computed>
- ami: "ami-0c1f840a7e42b73f9"
- arn: <computed>
- associate_public_ip_address: <computed>
- availability_zone: <computed>
- cpu_core_count: <computed>
- cpu_threads_per_core: <computed>
- ebs_block_device.#: <computed>
- ephemeral_block_device.#: <computed>
- get_password_data: "false"
- iam_instance_profile: "service-ec2-role"
- instance_state: <computed>
- instance_type: "t2.micro"
- ipv6_address_count: <computed>
- ipv6_addresses.#: <computed>
- key_name: "ianhar-sandbox"
- network_interface.#: <computed>
- network_interface_id: <computed>
- password_data: <computed>
- placement_group: <computed>
- primary_network_interface_id: <computed>
- private_dns: <computed>
- private_ip: <computed>
- public_dns: <computed>
- public_ip: <computed>
- root_block_device.#: <computed>
- security_groups.#: <computed>
- source_dest_check: "true"
- subnet_id: "subnet-11111111"
- tags.%: "6"
- tags.Description: "Database administration tools"
- tags.Environment: "sandbox"
- tags.Name: "DBA Admin"
- tags.Owner: "zdba@asdf.com"
- tags.Service: "zdba"
- tags.Team: "zdba"
- tenancy: <computed>
- volume_tags.%: <computed>
- vpc_security_group_ids.#: "2"
- vpc_security_group_ids.2023015885: "sg-11111111"
- vpc_security_group_ids.4069303782: "sg-11111111"
- + module.service.aws_s3_bucket.db-backups
- id: <computed>
- acceleration_status: <computed>
- acl: "private"
- arn: <computed>
- bucket: "db-backups-sandbox"
- bucket_domain_name: <computed>
- bucket_regional_domain_name: <computed>
- force_destroy: "true"
- hosted_zone_id: <computed>
- lifecycle_rule.#: "1"
- lifecycle_rule.0.enabled: "true"
- lifecycle_rule.0.expiration.#: "1"
- lifecycle_rule.0.expiration.3023609085.date: ""
- lifecycle_rule.0.expiration.3023609085.days: "7"
- lifecycle_rule.0.expiration.3023609085.expired_object_delete_marker: ""
- lifecycle_rule.0.id: "backup"
- lifecycle_rule.0.prefix: "daily/"
- lifecycle_rule.0.tags.%: "2"
- lifecycle_rule.0.tags.autoclean: "true"
- lifecycle_rule.0.tags.rule: "daily"
- region: <computed>
- request_payer: <computed>
- tags.%: "6"
- tags.Description: "Database administration tools"
- tags.Environment: "sandbox"
- tags.Name: "DB Backups"
- tags.Owner: "zdba@asdf.com"
- tags.Service: "zdba"
- tags.Team: "zdba"
- versioning.#: <computed>
- website_domain: <computed>
- website_endpoint: <computed>
- + module.service.aws_s3_bucket_policy.db-backups-policy
- id: <computed>
- bucket: "${aws_s3_bucket.db-backups.id}"
- policy: "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"DBBACKUPBUCKETPOLICY\",\n \"Statement\": [\n {\n \"Sid\": \"DBAAllow\",\n \"Effect\": \"Allow\",\n \"Principal\": {\"AWS\": \"${aws_iam_user.zdba.arn}\"},\n \"Action\": \"s3:*\",\n \"Resource\": \"${aws_s3_bucket.db-backups.arn}/*\"\n } \n ]\n}\n"
- Plan: 12 to add, 0 to change, 0 to destroy.
- Do you want to perform these actions?
- Terraform will perform the actions described above.
- Only 'yes' will be accepted to approve.
- Enter a value: yes
- module.aurora.random_id.snapshot_identifier: Creating...
- b64: "" => "<computed>"
- b64_std: "" => "<computed>"
- b64_url: "" => "<computed>"
- byte_length: "" => "4"
- dec: "" => "<computed>"
- hex: "" => "<computed>"
- keepers.%: "" => "1"
- keepers.id: "" => "aurora-dba"
- module.aurora.random_id.snapshot_identifier: Creation complete after 0s (ID: JxeJqw)
- module.service.aws_iam_role.service-ec2-dba-role: Creating...
- arn: "" => "<computed>"
- assume_role_policy: "" => "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": \"sts:AssumeRole\",\n \"Principal\": {\n \"Service\": \"ec2.amazonaws.com\"\n },\n \"Effect\": \"Allow\",\n \"Sid\": \"\"\n }\n ]\n}\n"
- create_date: "" => "<computed>"
- force_detach_policies: "" => "true"
- max_session_duration: "" => "3600"
- name: "" => "service-ec2-dba-role"
- path: "" => "/"
- unique_id: "" => "<computed>"
- module.service.aws_iam_user.zdba: Creating...
- arn: "" => "<computed>"
- force_destroy: "" => "false"
- name: "" => "app-zdba"
- path: "" => "/"
- unique_id: "" => "<computed>"
- module.service.aws_s3_bucket.db-backups: Creating...
- acceleration_status: "" => "<computed>"
- acl: "" => "private"
- arn: "" => "<computed>"
- bucket: "" => "db-backups-sandbox"
- bucket_domain_name: "" => "<computed>"
- bucket_regional_domain_name: "" => "<computed>"
- force_destroy: "" => "true"
- hosted_zone_id: "" => "<computed>"
- lifecycle_rule.#: "" => "1"
- lifecycle_rule.0.enabled: "" => "true"
- lifecycle_rule.0.expiration.#: "" => "1"
- lifecycle_rule.0.expiration.3023609085.date: "" => ""
- lifecycle_rule.0.expiration.3023609085.days: "" => "7"
- lifecycle_rule.0.expiration.3023609085.expired_object_delete_marker: "" => ""
- lifecycle_rule.0.id: "" => "backup"
- lifecycle_rule.0.prefix: "" => "daily/"
- lifecycle_rule.0.tags.%: "" => "2"
- lifecycle_rule.0.tags.autoclean: "" => "true"
- lifecycle_rule.0.tags.rule: "" => "daily"
- region: "" => "<computed>"
- request_payer: "" => "<computed>"
- tags.%: "" => "6"
- tags.Description: "" => "Database administration tools"
- tags.Environment: "" => "sandbox"
- tags.Name: "" => "DB Backups"
- tags.Owner: "" => "zdba@asdf.com"
- tags.Service: "" => "zdba"
- tags.Team: "" => "zdba"
- versioning.#: "" => "<computed>"
- website_domain: "" => "<computed>"
- website_endpoint: "" => "<computed>"
- module.aurora.aws_rds_cluster.this: Creating...
- apply_immediately: "" => "true"
- arn: "" => "<computed>"
- backup_retention_period: "" => "7"
- cluster_identifier: "" => "aurora-dba"
- cluster_identifier_prefix: "" => "<computed>"
- cluster_members.#: "" => "<computed>"
- cluster_resource_id: "" => "<computed>"
- database_name: "" => "<computed>"
- db_cluster_parameter_group_name: "" => "<computed>"
- db_subnet_group_name: "" => "us-west-2-private"
- endpoint: "" => "<computed>"
- engine: "" => "aurora-postgresql"
- engine_mode: "" => "provisioned"
- engine_version: "" => "9.6.3"
- final_snapshot_identifier: "" => "final-aurora-dba-1111111"
- hosted_zone_id: "" => "<computed>"
- iam_database_authentication_enabled: "" => "true"
- kms_key_id: "" => "<computed>"
- master_password: "<sensitive>" => "<sensitive>"
- master_username: "" => "zdba"
- port: "" => "5432"
- preferred_backup_window: "" => "02:00-03:00"
- preferred_maintenance_window: "" => "sun:05:00-sun:06:00"
- reader_endpoint: "" => "<computed>"
- skip_final_snapshot: "" => "true"
- storage_encrypted: "" => "true"
- vpc_security_group_ids.#: "" => "<computed>"
- module.service.aws_iam_role.service-ec2-dba-role: Creation complete after 1s (ID: service-ec2-dba-role)
- module.service.aws_iam_role_policy_attachment.ec2-dba-role-login-attach: Creating...
- policy_arn: "" => "arn:aws:iam::11111111111:policy/_database_access"
- role: "" => "service-ec2-dba-role"
- module.service.aws_iam_instance_profile.service-ec2-role: Creating...
- arn: "" => "<computed>"
- create_date: "" => "<computed>"
- name: "" => "service-ec2-role"
- path: "" => "/"
- role: "" => "service-ec2-dba-role"
- roles.#: "" => "<computed>"
- unique_id: "" => "<computed>"
- module.service.aws_iam_user.zdba: Creation complete after 1s (ID: app-zdba)
- module.service.aws_iam_access_key.zdba_key: Creating...
- encrypted_secret: "" => "<computed>"
- key_fingerprint: "" => "<computed>"
- secret: "" => "<computed>"
- ses_smtp_password: "" => "<computed>"
- status: "" => "<computed>"
- user: "" => "app-zdba"
- module.service.aws_iam_user_policy_attachment.zdba_policy_attach: Creating...
- policy_arn: "" => "arn:aws:iam::1111111111:policy/_database_access"
- user: "" => "app-zdba"
- module.service.aws_iam_access_key.zdba_key: Creation complete after 1s (ID: AKIAIAHUDSWPW4PVOYVA)
- module.service.aws_iam_role_policy_attachment.ec2-dba-role-login-attach: Creation complete after 2s (ID: service-ec2-dba-role-20181126174544930000000002)
- module.service.aws_iam_user_policy_attachment.zdba_policy_attach: Creation complete after 2s (ID: app-zdba-20181126174544865400000001)
- module.service.aws_iam_instance_profile.service-ec2-role: Creation complete after 2s (ID: service-ec2-role)
- module.service.aws_instance.dba-admin: Creating...
- ami: "" => "ami-11111111111111"
- arn: "" => "<computed>"
- associate_public_ip_address: "" => "<computed>"
- availability_zone: "" => "<computed>"
- cpu_core_count: "" => "<computed>"
- cpu_threads_per_core: "" => "<computed>"
- ebs_block_device.#: "" => "<computed>"
- ephemeral_block_device.#: "" => "<computed>"
- get_password_data: "" => "false"
- iam_instance_profile: "" => "service-ec2-role"
- instance_state: "" => "<computed>"
- instance_type: "" => "t2.micro"
- ipv6_address_count: "" => "<computed>"
- ipv6_addresses.#: "" => "<computed>"
- key_name: "" => "ianhar-sandbox"
- network_interface.#: "" => "<computed>"
- network_interface_id: "" => "<computed>"
- password_data: "" => "<computed>"
- placement_group: "" => "<computed>"
- primary_network_interface_id: "" => "<computed>"
- private_dns: "" => "<computed>"
- private_ip: "" => "<computed>"
- public_dns: "" => "<computed>"
- public_ip: "" => "<computed>"
- root_block_device.#: "" => "<computed>"
- security_groups.#: "" => "<computed>"
- source_dest_check: "" => "true"
- subnet_id: "" => "subnet-1111111"
- tags.%: "" => "6"
- tags.Description: "" => "Database administration tools"
- tags.Environment: "" => "sandbox"
- tags.Name: "" => "DBA Admin"
- tags.Owner: "" => "zdba@asdf.com"
- tags.Service: "" => "zdba"
- tags.Team: "" => "zdba"
- tenancy: "" => "<computed>"
- volume_tags.%: "" => "<computed>"
- vpc_security_group_ids.#: "" => "2"
- vpc_security_group_ids.2023015885: "" => "sg-1111111"
- vpc_security_group_ids.4069303782: "" => "sg-1111111"
- module.service.aws_s3_bucket.db-backups: Creation complete after 4s (ID: db-backups-zillow-sandbox)
- module.service.aws_s3_bucket_policy.db-backups-policy: Creating...
- bucket: "" => "db-backups-zillow-sandbox"
- policy: "" => "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"DBBACKUPBUCKETPOLICY\",\n \"Statement\": [\n {\n \"Sid\": \"DBAAllow\",\n \"Effect\": \"Allow\",\n \"Principal\": {\"AWS\": \"arn:aws:iam::135340994361:user/app-zdba\"},\n \"Action\": \"s3:*\",\n \"Resource\": \"arn:aws:s3:::db-backups-zillow-sandbox/*\"\n } \n ]\n}\n"
- module.service.aws_instance.dba-admin: Still creating... (10s elapsed)
- module.service.aws_s3_bucket_policy.db-backups-policy: Creation complete after 9s (ID: db-backups-zillow-sandbox)
- module.service.aws_instance.dba-admin: Still creating... (20s elapsed)
- module.service.aws_instance.dba-admin: Still creating... (30s elapsed)
- module.service.aws_instance.dba-admin: Still creating... (40s elapsed)
- module.service.aws_instance.dba-admin: Creation complete after 41s (ID: i-0013d0958b8f3b325)
- Error: Error applying plan:
- 1 error(s) occurred:
- * module.aurora.aws_rds_cluster.this: 1 error(s) occurred:
- * aws_rds_cluster.this: error creating RDS cluster: InvalidParameterCombination: IAM Database Authentication is not supported for this configuration.
- status code: 400, request id: c0760769-5887-45c8-bbd0-c0ebfe6afaf5
- Terraform does not automatically rollback in the face of errors.
- Instead, your Terraform state file has been partially updated with
- any resources that successfully completed. Please address the error
- above and apply again to incrementally change your infrastructure.
Add Comment
Please, Sign In to add comment