Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Unable to successfully create MSK cluster with explicit default values for vpc connectivity #33204

Open
eloveeri opened this issue Aug 28, 2023 · 3 comments
Open

[Bug]: Unable to successfully create MSK cluster with explicit default values for vpc connectivity #33204

eloveeri opened this issue Aug 28, 2023 · 3 comments
Labels
bug Addresses a defect in current functionality. service/kafka Issues and PRs that pertain to the kafka service.

Comments

@eloveeri
Copy link

eloveeri commented Aug 28, 2023
edited
Loading

Terraform Core Version

1.4.6

AWS Provider Version

5.14.0

Affected Resource(s)

  • aws_msk_cluster

Expected Behavior

When applying, cluster should be created without error

Actual Behavior

Apply fails and subsequent applies report tainted cluster resource

Relevant Error/Panic Output Snippet

│ Error: updating MSK Cluster (Arn:omitted) broker connectivity: BadRequestException: The specified parameter value is identical to the current value for the cluster. Specify a different value, then try again.
│ {
│   RespMetadata: {
│     StatusCode: 400,
│     RequestID: "omitted"
│   },
│   InvalidParameter: "connectivityInfo",
│   Message_: "The specified parameter value is identical to the current value for the cluster. Specify a different value, then try again."
│ }

Terraform Configuration Files

resource "aws_msk_cluster" "cluster" {
  ...
  broker_node_group_info {
    ...
    connectivity_info {
      public_access {
        type = "DISABLED"
      }
      vpc_connectivity {
        client_authentication {
          sasl {
            scram = false
            iam   = false
          }
          tls = false
        }
     }
  }
  ...
}

Steps to Reproduce

When creating an MSK cluster, the aws provider intentionally creates the vpc connectivity info with default values:
https://github.com/hashicorp/terraform-provider-aws/blob/main/internal/service/kafka/cluster.go#L545

But if the explicitly given values in your terraform resource are actually equal to the default values, the provider will try to update them anyway without checking here:
https://github.com/hashicorp/terraform-provider-aws/blob/main/internal/service/kafka/cluster.go#L593

This is not allowed and results in a 400 (https://docs.aws.amazon.com/msk/1.0/apireference/clusters-clusterarn-connectivity.html).

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

No
@eloveeri eloveeri added the bug Addresses a defect in current functionality. label Aug 28, 2023
@github-actions
Copy link

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

@github-actions github-actions bot added the service/kafka Issues and PRs that pertain to the kafka service. label Aug 28, 2023
@terraform-aws-provider terraform-aws-provider bot added the needs-triage Waiting for first response or review from a maintainer. label Aug 28, 2023
@eloveeri eloveeri changed the title [Bug]: Unable to create MSK cluster with explicit default values for vpc connectivity [Bug]: Unable to successfully create MSK cluster with explicit default values for vpc connectivity Aug 28, 2023
@justinretzolk justinretzolk removed the needs-triage Waiting for first response or review from a maintainer. label Aug 30, 2023
@Jonathan-Emmanuel-deel
Copy link

Hi, i am also getting this error now, was yours ever resolved?

@magiusdarrigo
Copy link

magiusdarrigo commented Mar 28, 2024
edited
Loading

I removed the below block from my MSK tf resource and now it works. Thanks @eloveeri

    connectivity_info {
      public_access {
        type = "DISABLED"
      }

      vpc_connectivity {
        client_authentication {
          sasl {
            iam   = "false"
            scram = "false"
          }
          tls = "false"
        }
      }
    }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/kafka Issues and PRs that pertain to the kafka service.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@eloveeri @magiusdarrigo @justinretzolk @Jonathan-Emmanuel-deel