[5.96.0] elasticache_replication_group: (after import) InvalidParameterCombination: Auth tokens can't be enabled with a user group already associated. Pass RemoveUserGroups to proceed.

[loganmzz]

Terraform and AWS Provider Version

Terraform v1.9.7
on linux_amd64
+ provider registry.terraform.io/hashicorp/aws v5.96.0

Affected Resource(s) or Data Source(s)

• aws_elasticache_replication_group

Expected Behavior

Able to successfully update/sync resource aws_elasticache_replication_group after an import

Actual Behavior

Error on apply just after import:

Relevant Error/Panic Output

Error: modifying ElastiCache Replication Group (my-elasticache-replication-group) authentication: operation error ElastiCache: ModifyReplicationGroup, https response error StatusCode: 400, RequestID: 01234567-89ab-cdef-0123-456789abcdef, InvalidParameterCombination: Auth tokens can't be enabled with a user group already associated. Pass RemoveUserGroups to proceed.

  with aws_elasticache_replication_group.self,
  on main.tf line 19, in resource "aws_elasticache_replication_group" "self":
  19: resource "aws_elasticache_replication_group" "self" {

Sample Terraform Configuration

Click to expand configuration

resource "aws_elasticache_replication_group" "self" {
   replication_group_id = "my-elasticache-replication-group"

  engine = "redis"
  engine_version = "7.1"
  cluster_mode = "disabled"
  parameter_group_name = "my-elasticache-parameter-group"

  user_group_ids = ["my-elasticache-user-group"]

  lifecycle {
    ignore_changes = [
      auth_token_update_strategy,
    ]
  }
}

Steps to Reproduce

1. terraform import 'aws_elasticache_replication_group.self' 'my-elasticache-replication-group'
2. terraform apply

Debug Logging

Click to expand log output

N/A

GenAI / LLM Assisted Development

n/a

Important Facts and References

• Supposed to be fix on 5.28.0: r/aws_elasticache_replication_group: v2 state upgrader #34600

Would you like to implement a fix?

No

[github-actions]

Community Guidelines

This comment is added to every new Issue to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

• Please vote on this Issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
• Please see our prioritization guide for additional information on how the maintainers handle prioritization.
• Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Issue and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.
• For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.