InvalidParameterCombination: A MonitoringRoleARN value is required if you specify a MonitoringInterval

[flmmartins]

Hello All,

I'm trying to set enhanced monitoring for my 2 databases. My plan out is:

 ~ module.l1nda-connect-database.module.db.module.db_instance.aws_db_instance.this
      monitoring_interval: "0" => "15"

  ~ module.my-l1nda-database.module.db.module.db_instance.aws_db_instance.this
      monitoring_interval: "0" => "15"

I created ONE role for both databases and applied before like below:

resource "aws_iam_role" "rds_enhanced_monitoring" {
  name        = "${local.database_monitoring_role_name}"
  assume_role_policy = "${data.aws_iam_policy_document.rds_enhanced_monitoring.json}"
}

resource "aws_iam_role_policy_attachment" "rds_enhanced_monitoring" {
  role       = "${aws_iam_role.rds_enhanced_monitoring.name}"
  policy_arn = "arn:aws:iam::aws:policy/service-role/AmazonRDSEnhancedMonitoringRole"
}

data "aws_iam_policy_document" "rds_enhanced_monitoring" {
  statement {
    actions = [
      "sts:AssumeRole",
    ]

    effect = "Allow"

    principals {
      type        = "Service"
      identifiers = ["monitoring.rds.amazonaws.com"]
    }
  }
}

Then I call a module which will call terraform-aws-rds:

module "my-l1nda-database" {
  source = "../database"
 ....
monitoring_role_arn = "${aws_iam_role.rds_enhanced_monitoring.arn}"

Inside the actual call I do it:

# Monitoring
  enabled_cloudwatch_logs_exports = ["postgresql", "upgrade"]
  monitoring_interval  = "15"
  create_monitoring_role = false
  monitoring_role_arn  = "${var.monitoring_role_arn}"

Execution logs are:

module.my-l1nda-database.module.db.module.db_instance.aws_db_instance.this: Modifying... (ID: l1nda-demo-my-l1nda-database)
  monitoring_interval: "0" => "15"
module.l1nda-connect-database.module.db.module.db_instance.aws_db_instance.this: Modifying... (ID: l1nda-demo-l1nda-connect-database)
  monitoring_interval: "0" => "15"

Error: Error applying plan:

2 error(s) occurred:

* module.my-l1nda-database.module.db.module.db_instance.aws_db_instance.this: 1 error(s) occurred:

* aws_db_instance.this: Error modifying DB Instance l1nda-demo-my-l1nda-database: InvalidParameterCombination: A MonitoringRoleARN value is required if you specify a MonitoringInterval value other than 0.
	status code: 400, request id: 995770c8-6f3d-499d-90da-a16c7b0a35e2
* module.l1nda-connect-database.module.db.module.db_instance.aws_db_instance.this: 1 error(s) occurred:

* aws_db_instance.this: Error modifying DB Instance l1nda-demo-l1nda-connect-database: InvalidParameterCombination: A MonitoringRoleARN value is required if you specify a MonitoringInterval value other than 0.
	status code: 400, request id: 03469c12-f2e9-4cc6-bf4d-9e283402ebb0

Researching this I found this: hashicorp/terraform-provider-aws#315 (comment)

I cannot confirm but aparently this happens only when you try to modify already created db

Aparently other rds module solved (terraform-aws-postgres...) this... is it possible to do the same here meanwhile? Currently I'm using 1.28.0. Tks

[meantheory]

👍 - also experiencing the same or similar error InvalidParameterCombination: A MonitoringRoleARN value is required if you specify a MonitoringInterval value other than 0.

[flmmartins]

I created the PRs and tested for terraform 0.11 but could not test for 0.12 since my infra is still 0.11. It would be nice if someone could approve my PRs and also test the 0.12 implementation.

EDIT: While the PR is not merged you could use my fork that I used in the PR to solve this issue.

[ax-cgray]

Just a note, I am also experiencing the same issue and it's still ongoing.

[rgevaert]

Me three... on terraform12

[flmmartins]

So... I've heard that this was fixed if you update the aws provider in terraform to 2.25 according to hashicorp/terraform-provider-aws#5559

Can someone do that and let us know? (I currently do not have an RDS to test)

[dbektas]

Just tried and is still not fixed.

version = "2.31"

InvalidParameterCombination: A MonitoringRoleARN value is required if you specify a MonitoringInterval value other than 0.

[bishtawi]

I am running into this bug too on aws provider version 2.31. What is weird is that I didnt hit this error when I was bringing up databases a few months ago. Its only happening now when I am bringing up another database. What changed?

EDIT: Tried various aws provider versions: 2.20, 2.24, 2.25, 2.31; all same error

[bishtawi]

I cannot confirm but aparently this happens only when you try to modify already created db

I am getting this error when trying to create a new database as well as when modifying an existing one.

[flmmartins]

Well my PR is still open... there's still chance to approve it. It's only a fail safe anyways...

[antonbabenko]

Big thanks to @flmmartins !

v2.12.0 has been released for Terraform 0.12 users.

v1.35.0 has been released for Terraform 0.11 users.

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.