Question 117466 in Mongodb Question posted in
The official documentation can be found here.

Mongodb – Restoring a AWS documentdb snapshot with terraform

I am unsure how to restore an AWS documentdb cluster that is managed by terraform.

My terraform setup looks like this:

resource "aws_docdb_cluster" "this" {
  cluster_identifier              = var.env_name
  engine                          = "docdb"
  engine_version                  = "4.0.0"
  master_username                 = "USERNAME"
  master_password                 = random_password.this.result
  db_cluster_parameter_group_name = aws_docdb_cluster_parameter_group.this.name
  availability_zones              = ["us-east-1a", "us-east-1b", "us-east-1c"]
  db_subnet_group_name            = aws_docdb_subnet_group.this.name
  deletion_protection             = true
  backup_retention_period         = 7
  preferred_backup_window         = "07:00-09:00"
  skip_final_snapshot             = false

  # Added on 6.25.22 to rollback an incorrect application of the namespace
  # migration, which occurred at 2AM EST on June 23.
  snapshot_identifier             = "...the arn for the snapshot..."
}

resource "aws_docdb_cluster_instance" "this_2a" {
  count                      = 1
  engine                     = "docdb"
  availability_zone          = "us-east-1a"
  auto_minor_version_upgrade = true
  cluster_identifier         = aws_docdb_cluster.this.id
  instance_class             = "db.r5.large"
}

resource "aws_docdb_cluster_instance" "this_2b" {
  count                      = 1
  engine                     = "docdb"
  availability_zone          = "us-east-1b"
  auto_minor_version_upgrade = true
  cluster_identifier         = aws_docdb_cluster.this.id
  instance_class             = "db.r5.large"
}

resource "aws_docdb_subnet_group" "this" {
  name       = var.env_name
  subnet_ids = module.vpc.private_subnets
}

I added the snapshot_identifier parameter and applied it, expecting a rollback. However, this did not have the intended effect of restoring documentdb state to its settings on June 23rd. (As far as I can tell, nothing changed at all)

I wanted to avoid using the AWS console approach (described here) because that creates a new cluster which won’t be tracked by terraform.

What is the proper way of accomplishing this rollback using terraform?

Tags:

2

Answers


  1. 0

    The snapshot_identifier parameter is only used when Terraform creates a new cluster. Setting it after the cluster has been created just tells Terraform "If you ever have to recreate this cluster, use this snapshot".

    To actually get Terraform to recreate the cluster you would need to do something else to make Terraform think the cluster needs to be recreated. Possible options are:

    • Run terraform taint aws_docdb_cluster.this to signal to Terraform that the resource needs to be recreated. It will then recreate it the next time you run terraform apply.
    • Delete the cluster through some other means, like the AWS console, and then run terraform apply.
    Login or Signup to reply.
  2. 0

    The general approach is this, but i have no experience with documentdb. Hope this helps.
    0. Take a backup of your terrafrom state file terraform state pull > backup_state_file_timestamp.json

    1. Restore through the console to the point in time you want.
    2. Remove the old instances and cluster from your terraform state file
    terraform state rm aws_docdb_cluster_instance.this_2a 
terraform state rm aws_docdb_cluster_instance.this_2b 
terraform state rm aws_docdb_cluster.this
    1. Import the manually restored cluster and instance into terraform
    terraform import aws_docdb_cluster.this cluster_identifier
terraform import rm aws_docdb_cluster_instance.this_2a identifier
terraform import rm aws_docdb_cluster_instance.this_2b identifier

    (see import at the bottom https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster_instance and https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/docdb_cluster)

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search