TERRA-116: PrivateLink affected when attempting to flip deletion_protection flag

[emerkle826]

Attempting to enable deletion protection - dry-run indicates that the private link would be affected:

 # module.astra.astra_database.db will be updated in-place
 ~ resource "astra_database" "db" {
   ~ deletion_protection = false -> true
    id          = "xxx"
    name         = "testdb-test"
    # (15 unchanged attributes hidden)
  }



# module.astra.astra_private_link.astra_link["us-west-2"] must be replaced
-/+ resource "astra_private_link" "astra_link" {
   ~ datacenter_id   = "xxx" # forces replacement -> (known after apply) # forces replacement
   ~ id         = "cc8f28f3-79b8-4cfe-bbac-c26fde5e1f23/datacenter/cc8f28f3-79b8-4cfe-bbac-c26fde5e1f23-1/serviceNames/com.amazonaws.vpce.us-west-2.vpce-svc-0cc1100bd518e26de" -> (known after apply)
   ~ service_name    = "com.amazonaws.vpce.us-west-2.xxxx" -> (known after apply)
    # (2 unchanged attributes hidden)
  }

[StevenLacerda]

@emerkle826 Do you have an ETA on this?

[emerkle826]

@StevenLacerda I just tried to reproduce this issue and I'm not able to. With the following :

terraform {
  required_providers {
    astra = {
      source  = "datastax/astra"
      version = "2.3.11"
    }
  }
}

resource "astra_database" "terra116" {
  name           = "terra116"
  keyspace       = "testks"
  cloud_provider = "gcp"
  regions        = ["us-east1"] 
  deletion_protection = "false"
}
resource "astra_private_link" "privatelink" {
  allowed_principals = ["<my_principal>"]
  database_id = astra_database.terra116.id
  datacenter_id = astra_database.terra116.datacenters["${astra_database.terra116.cloud_provider}.${astra_database.terra116.regions[0]}"]
}

I am able to create a DB and a private link for it.

If I then change deletion_protection to true, and run a terraform apply, I see this:

terraform apply
astra_database.terra116: Refreshing state... [id=862b6fac-746a-4313-838e-a6e0bcd59376]
astra_private_link.privatelink: Refreshing state... [id=862b6fac-746a-4313-838e-a6e0bcd59376/datacenter/862b6fac-746a-4313-838e-a6e0bcd59376-1/serviceNames/projects/astra-fwd-prod-66/regions/us-east1/serviceAttachments/pl-prod]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # astra_database.terra116 will be updated in-place
  ~ resource "astra_database" "terra116" {
      ~ deletion_protection  = false -> true
        id                   = "862b6fac-746a-4313-838e-a6e0bcd59376"
        name                 = "terra116"
        # (15 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value:

And the private link isn't modified.

This is with the latest version 2.3.11. If you are using an older version, can you try updating the version to 2.3.11 and running a terraform init --upgrade