I have a terraform resource defined for aws_glue_catalog_database, but by default it is checking the checkbox under Default permission for newly created tables. I have tried keeping the create_table_default_permission as null and removing the parameter; nothing helped.
Finally I tried manually editing the resource and unchecked the checkbox and when imported I was getting an error as
Error: Resource already managed by Terraform │ │ Terraform is already managing a remote object for module.glue_database["_lh_abc_xyz"].aws_glue_catalog_database.this[0]. To import to this address you must first remove the existing object from the state.
resource "aws_glue_catalog_database" "this" {
count = var.create_glue_catalog_database ? 1 : 0
name = var.catalog_database_name
description = var.catalog_database_description
catalog_id = var.catalog_id
location_uri = var.location_uri
parameters = var.parameters
# create_table_default_permission {}
# create_table_default_permission = []
# dynamic "create_table_default_permission" {
# for_each = var.create_table_default_permission != null ? [true] : []
#
# content {
# permissions = try(var.create_table_default_permission.permissions, null)
# dynamic "principal" {
# for_each = try(var.create_table_default_permission.principal, null) != null ? [true] : []
#
# content {
# data_lake_principal_identifier = try(var.create_table_default_permission.principal.data_lake_principal_identifier, null)
# }
# }
# }
# }
dynamic "target_database" {
for_each = var.target_database != null ? [true] : []
content {
catalog_id = var.target_database.catalog_id
database_name = var.target_database.database_name
}
}
tags = merge(
var.standard_tags,
var.tags,
var.security_tags
)
}
module "glue_database" {
for_each = toset([var.glue_database_xyz, var.glue_database_pqr])
source = "./module"
create_glue_catalog_database = true
catalog_database_name = each.key
catalog_database_description = "Database for ${var.pipeline} pipeline"
# location_uri = local.data_source
standard_tags = merge(localmon_primary_tags, var.mandatory_tags)
# create_table_default_permission = []
}
I have a terraform resource defined for aws_glue_catalog_database, but by default it is checking the checkbox under Default permission for newly created tables. I have tried keeping the create_table_default_permission as null and removing the parameter; nothing helped.
Finally I tried manually editing the resource and unchecked the checkbox and when imported I was getting an error as
Error: Resource already managed by Terraform │ │ Terraform is already managing a remote object for module.glue_database["_lh_abc_xyz"].aws_glue_catalog_database.this[0]. To import to this address you must first remove the existing object from the state.
resource "aws_glue_catalog_database" "this" {
count = var.create_glue_catalog_database ? 1 : 0
name = var.catalog_database_name
description = var.catalog_database_description
catalog_id = var.catalog_id
location_uri = var.location_uri
parameters = var.parameters
# create_table_default_permission {}
# create_table_default_permission = []
# dynamic "create_table_default_permission" {
# for_each = var.create_table_default_permission != null ? [true] : []
#
# content {
# permissions = try(var.create_table_default_permission.permissions, null)
# dynamic "principal" {
# for_each = try(var.create_table_default_permission.principal, null) != null ? [true] : []
#
# content {
# data_lake_principal_identifier = try(var.create_table_default_permission.principal.data_lake_principal_identifier, null)
# }
# }
# }
# }
dynamic "target_database" {
for_each = var.target_database != null ? [true] : []
content {
catalog_id = var.target_database.catalog_id
database_name = var.target_database.database_name
}
}
tags = merge(
var.standard_tags,
var.tags,
var.security_tags
)
}
module "glue_database" {
for_each = toset([var.glue_database_xyz, var.glue_database_pqr])
source = "./module"
create_glue_catalog_database = true
catalog_database_name = each.key
catalog_database_description = "Database for ${var.pipeline} pipeline"
# location_uri = local.data_source
standard_tags = merge(localmon_primary_tags, var.mandatory_tags)
# create_table_default_permission = []
}
- Did you remove the original resource from the state prior to importing it? – Marko E Commented 2 days ago
- At first I did not, Later I tried removing it and re-importing it but then I got an error that resource is not defined. – Saikiran Commented yesterday
1 Answer
Reset to default 0Looks like terraform does not support this yet within the resource. I have achieved this through AWS cli but by using terraform null resource.
resource "null_resource" "update_glue_database" {
for_each = module.glue_database
triggers = {
database_name = each.key
}
provisioner "local-exec" {
command = <<EOT
aws glue update-database \
--name "${each.key}" \
--database-input '{"Name": "${each.key}","CreateTableDefaultPermissions": []}' \
--no-verify-ssl \
--region ${var.aws_region}
EOT
}
depends_on = [module.glue_database]
}