Skip to content

resource/aws_timestreaminfluxdb_db_cluster: Make fields optional for InfluxDB V3 clusters #44899

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 14 commits into
base: main
Choose a base branch
from
Open

resource/aws_timestreaminfluxdb_db_cluster: Make fields optional for InfluxDB V3 clusters #44899

wants to merge 14 commits into from
+1,090 −51

Conversation

@mbocevski
Copy link

@mbocevski mbocevski commented Nov 1, 2025
edited
Loading

Description

Fixes support for InfluxDB V3 clusters by making allocated_storage, bucket, organization, username, password and deployment_type optional in the aws_timestreaminfluxdb_db_cluster resource.

Problem

When creating an InfluxDB V3 cluster using and InfluxDB V3 db_parameter_group_identifier (e.g., "InfluxDBV3Core"), the provider incorrectly requires fields that the AWS API does not require and explicitly rejects:

  • password, allocated_storage, bucket, organization, username , deployment_type - - AWS API returns ValidationException: <parameter> field is not supported for InfluxDB V3.

This prevents users from creating InfluxDB V3 clusters using Terraform. Note: InfluxDB V3 can only be created using aws_timestreaminfluxdb_db_cluster, not aws_timestreaminfluxdb_db_instance.

Solution

Made the following fields optional instead of required:

  • allocated_storage
  • bucket
  • organization
  • username
  • password
  • deployment_type

This allows the resource to work for both:

  • InfluxDB V2 - where these fields are still required/expected
  • InfluxDB V3 - where these fields are forbidden

Changes

  • Updated schema in internal/service/timestreaminfluxdb/db_cluster.go to mark fields as Optional: true
  • Added descriptive text noting these fields are optional for V3 clusters
  • Added acceptance test TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3 to verify V3 cluster creation
  • Updated documentation with V3 usage example and moved fields from "required" to "optional"
  • Added validation for InfluxDB V2 and InfluxDB V3 parameters
  • Added changelog entries

Testing

  • Added acceptance test that creates a V3 cluster with db_parameter_group_identifier = "InfluxDBV3Core" without the previously required fields
  • Added acceptance test that validates config parameters for InfluxDB V2 and InfluxDB V3
  • Existing tests for V2 clusters continue to pass, ensuring backward compatibility

References

Closes #44735

Example Usage

resource "aws_timestreaminfluxdb_db_cluster" "v3_cluster" {
  name                         = "example-v3-cluster"
  db_instance_type             = "db.influx.large"
  db_parameter_group_identifier = "InfluxDBV3Core"
  vpc_subnet_ids               = [aws_subnet.example_1.id, aws_subnet.example_2.id]
  vpc_security_group_ids       = [aws_security_group.example.id]
}

@mbocevski mbocevski requested a review from a team as a code owner November 1, 2025 15:38
@github-actions
Copy link
Contributor

github-actions bot commented Nov 1, 2025

Community Guidelines

This comment is added to every new Pull Request to provide quick reference to how the Terraform AWS Provider is maintained. Please review the information below, and thank you for contributing to the community that keeps the provider thriving! 🚀

Voting for Prioritization

  • Please vote on this Pull Request by adding a 👍 reaction to the original post to help the community and maintainers prioritize it.
  • Please see our prioritization guide for additional information on how the maintainers handle prioritization.
  • Please do not leave +1 or other comments that do not add relevant new information or questions; they generate extra noise for others following the Pull Request and do not help prioritize the request.

Pull Request Authors

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added needs-triage Waiting for first response or review from a maintainer. documentation Introduces or discusses updates to documentation. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. service/timestreaminfluxdb Issues and PRs that pertain to the timestreaminfluxdb service. size/M Managed by automation to categorize the size of a PR. labels Nov 1, 2025
@mbocevski mbocevski mentioned this pull request Nov 1, 2025
Open
@eugenestarchenko
Copy link

eugenestarchenko commented Nov 6, 2025

We need this!

@mbocevski mbocevski force-pushed the fix-timestreaminfluxdb-v3-optional-fields branch from 5129587 to 30b21d6 Compare November 8, 2025 17:03
@justinretzolk justinretzolk added bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Nov 11, 2025
@sayantjain-alation
Copy link

sayantjain-alation commented Nov 12, 2025

Thanks @mbocevski! This is really helpful! Would you know when it can be merged?

@airman416
Copy link

airman416 commented Nov 13, 2025

Checking on this daily as our team depends on it!

@ewbankkit ewbankkit self-assigned this Nov 13, 2025
@github-actions github-actions bot added the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Nov 13, 2025
@ewbankkit ewbankkit removed their assignment Nov 13, 2025
@ewbankkit
Copy link
Contributor

ewbankkit commented Nov 13, 2025 

% make testacc TESTARGS='-run=TestAccTimestreamInfluxDBDBCluster_basic\|TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3' PKG=timestreaminfluxdb
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
make: Running acceptance tests on branch: 🌿 HEAD 🌿...
TF_ACC=1 go1.24.10 test ./internal/service/timestreaminfluxdb/... -v -count 1 -parallel 20  -run=TestAccTimestreamInfluxDBDBCluster_basic\|TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3 -timeout 360m -vet=off
2025/11/13 12:15:09 Creating Terraform AWS Provider (SDKv2-style)...
2025/11/13 12:15:09 Initializing Terraform AWS Provider (SDKv2-style)...
=== RUN   TestAccTimestreamInfluxDBDBCluster_basic
=== PAUSE TestAccTimestreamInfluxDBDBCluster_basic
=== RUN   TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== PAUSE TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== CONT  TestAccTimestreamInfluxDBDBCluster_basic
=== CONT  TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
    db_cluster_test.go:521: Step 1/2 error: Error running apply: exit status 1
        
        Error: creating Amazon Timestream for InfluxDB DB Cluster ("tf-acc-test-5908546262593313564"): operation error Timestream InfluxDB: CreateDbCluster, https response error StatusCode: 400, RequestID: d986fd4e-4743-4dbb-b0ea-aacb03271f76, ValidationException: Cluster Deployment Type is not supported for InfluxDB V3.
        
          with aws_timestreaminfluxdb_db_cluster.test,
          on terraform_plugin_test.tf line 46, in resource "aws_timestreaminfluxdb_db_cluster" "test":
          46: resource "aws_timestreaminfluxdb_db_cluster" "test" {
        
        operation error Timestream InfluxDB: CreateDbCluster, https response error
        StatusCode: 400, RequestID: d986fd4e-4743-4dbb-b0ea-aacb03271f76,
        ValidationException: Cluster Deployment Type is not supported for InfluxDB
        V3.
--- FAIL: TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3 (13.75s)
--- PASS: TestAccTimestreamInfluxDBDBCluster_basic (1150.75s)
FAIL
FAIL	github.com/hashicorp/terraform-provider-aws/internal/service/timestreaminfluxdb	1156.131s
FAIL
make: *** [testacc] Error 1

or

% make testacc TESTARGS='-run=TestAccTimestreamInfluxDBDBCluster_basic\|TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3\|TestAccTimestreamInfluxDBDBCluster_deploymentType' PKG=timestreaminfluxdb
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
make: Running acceptance tests on branch: 🌿 HEAD 🌿...
TF_ACC=1 go1.24.10 test ./internal/service/timestreaminfluxdb/... -v -count 1 -parallel 20  -run=TestAccTimestreamInfluxDBDBCluster_basic\|TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3\|TestAccTimestreamInfluxDBDBCluster_deploymentType -timeout 360m -vet=off
2025/11/13 12:38:19 Creating Terraform AWS Provider (SDKv2-style)...
2025/11/13 12:38:19 Initializing Terraform AWS Provider (SDKv2-style)...
=== RUN   TestAccTimestreamInfluxDBDBCluster_basic
=== PAUSE TestAccTimestreamInfluxDBDBCluster_basic
=== RUN   TestAccTimestreamInfluxDBDBCluster_deploymentType
=== PAUSE TestAccTimestreamInfluxDBDBCluster_deploymentType
=== RUN   TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== PAUSE TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== CONT  TestAccTimestreamInfluxDBDBCluster_basic
=== CONT  TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== CONT  TestAccTimestreamInfluxDBDBCluster_deploymentType
=== NAME  TestAccTimestreamInfluxDBDBCluster_basic
    db_cluster_test.go:35: Step 1/2 error: Error running apply: exit status 1
        
        Error: creating Amazon Timestream for InfluxDB DB Cluster ("tf-acc-test-575316475208130587"): operation error Timestream InfluxDB: CreateDbCluster, https response error StatusCode: 400, RequestID: cc1041b1-af52-48cc-8b08-1de137e27542, ValidationException: Cluster Deployment Type must be set for InfluxDB V2. Please specify the cluster deployment type.
        
          with aws_timestreaminfluxdb_db_cluster.test,
          on terraform_plugin_test.tf line 50, in resource "aws_timestreaminfluxdb_db_cluster" "test":
          50: resource "aws_timestreaminfluxdb_db_cluster" "test" {
        
        operation error Timestream InfluxDB: CreateDbCluster, https response error
        StatusCode: 400, RequestID: cc1041b1-af52-48cc-8b08-1de137e27542,
        ValidationException: Cluster Deployment Type must be set for InfluxDB V2.
        Please specify the cluster deployment type.
=== NAME  TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
    db_cluster_test.go:521: Step 1/2 error: Error running apply: exit status 1
        
        Error: creating Amazon Timestream for InfluxDB DB Cluster ("tf-acc-test-5961432931593720080"): operation error Timestream InfluxDB: CreateDbCluster, https response error StatusCode: 400, RequestID: 9e84a6f1-3421-4fb5-b92d-6371eb5ee1f2, ValidationException: Private subnet subnet-05b1c506243fa8f24 must have an S3 endpoint configured in its route table when using InfluxDB V3. Please refer to the documentation: https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html#associate-route-tables-s3 for configuring an S3 endpoint for your VPC.
        
          with aws_timestreaminfluxdb_db_cluster.test,
          on terraform_plugin_test.tf line 50, in resource "aws_timestreaminfluxdb_db_cluster" "test":
          50: resource "aws_timestreaminfluxdb_db_cluster" "test" {
        
        operation error Timestream InfluxDB: CreateDbCluster, https response error
        StatusCode: 400, RequestID: 9e84a6f1-3421-4fb5-b92d-6371eb5ee1f2,
        ValidationException: Private subnet subnet-05b1c506243fa8f24 must have an S3
        endpoint configured in its route table when using InfluxDB V3. Please refer
        to the documentation:
        https://docs.aws.amazon.com/vpc/latest/privatelink/vpc-endpoints-s3.html#associate-route-tables-s3
        for configuring an S3 endpoint for your VPC.
--- FAIL: TestAccTimestreamInfluxDBDBCluster_basic (13.58s)
--- FAIL: TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3 (14.46s)
--- PASS: TestAccTimestreamInfluxDBDBCluster_deploymentType (999.55s)
FAIL
FAIL	github.com/hashicorp/terraform-provider-aws/internal/service/timestreaminfluxdb	1004.845s
FAIL
make: *** [testacc] Error 1

@github-actions github-actions bot added the size/L Managed by automation to categorize the size of a PR. label Nov 14, 2025
@mbocevski
Copy link
Author

mbocevski commented Nov 14, 2025

@ewbankkit I fixed the tests and they pass now. Note that the tests are parallel but when I tested AWS does not allow to create influxdb clusters in parallel, so the tests wait until a cluster is created before the other starts, but I'm assuming this is a known case/limitation upstream on AWS.

% make testacc TESTARGS='-run=TestAccTimestreamInfluxDBDBCluster_basic\|TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3\|TestAccTimestreamInfluxDBDBCluster_deploymentType' PKG=timestreaminfluxdb
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
make: Running acceptance tests on branch: 🌿 fix-timestreaminfluxdb-v3-optional-fields 🌿...
TF_ACC=1 go1.24.10 test ./internal/service/timestreaminfluxdb/... -v -count 1 -parallel 20  -run=TestAccTimestreamInfluxDBDBCluster_basic\|TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3\|TestAccTimestreamInfluxDBDBCluster_deploymentType -timeout 360m -vet=off
2025/11/14 15:30:58 Creating Terraform AWS Provider (SDKv2-style)...
2025/11/14 15:30:58 Initializing Terraform AWS Provider (SDKv2-style)...
=== RUN   TestAccTimestreamInfluxDBDBCluster_basic
=== PAUSE TestAccTimestreamInfluxDBDBCluster_basic
=== RUN   TestAccTimestreamInfluxDBDBCluster_deploymentType
=== PAUSE TestAccTimestreamInfluxDBDBCluster_deploymentType
=== RUN   TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== PAUSE TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== CONT  TestAccTimestreamInfluxDBDBCluster_basic
=== CONT  TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== CONT  TestAccTimestreamInfluxDBDBCluster_deploymentType
--- PASS: TestAccTimestreamInfluxDBDBCluster_basic (1071.27s)
--- PASS: TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3 (1736.36s)
--- PASS: TestAccTimestreamInfluxDBDBCluster_deploymentType (2452.68s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/timestreaminfluxdb	2452.812s

YakDriver
YakDriver reviewed Nov 14, 2025
View reviewed changes
Copy link
Member

@YakDriver YakDriver left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you @evanphx for your work on this! We definitely want to unblock V3 but also don't want to impact V2.

It seems like the approach here is to unblock V3 by getting rid of Terraform validation-- relying on AWS. It might be worth adding a ValidateConfig (see, for example, internal/service/logs/delivery_destination.go, lines 97-123).

Also, docs could be clearer:

InfluxDB V2 Clusters (default):

  • Require: allocated_storage, bucket, organization, username, password, deployment_type

InfluxDB V3 Clusters (when using V3 parameter groups):

  • Optional: allocated_storage, bucket, organization, username
  • Forbidden: password, deployment_type

.changelog/44899.txt
```

```release-note:enhancement
resource/aws_timestreaminfluxdb_db_cluster: Remove Terraform default for `deployment_type`
Copy link
Member

@YakDriver YakDriver Nov 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This appears to not be the case anymore, which is good. Removing defaults is a breaking change.

internal/service/timestreaminfluxdb/db_cluster.go
Default: stringdefault.StaticString(string(awstypes.ClusterDeploymentTypeMultiNodeReadReplicas)),
PlanModifiers: []planmodifier.String{
stringplanmodifier.RequiresReplace(),
stringplanmodifier.RequiresReplaceIfConfigured(),
Copy link
Member

@YakDriver YakDriver Nov 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about for V2?

Copy link
Author

@mbocevski mbocevski Nov 14, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

deployment_type is only for V2. V3 deployment types are handled in the parameter group settings.

website/docs/r/timestreaminfluxdb_db_cluster.html.markdown Outdated
* `bucket` - (Optional) Name of the initial InfluxDB bucket. All InfluxDB data is stored in a bucket. A bucket combines the concept of a database and a retention period (the duration of time that each data point persists). A bucket belongs to an organization. Along with `organization`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is optional for InfluxDB V3 clusters (when using `db_parameter_group_identifier`).
* `organization` - (Optional) Name of the initial organization for the initial admin user in InfluxDB. An InfluxDB organization is a workspace for a group of users. Along with `bucket`, `username`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is optional for InfluxDB V3 clusters (when using `db_parameter_group_identifier`).
* `password` - (Optional) Password of the initial admin user created in InfluxDB. This password will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `username`, and `organization`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is optional for InfluxDB V3 clusters (when using `db_parameter_group_identifier`) and must not be provided for V3 clusters as the AWS API rejects it.
* `username` - (Optional) Username of the initial admin user created in InfluxDB. Must start with a letter and can't end with a hyphen or contain two consecutive hyphens. This username will allow you to access the InfluxDB UI to perform various administrative tasks and also use the InfluxDB CLI to create an operator token. Along with `bucket`, `organization`, and `password`, this argument will be stored in the secret referred to by the `influx_auth_parameters_secret_arn` attribute. This field is optional for InfluxDB V3 clusters (when using `db_parameter_group_identifier`).
Copy link
Member

@YakDriver YakDriver Nov 14, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These should all be in alphabetical order with the existing optional arguments.

@mbocevski
Copy link
Author

mbocevski commented Nov 14, 2025
edited
Loading

Thanks for the feedback @YakDriver

It seems like the approach here is to unblock V3 by getting rid of Terraform validation-- relying on AWS. It might be worth adding a ValidateConfig (see, for example, internal/service/logs/delivery_destination.go, lines 97-123).

Yeah, that makes sense, I'll make that change.

Also, docs could be clearer:

Agree, I will make the docs clearer.

I can expand the support of Influx by also including a resource to manage the timestream parameter groups through terraform, however that will significantly increase the size of this PR and also AWS does not provide API's to update or delete Influx parameter groups. Let me know if that is something that you would like to see as part of this PR.

@trevorbonas
Copy link
Contributor

trevorbonas commented Nov 14, 2025

@mbocevski

. . . AWS does not provide API's to update or delete Influx parameter groups.

Previously, this was a blocker for creating a DB parameter group resource.

@github-actions github-actions bot added the size/XL Managed by automation to categorize the size of a PR. label Nov 15, 2025
@mbocevski
Copy link
Author

mbocevski commented Nov 15, 2025

@YakDriver All your feedback has been implemented. Sorted the parameters in the docs, updated the docs to be clearer for Influx 2 and Influx 3 clusters. Implemented validation for InfluxDB V2 and V3 clusters, updated changelog and added acceptance tests to cover the validations.

% make testacc TESTARGS='-run=TestAccTimestreamInfluxDBDBCluster_validateConfig\|TestAccTimestreamInfluxDBDBCluster_basic\|TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3\|TestAccTimestreamInfluxDBDBCluster_deploymentType' PKG=timestreaminfluxdb
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
make: Running acceptance tests on branch: 🌿 fix-timestreaminfluxdb-v3-optional-fields 🌿...
TF_ACC=1 go1.24.10 test ./internal/service/timestreaminfluxdb/... -v -count 1 -parallel 20  -run=TestAccTimestreamInfluxDBDBCluster_validateConfig\|TestAccTimestreamInfluxDBDBCluster_basic\|TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3\|TestAccTimestreamInfluxDBDBCluster_deploymentType -timeout 360m -vet=off
2025/11/15 01:16:21 Creating Terraform AWS Provider (SDKv2-style)...
2025/11/15 01:16:21 Initializing Terraform AWS Provider (SDKv2-style)...
=== RUN   TestAccTimestreamInfluxDBDBCluster_basic
=== PAUSE TestAccTimestreamInfluxDBDBCluster_basic
=== RUN   TestAccTimestreamInfluxDBDBCluster_deploymentType
=== PAUSE TestAccTimestreamInfluxDBDBCluster_deploymentType
=== RUN   TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== PAUSE TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== RUN   TestAccTimestreamInfluxDBDBCluster_validateConfig
=== PAUSE TestAccTimestreamInfluxDBDBCluster_validateConfig
=== CONT  TestAccTimestreamInfluxDBDBCluster_basic
=== CONT  TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3
=== CONT  TestAccTimestreamInfluxDBDBCluster_deploymentType
=== CONT  TestAccTimestreamInfluxDBDBCluster_validateConfig
--- PASS: TestAccTimestreamInfluxDBDBCluster_validateConfig (40.14s)
--- PASS: TestAccTimestreamInfluxDBDBCluster_deploymentType (1193.25s)
--- PASS: TestAccTimestreamInfluxDBDBCluster_dbParameterGroupV3 (1678.34s)
--- PASS: TestAccTimestreamInfluxDBDBCluster_basic (2465.95s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/timestreaminfluxdb	2466.090s

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@YakDriver YakDriver YakDriver left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

bug Addresses a defect in current functionality. documentation Introduces or discusses updates to documentation. prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. service/timestreaminfluxdb Issues and PRs that pertain to the timestreaminfluxdb service. size/L Managed by automation to categorize the size of a PR. size/M Managed by automation to categorize the size of a PR. size/XL Managed by automation to categorize the size of a PR. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support Timestream for InfluxDB v3

8 participants

@mbocevski @eugenestarchenko @sayantjain-alation @airman416 @ewbankkit @trevorbonas @YakDriver @justinretzolk