Merge pull request #44143 from tabito-hara/b-aws_rds_cluster_role_association-make_feature_name_optional

[bugfix] r/aws_rds_cluster_role_association: Change `feature_name` argument from required to optional

Author: ewbankkit

.changelog/44143.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+resource/aws_rds_cluster_role_association: Make `feature_name` optional
+```

internal/service/rds/cluster_role_association.go

@@ -50,7 +50,7 @@ func resourceClusterRoleAssociation() *schema.Resource {
 			},
 			"feature_name": {
 				Type:     schema.TypeString,
-				Required: true,
+				Optional: true,
 				ForceNew: true,
 			},
 			names.AttrRoleARN: {
@@ -72,10 +72,13 @@ func resourceClusterRoleAssociationCreate(ctx context.Context, d *schema.Resourc
 	id := clusterRoleAssociationCreateResourceID(dbClusterID, roleARN)
 	input := rds.AddRoleToDBClusterInput{
 		DBClusterIdentifier: aws.String(dbClusterID),
-		FeatureName:         aws.String(d.Get("feature_name").(string)),
 		RoleArn:             aws.String(roleARN),
 	}
 
+	if v, ok := d.GetOk("feature_name"); ok {
+		input.FeatureName = aws.String(v.(string))
+	}
+
 	_, err := tfresource.RetryWhenIsA[any, *types.InvalidDBClusterStateFault](ctx, d.Timeout(schema.TimeoutCreate), func(ctx context.Context) (any, error) {
 		return conn.AddRoleToDBCluster(ctx, &input)
 	})

internal/service/rds/cluster_role_association_test.go

@@ -52,6 +52,38 @@ func TestAccRDSClusterRoleAssociation_basic(t *testing.T) {
 	})
 }
 
+func TestAccRDSClusterRoleAssociation_mysqlWithoutFeatureName(t *testing.T) {
+	ctx := acctest.Context(t)
+	var dbClusterRole types.DBClusterRole
+	rName := sdkacctest.RandomWithPrefix(acctest.ResourcePrefix)
+	dbClusterResourceName := "aws_rds_cluster.test"
+	iamRoleResourceName := "aws_iam_role.test"
+	resourceName := "aws_rds_cluster_role_association.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:                 func() { acctest.PreCheck(ctx, t) },
+		ErrorCheck:               acctest.ErrorCheck(t, names.RDSServiceID),
+		ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories,
+		CheckDestroy:             testAccCheckClusterRoleAssociationDestroy(ctx),
+		Steps: []resource.TestStep{
+			{
+				Config: testAccClusterRoleAssociationConfig_mysqlWithoutFeatureName(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckClusterRoleAssociationExists(ctx, resourceName, &dbClusterRole),
+					resource.TestCheckResourceAttrPair(resourceName, "db_cluster_identifier", dbClusterResourceName, names.AttrID),
+					resource.TestCheckResourceAttr(resourceName, "feature_name", ""),
+					resource.TestCheckResourceAttrPair(resourceName, names.AttrRoleARN, iamRoleResourceName, names.AttrARN),
+				),
+			},
+			{
+				ResourceName:      resourceName,
+				ImportState:       true,
+				ImportStateVerify: true,
+			},
+		},
+	})
+}
+
 func TestAccRDSClusterRoleAssociation_disappears(t *testing.T) {
 	ctx := acctest.Context(t)
 	var dbClusterRole types.DBClusterRole
@@ -214,3 +246,44 @@ data "aws_iam_policy_document" "rds_assume_role_policy" {
 }
 `, rName))
 }
+
+func testAccClusterRoleAssociationConfig_mysqlWithoutFeatureName(rName string) string {
+	return acctest.ConfigCompose(
+		acctest.ConfigAvailableAZsNoOptIn(),
+		fmt.Sprintf(`
+resource "aws_rds_cluster_role_association" "test" {
+  db_cluster_identifier = aws_rds_cluster.test.id
+  role_arn              = aws_iam_role.test.arn
+}
+
+resource "aws_rds_cluster" "test" {
+  cluster_identifier  = %[1]q
+  engine              = "aurora-mysql"
+  availability_zones  = [data.aws_availability_zones.available.names[0], data.aws_availability_zones.available.names[1], data.aws_availability_zones.available.names[2]]
+  database_name       = "mydb"
+  master_username     = "foo"
+  master_password     = "foobarfoobarfoobar"
+  skip_final_snapshot = true
+}
+
+resource "aws_iam_role" "test" {
+  assume_role_policy = data.aws_iam_policy_document.rds_assume_role_policy.json
+  name               = %[1]q
+
+  # ensure IAM role is created just before association to exercise IAM eventual consistency
+  depends_on = [aws_rds_cluster.test]
+}
+
+data "aws_iam_policy_document" "rds_assume_role_policy" {
+  statement {
+    actions = ["sts:AssumeRole"]
+    effect  = "Allow"
+
+    principals {
+      identifiers = ["rds.amazonaws.com"]
+      type        = "Service"
+    }
+  }
+}
+`, rName))
+}

website/docs/r/rds_cluster_role_association.html.markdown

@@ -29,7 +29,7 @@ This resource supports the following arguments:
 
 * `region` - (Optional) Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the [provider configuration](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#aws-configuration-reference).
 * `db_cluster_identifier` - (Required) DB Cluster Identifier to associate with the IAM Role.
-* `feature_name` - (Required) Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).
+* `feature_name` - (Optional) Name of the feature for association. This can be found in the AWS documentation relevant to the integration or a full list is available in the `SupportedFeatureNames` list returned by [AWS CLI rds describe-db-engine-versions](https://docs.aws.amazon.com/cli/latest/reference/rds/describe-db-engine-versions.html).
 * `role_arn` - (Required) Amazon Resource Name (ARN) of the IAM Role to associate with the DB Cluster.
 
 ## Attribute Reference