Privilege RDB "readwrite" switch to custom after a certain amount of time

Question

Privilege RDB "readwrite" switch to custom after a certain amount of time

SebUndefined opened this issue 3 months ago · 1 comments

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

terraform -v
Terraform v1.6.5
on darwin_arm64

Your version of Terraform is out of date! The latest version
is 1.9.7. You can update by downloading from https://www.terraform.io/downloads.html

Affected Resource(s)

scaleway_rdb_privilege

Terraform Configuration Files

resource "scaleway_rdb_privilege" "my_privilege" {
  instance_id   = MY_ID
  user_name     = USERNAME
  database_name = DB_NAME
  permission    = "readwrite"
}

Actual Behavior

The privilege is actually well defined if we look at the scw console to "Permissions (Read/Write)" on the "DB_NAME" for a few minutes. After some time, it switch to "custom" in the console without any reason and cause a permission denied error if we try to query or insert an element in some table.

Steps to Reproduce

Deploy the resource

resource "scaleway_rdb_privilege" "my_privilege" {
  instance_id   = MY_ID
  user_name     = USERNAME
  database_name = DB_NAME
  permission    = "readwrite"
}

Run terraform apply

Wait some minutes/seconds and see the privileges switching to custom

Note, if we assign back the privilege to "Permissions (Read/Write)" manually (scw console), it seems to be ok and not going back to custom.

Important Factoids

None

Answer 1 · 2024-10-04T15:07:51.000Z

ok sorry, it is apparently due to the table creation I did
If I refer to this link

Permissions are applied on existing items at the moment the configuration is set, and not applied to any items created
afterward. When you modify your Database configuration, your configured permissions are automatically set to Custom.
The Custom setting ensures that your permissions are still valid for items created before you reconfigured your Database.
Any items created after you change your configuration will not have permissions applied to them, you must set new
permissions.

It is quite strange behavior especially for database. Migrations happen regularly and If I apply one of them in a job (kubernetes or scaleway) I have to apply new privilege but in my TF state the permission is still readwrite, not custom.
Does setting the privilege to "all" could be a workaroud ?