How to use Terraform to disable deletion protection on AWS RDS?

Question

I used Terraform to bring up an AWS RDS SQL Server DB with deletion_protection set to true. Now, I am trying to delete the database and hence I tried to first run {terraform apply} with deletion_protection set to false, and I got the following error:

Error: error deleting Database Instance "awsworkerdb-green": InvalidParameterCombination: Cannot delete protected DB Instance, please disable deletion protection and try again.
    status code: 400, request id: 7e787deb-af03-4016-9baa-471ab9c0ae1c

Then I tried to directly do {terraform destroy} using the same TF code with deletion_protection set to false, I got the following error:

Error: error deleting Database Instance "awsworkerdb-green": InvalidParameterCombination: Cannot delete protected DB Instance, please disable deletion protection and try again.
    status code: 400, request id: 9a95ef70-8738-4a31-b0cd-cf10ef05bdec

How does one go about deleting this database instance using terraform?

Answer 1

From cli use below

aws rds modify-db-instance --db-instance-identifier <DB_IDENTIFIER> --region <DB_REGION> --no-deletion-protection --apply-immediately

Answer 2

This would be two distinct API invocations, and therefore two consecutive Terraform executions with two different config modifications:

• Modify deletion_protection to be false in your config, and apply your changes to the RDS instance.
• Remove the RDS from the config and apply, or destroy the RDS resource directly. Either action will delete the RDS instance.

Answer 3

You can't. You have to do it manually using AWS console or AWS CLI with modify-db-instance. The entire point of deletion protection is so that the rds instance is not easy to delete, and you have to explicitly modify it for that.