AWS RDS instances have an attribute called latest_restorable_time that gets updated continuously by AWS. This attribute isn't configurable, it's a read-only value.
My Terraform plan output always shows that my RDS instance objects have changed outside of Terraform because this attribute changes. I'd like to ignore this attribute to get rid of the noise from my plan outputs.
Adding an ignore_changes block to my RDS configuration doesn't work because the attribute isn't configurable.
Here is the plan output:
Terraform detected the following changes made outside of Terraform since the
last "terraform apply":
# module.app_db.aws_db_instance.app_database has changed
~ resource "aws_db_instance" "app_database" {
id = "app-stag"
~ latest_restorable_time = "2023-04-12T16:25:00Z" -> "2023-04-12T17:25:00Z"
tags = {}
# (50 unchanged attributes hidden)
}
Edit: For clarification, I'd like to know if it's possible to ignore changes to resource attributes that aren't configurable parameters. The one I'm currently having a problem with is an example of an attribute that isn't set through the configuration, but that gets updated continuously by the provider.
It turns out this was caused by a bug in Terraform that was fixed in version 1.2. Prior to version 1.2, Terraform plan was showing all resource drift in the managed resources. Starting in v1.2, "only external changes which may have contributed to changes in the plan will be shown".
My Gitlab Terraform integration was using Terraform v1.1, which is why I was still having this issue. I changed my gitlab-ci.yml file to use a Terraform v1.3 image and it fixed the issue; my pipelines no longer show resource drift due to that latest_restorable_time attribute.