mysql terraform terraform-provider-azure azure-mysql-database

terraform azure mysql gtid_mode "ON" error

i am trying to create mysql with some default configurations on azure with terraform, following is my code. although "enforce_gtid_consistency" and "time_zone" is working and being created, but "gtid_mode" "ON" isn't working I am getting following error.

resource "azurerm_mysql_server" "main" {
  name                = var.mysql_server_name != "" ? var.mysql_server_name : "mysql-01-${var.instancesuffix}"
  location            = azurerm_resource_group.main.location
  resource_group_name = azurerm_resource_group.main.name

  administrator_login          = var.mysql_administrator_login
  administrator_login_password = data.mykv.mysql.value

  sku_name   = var.mysql_sku_name
  storage_mb = var.mysql_storage_mb
  version    = var.mysql_version

  auto_grow_enabled                 = true
  backup_retention_days             = 7
  geo_redundant_backup_enabled      = false
  infrastructure_encryption_enabled = true
  public_network_access_enabled     = true
  ssl_enforcement_enabled           = true
  ssl_minimal_tls_version_enforced  = "TLS1_2"
  lifecycle {
    ignore_changes = [tags]
  }
  threat_detection_policy {
    disabled_alerts      = []
    email_account_admins = false
    email_addresses      = []
    enabled              = true
    retention_days       = 0
  }

}
resource "azurerm_mysql_configuration" "time_zone" {
  name                = "time_zone"
  resource_group_name = azurerm_resource_group.main.name
  server_name         = azurerm_mysql_server.main.name
  value               = "+00:00"
}
resource "azurerm_mysql_configuration" "enforce_gtid_consistency" {
  name                = "enforce_gtid_consistency"
  resource_group_name = azurerm_resource_group.main.name
  server_name         = azurerm_mysql_server.main.name
  value               = "ON"
}
resource "azurerm_mysql_configuration" "gtid_mode" {
  name                = "gtid_mode"
  resource_group_name = azurerm_resource_group.main.name
  server_name         = azurerm_mysql_server.main.name
  value               = "ON"

}

Error: waiting for creation of Configuration: (Name "gtid_mode" / Server Name "mysql-01" / Resource Group "myrg-01"): Code="InternalServerError" Message="An unexpected error occured while processing the request. Tracking ID: 'h59fr7f-18uo-90db-tb20-5y65d34btb04'"
  on resources.tf line 164, in resource "azurerm_mysql_configuration" "gtid_mode":
 164: resource "azurerm_mysql_configuration" "gtid_mode" {

Solution

As I have mentioned in comment , The gtid_mode can only be enabled in sequence , directly turning ON will not work evenif the dependency is set with enforce_gtid_consistency.

So, as a solution you have to set it up in sequence:

OFF_PERMISSIVE

ON_PERMISSIVE

ON

I tested with your code doing some changes as below:

main.tf

provider "azurerm"{
    features{}
}
data "azurerm_resource_group" "main"{
    name = "resourcegroup"
}
data "azurerm_key_vault" "kv"{
    name = "ansumantestkv1234"
    resource_group_name = "resourcegroup"
}
data "azurerm_key_vault_secret" "name" {
  name = "mysqlpassword"
  key_vault_id = data.azurerm_key_vault.kv.id
}
resource "azurerm_mysql_server" "main" {
  name                = var.mysql_server_name
  location            = data.azurerm_resource_group.main.location
  resource_group_name = data.azurerm_resource_group.main.name

  administrator_login          = var.mysql_administrator_login
  administrator_login_password = data.azurerm_key_vault_secret.name.value

  sku_name   = var.mysql_sku_name
  storage_mb = var.mysql_storage_mb
  version    = var.mysql_version

  auto_grow_enabled                 = true
  backup_retention_days             = 7
  geo_redundant_backup_enabled      = false
  infrastructure_encryption_enabled = true
  public_network_access_enabled     = true
  ssl_enforcement_enabled           = true
  ssl_minimal_tls_version_enforced  = "TLS1_2"
  threat_detection_policy {
    disabled_alerts      = []
    email_account_admins = false
    email_addresses      = []
    enabled              = true
    retention_days       = 0
  }

}

resource "azurerm_mysql_configuration" "time_zone" {
  name                = "time_zone"
  resource_group_name = data.azurerm_resource_group.main.name
  server_name         = azurerm_mysql_server.main.name
  value               = "+00:00"
}
resource "azurerm_mysql_configuration" "enforce_gtid_consistency" {
  name                = "enforce_gtid_consistency"
  resource_group_name = data.azurerm_resource_group.main.name
  server_name         = azurerm_mysql_server.main.name
  value               = "ON"
  depends_on = [
    azurerm_mysql_configuration.time_zone
  ]
}
resource "azurerm_mysql_configuration" "gtid_mode_OFF_permissive" {
  name                = "gtid_mode"
  resource_group_name = data.azurerm_resource_group.main.name
  server_name         = azurerm_mysql_server.main.name
  value               = "OFF_PERMISSIVE"
 depends_on = [
  azurerm_mysql_configuration.enforce_gtid_consistency,
 ]
}
resource "azurerm_mysql_configuration" "gtid_mode_ON_Permissive" {
  name                = "gtid_mode"
  resource_group_name = data.azurerm_resource_group.main.name
  server_name         = azurerm_mysql_server.main.name
  value               = "ON_PERMISSIVE"
 depends_on = [
  azurerm_mysql_configuration.gtid_mode_OFF_permissive
 ]
}
resource "azurerm_mysql_configuration" "gtid_mode_ON" {
  name                = "gtid_mode"
  resource_group_name = data.azurerm_resource_group.main.name
  server_name         = azurerm_mysql_server.main.name
  value               = "ON"
 depends_on = [
  azurerm_mysql_configuration.gtid_mode_ON_Permissive
 ]
}

variable.tf:

variable "mysql_server_name" {
  default = "ansumanmysqlserver"
}

variable "mysql_administrator_login" {
  default = "ansuman"
}

variable "mysql_sku_name" {
  default = "GP_Gen5_2"
}
variable "mysql_storage_mb" {
  default = "5120"
}
variable "mysql_version" {
  default = "5.7"
}

Outputs:

Reference:

MySQL :: MySQL 8.0 Reference Manual :: 17.1.4.2 Enabling GTID Transactions Online