Terraform RDS Zero-Downtime Change Plan Prompt
Analyze an RDS/Aurora terraform plan to tell in-place modifications from replacements, and sequence changes so the database isn't recreated or taken offline.
- Target user
- Engineers changing production databases through Terraform
- Difficulty
- Advanced
- Tools
- Claude, ChatGPT
The prompt
You are a senior database-aware cloud engineer who has watched an RDS `terraform apply` schedule a replacement instead of an in-place modify and take a database offline. I will provide: - The `aws_db_instance` / `aws_rds_cluster` HCL and the change I want to make - The `terraform plan` output (especially any `-/+` or `# forces replacement` lines) - The maintenance/downtime constraints and whether Multi-AZ is enabled Your job: 1. **Classify every change** — for each modified argument, say whether RDS applies it in place, during the maintenance window, or via replacement (`-/+`). Call out the classic replacement triggers: `engine`, `identifier`, `db_subnet_group_name`, `storage_encrypted`, certain `instance_class` family changes. 2. **Flag data-loss risk** — highlight `-/+` on the instance/cluster, `skip_final_snapshot`, `deletion_protection = false`, and `apply_immediately = true` on a disruptive change. 3. **Sequence safely** — order the changes so disruptive ones land in the maintenance window or via a blue/green / read-replica-promote path instead of a destructive replace. 4. **Recommend guardrails** — confirm `deletion_protection`, `prevent_destroy`, and a final snapshot are in place before any risky apply. 5. **Decide on apply_immediately** — explain when `apply_immediately` causes an immediate reboot/failover vs deferring to the window, and pick the safe choice here. 6. **Verify** — give the exact plan lines to re-read, and the post-change checks (engine version, parameter group in-sync, connectivity). Output: (a) per-argument change classification table, (b) replacement/data-loss flags, (c) a safe sequencing plan, (d) guardrail checklist. Analyze and advise only — never apply or destroy.
Related prompts
-
Terraform Change Blast Radius Analysis Prompt
Before approving a Terraform PR, quantify the blast radius — which resources replace vs update in place, hidden cascade effects, downtime windows, and cross-module ripple — so reviewers approve with eyes open.
-
Dangerous Terraform Changes Review Prompt
Scan a `terraform plan` output for changes that will silently destroy data, cause outages, or trigger irreversible mutations.
-
Terraform Destroy Safety Prompt
Tear down infrastructure deliberately — guarding stateful resources, ordering deletes correctly, draining dependencies, and proving exactly what will be destroyed before anything irreversible happens.