Add tag support for RDS/Aurora Proxies (aws_db_proxy, aws_db_proxy_target_group) #44380
Description
Description
Currently, RDS Proxies (aws_db_proxy and related resources) in Terraform do not support tagging. Unlike other RDS resources such as aws_db_instance and aws_db_cluster, there is no tags or tags_all argument available in the provider, and the AWS Console also does not expose tagging options for proxies.
The underlying reason appears to be that the AWS API (CreateDBProxy, ModifyDBProxy) does not currently support tags. This creates a gap for users who rely on tags for cost allocation, automation, and resource organization.
This issue is intended to:
Track the lack of tagging support for RDS/Aurora Proxies.
Document the limitation for the Terraform community.
Allow quick implementation in the AWS Provider once AWS adds tag support to the RDS Proxy API.
Affected Resource(s) or Data Source(s)
- aws_db_proxy
- aws_db_proxy_target_group
- aws_db_proxy_default_target_group
Potential Terraform Configuration
resource "aws_db_proxy" "example" {
name = "example-proxy"
engine_family = "MYSQL"
role_arn = aws_iam_role.rds_proxy_role.arn
vpc_subnet_ids = [aws_subnet.sub1.id, aws_subnet.sub2.id]
auth {
auth_scheme = "SECRETS"
secret_arn = aws_secretsmanager_secret.example.arn
iam_auth = "DISABLED"
}
tags = {
Environment = "dev"
Team = "platform"
}
}
References
AWS API Reference: CreateDBProxy
Terraform docs: aws_db_proxy
Would you like to implement the enhancement?
No