masterUserPasswordSecretRef not getting deleted.

[mmclane]

What happened?

I expect that when creating DBInstance using rds.aws.crossplane.io/v1alpha1 and specifying masterUserPasswordSecretRef with the following

masterUserPasswordSecretRef:
            key: master-password
            name: to-be-patched
            namespace: upbound-system
.
.
.            
            
- fromFieldPath: metadata.name
        toFieldPath: spec.forProvider.masterUserPasswordSecretRef.name
        transforms:
        - type: string
          string:
            type: Format
            fmt: "%s-ephemeraldb"

I will get the secret specified. Additionally, when I delete that claim, the secret will also be deleted.

What I am finding however is that while the secret is created and populated as expected when the claim is made it is not removed when the claim is deleted even though the RDS DBInstance is deleted.

How can we reproduce it?

What environment did it happen in?

Crossplane version: crossplane:v1.10.2-up.1
Provider: xpkg.upbound.io/crossplane-contrib/provider-aws:v0.37.0

I am running a v1.24.8-eks-ffeb93d cluster on AWS.

[MisterMX]

The secret handling for RDS resources has been rewritten in #1756. Now the generated passwords will be stored in a separate cache secret that is removed upon MR deletion. However, a secret referenced through spec.forProvider.masterUserPasswordSecretRef will not be deleted by the controller.

Closing this now, as this issue is probably not relevant anymore with the current implementation. Feel free to reopen if that is not the case.