-
Notifications
You must be signed in to change notification settings - Fork 9.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: aws_inspector2_enabler uses wrong status api #27644
Comments
Community NoteVoting for Prioritization
Volunteering to Work on This Issue
|
Related #27639 |
Hello @aa-ron-arnott , I'm encountering this issue as well. This ticket is shown as "open", so I supposed you weren't able to get this work on your end? Would appreciate any feedback/workarounds you can share. I'm inclined to just use the AWS console to deploy Inspector2 via Organizations, as it seems there are still bugs in these Terraform resource types for Inspector2. |
This functionality has been released in v4.66.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Terraform Core Version
1.1.9
AWS Provider Version
4.37.0
Affected Resource(s)
aws_inspector2_enabler
Expected Behavior
The resource should enable, the specified resource scanning, AND inspector2 in the designated accounts. The resource should be using the BatchGetAccountStatus api instead of the Disable api.
Actual Behavior
The status checks using the
Disable
api make it so that the resource scanning ends up enabled, but the inspector2 status is disabled in the target account.We see the response from this part of the get status code.
terraform-provider-aws/internal/service/inspector2/enabler.go
Lines 260 to 266 in 3cf15a2
It starts as this
And the response to the final
Disable
request shows like thisNote that
status
has gone fromENABLING
toDISABLED
.Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
Steps to Reproduce
Disable
event, they should show the resource progressing fromENABLING
toENABLED
toDISABLING
andDISABLED
though theec2
andecr
resource status will finalize onENABLED
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
The resource status checks in question:
terraform-provider-aws/internal/service/inspector2/enabler.go
Lines 260 to 266 in 3cf15a2
The recommended AWS API: https://docs.aws.amazon.com/inspector/v2/APIReference/API_BatchGetAccountStatus.html
Would you like to implement a fix?
No
The text was updated successfully, but these errors were encountered: