aws_guardduty_publishing_destination: add prefix to destination_arn fails

JihadMotii-REISys commented 3 years ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform AWS Provider Version

Affected Resource(s)

aws_guardduty_publishing_destination

Terraform Configuration Files

Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.

resource "aws_guardduty_publishing_destination" "gd_publishing_destination" {
  detector_id     = aws_guardduty_detector.gd_detector.id
  destination_arn = "arn:aws:s3:::my-common-logs/MY_PREFIX_FOLDER/"
  kms_key_arn     = data.aws_kms_key.gd_key.arn
}

Debug Output

module.security-guardduty.aws_guardduty_publishing_destination.gd_publishing_destination: Creating...

Error: Creating GuardDuty publishing destination failed: BadRequestException: The request failed because the resource folder specified in the destinationArn parameter does not exist.
{
  RespMetadata: {
    StatusCode: 400,
    RequestID: "0213sadsa-sadsadsa-sa-d-sa"
  },
  Message_: "The request failed because the resource folder specified in the destinationArn parameter does not exist.",
  Type: "InvalidInputException"
}

Expected Behavior

The GuardDuty publishing destination should be created in the provided destination_arn as the S3 bucket including the prefix arn:aws:s3:::my-common-logs/MY_PREFIX_FOLDER/ do exist.

Actual Behavior

Currently it throws an exception as shown in the output section.

Is this a bug or do I have to provide these information in a different structure?

Can you please help me with this issue?

Thanks in Advance!

0000

gdavison commented 3 years ago

Hi @JihadMotii-REISys. Are you creating the S3 bucket and the folder using Terraform, or do they already exist? Is there more to the Terraform configuration?

I was not able to reproduce the error you're getting. If the folder does not exist in the bucket, I get the error you're seeing. When the folder has been created, Terraform is able to successfully create the publishing destination.

JihadMotii-REISys commented 3 years ago

Hey @gdavison sorry for the delayed response,

Yes, they are both created using Terraform and this bucket with the same folder prefix are used in CloudWatch export logs without any issue. I'm not sure why GuarDuty is only the one complaining about it. Thanks!

JihadMotii-REISys commented 3 years ago

@gdavison this is still a problem and the only workaround is to setup this destination through AWS Console then delete it after that you can rerun terraform and it will be executed successfully.

github-actions[bot] commented 1 year ago

Marking this issue as stale due to inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 30 days it will automatically be closed. Maintainers can also remove the stale label.

If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you!

github-actions[bot] commented 1 year ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashicorp / terraform-provider-aws