Open mohammednias opened 1 year ago
Voting for Prioritization
Volunteering to Work on This Issue
Hey @mohammednias 👋 Thank you for taking the time to raise this! So that we have the necessary information in order to look into this, can you supply debug logs (redacted as needed) as well?
I ran into this exact same issue when using CloudFormation as well. It might be an issue with the AWS API?
I figured out what the issue is. When you are creating a multi-account report, you cannot specify a framework. If you remove the framework ARN, this works fine.
Terraform Core Version
12.3.1
AWS Provider Version
5.5.0
Affected Resource(s)
Expected Behavior
aws_backup_report_plan
should create the report plan for report template type is "CONTROL_COMPLIANCE_REPORT" or "RESOURCE_COMPLIANCE_REPORT", when deploying from management account, for multi account setup.Curently its only working when the report template type is either "BACKUP_JOB_REPORT", "COPY_JOB_REPORT" or "RESTORE_JOB_REPORT"
Actual Behavior
AWS api returns with validation error:
"Error: creating Backup Report Plan : InvalidParameterValueException: Invalid parameter: For multi-account, multi-Region reports, use Accounts, OrganizationUnits and Regions"
Relevant Error/Panic Output Snippet
Terraform Configuration Files
Steps to Reproduce
1) Create aws backup frame work with atleast one control in it, from aws management account (Orgaization management account) 2) Crete backup report plan with report template type of either "CONTROL_COMPLIANCE_REPORT" or "RESOURCE_COMPLIANCE_REPORT", selecting previously created aws backup framework, and by adding target aws account under the AWS organization
Note : Same setup works manually in AWS console, its "ONLY" not working when creating via terraform
Debug Output
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
Yes