Closed connor-tyndall closed 2 months ago
Voting for Prioritization
Volunteering to Work on This Issue
Hey @connor-tyndall π Thank you for taking the time to raise this! So that we have the information we need to look into this, can you supply a sample Terraform configuration that can be used to reproduce this and, if possible, debug logging (redacted as needed)?
I can confirm the same thing started happening for us as well. With no changes to the code we can see the invitation is being sent, but the client can't accept it with the same error as above:
# module.audit-account-setup.module.enable_guardduty[0].aws_guardduty_member.members[6] will be created
+ resource "aws_guardduty_member" "members" {
+ account_id = "571******"
+ detector_id = "030e0fa1385f4af29b02a198f69d8de0"
+ email = "test-account-d506v@dev.****..com"
+ id = (known after apply)
+ invitation_message = "You have to accept the invitation to enable GuardDuty monitoring."
+ invite = true
+ relationship_status = (known after apply)
}
And the error:
β Error: accepting GuardDuty Invitation (): operation error GuardDuty: AcceptInvitation, https response error StatusCode: 400, RequestID: 5fb2b96f-8be9-41ef-ac3b-1ff62b2573aa, BadRequestException: The request is rejected because an invalid or out-of-range value is specified as an input parameter.
β
β with module.mgmt-service-setup-customer.module.accept_gd_invitation[0].aws_guardduty_invite_accepter.member_accepter[0],
β on .terraform/modules/mgmt-service-setup-customer.accept_gd_invitation/main.tf line 51, in resource "aws_guardduty_invite_accepter" "member_accepter":
β 51: resource "aws_guardduty_invite_accepter" "member_accepter" {
β
No code changes happened to this area in recent weeks and we notice this behavior now.
I can reproduce with our acceptance tests:
% AWS_GUARDDUTY_MEMBER_ACCOUNT_ID=... AWS_GUARDDUTY_MEMBER_EMAIL=... make testacc TESTARGS='-run=TestAccGuardDuty_serial/InviteAccepter' PKG=guardduty
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.0 test ./internal/service/guardduty/... -v -count 1 -parallel 20 -run=TestAccGuardDuty_serial/InviteAccepter -timeout 360m
=== RUN TestAccGuardDuty_serial
=== PAUSE TestAccGuardDuty_serial
=== CONT TestAccGuardDuty_serial
=== RUN TestAccGuardDuty_serial/InviteAccepter
=== RUN TestAccGuardDuty_serial/InviteAccepter/basic
invite_accepter_test.go:29: Step 1/2 error: Error running apply: exit status 1
Error: accepting GuardDuty Invitation (): operation error GuardDuty: AcceptInvitation, https response error StatusCode: 400, RequestID: 6cf0bab9-d10a-4c58-bb42-040346540c7e, BadRequestException: The request is rejected because an invalid or out-of-range value is specified as an input parameter.
with aws_guardduty_invite_accepter.test,
on terraform_plugin_test.tf line 37, in resource "aws_guardduty_invite_accepter" "test":
37: resource "aws_guardduty_invite_accepter" "test" {
--- FAIL: TestAccGuardDuty_serial (71.01s)
--- FAIL: TestAccGuardDuty_serial/InviteAccepter (71.01s)
--- FAIL: TestAccGuardDuty_serial/InviteAccepter/basic (71.01s)
FAIL
FAIL github.com/hashicorp/terraform-provider-aws/internal/service/guardduty 75.719s
FAIL
make: *** [testacc] Error 1
[!WARNING] This issue has been closed, meaning that any additional comments are hard for our team to see. Please assume that the maintainers will not see them.
Ongoing conversations amongst community members are welcome, however, the issue will be locked after 30 days. Moving conversations to another venue, such as the AWS Provider forum, is recommended. If you have additional concerns, please open a new issue, referencing this one where needed.
This functionality has been released in v5.65.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.
For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!
I confirm this now works on aws provider v 5.65.0. Thank you!
I'm going to lock this issue because it has been closed for 30 days β³. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
Terraform Core Version
1.5.4
AWS Provider Version
5.62.0
Affected Resource(s)
Expected Behavior
Actual Behavior
aws_guardduty_invite_accepter
resource is failing to accept the GuardDuty invite."The request is rejected because an invalid or out-of-range value is specified as an input parameter."
Relevant Error/Panic Output Snippet
The request is rejected because an invalid or out-of-range value is specified as an input parameter.
Terraform Configuration Files
Steps to Reproduce
Debug Output
No response
Panic Output
No response
Important Factoids
No response
References
No response
Would you like to implement a fix?
None