2. `terraform apply`
3. `terraform state show aws_amplify_webhook.master`
### Debug Output
_No response_
### Panic Output
_No response_
### Important Factoids
I need to add an amplify:GetWebhook IAM permission for this specific webhook, but I was getting the error:
Error: reading Amplify Webhook (): operation error Amplify: GetWebhook, https response error StatusCode: 403, RequestID: , api error AccessDeniedException: User: arn:aws:sts:::assumed-role/ is not authorized to perform: amplify:GetWebhook on resource: arn:aws:amplify:::webhooks/
and I noticed the discrepancy in that Terraform outputs the ARN as `arn:aws:amplify:<region>:<account-id>:apps/<app-id>/webhooks/<webhook-id>` when AWS expects `arn:aws:amplify:<region>:<account-id>:webhooks/<webhook-id> `(without the `apps/<app-id>` part).
When I fixed this manually in the IAM console, I no longer saw the 403 error.
### References
_No response_
### Would you like to implement a fix?
None
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
Volunteering to Work on This Issue
If you are interested in working on this issue, please leave a comment.
If this would be your first contribution, please review the contribution guide.
Terraform Core Version
1.9.0
AWS Provider Version
5.67.0
Affected Resource(s)
aws_amplify_webhook
Expected Behavior
The output of
aws_amplify_webhook.example_webhook.arn
should bearn:aws:amplify:<region>:<account-id>:webhooks/<webhook-id>
.Actual Behavior
The actual output of
aws_amplify_webhook.example_webhook.arn
isarn:aws:amplify:<region>:<account-id>:apps/<app-id>/webhooks/<webhook-id>
Relevant Error/Panic Output Snippet
No response
Terraform Configuration Files
terraform { required_providers { aws = { source = "hashicorp/aws" version = "~> 5.0" } } required_version = "~> 1.9.0" }
Steps to Reproduce
resource "aws_amplify_branch" "master" { app_id = aws_amplify_app.example.id branch_name = "master" }
resource "aws_amplify_webhook" "master" { app_id = aws_amplify_app.example.id branch_name = aws_amplify_branch.master.branch_name description = "triggermaster" }
Error: reading Amplify Webhook (): operation error Amplify: GetWebhook, https response error StatusCode: 403, RequestID: , api error AccessDeniedException: User: arn:aws:sts:::assumed-role/ is not authorized to perform: amplify:GetWebhook on resource: arn:aws:amplify:::webhooks/