Open ghost opened 6 years ago
Is there any fix for the above issue, I am still facing the same CODE: resource "aws_cloudwatch_event_rule" "ecs_tast_status" { count = "${var.ecscluster_is_enabled}" depends_on = [ "aws_ecs_cluster.ecs_cluster_name" ] name = "${aws_ecs_cluster.ecs_cluster_name.name}_TASK_STATUS" description = "YOU WILL BE NOTIFIED due to change on DEPLOYED SERVICE STATUS" event_pattern = <<PATTERN { "source": [ "aws.ecs" ], "detail-type": [ "ECS Task State Change" ], "detail": { "clusterArn": [ "${aws_ecs_cluster.ecs_cluster_name.arn}" ] } } PATTERN }
OUTPUT:
Noting the original / top issue here remains, and it's been seen in the AWS Console as well. It may be related to Go itself.
Working around the issue is possible by using a null_resource
resource and local-exec
provisioner, where the AWS CLI command correctly updates the pattern with every terraform apply
...
variable "event_pattern" {
type = "string"
default = <<PATTERN
{
"source": ["aws.guardduty"],
"detail-type": ["GuardDuty Finding"],
"detail": {
"severity": [4,4.0,4.1,4.2,4.3,4.4,4.5,4.6,4.7,4.8,4.9,5,5.0,5.1,5.2,5.3,5.4,5.5,5.6,5.7,5.8,5.9,6,6.0,6.1,6.2,6.3,6.4,6.5,6.6,6.7,6.8,6.9,7,7.0,7.1,7.2,7.3,7.4,7.5,7.6,7.7,7.8,7.9,8,8.0,8.1,8.2,8.3,8.4,8.5,8.6,8.7,8.8,8.9]
}
}
PATTERN
}
resource "aws_cloudwatch_event_rule" "guard-duty-medium-and-high" {
name = "Guard-Duty-Medium-And-High"
event_pattern = var.event_pattern
}
resource "null_resource" "guard-duty-medium-and-high-rule-via-cli" {
depends_on = [aws_cloudwatch_event_rule.guard-duty-medium-and-high]
triggers = {
always_run = timestamp() # This likely implies needing to remove this resource prior to destroying the rule one
}
provisioner "local-exec" {
command = "aws events put-rule --name Guard-Duty-Medium-And-High --event-pattern '${var.event_pattern}'"
}
}
resource "aws_cloudwatch_event_target" "guard-duty-medium-and-high-target" {
rule = aws_cloudwatch_event_rule.guard-duty-medium-and-high.name
arn = aws_sns_topic.devops-events.arn
}
This issue was originally opened by @phundisk as hashicorp/terraform#18094. It was migrated here as a result of the provider split. The original body of the issue is below.
When using TF 0.11.7 and the aws_cloudwatch_event_rule resource. If you specify a pattern that is a float like '5.0' TF will remove the trailing 0 and change it to simply '5'. This is bad because you may want to look for string that are actually 5.0 for example with AWS guard duty events.
Terraform Version
Terraform Configuration Files
Expected Behavior
Event pattern should not have changed from '5.0' to '5' as for AWS events, the actual event is 5.0 and not 5.
Actual Behavior
Steps to Reproduce