read tcp 172.16.96.2:57950->3.233.153.163:443: read: connection reset by peer

[dmcgowan-wesfarmers]

Datadog Terraform Provider Version

3.44.1

Terraform Version

1.5.0

What resources or data sources are affected?

• provider

All datadog resources impacted

Terraform Configuration Files

terraform {

  required_version = ">= 1.5.0"

  required_providers {
    aws = {
      version = ">= 5.0"
      source  = "hashicorp/aws"
    }
    datadog = {
      source  = "DataDog/datadog"
      version = "3.44.1"
    }
  }
}


provider "datadog" {
  api_key = KEY
  app_key = SECRET
}

Relevant debug or panic output

Get "https://api.datadoghq.com/api/v1/validate": read tcp 172.16.96.2:57950->3.233.153.163:443: read: connection reset by peer

Expected Behavior

Plan should be successful

Actual Behavior

Get "https://api.datadoghq.com/api/v1/validate": read tcp 172.16.96.2:57950->3.233.153.163:443: read: connection reset by peer

Steps to Reproduce

Issue always occurs when running terraform plan with the datadog provider and any datadog resources

Important Factoids

• This only occurs with provider version 3.44.1. Version 3.44.0 and below are not impacted
• Terraform is executed on BuildKite agents running on EC2's. These EC2's reach the internet via AWS Firewall Service. We noticed the following in firewall logs when the failure occurs indicating potentially an SNI issue?

This is an extract from the datadog logging from the AWS firewall service. It lists all URL's blocked. Note the entry with no FQDN but an external IP address that aligns with what we see in the datadog error message

References

No response