resource/aws_inspector_assessment_target: subscribe-to-event

[s-maj]

Based on PR: hashicorp/terraform#13534
Fixes: #843
Fixed tests and added retries to avoid SNS Topic policy eventual consistency issues.

make testacc TEST=./aws TESTARGS='-run=TestAccAWSInspectorTemplate'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSInspectorTemplate -timeout 120m
=== RUN   TestAccAWSInspectorTemplateEventSubscriptions_basic
--- PASS: TestAccAWSInspectorTemplateEventSubscriptions_basic (47.16s)
=== RUN   TestAccAWSInspectorTemplateEventSubscriptions_update
--- PASS: TestAccAWSInspectorTemplateEventSubscriptions_update (128.64s)
=== RUN   TestAccAWSInspectorTemplate_basic
--- PASS: TestAccAWSInspectorTemplate_basic (57.17s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	233.018s

[vpadronblanco]

Can we get this merged? I have use of this as well

[joaquinrinaudo-olx]

+1: We also need SNS subscription to Inspector.

[humayunjamal]

+1: Please merge

[gileshinchcliff]

Any update on this?

[s-maj]

Hi @bflad!
Would be possible to merge this or something is still missing here?

[bribot0225]

Would love to see this merged as well.

[paultyng]

this function name is misspelled (Subscritpions), should probably be testAccAWSInspectorTemplateAssessmentConfigTwoEventSubscriptions

[paultyng]

these don't need to be exported

[paultyng]

please use validation.StringInSlice instead

[paultyng]

can remove this once you swap validation to validation.StringInSlice

[paultyng]

this should stay, the language of the example is hcl

[paultyng]

This is unnecessary, the hash by default will contain all the keys.

[paultyng]

You can use ValidateFunc: validateArn here (see https://github.com/terraform-providers/terraform-provider-aws/blob/b797d11058d9293aa9cd95eb54c39883d5813756/aws/validators.go#L470:6)

[paultyng]

schema.Set has a Difference function that would make this cleaner, can probably eliminate it

[paultyng]

schema.Set has a Contains function that would make this cleaner, can probably eliminate it

[CaseyLabs]

Hi there, what's the status of this merge request? I've just ran into this issue as well, where I'm unable to associate an AWS Inspector template with an SNS topic via Terraform.

[someeodtech]

Any status on resolving conflicts & finishing this merge?

[frederiksf]

Any updates here?

[chilliblast]

Hi all

Is there any update on this as I have a pending need for this functionality also.

Thanks

[rafaelmagu]

@s-maj will you continue working on this branch or has this PR been abandoned?

[dharada1]

we need this

[joshpavel]

FYI, my workaround:

resource "null_resource" "inspector_sns" {

  provisioner "local-exec" {
    command = "aws --region ${data.aws_region.current.name} inspector subscribe-to-event --resource-arn ${aws_inspector_assessment_template.inspector_assessment_template.arn} --event FINDING_REPORTED --topic-arn ${aws_sns_topic.inspector.arn}"
  }

  depends_on = [
    "aws_lambda_function.inspector_reports",
    "aws_sns_topic.inspector"
  ]
}

[bflad]

Hi folks 👋 Since there has been no activity with this pull request, especially in response to the requested changes from a year ago and the current merge conflicts, we are going to close this. If the original author or a community member has the ambition to continue working on this, please submit a new pull request and the maintainers will take a fresh look. Thanks.

[fedecz]

I submitted PR #12261 to address this issue. I'd appreciate if you thumb'd it up for visibility. Thanks 👍

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!