terraform-provider-newrelic
terraform-provider-newrelic copied to clipboard
newrelic
newrelic_alert_policy_channel returns 400 every time but creates resources
Please include the following with your bug report
:warning: Important: Failure to include the following, such as omitting the Terraform configuration in question, may delay resolving the issue.
- [x] Your New Relic
providerconfiguration (sensitive details redacted) - [x] A list of affected resources and/or data sources
- [x] The configuration of the resources and/or data sources related to the bug report (i.e. from the list mentioned above)
- [x] Description of the current behavior (the bug)
- [x] Description of the expected behavior
- [x] Any related log output
Terraform Version
0.14.
Affected Resource(s)
newrelic_alert_policy_channel
Terraform Configuration
Please include your
providerconfiguration (sensitive details redacted) as well as the configuration of the resources and/or data sources related to the bug report.
Providers required by configuration:
.
├── provider[registry.terraform.io/hashicorp/aws] 3.22.0
├── provider[registry.terraform.io/newrelic/newrelic] 2.15.0
├── module.new_relic
│ ├── provider[registry.terraform.io/newrelic/newrelic]
│ └── provider[registry.terraform.io/hashicorp/aws]
Providers required by state:
provider[registry.terraform.io/hashicorp/aws]
provider[registry.terraform.io/newrelic/newrelic]
data "aws_ssm_parameter" "slack_alerts_url" {
name = var.slack_alerts_url_ssm_path
}
################
### Channels ###
################
resource "newrelic_alert_channel" "slack" {
name = "${var.environment} slack"
type = "slack"
config {
url = data.aws_ssm_parameter.slack_alerts_url.value
}
}
################
### Critical ###
################
resource "newrelic_alert_policy" "critical" {
name = "${var.environment} critical"
incident_preference = "PER_CONDITION_AND_TARGET"
}
#adds a notification channel to an alerting policy
resource "newrelic_alert_policy_channel" "critical" {
policy_id = newrelic_alert_policy.critical.id
channel_ids = [
newrelic_alert_channel.slack.id,
]
}
resource "newrelic_alert_policy" "non_critical" {
name = "${var.environment} non critical"
incident_preference = "PER_CONDITION_AND_TARGET"
}
resource "newrelic_alert_policy_channel" "non_critical" {
policy_id = newrelic_alert_policy.non_critical.id
channel_ids = [
newrelic_alert_channel.slack.id,
]
}
Actual Behavior
Terraform runs, resource is created but terraform throws error and never adds resource to state
Error: 400 response returned
on ../../modules/new_relic/policies.tf line 28, in resource "newrelic_alert_policy_channel" "critical":
28: resource "newrelic_alert_policy_channel" "critical" {
Error: 400 response returned
on ../../modules/new_relic/policies.tf line 41, in resource "newrelic_alert_policy_channel" "non_critical":
41: resource "newrelic_alert_policy_channel" "non_critical" {
Oddly following this I can run terraform import ... to add the resources it created above to the state. theyre fully functional and terraform does not try and replace them once they are in the state.
Expected Behavior
Terraform creates resources and completes without error
Steps to Reproduce
terraform apply
Debug Output
https://gist.github.com/nwsparks/431969374c99ecd4db49005f18e3c0ab
I seem to get the same behavior if I move the channel into the newrelic_alert_policy resource.
This issue has been automatically marked as stale because it has not had any recent activity. It will be closed if no further activity occurs.
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}
This issue has been automatically closed due to a lack of activity for an extended period of time.
Another instance of this behavior.
Your New Relic provider configuration (sensitive details redacted) :
terraform {
required_providers {
newrelic = {
source = "newrelic/newrelic"
}
}
}
provider "newrelic" {
account_id = 2040901
api_key = local.key --> This key has been verified to have admin access
}
provider "aws" {
region = "eu-west-1"
version = ">=3.0"
profile = "aws-bts-royaltylink-prod"
}
A list of affected resources and/or data sources This is only with the policy creation
# newrelic_alert_policy_channel.cw_alert_policy will be created
+ resource "newrelic_alert_policy_channel" "cw_alert_policy" {
+ channel_ids = [
+ 5470915,
+ 5470916,
+ 5470917,
+ 5470918,
]
+ id = (known after apply)
+ policy_id = 1527718
}
The configuration of the resources and/or data sources related to the bug report (i.e. from the list mentioned above) Citing an example for alert condition attached to the policy:
resource "newrelic_infra_alert_condition" "statuscheckfailedinstance" {
policy_id = newrelic_alert_policy.bts-royaltylink-cw.id
name = "bts-finance-royaltylink-prod-cw-ec2statuscheckfailed"
type = "infra_metric"
select = "provider.statusCheckFailedInstance.Maximum"
integration_provider = "Ec2Instance"
comparison = "above"
where = "label.Product = 'royaltylink' AND label.Environment = 'prod'"
critical {
duration = 15
value = 0
time_function = "all"
}
}
Can you verify the description of the error (bug), and expected behavior match your experience in the above referenced issue? Actual behavior :
newrelic_alert_policy_channel.cw_alert_policy: Creating...
Error: 400 response returned
on policies.tf line 5, in resource "newrelic_alert_policy_channel" "cw_alert_policy":
5: resource "newrelic_alert_policy_channel" "cw_alert_policy" {
Expected behavior:
Terraform creates resources and completes without error
Steps to Reproduce
terraform apply
The full log output
- https://gist.github.com/avinava-89/d7f44b346eaf8da1f0265a2983b9293c
Hello - I just spent yesterday debugging what I think is the same issue. I'm using newrelic provider 2.30.1 and terraform 0.13.7).
The terraform debug logs aren't helpful so I traced out everything using mitmproxy. It looks to me like two separate problems.
-
Provider API call erroneously adds 'Transfer-Encoding: chunked' header; replaying the request without this header and I get a 200 back. I believe the problem is that this header implicitly mandates there is a data in the request body (that needs chunking) but for this API call everything is sent in query string parameters. It seems correct that setting this header with no data in request body fails validation and a 400 is returned.
-
A forwarding proxy on my side has a bug which returns a 400 but happily forwards the request to New Relic API.
If I bypass use of the forward proxy it behaves fine.
I have not been able to reproduce this issue myself. I tested with Terraform version 0.14.3 and newrelic provider versions 2.15.0, 2.31.0, and 2.34.0(latest version as-of right now) and did not receive 400 errors from any of those versions. This was tested without using a proxy, so if you are currently using a proxy with this I would suggest trying without the proxy to see if that works since that seemed to help for alexharris-elsevier
I did see the 'Transfer-Encoding: chunked' header on my requests, but this did not seem to cause the error in my testing. I will get this forwarded to the proper team to look into that piece and see if it is contributing to this issue.
For anyone hitting this issue we encountered the same problem when applying the terraform from behind our web proxy from our clients. Running via our CI pipeline, which does not use a proxy, worked OK.
We were using the latest version of the New Relic provider: 2.40.0
the same issue using tf version 0.15.5 and 1.1.7:
2022-03-24T19:14:42.237+0200 [INFO] Starting apply for newrelic_alert_policy_channel.rds_channel_subs
2022-03-24T19:14:42.237+0200 [DEBUG] newrelic_alert_policy_channel.rds_channel_subs: applying the planned Create change
2022-03-24T19:14:42.237+0200 [TRACE] GRPCProvider: ApplyResourceChange
2022-03-24T19:14:42.238+0200 [INFO] provider.terraform-provider-newrelic_v2.41.1: 2022/03/24 19:14:42 [INFO] Creating New Relic alert policy channel 347384:317484: timestamp=2022-03-24T19:14:42.238+0200
2022-03-24T19:14:42.238+0200 [INFO] provider.terraform-provider-newrelic_v2.41.1: 2022/03/24 19:14:42 [INFO] Adding Account ID to X-Account-ID context 3403554: timestamp=2022-03-24T19:14:42.238+0200
2022-03-24T19:14:42.238+0200 [TRACE] provider.stdio: received data: channel=STDERR len=146
2022-03-24T19:14:42.238+0200 [WARN] unexpected data: registry.terraform.io/newrelic/newrelic:stderr="time="2022-03-24T19:14:42+02:00" level=debug msg="performing request" method=PUT url="https://api.eu.newrelic.com/v2/alerts_policy_channels.json""
2022-03-24T19:14:42.238+0200 [TRACE] provider.stdio: waiting for stdio data
2022-03-24T19:14:42.238+0200 [TRACE] provider.stdio: received data: channel=STDERR len=424
2022-03-24T19:14:42.238+0200 [WARN] unexpected data: registry.terraform.io/newrelic/newrelic:stderr="time="2022-03-24T19:14:42+02:00" level=trace msg="request details" headers="{\"Api-Key\":[\"NRAK-************************\"],\"Content-Type\":[\"application/json\"],\"Newrelic-Requesting-Services\":[\"terraform-provider-newrelic|newrelic-client-go\"],\"User-Agent\":[\"HashiCorp Terraform/1.1.7 (+https://www.terraform.io) Terraform Plugin SDK/2.9.0 terraform-provider-newrelic/2.41.1\"],\"X-Account-Id\":[\"3403554\"]}""
2022-03-24T19:14:42.238+0200 [TRACE] provider.stdio: waiting for stdio data
2022-03-24T19:14:42.238+0200 [INFO] provider.terraform-provider-newrelic_v2.41.1: 2022/03/24 19:14:42 [DEBUG] newrelic API Request Details:
---[ REQUEST ]---------------------------------------
PUT /v2/alerts_policy_channels.json?channel_ids=317484&policy_id=347384 HTTP/1.1
Host: api.eu.newrelic.com
User-Agent: HashiCorp Terraform/1.1.7 (+https://www.terraform.io) Terraform Plugin SDK/2.9.0 terraform-provider-newrelic/2.41.1
Transfer-Encoding: chunked
Api-Key: NRAK-********
Content-Type: application/json
Newrelic-Requesting-Services: terraform-provider-newrelic|newrelic-client-go
X-Account-Id: 3403554
Accept-Encoding: gzip
0
-----------------------------------------------------: timestamp=2022-03-24T19:14:42.238+0200
2022-03-24T19:14:43.102+0200 [INFO] provider.terraform-provider-newrelic_v2.41.1: 2022/03/24 19:14:43 [DEBUG] newrelic API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/1.1 400 Bad Request
Connection: close
Content-Type: text/plain;charset=UTF-8
Failure: 400 Bad Request
-----------------------------------------------------: timestamp=2022-03-24T19:14:43.102+0200
2022-03-24T19:14:43.103+0200 [TRACE] provider.stdio: received data: channel=STDERR len=293
2022-03-24T19:14:43.103+0200 [WARN] unexpected data: registry.terraform.io/newrelic/newrelic:stderr="time="2022-03-24T19:14:43+02:00" level=trace msg="request completed" body="Failure: 400 Bad Request\r\n" headers="{\"Content-Type\":[\"text/plain;charset=UTF-8\"]}" method=PUT status_code=400 url="https://api.eu.newrelic.com/v2/alerts_policy_channels.json?channel_ids=317484&policy_id=347384""
but channel subscription is created. It works if I use curl command from the page - https://rpm.eu.newrelic.com/api/explore/alerts_policy_channels/update
curl -X PUT 'https://api.eu.newrelic.com/v2/alerts_policy_channels.json' \
-H 'Api-Key:NRAK-****' -i \
-H 'Content-Type: application/json' \
-G -d 'policy_id=347384&channel_ids=317484'
but stops working if I add 'Transfer-Encoding: chunked' header (just hangs). and I can't create any alert conditions because there is no policy_channel resources created because of this error.
curl -I -X PUT 'https://api.eu.newrelic.com/v2/alerts_policy_channels.json' \
-H 'User-Agent:HashiCorp Terraform/1.1.7 (+https://www.terraform.io) Terraform Plugin SDK/2.9.0 terraform-provider-newrelic/2.41.1' \
-H 'Newrelic-Requesting-Services: terraform-provider-newrelic|newrelic-client-go' \
-H 'X-Account-Id: ****' \
-H 'Transfer-Encoding: chunked' \
-H 'Api-Key:NRAK-****' -i \
-H 'Content-Type: application/json' \
-G -d 'policy_id=347384&channel_ids=317484'
It is a real blocker for us.
