terraform-provider-opsgenie icon indicating copy to clipboard operation
terraform-provider-opsgenie copied to clipboard

Published 20 hours ago verified publisher icon opsgenie

changing team ids on integrations does not change anything in opsgenie

Open faust64 opened this issue 3 years ago • 0 comments

Terraform Version

Terraform v1.2.7
on linux_amd64
+ provider registry.terraform.io/community-terraform-providers/ignition v2.1.3
+ provider registry.terraform.io/hashicorp/aws v4.33.0
+ provider registry.terraform.io/hashicorp/cloudinit v2.2.0
+ provider registry.terraform.io/hashicorp/external v2.2.2
+ provider registry.terraform.io/hashicorp/local v2.2.3
+ provider registry.terraform.io/hashicorp/null v3.1.1
+ provider registry.terraform.io/hashicorp/random v3.4.3
+ provider registry.terraform.io/hashicorp/time v0.8.0
+ provider registry.terraform.io/hashicorp/tls v4.0.3
+ provider registry.terraform.io/integrations/github v4.31.0
+ provider registry.terraform.io/opsgenie/opsgenie v0.6.15

Affected Resource(s)

  • opsgenie_integration_action
  • opsgenie_api_integration

Terraform Configuration Files

data "opsgenie_team" "my-team" {
  name = "My Team Name"
}

resource "opsgenie_api_integration" "opsgenie-securityhub" {
  name                           = "Amazon SecurityHub ${var.platform.meta_region}"
  type                           = "AmazonSecurityHub"
  enabled                        = true
  ignore_responders_from_payload = false
  suppress_notifications         = false
  owner_team_id                  = data.opsgenie_team.my-team.id
}

resource "opsgenie_api_integration" "opsgenie-cloudwatch" {
  name                           = "Amazon CloudWatch ${var.platform.meta_region}"
  type                           = "CloudWatchEvents"
  enabled                        = true
  ignore_responders_from_payload = false
  suppress_notifications         = false
  owner_team_id                  = data.opsgenie_team.my-team.id
}

resource "opsgenie_integration_action" "securityhub-action" {
  integration_id = opsgenie_api_integration.opsgenie-securityhub.id

  create {
    message                        = "[Amazon Security Hub - aws-eu-central-1-prod] {{title}}"
    name                           = "Amazon Security Hub -  aws-eu-central-1-prod"
    note                           = "{{note}}"
    source                         = "AmazonSecurityHub"
    tags                           = ["AmazonSecurityHub", "aws-eu-central-1-prod"]
    user                           = "AmazonSecurityHub"
    filter {
      type = "match-all"
    }
    responders {
      id   = data.opsgenie_team.my-team.id
      type = "team"
    }
  }

Debug Output

  # module.account_hardening.module.opsgenie_cloudwatch_integration.opsgenie_integration_action.cloudwatch-action will be updated in-place
  ~ resource "opsgenie_integration_action" "cloudwatch-action" {
        id             = "55159bae-6438-4042-a9c4-f88cec1d4bc5"
        # (1 unchanged attribute hidden)

      ~ create {
            name                                 = "Amazon CloudWatch - aws-eu-central-1-prod"
            tags                                 = [
                "AmazonCloudWatch",
                "aws-eu-central-1-prod",
            ]
            # (18 unchanged attributes hidden)

          ~ responders {
              ~ id   = "aaa" -> "bbb"
                # (1 unchanged attribute hidden)
            }

            # (1 unchanged block hidden)
        }
    }

  # module.account_hardening.module.opsgenie_securityhub_integration[0].opsgenie_api_integration.opsgenie-securityhub will be updated in-place
  ~ resource "opsgenie_api_integration" "opsgenie-securityhub" {
        id                             = "7391854f-37b8-4470-aaec-f5651bccf300"
        name                           = "Amazon SecurityHub aws-eu-central-1-prod"
      ~ owner_team_id                  = "aaa" -> "bbb"
        # (6 unchanged attributes hidden)
    }

  # module.account_hardening.module.opsgenie_securityhub_integration[0].opsgenie_integration_action.securityhub-action will be updated in-place
  ~ resource "opsgenie_integration_action" "securityhub-action" {
        id             = "7391854f-37b8-4470-aaec-f5651bccf300"
        # (1 unchanged attribute hidden)

      ~ create {
            name                                 = "Amazon Security Hub - aws-eu-central-1-prod"
            tags                                 = [
                "AmazonSecurityHub",
                "aws-eu-central-1-prod",
            ]
            # (18 unchanged attributes hidden)

          ~ responders {
              ~ id   = "aaa" -> "bbb"
                # (1 unchanged attribute hidden)
            }

            # (1 unchanged block hidden)
        }
    }

Panic Output

N/A

Expected Behavior

After applying such a plan, switching responder team from my integration, next plan should show no diff

Actual Behavior

After applying that plan, next plan still shows the exact same diff. In opsgenie, I can confirm my integration still uses the previous responder team. I suspect tainting the object would do. Although if we need to re-create, I would expect provider to do so without taints.

Steps to Reproduce

  1. terraform plan / terraform apply
  2. change the responder team
  3. terraform plan / terraform apply
  4. check next terraform plan: there should be no diff

Important Factoids

N/A

References

not that I know of

faust64 avatar Oct 08 '22 09:10 faust64