[Bug]: Error creating "aws_cloudwatch_event_rule" while using Partner Event Sources - id format doesn't match

[alexandra-boca]

Terraform Core Version

0.13.5, 0.14.0

AWS Provider Version

4.0.0

Affected Resource(s)

• aws_cloudwatch_event_rule

Expected Behavior

Expected behaviour is that the EventBridge rule is created and all validations pass. While the rule does get created, it can't be used since a check fails due to an incorrect format.

Actual Behavior

Resource is created however it fails when the state is checked (terraform plan/apply).

Relevant Error/Panic Output Snippet

Error: unexpected format for ID (arn:aws:events:eu-west-1:test-id:event-bus/aws.partner/salesforce.com/id1/id2/crm-sync-create-account-rule-terraform-test), expected EVENTBUSNAME/RULENAME or RULENAME

Terraform Configuration Files

resource "aws_cloudwatch_event_rule" "event-bridge-rule" {
name = "event-bridge-rule"
description = "Testing creation of rules with Terraform"
event_bus_name = data.aws_cloudwatch_event_bus.my-bus.name

event_pattern = jsonencode({
"source": [{
"prefix": "aws.partner/salesforce.com"
}],
"detail-type": ["AccountChangeEvent"],
"detail": {
"payload": {
"ChangeEventHeader": {
"changeType": ["CREATE"]
}
}
}
})
}

Steps to Reproduce

terraform plan /
terraform apply

Both show the same error.

Debug Output

No response

Panic Output

No response

Important Factoids

I already researched the cause of why this happened and I got to the "aws/internal/service/events/id.go" file which contains a function called "RuleParseResourceID".
A split of the rule name is done based on "/" and in my case the code will enter the 3rd "if" statement (if len(parts) > 2 ).

The event bus name that I have is under the following format: "arn:aws:events:eu-west-1:test-id:event-bus/aws.partner/salesforce.com/id1/id2"

The "id" that gets passed to the function is under the following format:
"arn:aws:events:eu-west-1:test-id:event-bus/aws.partner/salesforce.com/id1/id2/test-rule-name"

I think the problem consists in our partner event bus name containing multiple "/". This makes the check of the "eventBusName" against the "eventBusARNPattern" regexp to fail causing the error to appear. I don't have the option to change the event bus name, it's created automatically.

References

I found a very smilar issue - same resource, same error, same file and function causing the error- however it seems in my case it's still something different caused by a mismatch with the regular expression.
#18431

Would you like to implement a fix?

No

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please see our prioritization guide for information on how we prioritize.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[vitorf7]

I am facing the same problem while trying to integrate with Genesys Partner.
I am getting the following error:

│ Error: reading EventBridge Rule (arn:aws:events:eu-west-1:{account-id}:event-bus/aws.partner/genesys.com/cloud/{random-id}/{id-2}/genesys-eb-integration-target-rule): unexpected format for ID (arn:aws:events:eu-west-1:{account-id}:event-bus/aws.partner/genesys.com/cloud/{random-id}/{id-2}/genesys-eb-integration-target-rule), expected EVENTBUSNAME/RULENAME or RULENAME

And my TF looks like this:

# Genesys EventBridge Integration Source
data "aws_cloudwatch_event_source" "genesys_eb_integration_bus" {
  name_prefix = "aws.partner/genesys.com"
}

# Genesys EventBridge Integration Event Bus
resource "aws_cloudwatch_event_bus" "genesys_eb_integration_bus" {
  name              = data.aws_cloudwatch_event_source.genesys_eb_integration_bus.name
  event_source_name = data.aws_cloudwatch_event_source.genesys_eb_integration_bus.name
}

# Genesys EventBridge Integration Target SQS + DLQ
resource "aws_sqs_queue" "genesys_eb_integration_target_sqs" {
  name = "genesys-eb-integration-target-sqs"
  # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue#message_retention_seconds
  message_retention_seconds = 1209600 # 14 days
  redrive_policy = jsonencode({
    deadLetterTargetArn = aws_sqs_queue.genesys_eb_integration_target_sqs_dlq.arn
    maxReceiveCount     = 4
  })
}

resource "aws_sqs_queue" "genesys_eb_integration_target_sqs_dlq" {
  name = "genesys-eb-integration-target-sqs-dlq"
  # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue#message_retention_seconds
  message_retention_seconds = 1209600 # 14 days
}

resource "aws_sqs_queue_redrive_allow_policy" "genesys_eb_integration_target_sqs_dlq" {
  queue_url = aws_sqs_queue.genesys_eb_integration_target_sqs_dlq.id

  redrive_allow_policy = jsonencode({
    redrivePermission = "byQueue",
    sourceQueueArns   = [aws_sqs_queue.genesys_eb_integration_target_sqs.arn]
  })
}

# Genesys EventBridge Integration Rule (push to target)
resource "aws_cloudwatch_event_rule" "genesys_eb_integration_target_rule" {
  name = "genesys-eb-integration-target-rule"

  event_bus_name = aws_cloudwatch_event_bus.genesys_eb_integration_bus.name

  event_pattern = jsonencode({
    source = [
      {
        "prefix" = "aws.partner/genesys.com"
      }
    ]
  })
}


# Genesys EventBridge Integration Rule Target + Rule Target DLQ
resource "aws_sqs_queue" "genesys_eb_integration_rule_target_dlq" {
  name = "genesys-eb-integration-rule-target-dlq"
  # https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/sqs_queue#message_retention_seconds
  message_retention_seconds = 1209600 # 14 days
}

resource "aws_cloudwatch_event_target" "genesys_eb_integration_target" {
  rule = aws_cloudwatch_event_rule.genesys_eb_integration_target_rule.name
  arn  = aws_sqs_queue.genesys_eb_integration_target_sqs.arn
  dead_letter_config {
    arn = aws_sqs_queue.genesys_eb_integration_rule_target_dlq.arn
  }
}

I am using provider version 4.62.0

[vitorf7]

@alexandra-boca my PR fixes this issue. Once it gets approved and merged in it should hopefully help you get everything sorted. If you are however in a pinch and wanna solve your problem sooner, then you could clone my branch locally and follow the guidelines on how to do local development from here https://hashicorp.github.io/terraform-provider-aws/development-environment/

I was personally facing some trouble when trying to use it since at work we had the terraform plan and terraform apply run from the docker image provided by hashicorp and my own machine is an Mac M1 which means the make build command from the makefile (in the terraform-provider-aws repo) would build an arch64 instead of a linux amd64.

After running env GOOS=linux GOARCH=amd64 go build ., then moving the built binary to the $GOPATH/bin and making sure that both the $GOPATH/bin and my ~/.terraformrc were both mounted to the correct places in the docker image, it all worked fine.

I was able to finally finish the work I was doing and it also meant that I not longer go the error you and I faced.

[github-actions]

This functionality has been released in v5.13.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.