Terraform Provider: mondoo_aws_integration leaves the integration in a "Pending" state #139
Description
Bug:
When generating a new mondoo AWS Integration via terraform, such as:
resource "mondoo_integration_aws" "name" {
space_id = mondoo_space.my_space.id
name = "AWS Integration"
credentials = {
key = {
access_key = var.aws_access_key
secret_key = var.aws_secret_key
}
}
}
An integration will be started, but will not finish and remain in the pending state. Generating a second integration via the portal and providing AWS_ACCESS_KEY and AWS_SECRET_KEY via the portal will finish the process and result in a finished integration.
Importing this successful integration into state will actually show both styles of credentials: credentials.key and credentials.role.
The pending integration will not return a credentials.role, nor does the provider allow for passing of both credentials.key and credentials.role.
On inspection, the generated mondoo_integration_aws will NOT have credentials.role in the statefile, which are likely returned via AWS itself.
Reproducing:
https://registry.terraform.io/providers/mondoohq/mondoo/latest/docs/resources/integration_aws
Follow the example posted on the registry page, and link an integration to a space. On terraform apply, you will successfully build the space and create a pending AWS integration.
To compare to a functioning integration, create a second AWS integration by hand, generate a second mondoo_integation_aws resource:
#main.tf
resource "mondoo_integration_aws" "original" {
space_id = mondoo_space.my_space.id
name = "AWS Integration"
credentials = {
key = {
access_key = var.aws_access_key
secret_key = var.aws_secret_key
}
}
}
resource "mondoo_integration_aws" "import" {
space_id = mondoo_space.my_space.id
name = "My_Very_Manual_AWS_Integration"
credentials = {
key = {
access_key = var.aws_access_key
secret_key = var.aws_secret_key
}
}
}
and then run:
terraform import mondoo_integration_aws.import <mrn>
this will bring this into your statefile for cross compares. You can then open this up in terraform console for exploration:
terraform init
terraform console
$ mondoo_integration_aws.import
# You'll see an output that includes role_arn
$ mondoo_integration_aws.original
# You'll see an output that does NOT include role_arn - This is the pending state integration.
Expected Behavior:
- Generation of the AWS Integration that successfully exits the pending state and arrives at the "success" state.
Desktop:
- OSX
- Terraform Provider Version: 0.18.0
- Terraform Version: 1.9.8