Defining both retention and retention_versions for a cyberark_safe results in error 400 #4
Description
Summary
When defining a cyberark_safe resource with both a retention and retention_versions attribute, the provider throws an error due to the response it receives from the API. This is because a safe can only have a retention in days OR versions. I submitted #2 to help mitigate this with documentation.
Steps to Reproduce
- Define a
cyberark_saferesource with bothretentionandretention_versionsand attempt to apply it. - Receive an error similar to:
cyberark_safe.AAM_Test_Safe: Creating...
╷
│ Error: Error creating Safe
│
│ with cyberark_safe.AAM_Test_Safe,
│ on main.tf line 17, in resource "cyberark_safe" "AAM_Test_Safe":
│ 17: resource "cyberark_safe" "AAM_Test_Safe" {
│
│ Error onboarding new Safe: (failed to add safe, expected status code 201, got 400)
Expected Results
The provider should throw an error when trying to create a resource that has both attributes defined.
Actual Results
Example resource:
resource "cyberark_safe" "AAM_Test_Safe" {
safe_name = "GEN_BY_TF_abc"
safe_desc = "Description for GEN_BY_TF_abc"
member = "[email protected]"
member_type = "user"
permission_level = "full" # full, read, approver, manager
retention = 0
retention_versions = 7
purge = false
cpm_name = "CPM_CONNECTOR01"
safe_loc = ""
}
Debug logs:
2024-10-30T15:06:55.840+0100 [DEBUG] provider.terraform-provider-cyberark_v0.2.1.exe: Response from CyberArk API: @caller=/terraform-provider-cyberark/internal/cyberark/client.go:58 @module=cyberark method=POST tf_provider_addr=registry.terraform.io/cyberark/cyberark tf_resource_type=cyberark_safe request_url="map[ForceQuery:false Fragment: Host:tenant.privilegecloud.cyberark.cloud OmitHost:false Opaque: Path:/PasswordVault/API/Safes RawFragment: RawPath: RawQuery: Scheme:https User:<nil>]" response_body="{\"Details\":[{\"ErrorCode\":\"PASWS170E\",\"ErrorMessage\":\"Only one of [NumberOfDaysRetention] and [NumberOfVersionsRetention] can be set\",\"ParameterName\":\"NumberOfDaysRetention\"}],\"ErrorCode\":\"PASWS167E\",\"ErrorMessage\":\"There are some invalid parameters\"}" response_status="400 Bad Request" tf_req_id=53ea2cdc-f405-db12-1644-c59647de3df5 tf_rpc=ApplyResourceChange timestamp="2024-10-30T15:06:55.839+0100"
2024-10-30T15:06:55.841+0100 [ERROR] provider.terraform-provider-cyberark_v0.2.1.exe: Response contains error diagnostic: @module=sdk.proto diagnostic_detail="Error onboarding new Safe: (failed to add safe, expected status code 201, got 400)" diagnostic_severity=ERROR tf_req_id=53ea2cdc-f405-db12-1644-c59647de3df5 @caller=/terraform-provider-cyberark/vendor/github.com/hashicorp/terraform-plugin-go/tfprotov6/internal/diag/diagnostics.go:58 tf_resource_type=cyberark_safe tf_provider_addr=registry.terraform.io/cyberark/cyberark tf_rpc=ApplyResourceChange diagnostic_summary="Error creating Safe" tf_proto_version=6.6 timestamp="2024-10-30T15:06:55.840+0100"
2024-10-30T15:06:55.844+0100 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2024-10-30T15:06:55.844+0100 [ERROR] vertex "cyberark_safe.AAM_Test_Safe" error: Error creating Safe
╷
│ Error: Error creating Safe
│
│ with cyberark_safe.AAM_Test_Safe,
│ on main.tf line 17, in resource "cyberark_safe" "AAM_Test_Safe":
│ 17: resource "cyberark_safe" "AAM_Test_Safe" {
│
│ Error onboarding new Safe: (failed to add safe, expected status code 201, got 400)
╵
2024-10-30T15:06:55.853+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2024-10-30T15:06:55.858+0100 [INFO] provider: plugin process exited: plugin=.terraform/providers/registry.terraform.io/cyberark/cyberark/0.2.1/windows_amd64/terraform-provider-cyberark_v0.2.1.exe id=36316
2024-10-30T15:06:55.858+0100 [DEBUG] provider: plugin exited
Reproducible
- Always
- Sometimes
- Non-Reproducible
Version/Tag number
0.2.1
Environment setup
N/A
Additional Information
N/A