terraform-provider-aws: Error-deleting-CloudWatch-Rule in provider.aws v3.28.0

Terraform CLI and Terraform AWS Provider Version

Terraform v0.12.26

provider.aws v3.28.0
provider.template v2.2.0

Linked/Known issue but closed earlier: https://github.com/hashicorp/terraform-provider-aws/issues/1479

Affected Resource(s)

AWS Cloudwatch Event Rule not deleted

Expected Behavior

Should delete the Cloudwatch(CW) Event Rule after Removing the targets from the Rule. Also note, it should not delete the targets but it has to remove the target from the Rule.

Actual Behavior

Not deleting the CW Event rule and failed with below error.

Error: error deleting CloudWatch Events Rule (dev-es-cluster-alert): ValidationException: Rule can't be deleted since it has targets.
	status code: 400

Steps to Reproduce

Create the CW Event Rule with target SNS policy P.S: SNS policy is already created and available
Delete the CW Event Rule via terraform
Should see, terraform will delete other resources but will not delete the CW event rule

Are there any other GitHub issues (open or closed) or pull requests that should be linked here? Vendor documentation? For example:

This is the existing known issue but fixed in this URL.

https://github.com/hashicorp/terraform-provider-aws/issues/1479

About this issue

Original URL
State: open
Created 3 years ago
Reactions: 47
Comments: 16 (1 by maintainers)

Most upvoted comments

This issue has been open since April 2021. Any solutions or even workarounds ???

Thanks



#     resource "aws_cloudwatch_event_rule" "admin_rs_broadcast" {
#       name        = "xxxxx-admin_rs_broadcast"
#       description = "Schedule to trigger lambda rs_broadcast admin schema"
#       schedule_expression = "cron(0 05 * * ? *)"
#     }

#     resource "aws_cloudwatch_event_target" admin_rs_broadcast {
#       rule      = aws_cloudwatch_event_rule.admin_rs_broadcast.name
#       arn       = "arn:aws:lambda:us-east-1:${var.accountid}:function:ap-fun-rs_broadcast${local.suffix}"
#       input = jsonencode(
#         {
#             "manifest_name" = "global_admin.manifest",
#             "environment" = local.environment_short,
#             "host" = "xxxxx-redshift-dl${local.suffix}"
#         } 
#       )
#     }

#     resource "aws_lambda_permission" "admin_rs_broadcast" {
#       statement_id  = "ExecFromCloudWatch_admin_rs_broadcast"
#       action        = "lambda:InvokeFunction"
#       function_name = "xxxxx-rs_broadcast${local.suffix}"
#       principal     = "events.amazonaws.com"
#       source_arn    = aws_cloudwatch_event_rule.admin_rs_broadcast.arn
#     }

Error: error deleting EventBridge Rule (xxxxx-admin_rs_broadcast): ValidationException: Rule can’t be deleted since it has targets. status code: 400

simonB2020 on Mar 16, 2023

Yep, also issue for me. Only option is to delete the CloudWatch event bridge rule and then re apply terraform 😕

kanocarra on Sep 19, 2022

The same problem persists in version 5.11. The workaround by @stevebosman, unfortunately, didn’t work for me.

resource "aws_cloudwatch_event_rule" "this" {
  for_each = local.rules

  name          = each.key
  event_pattern = each.value
}

resource "aws_cloudwatch_event_target" "this" {
  for_each = aws_cloudwatch_event_rule.this

  rule = each.value.name
  arn  = aws_sns_topic.security.arn

  input_transformer {
    input_paths = {
      "details" : "$.detail"
    }
    input_template = "\" In the account ${local.account_id} an event triggered by rule ${each.value.name} has been reocrded with details: <details>\""
  }
}

resource "aws_sns_topic" "security" {
  name = "security_topic"
}

resource "aws_sns_topic_policy" "security" {
  arn    = aws_sns_topic.security.arn
  policy = data.aws_iam_policy_document.security_sns.json
}

popsicleslayer on Aug 7, 2023

I have the same problem. Trying to figure out a workaround…

jordipsgeko on Mar 21, 2023