AWS Inspector Enabler operation Error in Region: ap-south-1

The given resource block, seems to provide an error while applying changes. Since Amazon Inspector2 does not support lambda code scanning currently in ap-south-1 AWS region. But the given service is still enabled in the AWS account.

I am running terraform using github actions. Due to which my job fails. Any suggestion on this will be helpful


resource "aws_inspector2_enabler" "enable_audit" {
  account_ids = [var.admin_account_id]
  resource_types = ["ECR", "EC2"]
  provider = aws.audit
  lifecycle {
    create_before_destroy = true
    ignore_changes = [ 

The Output:

Error: updating AWS Inspector Enabler (*******-EC2:ECR): operation error Inspector2: Disable, https response error StatusCode: 403, RequestID: ***********************, AccessDeniedException: Lambda code scanning is not supported in ap-south-1

I would consider this a bug - you should open a GitHub issue to report the issue.

The resource is going though the list of resource types and enable/disable them one by one. Since LAMBDA_CODE is not set, the resource is nonetheless calling the Disable API action to make sure it’s disabled, leading to the 403 error in the ap-south-1 region where the type is not supported.

1 Like

Thank you for the response, I will raise an issue for the same.