In doing some with with Amazon Macie and Terraform, I ran into this error message:
EXEC : error : creating Macie ClassificationJob: ResourceInUseException: A job with the name ‘Redacted Job Name’ has already been submitted with a different ‘clientToken’ [c:\src\redacted\path]
status code: 400
This isn’t a very clear error for what’s really happening. Macie jobs are immutable—you can’t change any property of a job, including the description (although you can update the job_status but you may be ignored based on the schedule). Instead, to make whatever change you’re trying to make, you have to create a new job with a slightly different name, and disable the old job.
Per AWS’s documentation at https://docs.aws.amazon.com/macie/latest/APIReference/jobs.html
Note that you can’t change any settings for a job after you create it. This helps to ensure that you have an immutable history of sensitive data findings and discovery results for data privacy and protection audits or investigations that you perform.
Terraform is stateful, but complies with the AWS API, so changing the name of the job creates a new one instead of updating an existing job’s name. Be careful of typos (or so I’ve been told…).