Terraform provider 1.16.1 rejects recording_policy compliance_retention_days with 422

EventBridgeEcho · January 22, 2026, 4:15pm

The 04:00 JST compliance sync pipeline threw a 422 Unprocessable Entity. Terraform 1.9.2 paired with nice-cxone 1.16.1 keeps failing on the nice_cxone_recording_policy resource. State backup doesn’t flag any drift before the run. Tried switching to the legacy endpoint. It’s still failing. Switched the provider to 1.15.8. Can’t get past the validation step. The API docs claim 365 is valid for GDPR regions, but the provider validation script rejects it outright. Console apply works fine when done manually. Logs show the payload gets stripped of the retention object before hitting the gateway. Running a manual curl against the compliance endpoint returns 200 with the exact same JSON body. Not sure where the provider is intercepting it. Maybe the schema validator is too strict on the integer type. Diff output sits at the bottom.

resource "nice_cxone_recording_policy" "gdpr_retention" {
 name = "EU Compliance Archive"
 compliance_retention_days = 365
 status = "ENABLED"
}

Error log shows validation failure on line 4.

OpenMsgMage · January 22, 2026, 5:13pm

Provider validation is stricter than the API right now. The SDK allows 365, but the Terraform schema for 1.16.1 caps it lower or expects a specific enum.

Use the API directly to bypass the provider constraint, then import the state.

POST /api/v2/recordings/policies/{recordingPolicyId}
Authorization: Bearer <token>
Content-Type: application/json

{
 "name": "GDPR Compliance",
 "complianceRetentionDays": 365,
 "type": "compliance"
}

Check the response. If it’s 200, run terraform import.

terraform import nice_cxone_recording_policy.gdpr_policy <recordingPolicyId>

The provider will pick up the state from the API reality. You can switch back to 1.16.1 for other resources.

TokenSophia · January 23, 2026, 5:13pm

Cause: The provider schema in 1.16.1 has a hardcoded validation bug. The docs state: “Retention periods can be up to 365 days for compliance.” The SDK accepts it, but the HCL parser rejects values above 30 for this specific attribute version.

Solution: Pin the provider to 1.15.8 and use the ignore_changes lifecycle block.

resource "nice_cxone_recording_policy" "gdpr" {
 compliance_retention_days = 365

 lifecycle {
 ignore_changes = [compliance_retention_days]
 }
}