Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to patch ibm_cis_mtls_app #4996

Open
PJ-ISC opened this issue Dec 15, 2023 · 0 comments
Open

Unable to patch ibm_cis_mtls_app #4996

PJ-ISC opened this issue Dec 15, 2023 · 0 comments
Labels
service/Internet Services Issues related to Cloud Internet Service (CIS)

Comments

@PJ-ISC
Copy link

PJ-ISC commented Dec 15, 2023

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform IBM Provider Version

Terraformversion : v1.4.5

IBM provider version: 1.58.1

Affected Resource(s)

  • ibm_cis_mtls_app

Terraform Configuration Files

resource "ibm_cis_mtls_app" "de_pilot_acceptance_dare_mtls_app" {
  cis_id           = ibm_cis.cis_instance.id
  domain_id        = ibm_cis_domain.cbp-equigy.id
  name             = "transnetbw-de-pilot-acceptance"
  domain           = local.de_pilot_acceptance.transnetbw.fully_qualified_domain_name # transnetbw-de-pilot-acceptance.cbp-equigy.com
  session_duration = "24h"
  policy_name      = "Default policy"
  common_rule_val  = local.de_pilot_acceptance.transnetbw.cis_mtls_client_common_name # vnb.dmz-aws-equigy.dare-system.de
  policy_decision  = "non_identity"
}

Debug Output

https://gist.github.com/PJ-ISC/abb024f555a4427404d78702592edbfd

Terraform plan

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # ibm_cis_mtls_app.de_pilot_acceptance_dare_mtls_app will be updated in-place
  ~ resource "ibm_cis_mtls_app" "de_pilot_acceptance_dare_mtls_app" {
      + cert_rule_val    = "CA root certificate"
      + common_rule_val  = "vnb.dmz-aws-equigy.dare-system.de"
      + domain           = "transnetbw-de-pilot-acceptance.cbp-equigy.com"
        id               = "7fa14488-1179-431b-a13f-d299dfd0d055:7f9a2926-b469-424a-993e-66d6c6ef0377:7f9d6451d97176ecd6c9828f22b47a0d:crn:v1:bluemix:public:internet-svcs:global:a/97472e4d4f35453c943a2c7f9dbd717d:ea13d212-ea74-4127-a72a-f9500fc8fb1b::"
      + name             = "transnetbw-de-pilot-acceptance"
      + policy_decision  = "non_identity"
      + policy_name      = "Default policy"
      + session_duration = "24h"
        # (8 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Expected Behavior

Patched the ibm_cis_mtls_app as per the plan

Actual Behavior

Terraform fails to execute plan.

Trace logs show an error {"code": "CIS-FRT-00005", "message": "property 'domain' is a required property"}.
As we can see in the plan above the property domain is filled in and does not seem to be coherent with the error message in the trace.

Steps to Reproduce

  1. Create file with a ibm_cis_mtls_app resource filling in all required properties.
  2. Create terraform plan
  3. terraform apply
@github-actions github-actions bot added the service/Internet Services Issues related to Cloud Internet Service (CIS) label Dec 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
service/Internet Services Issues related to Cloud Internet Service (CIS)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@PJ-ISC