Terraform is recreating all security list rules again whenever a change is observed during terraform plan #2262
Labels
Comments
|
In my experience this only happens when the description of the existing rules is "". |
|
Hi @Hardik-Madda, have you tried to use toset(var.security_list)? in terraform, element order matters in list variable, but NOT in set. This is common in terraform regardless cloud provider and/or resources. If your code doesn't care about order, the best way is to always use toset to convert the list to set which is a common practice. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem - While adding new ingress security rule, in a security list using Terraform, delete and recreates all ingress security rules.
Affected Resource(s)
oci_core_security_list
Terraform Configuration Files
resource "oci_core_security_list" "test01" {
compartment_id = "**************************************************************"
display_name = "test01"
vcn_id = "****************************************************************"
egress_security_rules {
description = null
destination = "0.0.0.0/0"
destination_type = "CIDR_BLOCK"
protocol = "all"
stateless = false
}
ingress_security_rules {
description = null
protocol = "all"
source = "1.1.1.1/1"
source_type = "CIDR_BLOCK"
stateless = false
}
ingress_security_rules {
description = null
protocol = "all"
source = "2.2.2.2/2"
source_type = "CIDR_BLOCK"
stateless = false
}
ingress_security_rules {
description = ""
protocol = "all"
source = "3.3.3.3/3"
source_type = "CIDR_BLOCK"
stateless = false
}
ingress_security_rules {
description = ""
protocol = "all"
source = "4.4.4.4/4"
source_type = "CIDR_BLOCK"
stateless = false
}
ingress_security_rules {
description = ""
protocol = "all"
source = "5.5.5.5/5"
source_type = "CIDR_BLOCK"
stateless = false
}
ingress_security_rules {
description = ""
protocol = "all"
source = "10.0.0.0/16"
source_type = "CIDR_BLOCK"
stateless = false
}
}
Debug Output
`Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
~ update in-place
Terraform will perform the following actions:
oci_core_security_list.test01 will be updated in-place
~ resource "oci_core_security_list" "test01" {
id = "*************************************************************"
# (7 unchanged attributes hidden)
+ description = (known after apply)
+ protocol = "all"
+ source = "5.5.5.5/5"
+ source_type = "CIDR_BLOCK"
+ stateless = false
}
}
Plan: 0 to add, 1 to change, 0 to destroy.`
Expected Behavior
Terraform should be adding only that new ingress rule but instead it deletes and recreates all ingress rules. The newly added ingress rule 10.0.0.0/16. Something like this:
ingress_security_rules {
description = ""
protocol = "all"
source = "10.0.0.0/16"
source_type = "CIDR_BLOCK"
stateless = false
}
Actual Behavior
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following
symbols:
~ update in-place
Terraform will perform the following actions:
oci_core_security_list.test01 will be updated in-place
~ resource "oci_core_security_list" "test01" {
id = ************************************************************************"
# (7 unchanged attributes hidden)
Plan: 0 to add, 1 to change, 0 to destroy.
Steps to Reproduce
Add or delete a security rule and perform terraform plan which will show the plan to delete all the rules and recreate it.
Important Factoids
This kind of issue is only specific to security lists. All security list rules are getting recreated. Please do provide any solution to this issue. In case, I'm missing on anything please do not hesitate to inform.
The text was updated successfully, but these errors were encountered: