Terraform import for accessrule does not work

[rchrabas]

I have the following Terraform objects

resource "fmc_access_policies" "AccessPolicyVar1" {
  default_action = "BLOCK"
  default_action_log_begin = false
  default_action_log_end = false
  name = "Dummy_Policy"
}

resource "fmc_access_rules" "AccessPolicyVar1AccessRuleVar1" {
  acp = fmc_access_policies.AccessPolicyVar1.id
  action = "ALLOW"
  category = "--Undefined--"
  enable_syslog = false
  enabled = true
  log_begin = false
  log_end = false
  log_files = false
  name = "test"
  section = "Mandatory"
  send_events_to_fmc = false
}

Both objects do exist on FMC, so I'm trying to import Access policy, which works.

% terraform import -input=false fmc_access_policies.AccessPolicyVar1 005056b0-b67d-0ed3-0000-004294967810
(...)
Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

Then I try to import access rule, which fails

% terraform import -input=false fmc_access_rules.AccessPolicyVar1AccessRuleVar1 005056b0-b67d-0ed3-0000-000268434637

╷
│ Error: Cannot import non-existent remote object
│ 
│ While attempting to import an existing object to "fmc_access_rules.AccessPolicyVar1AccessRuleVar1", the provider detected that no object exists with the given id. Only pre-existing objects can be
│ imported; check that the id is correct and that it is associated with the provider's configured region or endpoint, or use "terraform apply" to create a new remote object for this resource.
╵

ACE from FMC:

{
    "metadata": {
        "ruleIndex": 1,
        "section": "Mandatory",
        "category": "--Undefined--",
        "accessPolicy": {
            "type": "AccessPolicy",
            "name": "Dummy_Policy",
            "defaultAction": {
                "type": "AccessPolicyDefaultAction",
                "logBegin": false,
                "logEnd": false,
                "enableSyslog": false,
                "sendEventsToFMC": false
            },
            "id": "005056B0-B67D-0ed3-0000-004294967810"
        },
        "timestamp": 1699449358856,
        "domain": {
            "name": "Global",
            "id": "e276abec-e0f2-11e3-8169-6d9ed49b625f",
            "type": "Domain"
        }
    },
    "links": {
        "self": "https://[redacted]/api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f/policy/accesspolicies/005056B0-B67D-0ed3-0000-004294967810/accessrules/005056B0-B67D-0ed3-0000-000268434637"
    },
    "enabled": true,
    "action": "ALLOW",
    "name": "test",
    "type": "AccessRule",
    "id": "005056B0-B67D-0ed3-0000-000268434637",
    "variableSet": {
        "name": "Default Set",
        "id": "76fa83ea-c972-11e2-8be8-8e45bb1343c0",
        "type": "VariableSet"
    },
    "sourceDynamicObjects": {},
    "destinationDynamicObjects": {},
    "logBegin": false,
    "logEnd": false,
    "logFiles": false,
    "enableSyslog": false,
    "vlanTags": {
        "objects": [
            {
                "type": "VlanTag",
                "overridable": false,
                "name": "Test_SGT",
                "id": "005056B0-B67D-0ed3-0000-004295222771"
            }
        ]
    },
    "sourceSecurityGroupTags": {
        "objects": [
            {
                "name": "ANY",
                "id": "5fce8cce-aa67-11e5-816b-95eb712b72a1",
                "type": "SecurityGroupTag"
            }
        ]
    },
    "sendEventsToFMC": false
}

[ValentinMartinez]

Had the same problem. I'm not proficient in Go, but I think it is because the function used to import the AC Rule doesn't use the ACP ID (with the API, to get an AC Rule we also have to set the ACP ID as a parameter).