enakatani
commented
2 years ago Any update on this?
Closed hkantare closed 1 year ago
enakatani
commented
2 years ago Any update on this?
hkantare
commented
2 years ago We assigned the ticket to IBM Cloud COS team . They will look into this
hkantare
commented
2 years ago Attaching the converison and inital analysis done as part of support ticket We are able to indentify the issue. Scenario 1 : The firewall is able to detect a change when we add or remove ip's I created a bucket with below sample configuration
resource "ibm_cos_bucket" "standard-ams03" { bucket_name = "test-harini-18" resource_instance_id = ibm_resource_instance.cos_instance.id cross_region_location = "us" storage_class = "standard" allowed_ip = ["183.83.141.179"] }
Now add one more ip via UI "183.83.142.179" when we run the plan its able to detect the change Scenario 2 : Create bucket with firewall and remove the complete firewall from UI it was not able to find the difference because when we are setting back the firewall
if bucketPtr.Firewall != nil { d.Set("allowed_ip", flex.FlattenStringList(bucketPtr.Firewall.AllowedIp)) }
Since bucketPtr.Firewall it self is nil its not overriding the values back.@Priyaranimishra Can we have any updates?
KyungmoIBM
commented
2 years ago @Priyaranimishra, may we have update?
btw, I could successfully refresh bucket configuration change outside of Terraform. But it's occuring in Schematics.
IBMdiksha
commented
2 years ago We are looking at the issue internally. We will get back to you
KyungmoIBM
commented
2 years ago Hello @IBMdiksha , Thank you!
kanahavel
commented
2 years ago Hello @IBMdiksha
Please see the update from the customer
///////// I deleted only one of the ICOS firewall definitions on the IBM Cloud Web Console (GUI) and left the other definitions in place. So I did a Plan generation and it detected the difference between the allowed_ip in the Terraform code and the actual bucket settings and created a plan to change the settings.
So it seems that this event only occurs when all ICOS firewall definitions are deleted.
/////////
Best Regards, Kanak ACS-Storage Support Engineer IBM Cloud Support
KyungmoIBM
commented
2 years ago Hello @IBMdiksha, I confirmed the issue occurs only when delete all allowed_ip items,
Reproduce steps
resource "ibm_cos_bucket" "smart-us-south" { bucket_name = "kyungmo1741669-stardard-at-us-south" resource_instance_id = ibm_resource_instance.cos_instance.id region_location = "us-south" storage_class = "smart" allowed_ip = ["169.63.163.244", "9.192.235.12", "172.30.8.121","135.90.119.4"] }erraform state list data.ibm_resource_group.group ibm_cos_bucket.expire_incomplete_multipart ibm_cos_bucket.expire_rule ibm_cos_bucket.expired_delete_marker ibm_cos_bucket.objectversioning ibm_cos_bucket.retention_cos ibm_cos_bucket.smart-us-south ibm_resource_instance.cos_instance
` terraform state show ibm_cos_bucket.smart-us-south
resource "ibm_cos_bucket" "smart-us-south" { allowed_ip = [ "169.63.163.244", "9.192.235.12", "172.30.8.121", "135.90.119.4", ] bucket_name = "kyungmo1741669-stardard-at-us-south" ...`
resource "ibm_cos_bucket" "smart-us-south" { allowed_ip = [ "169.63.163.244", "9.192.235.12", "172.30.8.121", "135.90.119.4", ] bucket_name = "kyungmo1741669-stardard-at-us-south" ...`
resource "ibm_cos_bucket" "smart-us-south" { allowed_ip = [ "135.90.119.4", ] bucket_name = "kyungmo1741669-stardard-at-us-south"`
So, this problem only occurs when delete all allowed_ip items.
Best Regards,
Kyung J. Storage Support Engineer IBM Cloud
hkantare
commented
2 years ago Fixed in latest release https://github.com/IBM-Cloud/terraform-provider-ibm/releases/tag/v1.44.1
IBM-diksha
commented
1 year ago Closing this ticket as the fix has been released.
1) Provision a COS bucket with firewall enabled (allowed_ip) 2) Remove or disable the firewall from UI 3) Terraform plan doesn't show any diff
Sample configuration