Bucket creation failure with endpoint private

[shemau]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform IBM Provider Version

Various on different platforms, including:

terraform -v
Terraform v1.3.0
on darwin_amd64
+ provider registry.terraform.io/hashicorp/null v3.2.1
+ provider registry.terraform.io/ibm-cloud/ibm v1.49.0
+ provider registry.terraform.io/mastercard/restapi v1.18.0

Affected Resource(s)

• ibm_cos_bucket

Terraform Configuration Files

Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.

  # module.cos.ibm_cos_bucket.cos_bucket[0] will be created
  + resource "ibm_cos_bucket" "cos_bucket" {
      + bucket_name          = "exist-cos-bucket"
      + crn                  = (known after apply)
      + endpoint_type        = "private"
      + force_delete         = true
      + id                   = (known after apply)
      + key_protect          = "crn:redacted"
      + region_location      = "eu-gb"
      + resource_instance_id = "crn:redacted"
      + s3_endpoint_direct   = (known after apply)
      + s3_endpoint_private  = (known after apply)
      + s3_endpoint_public   = (known after apply)
      + storage_class        = "standard"

      + archive_rule {
          + days    = 90
          + enable  = true
          + rule_id = (known after apply)
          + type    = "Glacier"
        }

      + expire_rule {
          + days    = 365
          + enable  = true
          + prefix  = (known after apply)
          + rule_id = (known after apply)
        }
    }

Debug Output

│ Error: RequestError: send request failed
│ caused by: Put "https://s3.private.eu-gb.cloud-object-storage.appdomain.cloud/exist-cos-bucket": dial tcp 10.1.129.53:443: i/o timeout
│ 
│   with module.cos.ibm_cos_bucket.cos_bucket[0],
│   on ../../main.tf line 76, in resource "ibm_cos_bucket" "cos_bucket":
│   76: resource "ibm_cos_bucket" "cos_bucket" {
│ 

Panic Output

Expected Behavior

Create a COS bucket with private endpoints

Actual Behavior

Failure to contact COS instance

Steps to Reproduce

1. terraform apply

Important Factoids

Deployment infrastructure is running outside the IBM Cloud account. The COS instance has been created and is available and works for creating COS buckets with public endpoints.

References

[vburckhardt]

@shemau - The timeout is due to the call being made through the private COS endpoint reaching a private ip (10.x range). I suspect the call would work if issued from a machine having access to the IBM Cloud private backbone (VSI, Schematics).

[ocofaigh]

@shemau I think this can be closed now right?

[IBM-diksha]

@shemau Can we close this ticket?

[shemau]

Yes, I think we can close this. The description of the property is not great.

endpoint_type- (Optional, String) The type of the endpoint either public or private or direct to be used for buckets. Default value is public.

This is not really the endpoint type for the bucket, it is endpoint type for the IBM provider to use when managing (creating, updating, deleting) the bucket.