narendermann
commented
4 months ago Closed narendermann closed 4 months ago
narendermann
commented
4 months ago 
deepaksibm
commented
4 months ago @narendermann
local is not a block. It is an string argument. It should be provided as a string with double quotes.
Please follow the example provided in the document
resource "ibm_is_security_group_rule" "example2" {
group = ibm_is_security_group.example.id
direction = "inbound"
remote = "127.0.0.1"
local = "192.168.3.0/24"
udp {
port_min = 805
port_max = 807
}
}Yes, thats exactly what I meant: Issue is resource ibm_is_security_group_rule is not expecting "local" as an string argument.
here is my code: resource "ibm_is_security_group_rule" "outbound_port22" { group = ibm_is_security_group.secure_sg.id remote = ibm_is_security_group.destination_sg.id direction = "outbound" local = "172.31.2.6" tcp { port_min = 22 port_max = 22 } } here is terraform plan output; where it doesn't show "local" attribute at all. resource "ibm_is_security_group_rule" "outbound_port22" {
direction = "outbound"
group = (known after apply)
id = (known after apply)
ip_version = "ipv4"
protocol = (known after apply)
related_crn = (known after apply)
remote = (known after apply)
rule_id = (known after apply)
tcp {
here is the error: ╷ │ Error: Unsupported argument │ │ sg_vpc_secure_sg.tf line 54, in resource "ibm_is_security_group_rule" "outbound_port3389": │ 41: local = "0.0.0.0/0" │ │ An argument named "local" is not expected here. ╵ ╷ │ Error: Unsupported argument │ │ on sg_vpc_secure_sg.tf line 54, in resource "ibm_is_security_group_rule" "outbound_port3389": │ 54: local = "0.0.0.0/0" │ │ An argument named "local" is not expected here.
deepaksibm
commented
4 months ago @narendermann Your code works exactly as expected.
# ibm_is_security_group_rule.outbound_port22 will be created
+ resource "ibm_is_security_group_rule" "outbound_port22" {
+ direction = "outbound"
+ group = "r006-263ec385-adf1-4a0e-9be3-951d1f4d71ba"
+ id = (known after apply)
+ ip_version = "ipv4"
+ local = "172.31.2.6"
+ protocol = (known after apply)
+ related_crn = (known after apply)
+ remote = (known after apply)
+ rule_id = (known after apply)
+ tcp {
+ port_max = 22
+ port_min = 22
}
}
state
# ibm_is_security_group_rule.outbound_port22:
resource "ibm_is_security_group_rule" "outbound_port22" {
direction = "outbound"
group = "r006-263ec385-adf1-4a0e-9be3-951d1f4d71ba"
id = "r006-263ec385-adf1-4a0e-9be3-951d1f4d71ba.r006-5b348c05-751e-48aa-9042-ff35e4c47657"
ip_version = "ipv4"
local = "172.31.2.6"
protocol = "tcp"
related_crn = "crn:v1:bluemix:public:is:us-south:a/7f75c7b025e54bc5635f754b2f888665::security-group:r006-263ec385-adf1-4a0e-9be3-951d1f4d71ba"
remote = "r006-53835575-e4ec-4674-891d-73800e5a0700"
rule_id = "r006-5b348c05-751e-48aa-9042-ff35e4c47657"
tcp {
port_max = 22
port_min = 22
}
}Make sure you are using the latest provider version. This should be available from versions 1.64.0 and above. https://registry.terraform.io/providers/IBM-Cloud/ibm/1.67.0/docs/resources/is_security_group_rule
narendermann
commented
4 months ago Thank you @deepaksibm - upgraded to version = "~>1.67.0" and it worked very well.
I was assuming that while I create my code I used the latest version 1.63.0 few weeks back.
While configuring the local attribute for inbound and outbound rules. local attribute is not accepted by latest terraform provider and version.
Error:
│ Error: Unsupported block type │ │ on vpc_nator_core_vpc\sg_vpc_secure_maintenance_sg.tf line 33, in resource "ibm_is_security_group_rule" "vpc_nator_core_vpc_vpc_secure_maintenance_sg_sg_rule_inbound_port3389": │ 33: local { │ │ Blocks of type "local" are not expected here.