search

PaloAltoNetworks / terraform-aws-vmseries-modules

Terraform Reusable Modules for VM-Series on AWS
https://registry.terraform.io/modules/PaloAltoNetworks/vmseries-modules/aws
MIT License
40 stars 49 forks source link

fix(module/subnet_sets): Change default value for nacl_associations variable #375

Closed piotr-rzepa closed 1 year ago

piotr-rzepa commented 1 year ago

Description

The change sets the default value for the nacl_associations variable from null to {} (an empty map).

Motivation and Context

Currently, the default null value causes Terraform's plan to fail in case no value for the variable is provided - the module (aws_network_acl_association resource) expects nacl_associations to be iterable (a map of strings), but when the user does not intend to associate any network ACLs with any subnet and skips the variable altogether, it throws an Invalid for_each argument error. The user has to explicitly set a nacl_associations variable to an empty map to avoid errors. By changing the default value from null to an empty map, the resource creation is skipped without any required workarounds from users.

How Has This Been Tested?

The subnet_sets module was deployed without setting any explicit value for nacl_associations variable. The plan and apply did not report any errors when the default value was set to an empty map.

Screenshots (if appropriate)

Error related to the nacl_associations being null: image

Types of changes

Checklist

sebastianczech commented 1 year ago

/validate paths="modules/subnet_set examples/combined_design"

Testing job ID: 6322173926 Job result: FAILURE

pimielowski commented 1 year ago

/validate paths="modules/subnet_set examples/combined_design"

Testing job ID: 6378065345 Job result: SUCCESS