search

PaloAltoNetworks / terraform-provider-cloudngfwaws

The Terraform provider for the Palo Alto Networks AWS cloud NGFW
Mozilla Public License 2.0
14 stars 14 forks source link

Drift detected on undeclared resource attributes. #10

Open lachlanjholmes opened 2 years ago

lachlanjholmes commented 2 years ago

Hey Palo Team,

The terraform provider detects this drift below for the rulestack and security_rule.

This seems to be due the attributes shown here are ommited in the .tf file that hold the resource.

Is there a sane default that the cloudngfw api can return that would not create drift.

This will show up when doing a terraform plan -refresh-only

drift detected on rulestack resource

# cloudngfwaws_rulestack.terraform_rulestack has changed
~ resource "cloudngfwaws_rulestack" "terraform_rulestack" {
    id                     = "Local:terraform-rulestack"
    name                   = "terraform-rulestack"
  ~ state                  = "Uncommitted" -> "Running"
  + tags                   = {}
    # (5 unchanged attributes hidden)

    # (1 unchanged block hidden)
}

.tf file rulestack resource

resource "cloudngfwaws_rulestack" "terraform_rulestack" {
  name        = "terraform-rulestack"
  scope       = "Local"
  account_id  = "123456789101"
  description = "Made by Terraform"
  profile_config {
    anti_spyware = "BestPractice"
    anti_virus = "BestPractice"
    file_blocking = "BestPractice"
    url_filtering = "BestPractice"
    vulnerability = "BestPractice"
  }
}

drift detected on security_rule resource

  # cloudngfwaws_security_rule.rule_101 has changed
  ~ resource "cloudngfwaws_security_rule" "rule_101" {
        id                 = "Local:terraform-rulestack:LocalRule:101"
        name               = "example-security-rule2"
      + prot_port_list     = []
      + tags               = {}
        # (13 unchanged attributes hidden)

      ~ category {
          + feeds              = []
          + url_category_names = []
        }

      ~ destination {
          + countries    = []
          + feeds        = []
          + fqdn_lists   = []
          + prefix_lists = []
            # (1 unchanged attribute hidden)
        }

      ~ source {
          + countries    = []
          + feeds        = []
          + prefix_lists = []
            # (1 unchanged attribute hidden)
        }
    }
welcome-to-palo-alto-networks[bot] commented 2 years ago

:tada: Thanks for opening your first issue here! Welcome to the community!