search

PaloAltoNetworks / terraform-provider-panos

Terraform Panos provider
https://www.terraform.io/docs/providers/panos/
Mozilla Public License 2.0
87 stars 71 forks source link

Bug: Update panos_security_rule_group before deleting panos_address_object #239

Closed jdamata closed 3 years ago

jdamata commented 3 years ago

Describe the bug

I have multiple panos_address_object referenced inside of destination_addresses in panos_security_rule_group. When I delete one of the panos_address_objects, the provider attempts to delete the resource before updating the panos_security_rule_group.

This results in an error similar to: Error: rulebase -> security -> rules -> Outbound ADDRESS -> destination

Expected behavior

panos_security_rule_group is updated first with destination_addresses list before deleting panos_address_object

Current behavior

Provider attempts to clean up panos_address_object which is still referenced in the panos_security_rule_group

jdamata commented 3 years ago

Related to these: https://github.com/PaloAltoNetworks/terraform-provider-panos/issues/238 https://github.com/PaloAltoNetworks/terraform-provider-panos/issues/234 https://github.com/hashicorp/terraform/issues/26173

I tried adding a create_before_destroy on the panos_address_objects but got an inconsistent plan error. Looks like the inconsistent plan is caused by this: https://github.com/hashicorp/terraform/issues/25631

shinmog commented 3 years ago

This is equal parts #234 and hashicorp/terraform#25631, please see #234 for further info.

Closing this issue out as this is not a provider issue.