search

PaloAltoNetworks / terraform-provider-panos

Terraform Panos provider
https://www.terraform.io/docs/providers/panos/
Mozilla Public License 2.0
87 stars 70 forks source link

RPC error when creating a service object #291

Closed dersoi closed 2 years ago

dersoi commented 3 years ago

Describe the bug

Trying to create a service while having a state file in AWS S3 creates the error:

Error: rpc error: code = Unavailable desc = transport is closing when running terraform apply. Enabling the debug output gives 

-----------------------------------------------------: timestamp=2021-07-02T08:33:41.781+0200
2021-07-02T08:33:41.781+0200 [INFO]  plugin.terraform-provider-aws_v3.27.0_x5: 2021/07/02 08:33:41 [DEBUG] [aws-sdk-go] <?xml version="1.0" encoding="UTF-8"?>
<DescribeAccountAttributesResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/">
    <requestId>065d174c-ea47-494b-b0b1-0afface2a4cc</requestId>
    <accountAttributeSet>
        <item>
            <attributeName>supported-platforms</attributeName>
            <attributeValueSet>
                <item>
                    <attributeValue>VPC</attributeValue>
                </item>
            </attributeValueSet>
        </item>
    </accountAttributeSet>
</DescribeAccountAttributesResponse>: timestamp=2021-07-02T08:33:41.781+0200
2021/07/02 08:33:41 [TRACE] vertex "provider[\"registry.terraform.io/hashicorp/aws\"]": visit complete
2021/07/02 08:33:41 [TRACE] dag/walk: visiting "provider[\"registry.terraform.io/hashicorp/aws\"] (close)"
2021/07/02 08:33:41 [TRACE] dag/walk: upstream of "meta.count-boundary (EachMode fixup)" errored, so skipping
2021/07/02 08:33:41 [TRACE] vertex "provider[\"registry.terraform.io/hashicorp/aws\"] (close)": starting visit (*terraform.graphNodeCloseProvider)
2021/07/02 08:33:41 [TRACE] GRPCProvider: Close
2021-07-02T08:33:41.782+0200 [WARN]  plugin.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2021-07-02T08:33:41.784+0200 [DEBUG] plugin: plugin process exited: path=.terraform/providers/registry.terraform.io/hashicorp/aws/3.27.0/linux_amd64/terraform-provider-aws_v3.27.0_x5 pid=29465
2021-07-02T08:33:41.784+0200 [DEBUG] plugin: plugin exited
2021/07/02 08:33:41 [TRACE] vertex "provider[\"registry.terraform.io/hashicorp/aws\"] (close)": visit complete
2021/07/02 08:33:41 [TRACE] dag/walk: upstream of "root" errored, so skipping

Error: rpc error: code = Unavailable desc = transport is closing

This causes the apply to fail. The strange thing is that I can create other objects (addresses and tags) butn not services.

Expected behaviour

I expect the service to be created on Panorama

Current behavior

The ressource creation fails with the error Error: rpc error: code = Unavailable desc = transport is closing

Steps to reproduce

modules/services/main.tf

terraform {
  required_providers {
    panos = {
      source  = "PaloAltoNetworks/panos"
      version = "1.8.0"
    }
  }
}

locals {
  services = yamldecode(file(var.services_file))
}

resource "null_resource" "check_terraform_tag" {
  for_each = { for r in local.services.services : r.name => r }
  triggers = contains(each.value.tags, "terraform") == true ? {} : file("ERROR: The rule does not contain the tag \"terraform\".")
  lifecycle {
    ignore_changes = [
      triggers
    ]
  }
}

resource "panos_service_object" "service" {
  for_each         = { for service in local.services.services : service.name => service }
  name             = each.value.name
  destination_port = tostring(each.value.destination)
  protocol         = each.value.protocol
  tags             = each.value.tags
  lifecycle {
    create_before_destroy = true
  }
}

run terraform apply

Your Environment

uname -a 
Linux mob100989 5.10.0-4-amd64 #1 SMP Debian 5.10.19-1 (2021-03-02) x86_64 GNU/Linux

terraform version
Terraform v0.14.5
+ provider registry.terraform.io/hashicorp/aws v3.27.0
+ provider registry.terraform.io/hashicorp/null v3.1.0
+ provider registry.terraform.io/paloaltonetworks/panos v1.8.0
welcome-to-palo-alto-networks[bot] commented 3 years ago

:tada: Thanks for opening your first issue here! Welcome to the community!

shinmog commented 3 years ago

If you're trying to create the service on Panorama, then you need to be using panos_panorama_service_object not panos_service_object. But that error message - all I see is terraform-provider-aws, I don't see the panos provider mentioned at all. It seems like the error is with the AWS provider...?

dersoi commented 3 years ago

That is the weird thing. You were correct as to the use of panos_panorama_service_object. Yet the error was an AWS one, for some reason... I found no indication of an error regarding the Palo Alto provider.

shinmog commented 2 years ago

Seems this is fixed, so closing this issue out.