kklimonda-cl
commented
1 month ago Can you try applying the resource with changes I've outlined below instead?
I've explicitly set location.ngfw.ngfw_device to localhost.localdomain (which should be default if you don't specify it at all, and this is the only value that makes sense at this time from what I understand).
The interface tunnel.5 must also be imported into virtual_router interfaces list so it can be used in the routing_table.
The modified resource:
resource "panos_virtual_router" "example" {
name = "default"
location = {
ngfw = {
ngfw_device = "localhost.localdomain"
}
}
interfaces = [
"tunnel.5"
]
routing_table = {
ip = {
static_routes = [
{
name = "static-route-1"
destination = "192.168.33.0/24"
interface = "tunnel.5"
}
]
}
}
}
Justin-Schoenaker
Describe the bug
Im trying to add a static route to my virtual router:
resource "panos_virtual_router" "example" { name = "default"
location = { ngfw = { ngfw_device = ""
}
}
routing_table = { ip = { static_routes = [ { name = "static-route-1" destination = "192.168.33.0/24" interface = "tunnel.5" } ] } } }
Expected behavior
In my opinion it should apply this static route to the virtual router called "default". I can see its willing to add the values:
"stdout_lines": [ "", "Terraform used the selected providers to generate the following execution", "plan. Resource actions are indicated with the following symbols:", " \u001b[32m+\u001b[0m create\u001b[0m", "", "Terraform will perform the following actions:", "", "\u001b[1m # panos_virtual_router.example\u001b[0m will be created", "\u001b[0m \u001b[32m+\u001b[0m\u001b[0m resource \"panos_virtual_router\" \"example\" {", " \u001b[32m+\u001b[0m\u001b[0m location = {", " \u001b[32m+\u001b[0m\u001b[0m ngfw = {", " \u001b[32m+\u001b[0m\u001b[0m ngfw_device = \"\"",
" }",
" }",
" \u001b[32m+\u001b[0m\u001b[0m name = \"default\"",
" \u001b[32m+\u001b[0m\u001b[0m routing_table = {",
" \u001b[32m+\u001b[0m\u001b[0m ip = {",
" \u001b[32m+\u001b[0m\u001b[0m static_routes = [",
" \u001b[32m+\u001b[0m\u001b[0m {",
" \u001b[32m+\u001b[0m\u001b[0m destination = \"192.168.33.0/24\"",
" \u001b[32m+\u001b[0m\u001b[0m interface = \"tunnel.5\"",
" \u001b[32m+\u001b[0m\u001b[0m name = \"static-route-1\"",
" },",
" ]",
" }",
" }",
" \u001b[32m+\u001b[0m\u001b[0m tfid = (known after apply)",
" }",
"",
"\u001b[1mPlan:\u001b[0m 1 to add, 0 to change, 0 to destroy.",
"\u001b[0m\u001b[0m\u001b[1mpanos_virtual_router.example: Creating...\u001b[0m\u001b[0m"
],
Current behavior
It is not applying the resource. Instead im getting this error:
"stderr_lines": [ "\u001b[31m╷\u001b[0m\u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m\u001b[1m\u001b[31mError: \u001b[0m\u001b[0m\u001b[1mError in create\u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m\u001b[0m with panos_virtual_router.example,", "\u001b[31m│\u001b[0m \u001b[0m on main.tf line 95, in resource \"panos_virtual_router\" \"example\":", "\u001b[31m│\u001b[0m \u001b[0m 95: resource \"panos_virtual_router\" \"example\" \u001b[4m{\u001b[0m\u001b[0m", "\u001b[31m│\u001b[0m \u001b[0m", "\u001b[31m│\u001b[0m \u001b[0mAt most 1 occurrence is allowed for devices/entry", "\u001b[31m╵\u001b[0m\u001b[0m" ],
Possible solution
I tried adding the PANOS_TARGET but then its not even connecting
Your Environment
My environment is an AWX instance that starts a execution environment with terraform installed. First it will fetch my tf state from a s3 bucket while doing a terraform init, when this finnished it will do a terraform apply.
Latest version of awx.
palo provider version: version = "2.0.0-rc.1"
Firewall: PA440 Software Version 11.0.3-h5