search

PaloAltoNetworks / terraform-provider-prismacloudcompute

Terraform provider for Prisma Cloud Compute
https://registry.terraform.io/providers/PaloAltoNetworks/prismacloudcompute/latest
Mozilla Public License 2.0
24 stars 28 forks source link

Collections throws 429 when adding > 1 collection #58

Closed jasonckeating closed 1 year ago

jasonckeating commented 2 years ago

Describe the bug

Programmatically adding all accounts as a collection to Prisma.

Expected behavior

Each collection defined in code is created in Prisma Cloud

Current behavior

Every collection creation fails with a 429 error code.

Possible solution

Steps to reproduce

  1. Create a for loop collection that creates more than one. 
    resource "prismacloudcompute_collection" "this" {
for_each          = tomap(local.all_accounts)
name              = "${each.value.name} - ${each.value.id}"
description       = "All resources from the ${each.value.name} account."
account_ids       = [each.value.id]
application_ids   = ["*"]
clusters          = ["*"]
code_repositories = ["*"]
containers        = ["*"]
functions         = ["*"]
images            = ["*"]
labels            = ["*"]
namespaces        = ["*"]
}
  2. terraform apply
  3. observe the error 
    Error: error creating collection '{AccountIds:[12345] AppIds:[*] Clusters:[*] CodeRepos:[*] Color:#A020F0 Containers:[*] Description:All resources from the sample-dev account. Functions:[*] Hosts:[*] Images:[*] Labels:[*] Name:sample-dev - 12345 Namespaces:[*]}': Non-OK status: 429
│ 
│   with prismacloudcompute_collection.this["sample-dev"],
│   on collections.tf line 28, in resource "prismacloudcompute_collection" "this":
│   28: resource "prismacloudcompute_collection" "this" {
│

Screenshots

Context

We are wanting to provide collections for each account so Devleopment teams can see their vulnerabilities for only their accounts.

Your Environment

hi-artem commented 2 years ago

@jasonckeating this was solved, but never released https://github.com/PaloAltoNetworks/terraform-provider-prismacloudcompute/pull/55

hi-artem commented 2 years ago

@wfg can the latest main be released and published to tf registry?

wfg commented 2 years ago

@jasonckeating @hi-artem Sure, I'll push a new tag tomorrow morning.

hi-artem commented 2 years ago

Awesome! Thank you

wfg commented 2 years ago

v0.7.0 released

hi-artem commented 2 years ago

@jasonckeating can you check this again with 0.7.0 release?

jasonckeating commented 2 years ago

@hi-artem tried again on 0.7.0.

terraform apply took 1 hour on an attempt to add new 100 collections, but it did create them successfully.

I did get a few error codes that I worked through, but were difficult to root cause, since they still show codes that don't indicate the problem.

PANW-aharrell commented 1 year ago

Closed in 0.8.0 https://github.com/PaloAltoNetworks/terraform-provider-prismacloudcompute/pull/71