Open ancoleman opened 1 year ago
I was able to determine that the object not found would refer to the ike_crypto_profile
resource "sase_ike_gateways" "this" {
folder = "Remote Networks"
name = "terraform-ike-3"
authentication = {
pre_shared_key = {
key = "mytestkey1234"
}
}
peer_address = {
ip = "81.107.85.198"
}
protocol = {
ikev1 = {
dpd = {
enable = true
}
ike_crypto_profile = "PaloAlto-Networks-IKE-Crypto"
}
version = "ikev1"
}
}
this seemed to work....
This is not working .. Giving below error. Could you please help me to identify what is missing here?
[root@localhost prisma]# cat ike_gw.tf resource "sase_ike_gateways" "this" { folder = "Remote Networks" name = "terraform-ike-3" authentication = { pre_shared_key = { key = "mytestkey1234" } } peer_address = { ip = "81.107.85.198" } protocol = { ikev1 = { dpd = { enable = true } ike_crypto_profile = "PaloAlto-Networks-IKE-Crypto" } version = "ikev1" } }
Error when i run the terraform plan:**
[root@localhost prisma]# terraform plan ╷ │ Warning: Provider development overrides are in effect │ │ The following provider development overrides are set in the CLI configuration: │ - paloaltonetworks-local/sase in /home/Hemant/terraform_prisma_sase/terraform-provider-sase │ │ The behavior may therefore not match any released version of the provider and applying changes may cause the state to │ become incompatible with published releases. ╵ sase_ike_gateways.this: Refreshing state... [id=Remote Networks:8f4dd1af-996e-4be8-818f-db04cec13d3b] sase_objects_addresses.x: Refreshing state... [id=Shared:d365b705-ef40-4107-a3c5-c2390d55a988]
Planning failed. Terraform encountered an error while generating this plan.
╷ │ Error: Error reading config │ │ with sase_ike_gateways.this, │ on ike_gw.tf line 1, in resource "sase_ike_gateways" "this": │ 1: resource "sase_ike_gateways" "this" { │ │ [HTTP 400] API_I00035 Invalid Request Payload - ["folder" is required]
│ [HTTP 400] API_I00035 Invalid Request Payload - ["folder" is required]
Seems like folder
needs to be added to the Read
here as well...? I'll just add it to Read
and not Update
or Delete
, see if it works after that.
You'll have to update both sase-go
and this repo for the fix.
I pulled the latest from both, and now I get a build failure on the provider:
venv) (base) acoleman@M-KGYXTTH2MF terraform-provider-sase % go build
# [github.com/paloaltonetworks/terraform-provider-sase/internal/provider](http://github.com/paloaltonetworks/terraform-provider-sase/internal/provider)
internal/provider/ike_gateways.go:879:3: unknown field Folder in struct literal of type ikegateways.ReadInput
internal/provider/ike_gateways.go:893:30: input.Folder undefined (type ikegateways.ReadInput has no field or method Folder)
internal/provider/ike_gateways.go:1647:3: unknown field Folder in struct literal of type ikegateways.ReadInput
I commented out of the provider.go and renamed the ike_gateways.go and the build succeeded. However, when testing remote networks CRUD ops worked fine, for all other resources the same error happens:
(venv) (base) acoleman@M-KGYXTTH2MF security_profiles % terraform destroy --auto-approve
╷
│ Warning: Provider development overrides are in effect
│
│ The following provider development overrides are set in the CLI configuration:
│ - paloaltonetworks-local/sase in /Users/acoleman/Documents/Projects/PracticeDevelopment/github/terraform-provider-sase
│
│ The behavior may therefore not match any released version of the provider and applying changes may cause the state to become incompatible with published releases.
╵
sase_anti_spyware_profiles.this: Refreshing state... [id=Mobile Users:6d571485-e7c6-4f07-8763-bab1045eacf0]
╷
│ Error: Error reading config
│
│ with sase_anti_spyware_profiles.this,
│ on main.tf line 7, in resource "sase_anti_spyware_profiles" "this":
│ 7: resource "sase_anti_spyware_profiles" "this" {
│
│ [HTTP 400] API_I00035 Invalid Request Payload - ["folder" is required]
I assume the reason remote_networks worked fine, is because of the changes on the sase-go sdk.
my bad, missed a commit push. this will add the folder
to the Read()
for the resource, but the pre_shared_key
issue still needs eng attention.
I have updated both the repos. And build the provider again. Now i am getting below error while creating the ike_gw.
Code for reference:
[root@localhost prisma]# cat ike_gw.tf resource "sase_ike_gateways" "this" { folder = "Remote Networks" name = "terraform-ike-3" authentication = { pre_shared_key = { key = "mytestkey1234" } } peer_address = { ip = "81.107.85.198" } protocol = { ikev1 = { dpd = { enable = true } ike_crypto_profile = "PaloAlto-Networks-IKE-Crypto" } version = "ikev1" } }
same issue when i am creating a Address object in other folder.
Code for reference:
resource "sase_objects_addresses" "x" { folder = "Shared" name = "Beaucoup Fish" description = "Made by Terraform" ip_netmask = "8.8.88.181"
}
@Hemant40
Two things. First, enable verbose logging on the communication between SASE API and Terraform by adding this to your provider block:
provider "sase" {
....
logging = "detailed"
}
Second, ask Terraform to show you all the communication between you and SASE API by turning on debug logging. You can do this just for a single terraform apply
by putting the environment variable before the command like so:
TF_LOG=DEBUG terraform apply
Now you can see what's going on between you and SASE API, this should give you more information.
Describe the bug
When trying to create the resource _sase_ikegateways error "object not found" is generated.
Expected behavior
The Ike Gateway resource is created
Current behavior
The Ike Gateway resource fails to create
Possible solution
Steps to reproduce
Screenshots
Context
Your Environment