search

PaloAltoNetworks / terraform-provider-scm

The Terraform provider for Strata Cloud Manager
Apache License 2.0
7 stars 2 forks source link

resource scm_decryption_rule fails to create when type ssl_inbound_inspection is set #15

Open ancoleman opened 6 months ago

ancoleman commented 6 months ago

Describe the bug

_scm_decryption_rule_ resource for parameter type: _ssl_inboundinspection fails when specifying a string value of a certificate name.

Expected behavior

When using the _ssl_inboundinspection type, you should be able to set the certificate name to be use as a string value.

Current behavior

When setting parameter type: _ssl_inboundinspection a response from Strata Cloud Manager is received 

module.security_policy_with_yaml.scm_decryption_rule.this["terraform-decryption-rule-1"]: Creating...
module.security_policy_with_yaml.scm_decryption_rule.this["terraform-decryption-rule-2"]: Creating...
module.security_policy_with_yaml.scm_decryption_rule.this["terraform-decryption-rule-1"]: Creation complete after 1s [id=d4a650e3-a8e7-4371-9d5d-21762ccf2a28]
╷
│ Error: Error creating config
│ 
│   with module.security_policy_with_yaml.scm_decryption_rule.this["terraform-decryption-rule-2"],
│   on ../../modules/policy/rules.tf line 95, in resource "scm_decryption_rule" "this":
│   95: resource "scm_decryption_rule" "this" {
│ 
│ [HTTP 400] API_I00035 Invalid Request Payload [object Object] - ["type.ssl_inbound_inspection" must be of type object]
╵

Example yaml configuration for type parameter:

    type:
      ssl_inbound_inspection: "Forward-Trust-CA"

Possible Solution

When reviewing the API response it seems when setting the type to _ssl_inboundinspection it should be an array object sent to it like:

{
    "ssl_inbound_inspection": {
        "certificates": ["CertificateName"]
    }
}

Steps to reproduce

  1. set the _ssl_inboundinspection value to a string value of a known certificate name

Your Environment