search

aliyun / terraform-provider-alicloud

Terraform AliCloud provider
https://www.terraform.io/docs/providers/alicloud/
Mozilla Public License 2.0
589 stars 554 forks source link

Unable to add a security group as a whitelist on a alicloud_redis_tair_instance #7047

Open vgazzola opened 8 months ago

vgazzola commented 8 months ago

Hi there, I was able to whitelist a security group on a redis Tair instance on the web console, but not on terraform. it doesn't seem possible at the moment

Terraform Version

OpenTofu v1.6.1 (but it's not linked to terraform/openTofu, rather with the aiyun/alicloud provider

terraform {
  required_providers {
    alicloud = {
      source = "aliyun/alicloud"
      version = "1.218.0"
    }
  }
}

Affected Resource(s)

Please list the resources as a list, for example:

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.

Terraform Configuration Files

resource "alicloud_security_group" "security-group" {
  name                = local.nsg_name
  vpc_id              = alicloud_vpc.vpc.id
  security_group_type = "enterprise"
  resource_group_id   = alicloud_resource_manager_resource_group.vpc-rg.id
  inner_access_policy = "Accept"
  tags                = local.tags
}

resource "alicloud_redis_tair_instance" "redis" {
  instance_class            = var.redis_instance_class
  resource_group_id         = alicloud_resource_manager_resource_group.redis.id
  payment_type              = "PayAsYouGo"
  auto_renew                = "false"
  engine_version            = "6.0"
  vpc_id                    = alicloud_vswitch.redis.vpc_id
  force_upgrade             = "false"
  instance_type             = "tair_rdb"
  zone_id                   = alicloud_vswitch.redis.zone_id
  port                      = "6379"
  tair_instance_name        = local.redis_name
  vswitch_id                = alicloud_vswitch.redis.id
  auto_renew_period         = "1"
}

Debug Output

works in the console, no option in terraform

Panic Output

-

Expected Behavior

I'd like to be able to associate a alicloud_security_group on a alicloud_redis_tair_instance resource like we can do on the web console, or like it could be done on a alicloud_kvstore_instance Console: Screenshot 2024-03-11 at 15 52 30 alicloud_kvstore_instance:

resource "alicloud_kvstore_instance" "default" {

  security_group_id = "sg-***"

Actual Behavior

Seemingly not possible at the moment :

References

no other GitHub issues yet.

vgazzola commented 8 months ago

There seem to be a similar problem with the TLS config, there's no option to enable it on Terraform, only on the console