Creation of `google_compute_forwarding_rule` fails if default labels are set at provider level

hashicorp / terraform-provider-google

Terraform Provider for Google Cloud Platform

https://registry.terraform.io/providers/hashicorp/google/latest/docs

Mozilla Public License 2.0

2.34k stars 1.74k forks source link

Creation of `google_compute_forwarding_rule` fails if default labels are set at provider level #16906

Open wjf3121 opened 10 months ago

wjf3121 commented 10 months ago

This happens with provider 5.2.0 and when the default labels are defined at provider level and there is no label block in google_compute_forwarding_rule itself:

provider "google" {
  default_labels  = { mylabel = "labelvalue"}
}
resource "google_compute_forwarding_rule" "prisma_fwd" {
  ip_address            = "127.0.0.3"
  name                  = "rule"
  network               = var.project_network
  project               = var.project_id
  region                = var.region
  target                = var.private_service_connect
}

Affected Resource(s)

google_compute_forwarding_rule

Originally posted by @Ziemowit-LH in https://github.com/hashicorp/terraform-provider-google/issues/16255#issuecomment-1773031396

b/327610708

rileykarson commented 10 months ago

I think that PSC forwarding rules can't have labels set, based on https://github.com/hashicorp/terraform-provider-google/issues/16255#issue-1945151168 - we'll need to not apply default labels for forwarding rules of that type.

eraac commented 6 months ago

Does a workaround exist?

DevoFalcon commented 4 months ago

If you create the resource without labels initially, and then update it to include labels, it works correctly (as a workarround). What I did was

Comment out provider default_labels
Targetted-apply my google_compute_forwarding_rule
Uncomment provider default_labels
Apply update to google_compute_forwarding_rule to add labels

Ziemowit-LH commented 4 months ago

That's what I've been doing until I got tired of it and just stopped using provider-defined labels. Now I declare/compute a standard set of labels and just apply them to each resource that can take labels. google_compute_forwarding_rule is not one.

Ziemowit-LH commented 4 months ago

I think that PSC forwarding rules can't have labels set, based on #16255 (comment) - we'll need to not apply default labels for forwarding rules of that type.

They can. What is stupid is that the labels can't be set at creation time (GCP API limitation) but only added after the resource already exists.

Is there a way to ignore provider-level labels for a particular resource by some statement?