Error status code 404 from Incapsula service when reading Policy for ID

[rsecuritas]

Hi, Deleting a waf policy from imperva portal triggers error 404 in terraform when plan/apply are executed. Message error: "This policy is not available for your account"

My expectation is that if does not exist then terraform create it. Thanks.

[katrinpolit]

HI @rsecuritas, in this case you need to sync Terraform state after changes made in UI. Please check out this link: https://www.terraform.io/cli/commands/state/rm

[rubaroca]

Hi @katrinpolit,

Thanks for the reply!

As terraform says in the documentation that you refered before "Terraform automatically updates the state in response to actions taken when applying a plan". This mean that if you use "state rm" you are forcing your state in order to match your code agaist your infraestructure (this has to be used with care).

I just probe the same case with the incapsula "rules" resources and there is not need to modify the tfstate file. I attach the log.

`PS C:\GIT\Imperva.Infraestructure> terraform apply -var-file "$(terraform workspace show).tfvars" -var-file global.tfvars module.imperva_sites.incapsula_site.this["xxx.software.com"]: Refreshing state... [id=26408417] module.imperva_rules.incapsula_incap_rule.this["Ignore cachedPhoto"]: Refreshing state... [id=1844487] module.imperva_rules.incapsula_incap_rule.this["Exception progress"]: Refreshing state... [id=1844593]

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the last "terraform apply":

module.imperva_rules.incapsula_incap_rule.this["Exception progress"] has been deleted

• resource "incapsula_incap_rule" "this" { ... }

  module.imperva_rules.incapsula_incap_rule.this["Ignore cachedPhoto"] has been deleted

• resource "incapsula_incap_rule" "this" { ... }

Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using ignore_changes, the following plan may include actions
to undo or respond to these changes.

────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:

• create

Terraform will perform the following actions:

module.imperva_rules.incapsula_incap_rule.this["Exception progress"] will be created

• resource "incapsula_incap_rule" "this" {

  • action = "RULE_ACTION_WAF_OVERRIDE"
  • add_missing = false
  • dc_id = 0
  • filter = "URL contains xxx"
  • id = (known after apply)
  • multiple_deletions = false
  • name = "Exception progress"
  • override_waf_action = "Alert Only"
  • override_waf_rule = "Remote File Inclusion"
  • rate_interval = 0
  • response_code = 0
  • site_id = "26408417" }

  module.imperva_rules.incapsula_incap_rule.this["Ignore cachedPhoto"] will be created

• resource "incapsula_incap_rule" "this" {
  • action = "RULE_ACTION_WAF_OVERRIDE"
  • add_missing = false
  • dc_id = 0
  • filter = "URL contains xxx"
  • id = (known after apply)
  • multiple_deletions = false
  • name = "Ignore cachedPhoto"
  • override_waf_action = "Ignore"
  • override_waf_rule = "Remote File Inclusion"
  • rate_interval = 0
  • response_code = 0
  • site_id = "26408417" }

Plan: 2 to add, 0 to change, 0 to destroy.

Do you want to perform these actions in workspace "pre"? Terraform will perform the actions described above. Only 'yes' will be accepted to approve.

Enter a value: `

@BrachaY can you re-open issue? Let me know too if you need some help with the 404 issue. Regards