search

imperva / terraform-provider-incapsula

This package is a plugin for Terraform, and is designed to be used to auto-provision sites in Incapsula via Incapsula’s API from the terraform cli/yaml configurations.
Mozilla Public License 2.0
44 stars 72 forks source link

Incapsula provider causes fatal error #344

Open bbarhight opened 1 year ago

bbarhight commented 1 year ago

Confirmation

Terraform and Imperva provider version

Terraform v1.4.6 on darwin_arm64

Affected resource(s)

incapsula_policy_asset_association

Terraform configuration files

module.site 
resource "incapsula_policy_asset_association" "policy_assoc" {
  for_each   = toset(var.policies)
  policy_id  = var.ids[each.value]
  asset_id   = incapsula_site.site.id
  asset_type = "WEBSITE"
}
variable "policies" {
  type    = list(any)
  default = [“first”, “second”, “etc”]
}

variable "ids" {
  type    = map(any)
  default = {}
}
//Where ids is instantiated by a module policies whose output is 
output "ids" {
  value = {
    "first" : incapsula_policy.first.id,
    "second" : incapsula_policy.second.id,
    "etc" : incapsula_policy.etc.id
  }
}

Debug output

Unfortunately I've removed the association in my code a week ago and I'm creating this ticket in haste, but this is the LoC which is causing the error: https://github.com/imperva/terraform-provider-incapsula/blob/v3.20.0/incapsula/resource_policy_asset_association.go#L94-L97

Panic output

╷ │ Error: Incapsula Policy Asset Association doesn't exisits: policy id:8675309 asset id:9035768 asset type:WEBSITE │ │ │ with module.name.module.name2.incapsula_policy_asset_association.policy_assoc["name3"], │ on modules/name/main.tf line 45, in resource "incapsula_policy_asset_association" "this": │ 45: resource "incapsula_policy_asset_association" "this" {

Expected output

I expected the terraform provider to identify that drift had occurred and display this in a way that I could respond to at plan/apply step.

Actual output

During the refresh step of terraform plan an error occurred which caused terraform to fatally execute. This caused automation/CICD to fail entirely because drift occurred, which is not the typical behavior of terraform.

Steps to reproduce

  1. Create a incapsula_policy_asset_association in terraform.
  2. Remove this policy asset association via other means (API call, UI)
  3. Execute terraform plan.

Additional factoids

The error which is reported has a convenient typo which allowed me to identify the specific area with ease.

IDs have been changed to 8675309 and 9035768.

References

No response