This repository contains Terraform OCI (Oracle Cloud Infrastructure) modules for networking related resources that help customers align their OCI implementations with the CIS (Center for Internet Security) OCI Foundations Benchmark recommendations.
Universal Permissive License v1.0
15
stars
5
forks
source link
Feature Request - Referencing a NFW as the Next Hop in a VCN Route Table's Route Rule #3
In the above, referencing the NFW using network_entity_key is not implemented and would cause a Terraform "Cycle" error if attempted due to Terraform's order of actions. When using the network_entity_id and providing the OCID of the NFW, the following error is generated:
│ Error: 400-InvalidParameter, The requested networkEntityId ocid1.networkfirewall.oc1.uk-london-1.amaaaaaauxfr2raalny2r4o6tcxq5kw3vcngkjbgogzkiutbayjv4tr6ouaq is invalid: Invalid entity type in Id ocid1.networkfirewall.oc1.uk-london-1.amaaaaaauxfr2raalny2r4o6tcxq5kw3vcngkjbgogzkiutbayjv4tr6ouaq.
│ Suggestion: Please update the parameter(s) in the Terraform config as per error message The requested networkEntityId ocid1.networkfirewall.oc1.uk-london-1.amaaaaaauxfr2raalny2r4o6tcxq5kw3vcngkjbgogzkiutbayjv4tr6ouaq is invalid: Invalid entity type in Id ocid1.networkfirewall.oc1.uk-london-1.amaaaaaauxfr2raalny2r4o6tcxq5kw3vcngkjbgogzkiutbayjv4tr6ouaq.
│ Provider version: 4.113.0, released on 2023-03-22. This provider is 1 Update(s) behind to current.
│ Service: Core Route Table
│ Operation Name: CreateRouteTable
│ OPC request ID: 232ec1ef605ae7218cce1db90366a09d/41D77C245BBFF254B2D7FA98FAA18B31/41EBEEB01E147E8AE17BA524B1CAB1B1
The next hop has to be the OCID of the IP address assigned to the NFW for this to work.
Please consider implementing this feature. Thanks!
cosmindev
commented
1 year ago
Hi Team,
Currently, referencing a NFW as the next hop in a VCN Route Table's Route Rule is not supported. The below is the VCN route_tables definition:
In the above, referencing the NFW using network_entity_key is not implemented and would cause a Terraform "Cycle" error if attempted due to Terraform's order of actions. When using the network_entity_id and providing the OCID of the NFW, the following error is generated:
│ Error: 400-InvalidParameter, The requested networkEntityId ocid1.networkfirewall.oc1.uk-london-1.amaaaaaauxfr2raalny2r4o6tcxq5kw3vcngkjbgogzkiutbayjv4tr6ouaq is invalid: Invalid entity type in Id ocid1.networkfirewall.oc1.uk-london-1.amaaaaaauxfr2raalny2r4o6tcxq5kw3vcngkjbgogzkiutbayjv4tr6ouaq.
│ Suggestion: Please update the parameter(s) in the Terraform config as per error message The requested networkEntityId ocid1.networkfirewall.oc1.uk-london-1.amaaaaaauxfr2raalny2r4o6tcxq5kw3vcngkjbgogzkiutbayjv4tr6ouaq is invalid: Invalid entity type in Id ocid1.networkfirewall.oc1.uk-london-1.amaaaaaauxfr2raalny2r4o6tcxq5kw3vcngkjbgogzkiutbayjv4tr6ouaq.
│ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_route_table
│ API Reference: https://docs.oracle.com/iaas/api/#/en/iaas/20160918/RouteTable/CreateRouteTable
│ Request Target: POST https://iaas.uk-london-1.oraclecloud.com/20160918/routeTables
│ Provider version: 4.113.0, released on 2023-03-22. This provider is 1 Update(s) behind to current.
│ Service: Core Route Table
│ Operation Name: CreateRouteTable
│ OPC request ID: 232ec1ef605ae7218cce1db90366a09d/41D77C245BBFF254B2D7FA98FAA18B31/41EBEEB01E147E8AE17BA524B1CAB1B1 The next hop has to be the OCID of the IP address assigned to the NFW for this to work.
Please consider implementing this feature. Thanks!