Error: Invalid index data.oci_core_security_lists.allow_all_security.security_lists is empty list of object

[brokedba]

I am running into errors while trying to deploy this drg-ha-use-case terraform configuration . basically the all_allow security lists are empty that's why the data source reference in the subnet resource is failing . It's like some resources are not created that quickly enough for the data source to fetch its attributes Yould please help fix this error? something is off see error below

╷
│ Error: Invalid index
│
│   on network.tf line 240, in resource "oci_core_subnet" "mangement_subnet":
│  240:   security_list_ids          = [data.oci_core_security_lists.allow_all_security.security_lists[0].id]
│     ├────────────────
│     │ data.oci_core_security_lists.allow_all_security.security_lists is empty list of object
│
│ The given key does not identify an element in this collection value: the collection has no elements.
╵
╷
│ Error: Invalid index
│
│   on network.tf line 256, in resource "oci_core_subnet" "trust_subnet":
│  256:   security_list_ids          = [data.oci_core_security_lists.allow_all_security.security_lists[0].id]
│     ├────────────────
│     │ data.oci_core_security_lists.allow_all_security.security_lists is empty list of object
│
│ The given key does not identify an element in this collection value: the collection has no elements.
╵
╷
... AND ALL REMAINING SUBNETS IN THE CONFIG

Here is the list of resources involved in the first error : management_subnet line240 in network.tf

• subnet

resource "oci_core_subnet" "mangement_subnet" {
  count                      = local.use_existing_network ? 0 : 1
  compartment_id             = var.network_compartment_ocid
  vcn_id                     = oci_core_vcn.hub[count.index].id
  cidr_block                 = var.mangement_subnet_cidr_block
  display_name               = var.mangement_subnet_display_name
  route_table_id             = oci_core_vcn.hub[count.index].default_route_table_id
  dns_label                  = var.mangement_subnet_dns_label
  security_list_ids          = [data.oci_core_security_lists.allow_all_security.security_lists[0].id]
  prohibit_public_ip_on_vnic = "false"

  depends_on = [
    oci_core_security_list.allow_all_security,
  ]
}

• Data Source

# ------ Get the Allow All Security Lists for Subnets in Firewall VCN
data "oci_core_security_lists" "allow_all_security" {
  compartment_id = var.compute_compartment_ocid
  vcn_id         = local.use_existing_network ? var.vcn_id : oci_core_vcn.hub.0.id
  filter {
    name   = "display_name"
    values = ["AllowAll"]
  }
  depends_on = [
    oci_core_security_list.allow_all_security,
  ]
}

• Source security list resource

# ------ Update Default Security List to All All  Rules
resource "oci_core_security_list" "allow_all_security" {
  compartment_id = var.network_compartment_ocid
  vcn_id         = local.use_existing_network ? var.vcn_id : oci_core_vcn.hub.0.id
  display_name   = "AllowAll"
  ingress_security_rules {
    protocol = "all"
    source   = "0.0.0.0/0"
  }

  egress_security_rules {
    protocol    = "all"
    destination = "0.0.0.0/0"
  }
}

apply :  
data.oci_core_security_lists.allow_all_security: Reading...
data.oci_core_security_lists.allow_all_security: Read complete after 0s [id=CoreSecurityListsDataSource-688925809]

Thank you

terraform --version
Terraform v1.0.3
on linux_amd64
+ provider registry.terraform.io/hashicorp/oci v4.105.0
+ provider registry.terraform.io/hashicorp/template v2.2.0
+ provider registry.terraform.io/oracle/oci v4.105.0

[brokedba]

Problem solved , but your team need to test your code locally not only through RM be more responsive to end users issues. you switched between compute and network compartment variables in several spots in your code (datasource.tf) as shown below.

• Security lists;
• Vnic attachments

see my blog post for a full explanation on the fixes for the drg-ha-use-case stack.