search

oracle / terraform-provider-oci

Terraform Oracle Cloud Infrastructure provider
https://www.terraform.io/docs/providers/oci/
Mozilla Public License 2.0
758 stars 680 forks source link

IPSEC with BGP tunnels not getting created with empty static_routes argument #1509

Open karthicgit-zz opened 2 years ago

karthicgit-zz commented 2 years ago

SImilar issue reported here --> https://github.com/terraform-providers/terraform-provider-oci/issues/1110

Terraform version > 1.0.0 Provider 4.57.0

Resource : oci_core_ipsec , oci_core_ipsec_connection_tunnel_management

  1. If i pass static_routes = [""] I get the below error Error: 400-InvalidParameter │ Provider version: 4.57.0, released on 2021-12-15. This provider is 2 version(s) old. │ Service: Core Ip Sec Connection │ Error Message: is not a valid ip network. │ OPC request ID: e6c00c23cdd9e49824cb9db377352da5/5A1DC76D6DC9A2128668E300399C9D3C/CAFA48D725395C23CE08A8F8B5D6494A │ Suggestion: Please Update the parameter(s) in the Terraform config as per error message is not a valid ip network.

  2. When i pass static_routes = [] then the err message is Error: 400-MissingParameter │ Provider version: 4.57.0, released on 2021-12-15. This provider is 2 version(s) old. │ Service: Core Ip Sec Connection │ Error Message: Static routes must be specified. │ OPC request ID: 760d308ea915ccbbb97fce19007185e7/168E9F5C3BBDA44C1248B6051D75308E/885DACD340D57D1FA5B758E38622F757 │ Suggestion: Please retry or contact support for help with service: Core Ip Sec Connection. 3 . It seems to be working when i pass static_routes = ["somecidrvalue"]

dhoogfr commented 2 years ago

same issue with following version

Terraform v1.1.9
on linux_amd64
+ provider registry.terraform.io/hashicorp/oci v4.75.0
Error: 400-MissingParameter, Static routes must be specified. 
│ Suggestion: Please retry or contact support for help with service: Core Ip Sec Connection
│ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_ip_sec_connection 
│ Request Target: POST https://iaas.eu-frankfurt-1.oraclecloud.com/20160918/ipsecConnections 
│ Provider version: 4.75.0, released on 2022-05-11.  
│ Service: Core Ip Sec Connection 
│ Operation Name: CreateIPSecConnection 
│ OPC request ID: 6130816f6aeceb532f6a5a40fba5e4a4/94C84C3B95F1E79C7212ABAF0C36B42B/ACFFA73E7C38300C3358F54659E0ABC2
karthicgit-zz commented 2 years ago

@dhoogfr The workaround is to pass the static_routes argument as well with dummy value .

dhoogfr commented 2 years ago

Still an issue with version 4.96.0

ravinitp commented 1 year ago

Thank you for reporting the issue. We observed the affected resources are not provided in the description or it's incorrect. We request you to add it in issue description as mentioned in below format. Example: affected_resources = oci_core_instance , oci_core_instances

If it's not related to any particular resource then mention affected resource as terraform. Example: affected_resources = terraform

As this works through automation, request you to follow exact syntax.

iejones commented 12 months ago

Documentation was updated with version v5.21.0 to explain you must provide a static route when creating an IPSec connection with terraform because we create 2 static tunnels by default. The core_ipsec_connection_tunnel_management resource is update only. If you update both tunnels to BGP routing, the static route(s) will be ignored.