Accept/recast rules can't converge on non-any protocol

[dreamlibrarian]

Moved from https://github.com/palantir/tenablesc-client/issues/15

What happened?

The Tenable.sc recast/accept APIs require setting protocol to either any or an integer for the protocol number, however the APIs return the cosmetic name for the protocol. This means that setting the protocol to anything other than any results in Terraform never converging:

Example:

  # module.vuln_recast_70658.tenablesc_recast_risk.this["7"] will be updated in-place
  ~ resource "tenablesc_recast_risk" "this" {
        id            = "21"
      ~ protocol      = "TCP" -> "6"
        # (6 unchanged attributes hidden)
    }

This adds a bunch of noise to every run, because functionally the value is already correct.

What did you want to happen?

The rules should apply and not show changes in subsequent runs. I think this can be fixed by applying a protocol number/name lookup either at write or read time.

[dreamlibrarian]

How fortunate for us that risk rules get each and every possible diff suppression function due to their interesting nature.

we should probably figure out what it accepts via gui+curl validation, then supply a diff suppression function and ... figure how to do the same at plan time for input validation. I don't think we've done anything of that sort elsewhere.

[rickatnight11]

Confirmed working on v0.5.0 of the provider! Thanks!