search

terraform-google-modules / terraform-google-network

Sets up a new VPC network on Google Cloud
https://registry.terraform.io/modules/terraform-google-modules/network/google
Apache License 2.0
411 stars 1.23k forks source link

Please add support for `ipv6-icmp` IP protocol #535

Closed simondeziel closed 6 months ago

simondeziel commented 8 months ago

TL;DR

Trying to add a rule for ICMPv6:

module "firewall-rules" {
  source       = "terraform-google-modules/network/google//modules/firewall-rules"
  project_id   = var.project_id
  network_name = module.vpc.network_name

  ingress_rules = [{
    {
      name          = "icmp-v6"
      source_ranges = ["::/0"]
      allow         = [{
        protocol = "ipv6-icmp"
      }]
    },
  ]

Fails:

│ Error: Error updating Firewall "projects/<project>/global/firewalls/icmp-v6": googleapi: Error 400: Invalid value for field 'resource.allowed[0].IPProtocol': 'ipv6-icmp'. Must be one of ["ah", "all", "esp", "icmp", "ipip", "sctp", "tcp", "udp"] or an IP protocol number between 0 and 255., invalid
│ 
│   with module.firewall-rules.google_compute_firewall.rules_ingress_egress["icmp-v6"],
│   on .terraform/modules/firewall-rules/modules/firewall-rules/main.tf line 63, in resource "google_compute_firewall" "rules_ingress_egress":
│   63: resource "google_compute_firewall" "rules_ingress_egress" {
│

As a workaround, one can use the IP protocol number 58.

Terraform Resources

No response

Detailed design

No response

Additional information

No response

daniel-cit commented 8 months ago

There is an issue opened in the provider too https://github.com/hashicorp/terraform-provider-google/issues/16600

github-actions[bot] commented 6 months ago

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days