search

wallix / terraform-provider-wallix-bastion

Terraform provider for Wallix bastion
https://www.wallix.com/privileged-access-management/
Mozilla Public License 2.0
5 stars 2 forks source link

[ BUG ] - Problem while removing subprotocols from service #25

Open raphaelbkt opened 4 months ago

raphaelbkt commented 4 months ago

Hi,

To sum up: if I generate Terraform code for a service with the subprotocols empty (I tried for RDP), for a service that had previously a non empty subprotocol list, I have this strange behaviour:

However if I only leave RDP_SMARTCARD in the list of subprotocols everything is ok: the changes are really applied to the bastion.

To Reproduce Generate a service with a non empty RDP sub protocol list

resource "wallix-bastion_device_service" "avdp0-d3-ws-dsh-it-1562-h_rdp" {

    device_id         = wallix-bastion_device.avdp0-d3-ws-dsh-it-1562-h.device_name

    service_name      = wallix-bastion_connection_policy.rdp.connection_policy_name

    connection_policy = wallix-bastion_connection_policy.rdp.connection_policy_name

    port              = "3389"

    protocol          = "RDP"

    subprotocols      = [ "RDP_CLIPBOARD_UP","RDP_CLIPBOARD_DOWN","RDP_CLIPBOARD_FILE","RDP_DRIVE","RDP_SMARTCARD" ]

    global_domains    = [ wallix-bastion_domain.xxx.domain_name ]
}

Apply the Terraform code. Check in the bastion interface that the service has the configured rights (ok).

Then modify the code of the service to empty subprotocol list:

resource "wallix-bastion_device_service" "avdp0-d3-ws-dsh-it-1562-h_rdp" {

    device_id         = wallix-bastion_device.avdp0-d3-ws-dsh-it-1562-h.device_name

    service_name      = wallix-bastion_connection_policy.rdp.connection_policy_name

    connection_policy = wallix-bastion_connection_policy.rdp.connection_policy_name

    port              = "3389"

    protocol          = "RDP"

    subprotocols      = [  ]

    global_domains    = [ wallix-bastion_domain.xxx.domain_name ]
}

Apply the Terraform: it seems to apply but the service in GUI still list old subprotocols: RDP_CLIPBOARD_UP","RDP_CLIPBOARD_DOWN","RDP_CLIPBOARD_FILE","RDP_DRIVE","RDP_SMARTCARD

If you apply the Terraform again it wants to remake all changes in sub protocol.

Expected behavior The service in the bastion should have all subprotocols cleared

Desktop (please complete the following information): Wallix AdminBastion version 10.0.5 Wallix Terraform provider 0.13

Additional context I have the setup to test if needed. At least I am available to explain and maybe show the problem.

Thanks

bsimonWallix commented 4 months ago

Hello @raphaelbkt Thanks for the report. I will investigate this issue.

Best regards,