TCP Port Ranges getting set as individual ports instead of ranges

[toestreich]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

1.3.0

Affected Resource(s)

• zpa_application_segment

Terraform Configuration Files

# Below is in a module
resource "zpa_application_segment" "this" {
  name        = var.name
  description = var.description

  enabled          = var.enabled
  health_reporting = var.health_reporting
  bypass_type      = var.bypass_type
  tcp_port_range   = var.tcp_ports
  udp_port_range   = var.udp_ports
  is_cname_enabled = var.cname_enabled

  domain_names = var.domain_names

  server_groups {
    id = local.all_server_ids
  }

  segment_group_id = data.zpa_segment_group.this.id
}

variable "tcp_ports" {
  type        = list(object({ from = string, to = string }))
  description = "TCP port ranges used to access the app."
}

module "app-seg" {
  source = "../../modules/zpa/app-segment"

  name             = "name"
  domain_names     = ["domain"]
  icmp_access_type = "PING"

  tcp_ports = [
    {
      from = "1",
      to   = "52"
    },
    {
      from = "54",
      to   = "65535"
    }
  ]
  udp_ports = [
    {
      from = "1",
      to   = "52"
    },
    {
      from = "54",
      to   = "65535"
    }
  ]

  segment_group_name = "Apps"
}

Debug Output

Note we are not changing the ports in the PR below. Terraform is just picking up that there is a difference from the statefile and is overwriting with what should be there.

~ tcp_port_range                = [
          - {
              - from = "1"
              - to   = "1"
            },
          + {
              + from = "1"
              + to   = "52"
            },
          - {
              - from = "52"
              - to   = "52"
            },
          - {
              - from = "54"
              - to   = "54"
            },
          + {
              + from = "54"
              + to   = "65535"
            },
          - {
              - from = "65535"
              - to   = "65535"
            },
        ]

Panic Output

Expected Behavior

The port ranges should be set to 1-52 and 54-65535

The ports are set to 1-1, 52-52, 54,54 and 65535-65535

1. terraform apply

Important Factoids

References

• 0000

[willguibr]

@toestreich We have implemented a fix in the latest v3.33.7 release. Please test and let us know if it has addressed the issue you've reported.

Zscaler DevRel