Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resource ibm_scc_rule creation issue #5327

Closed
karim-khchiou-ibm opened this issue May 2, 2024 · 0 comments · Fixed by #5328
Closed

Resource ibm_scc_rule creation issue #5327

karim-khchiou-ibm opened this issue May 2, 2024 · 0 comments · Fixed by #5328
Labels
service/SCC Issues related to SCC

Comments

@karim-khchiou-ibm
Copy link
Contributor

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform IBM Provider Version

Observed in 1.64.2
+ provider registry.terraform.io/ibm-cloud/ibm v1.64.2

Affected Resource(s)

  • ibm_scc_rule

Terraform Configuration Files

Please include all Terraform configurations required to reproduce the bug. Bug reports without a functional reproduction may be closed without investigation.

resource "ibm_scc_rule" "scc_rule_instance" {
  description       = "Description rule Test"
  instance_id       = var.instance_id
  labels            = [
    "test",
  ]
  required_config {
    description = "Description required_config Test"
    and {
      operator = "num_less_than"
      property = "ip_addresses_count"
      value    = "0"
    }
  }

  target {
    resource_kind        = "instance"
    service_display_name = "Databases for PostgreSQL"
    service_name         = "databases-for-postgresql"

    additional_target_attributes {
      name     = "resource_id"
      operator = "string_equals"
      value    = "7dbf0a7c-8548-4ab0-9601-445415e6fbff"
    }
  }
}

Debug Output

The property required_config.value was not set, but in the logs we see that it is set by the provider to an empty string "value":""

2024-05-02T11:14:48.761+0200 [INFO]  provider.terraform-provider-ibm_v1.64.2: 2024/05/02 11:14:48 [Debug] Request:
POST /instances/eaf75978-3b4c-4446-a936-df9dd89501ca/v3/rules HTTP/1.1
Host: eu-de.compliance.cloud.ibm.com
User-Agent: scc-go-sdk/5.1.5 (lang=go; arch=arm64; os=darwin; go.version=go1.19.13)
Content-Length: 479
Accept: application/json
Authorization: [redacted]
Content-Type: application/json
X-Original-User-Agent: terraform-provider-ibm/1.64.2
Accept-Encoding: gzip

{"description":"Description rule Test","labels":["test"],"required_config":{"description":"Description required_config Test","and":[{"property":"ip_addresses_count","operator":"num_less_than","value":"0"}],"value":""},"target":{"service_name":"databases-for-postgresql","service_display_name":"Databases for PostgreSQL","resource_kind":"instance","additional_target_attributes":[{"name":"resource_id","operator":"string_equals","value":"7dbf0a7c-8548-4ab0-9601-445415e6fbff"}]}}: timestamp=2024-05-02T11:14:48.761+0200

The rule is created after the apply but the rule is not valid. When we open the rule detail on IBM Cloud console we see that required_config.value was set to an empty string by the provider.

{
	"created_on": "2024-05-02T09:14:49Z",
	"created_by": "IBMid-0600029752",
	"updated_on": "2024-05-02T09:14:49Z",
	"updated_by": "IBMid-0600029752",
	"id": "rule-971d71f6-83f2-4f35-ae01-efd5fb34bfcb",
	"account_id": "a91b8adb67e14219b4c1ac9739b44e16",
	"description": "Description rule Test",
	"type": "user_defined",
	"version": "",
	"target": {
		"service_name": "databases-for-postgresql",
		"service_display_name": "Databases for PostgreSQL",
		"resource_kind": "instance",
		"additional_target_attributes": [
			{
				"name": "resource_id",
				"operator": "string_equals",
				"value": "7dbf0a7c-8548-4ab0-9601-445415e6fbff"
			}
		]
	},
	"required_config": {
		"description": "Description required_config Test",
		"value": "",
		"and": [
			{
				"property": "ip_addresses_count",
				"operator": "num_less_than",
				"value": "0"
			}
		]
	},
	"labels": [
		"test"
	]
}

Because of this, we are getting an error when we edit the rule in IBM Cloud console SCC on the definition tab.

Error
One or more of the defined parameters is not supported. Verify that all of the parameters in your definition are available for the target that you selected.

Panic Output

N/A

Expected Behavior

The provider should not set the property required_config.value if it is not set by the user.

Actual Behavior

The provider set the property required_config.value to an empty string when it is not defined in the terraform config file .tf

Steps to Reproduce

  1. Create a terraform project and use IBM Cloud terraform provider version 1.64.2
  2. Create a terraform.tfvars file for the SCC instance_id to use
  3. Define an ibm_scc_rule terraform resource without setting the property required_config.value
  4. terraform apply
  5. Go to IBM Cloud SCC console and open the rule created in edit mode, click Next to arrive in the Definition tab and see the error (One or more of the defined parameters is not supported. Verify that all of the parameters in your definition are available for the target that you selected.)

Important Factoids

References

  • #0000
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
service/SCC Issues related to SCC
Projects
None yet
Milestone
No milestone
1 participant
@karim-khchiou-ibm