ansible-collection-ibm icon indicating copy to clipboard operation
ansible-collection-ibm copied to clipboard

Published 20 hours ago verified publisher icon IBM-Cloud

ibm_network_interface_sg_attachment not working

Open suulperi opened this issue 3 years ago • 4 comments

I'm trying to use ibm_network_interface_sg_attachment without success. Error message: fatal: [localhost]: FAILED! => {"changed": false, "msg": "argument security_group_id is of type <class 'str'> and we were unable to convert to int: <class 'str'> cannot be converted to an int"}

Steps to reproduce - Run this playbook

---
- name: Set Security Group
  hosts: localhost
  collections:
   - ibm.cloudcollection
  environment:
    IC_API_KEY: <your-api-key>
    IC_REGION: <your-region>

  tasks:
    - name: Set security group
      ibm_network_interface_sg_attachment:
        id: <your-resource_id>
        network_interface_id: <your-network_interface_id>
        security_group_id:  <your-security_group_id>

suulperi avatar Mar 24 '21 12:03 suulperi

Is the security_group_id value you're using an integer type?

I'm not familiar with this module/resource, but I'm looking at the following TF provider example: https://cloud.ibm.com/docs/ibm-cloud-provider-for-terraform?topic=ibm-cloud-provider-for-terraform-infrastructure-resources#network-sg-attachment

data "ibm_security_group" "allowssh" {
  name = "allow_ssh"
}

resource "ibm_compute_vm_instance" "vsi"{
   ....
}
resource "ibm_network_interface_sg_attachment" "sg1" {
    security_group_id = data.ibm_security_group.allowssh.id
    network_interface_id = ibm_compute_vm_instance.vsi.public_interface_id
    //User can increase timeouts 
    timeouts {
      create = "15m"
    }
}

I looks like the security_group_id is the integer id value returned from an ibm_security_group resource.

note: These modules wrap the IBM Cloud Terraform provider, hence me using it as a reference for module inputs/outputs.

jaywcarman avatar Mar 24 '21 19:03 jaywcarman

What is my understanding related to integer I would say it is not integer, not even in IBM Cloud. If you look at example https://registry.terraform.io/providers/IBM-Cloud/ibm/1.21.1/docs/resources/is_security_group_network_interface_attachment

security_group = "2d364f0a-a870-42c3-a554-000001352417"

Anyway I have tried to use security group in different format: with quota marks or not. Same issue all the time. I did check is there any other ID but example above is the only one.

suulperi avatar Mar 25 '21 06:03 suulperi

That example is for VPC SGs, and there the security_group argument is documented as a string type. Perhaps this module should be the same?

@hkantare does this look like it could be a bug in the input type of the security_group_id argument for ibm_network_interface_sg_attachment resource?

jaywcarman avatar Mar 25 '21 12:03 jaywcarman

Hi @jaywcarman security_group_id and network_interface_id are both of type int for ibm_network_interface_sg_attachment resource. This is a classic infrastructure resource. https://cloud.ibm.com/docs/ibm-cloud-provider-for-terraform?topic=ibm-cloud-provider-for-terraform-infrastructure-resources#network-sg-attachment

where as, security_group and network_interface are both of type string for ibm_is_security_group_network_interface_attachment resource. This is a VPC resource. https://cloud.ibm.com/docs/ibm-cloud-provider-for-terraform?topic=ibm-cloud-provider-for-terraform-vpc-gen2-resources#sec-group-netint

^FYI @suulperi

VaishnaviGopal avatar Mar 26 '21 13:03 VaishnaviGopal