terraform-provider-fortios icon indicating copy to clipboard operation
terraform-provider-fortios copied to clipboard

Published 20 hours ago verified publisher icon fortinetdev

fortios_system_automationtrigger in mixed version environment

Open zippanto opened this issue 2 years ago • 2 comments

Hi,

We are facing the same issue described in #212. The fix provided works well when working with a single 7.0 firewall or multiple 7.0 firewalls. However our environment is a mixed 6.4 / 7.0.

Having the logid_block is causing an error for 6.4. Please see below.

resource "fortios_system_automationtrigger" "ssl_vpn_login_fail" {
  name       = "SSL VPN login fail"
  event_type = "event-log"
  logid      = 39426

  # FortiOS 7.0
  logid_block {
    id = 39426
  }
}

Please see the error below.

fortios_system_automationstitch.ssl_vpn_login_fail: Modifications complete after 1s [id=SSL VPN login fail]
╷
│ Error: Error updating SystemAutomationTrigger resource: Internal Server Error - Internal error when processing the request (500)
│ Cli response: 
│ unrecognized logid:0
│ node_check_object fail! for logid 0
│ 
│ value parse error before '0'
│ Command fail. Return code -651
│ 
│ 
│   with fortios_system_automationtrigger.admin_login_fail,
│   on alerts.tf line 32, in resource "fortios_system_automationtrigger" "admin_login_fail":
│   32: resource "fortios_system_automationtrigger" "admin_login_fail"

Please advise.

Thanks.

zippanto avatar Jun 05 '23 14:06 zippanto

It's worth noting that there was a similar issue with fortios_system_automationstitch where previously on 6.4 we had to use action{} block, but on 7.0 we now have to use actions{} block. Having both action and actions blocks defined in fortios_system_automationstitch resource causes no issues for 6.4.

Thanks.

zippanto avatar Jun 05 '23 14:06 zippanto

@zippanto ,

Thank you for raising this issue, the reason causing this error is the argument type changed from string to list in different version FOS, and they share the same name, this is why there are logid and logid_block in Terraform, but they are both corresponding to the logid in FOS, I will inform the development team about this issue along with your last case

Thanks, Maxx

MaxxLiu22 avatar Jun 09 '23 17:06 MaxxLiu22

Hi all,

You can now set both arguments in your Terraform script, and Terraform will automatically choose the one compatible with your FOS version. I will go ahead to closet this case since long time no activity, but please don’t hesitate to reach out or open a new case if you have any further questions

Thanks, Maxx

MaxxLiu22 avatar Oct 24 '24 17:10 MaxxLiu22