terraform-provider-oci icon indicating copy to clipboard operation
terraform-provider-oci copied to clipboard

Published 20 hours ago verified publisher icon oracle

IPSEC with BGP tunnels not getting created with empty static_routes argument

Open karthicgit-zz opened this issue 2 years ago • 5 comments

SImilar issue reported here --> https://github.com/terraform-providers/terraform-provider-oci/issues/1110

Terraform version > 1.0.0 Provider 4.57.0

Resource : oci_core_ipsec , oci_core_ipsec_connection_tunnel_management

  1. If i pass static_routes = [""] I get the below error Error: 400-InvalidParameter │ Provider version: 4.57.0, released on 2021-12-15. This provider is 2 version(s) old. │ Service: Core Ip Sec Connection │ Error Message: is not a valid ip network. │ OPC request ID: e6c00c23cdd9e49824cb9db377352da5/5A1DC76D6DC9A2128668E300399C9D3C/CAFA48D725395C23CE08A8F8B5D6494A │ Suggestion: Please Update the parameter(s) in the Terraform config as per error message is not a valid ip network.

  2. When i pass static_routes = [] then the err message is Error: 400-MissingParameter │ Provider version: 4.57.0, released on 2021-12-15. This provider is 2 version(s) old. │ Service: Core Ip Sec Connection │ Error Message: Static routes must be specified. │ OPC request ID: 760d308ea915ccbbb97fce19007185e7/168E9F5C3BBDA44C1248B6051D75308E/885DACD340D57D1FA5B758E38622F757 │ Suggestion: Please retry or contact support for help with service: Core Ip Sec Connection. 3 . It seems to be working when i pass static_routes = ["somecidrvalue"]

karthicgit-zz avatar Jan 05 '22 09:01 karthicgit-zz

same issue with following version

Terraform v1.1.9
on linux_amd64
+ provider registry.terraform.io/hashicorp/oci v4.75.0

Error: 400-MissingParameter, Static routes must be specified. 
│ Suggestion: Please retry or contact support for help with service: Core Ip Sec Connection
│ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_ip_sec_connection 
│ Request Target: POST https://iaas.eu-frankfurt-1.oraclecloud.com/20160918/ipsecConnections 
│ Provider version: 4.75.0, released on 2022-05-11.  
│ Service: Core Ip Sec Connection 
│ Operation Name: CreateIPSecConnection 
│ OPC request ID: 6130816f6aeceb532f6a5a40fba5e4a4/94C84C3B95F1E79C7212ABAF0C36B42B/ACFFA73E7C38300C3358F54659E0ABC2

dhoogfr avatar May 13 '22 17:05 dhoogfr

@dhoogfr The workaround is to pass the static_routes argument as well with dummy value .

karthicgit-zz avatar May 13 '22 17:05 karthicgit-zz

Still an issue with version 4.96.0

dhoogfr avatar Oct 20 '22 19:10 dhoogfr

Thank you for reporting the issue. We observed the affected resources are not provided in the description or it's incorrect. We request you to add it in issue description as mentioned in below format. Example: affected_resources = oci_core_instance , oci_core_instances

If it's not related to any particular resource then mention affected resource as terraform. Example: affected_resources = terraform

As this works through automation, request you to follow exact syntax.

ravinitp avatar Apr 11 '23 13:04 ravinitp

Documentation was updated with version v5.21.0 to explain you must provide a static route when creating an IPSec connection with terraform because we create 2 static tunnels by default. The core_ipsec_connection_tunnel_management resource is update only. If you update both tunnels to BGP routing, the static route(s) will be ignored.

iejones avatar Nov 15 '23 18:11 iejones