terraform-provider-oci
terraform-provider-oci copied to clipboard
Published
20 hours ago •
oracle
oracle
Removing stateless from an NSG rule doesn't trigger a change
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Terraform Version and Provider Version
Terraform v1.1.5 on linux_amd64
- provider registry.terraform.io/hashicorp/oci v4.63.0
Affected Resource(s)
- oci_core_network_security_group_security_rule
Terraform Configuration Files
resource "oci_core_network_security_group" "webserver" {
compartment_id = var.compartment_ocid
vcn_id = var.vnc_ocid
display_name = "Webserver"
freeform_tags = { "app" = "webserver" }
}
resource "oci_core_network_security_group_security_rule" "http" {
network_security_group_id = oci_core_network_security_group.webserver.id
description = "allow http"
direction = "INGRESS"
protocol = 6
source_type = "CIDR_BLOCK"
source = "0.0.0.0/0"
# Removing the next line should modify the resource as the default is false
stateless = true
tcp_options {
destination_port_range {
max = 80
min = 80
}
}
}
Expected Behavior
When an NSG rule has stateless = true and this attribute is removed from the tf file, the resource should be modified to have stateless = false as this is the documented default.
Actual Behavior
Removing the stateless attribute doesn't flag the resource to be updated.
Steps to Reproduce
- Take the example above and execute it (replace vcn and compartment ocid). A NSG with with a stateless rule will be created.
- Edit the file and remove/comment the line with
stateless = true, and re-run terraform - The NSG rule is not updated.
Important Factoids
- Running this from WSL2 (Ubuntu 20.04).
