terraform-provider-oci icon indicating copy to clipboard operation
terraform-provider-oci copied to clipboard

Published 20 hours ago verified publisher icon oracle

Changes to "ciphers" are not detected for the oci_load_balancer_ssl_cipher_suite resource

Open lowranceworks opened this issue 1 year ago • 0 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version and Provider Version

Affected Resource(s)

oci_load_balancer_ssl_cipher_suite

Terraform Configuration Files

resource "oci_load_balancer_ssl_cipher_suite" "test_ssl_cipher_suite" {
    ciphers = ["AES128-SHA256", "AES128-GCM-SHA256", "AES256-SHA256", "AES256-GCM-SHA384", "ECDHE-RSA-AES128-SHA256", "ECDHE-RSA-AES256-SHA384"]
    load_balancer_id = oci_load_balancer_load_balancer.test_load_balancer.id
    name = var.ssl_cipher_suite_name
}

Debug Output

terraform state show 'oci_load_balancer_ssl_cipher_suite.ssl_cipher_suite'                                                                                                                                   
# oci_load_balancer_ssl_cipher_suite.ssl_cipher_suite:
resource "oci_load_balancer_ssl_cipher_suite" "ssl_cipher_suite" {
    ciphers          = [
        "TLS_AES_128_GCM_SHA256",
        "TLS_AES_256_GCM_SHA384",
        "ECDHE-ECDSA-AES128-GCM-SHA256",
        "ECDHE-RSA-AES128-GCM-SHA256",
        "AES128-SHA256",
        "AES128-GCM-SHA256",
        "AES256-SHA256",
        "AES256-GCM-SHA384",
        "ECDHE-RSA-AES128-SHA256",
        "ECDHE-RSA-AES256-SHA384",
    ]
    id               = "loadBalancers/ocid1.loadbalancer.oc1.phx.aaaaaaaaiwdutlegivebe6eevwvup4jjqcnetjhtldxtja3bsbbho24dvuxa/sslCipherSuites/test2"
    load_balancer_id = "ocid1.loadbalancer.oc1.phx.aaaaaaaaiwdutlegivebe6eevwvup4jjqcnetjhtldxtja3bsbbho24dvuxa"
    name             = "test2"
    state            = "SUCCEEDED"
}
tdc-oci-infrastructure-terraform/load_balancers/test  cat ./cipher_suites.auto.tfvars                                                                                                                                                                                                         
cipher_suites = {
  test2 = {
    ciphers          = ["ECDHE-RSA-AES256-SHA384"]
    name             = "test2"
    load_balancer_id = "ocid1.loadbalancer.oc1.phx.aaaaaaaaiwdutlegivebe6eevwvup4jjqcnetjhtldxtja3bsbbho24dvuxa"
  },
}

tdc-oci-infrastructure-terraform/load_balancers/test  terraform plan                                                                                                                                                                                                                             oci_load_balancer_ssl_cipher_suite.ssl_cipher_suite: Refreshing state... [id=loadBalancers/ocid1.loadbalancer.oc1.phx.aaaaaaaaiwdutlegivebe6eevwvup4jjqcnetjhtldxtja3bsbbho24dvuxa/sslCipherSuites/test2]


No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.

Panic Output

n/a

Expected Behavior

Terraform should prompt me that there are changes to be made to ensure that the terraform/actual state matches what I have defined in the configuration (remove all but one cipher).

Actual Behavior

Terraform prompts that no changes are detected.

Steps to Reproduce

  1. define cipher_suite configuration with multiple ciphers
  2. terraform apply
  3. add or remove any of the ciphers defined in the cipher_suite
  4. terraform apply

Important Factoids

n/a

References

n/a

lowranceworks avatar Jun 07 '24 14:06 lowranceworks