Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem after "3.23.0" patch with ssl_settings #417

Open
2 tasks done
MrZend opened this issue May 2, 2024 · 0 comments
Open
2 tasks done

Problem after "3.23.0" patch with ssl_settings #417

MrZend opened this issue May 2, 2024 · 0 comments

Comments

@MrZend
Copy link

MrZend commented May 2, 2024

Confirmation

  • My issue isn't already found on the issue tracker.
  • I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Imperva provider version

I run terraform commands via CI/CD pipeline, below code of installing right version of provider

Initializing provider plugins...

  • Finding imperva/incapsula versions matching "~> 3.0"...
  • Installing imperva/incapsula v3.23.1...
  • Installed imperva/incapsula v3.23.1

Affected resource(s)

incapsula_ssl_settings

Terraform configuration files

After patch, I added block "inbound_tls_settings". Before update it worked good

resource "incapsula_site_ssl_settings" "this" {
  count   = var.ssl_settings != null ? 1 : 0
  site_id = incapsula_site.this.id
  hsts {
    is_enabled           = try(var.ssl_settings.hsts.is_enabled, null)
    max_age              = try(var.ssl_settings.hsts.max_age, null)
    pre_loaded           = try(var.ssl_settings.hsts.pre_loaded, null)
    sub_domains_included = try(var.ssl_settings.hsts.sub_domains_included, null)
  }

  inbound_tls_settings { 
    configuration_profile = var.ssl_settings.inbound_tls_settings.configuration_profile


    dynamic "tls_configuration" {
      for_each = var.ssl_settings.inbound_tls_settings.tls_configuration != null ? var.ssl_settings.inbound_tls_settings.tls_configuration : []
      content {
        tls_version     = tls_configuration.value.tls_version
        ciphers_support = tls_configuration.value.ciphers_support
      }
    }

  }
  depends_on = [incapsula_site.this, incapsula_custom_certificate.this[0]]
}

Debug output

Panic output

No response

Expected output

I want to manage incapsula_ssl_setting under subaccount, if user under account

Actual output

Terraform wants to create new resource of incapsula_ssl_settings. I think, it because user, from which I run terraform commands, at "superaccount" and sites that I want to manage at subaccounts, and I dont have opportunities to specify subaccount where site is located. Furthermore, I tested new API of imperva for ssl_settings and find out that API cant find site under subaccount, If user under "superaccount" - and at api you can specify account_id where site is located, but in provider you cant do it.

Steps to reproduce

  1. User under account
  2. Sites under subaccounts

Additional factoids

No response

References

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MrZend