Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

expr block does not work in google_compute_security_policy #5597

Closed
sanmmishra opened this issue Feb 5, 2020 · 7 comments
Closed

expr block does not work in google_compute_security_policy #5597

sanmmishra opened this issue Feb 5, 2020 · 7 comments
Assignees
Labels

Comments

@sanmmishra
Copy link

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
  • Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment.
  • If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

terraform -v
Terraform v0.12.16

Affected Resource(s)

google_compute_security_policy

Terraform Configuration Files

resource "google_compute_security_policy" "policy" {
  name = lower(join("-", list(var.org, var.tnt_code, var.purpose)))
  project = var.project_id
  description = var.description
  dynamic "rule" {
    for_each = [ for s in var.rules : {
        action = s.action
        priority = s.priority
        description = s.description
        match = s.match
    }]
      content {
        action = rule.value.action
        priority             = rule.value.priority
        description          = rule.value.description
        dynamic "match" {
             for_each = contains(keys(rule.value), "match") ? [rule.value.match] : []
             content {
                 dynamic "expr" {
                    for_each = contains(keys(match.value), "expr") ? [match.value.expr] : [] 
                    content {
                        expression = expr.value.expression
                        }
                     }                 
                 versioned_expr = lookup(match.value, "versioned_expr", null)
                 dynamic "config" {
                    for_each = contains(keys(match.value), "config") ? [match.value.config] : [] 
                    content {
                        src_ip_ranges = config.value.src_ip_ranges
                        }
                     }
                          
                }
        }
    }
  }

Debug Output

Panic Output

Expected Behavior

Actual Behavior

When I run terraform apply, it causes problems on the expr block. Can you confirm if this issue was resolved?
on ../modules/armor/main.tf line 35, in resource "google_compute_security_policy" "policy":
35: dynamic "expr" {

Blocks of type "expr" are not expected here.

Steps to Reproduce

  1. terraform apply

Important Factoids

References

  • #0000
@sanmmishra
Copy link
Author

@danawillow Please let me know what you think.

@edwardmedia edwardmedia added the bug label Feb 5, 2020
@edwardmedia edwardmedia self-assigned this Feb 5, 2020
@sanmmishra
Copy link
Author

actually i noted that it is only in google beta. i think that was the problem. we can either close this bug or just move to GA? any timelines?

@edwardmedia
Copy link
Contributor

@sanmmishra can you post what var.rules did you provide? Thanks

@sanmmishra
Copy link
Author

rules = [
{
name = "rule1"
action   = "deny(403)"
priority = "1000"
match = {
        versioned_expr = "SRC_IPS_V1"
        config = {
            src_ip_ranges = ["9.9.9.0/24"]
        }
    }
description = "Deny access to IPs in 9.9.9.0/24"
},
{
name = "rule2"
action   = "deny(403)"
priority = "100"
match = {
        expr = {
            expression: "evaluatePreconfiguredExpr('xss-canary')"
        }
    }
description = "Custom expression"
}
]

@edwardmedia
Copy link
Contributor

@sanmmishra I have seen the same as what you got. It is in beta only and we don't have the date to release to GA yet. I am closing this issue. Please reopen it if you want a further discussion. Thanks

@danawillow
Copy link
Contributor

Looks like it was added to the GA provider in GoogleCloudPlatform/magic-modules#3028, so it'll be available there in our next release (Mondayish)

@ghost
Copy link

ghost commented Mar 28, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 28, 2020
@github-actions github-actions bot added forward/review In review; remove label to forward service/compute-security-policy labels Jan 15, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

No branches or pull requests

3 participants