Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azurerm_network_security_rule, rule name not resource name must be unique? #65

Closed
hashibot opened this issue Jun 13, 2017 · 2 comments
Closed

azurerm_network_security_rule, rule name not resource name must be unique? #65

hashibot opened this issue Jun 13, 2017 · 2 comments
Assignees
@tombuildsstuff
Labels
bug documentation

Comments

@hashibot
Copy link

This issue was originally opened by @abdelhegazi as hashicorp/terraform#13773. It was migrated here as part of the provider split. The original body of the issue is below.

Terraform Version

Terraform v0.8.8

I know that 0.9.3 is out but for some backward compatibility I have to use 0.8.x version

Affected Resource(s)

Please list the resources as a list, for example:

  • azurerm_network_security_rule

Terraform Configuration Files

resource "azurerm_network_security_rule" "httpRule" {
  name                        = "HTTP"
  priority                    = 120
  direction                   = "Inbound"
  access                      = "Allow"
  protocol                    = "*"
  source_port_range           = "*"
  destination_port_range      = "80"
  source_address_prefix       = "*"
  destination_address_prefix  = "*"
  resource_group_name         = "${var.cbox_resource_group_name}"
  network_security_group_name = "${azurerm_network_security_group.consul-sg.name}"
}

resource "azurerm_network_security_rule" "httpsRule" {
  name                        = "HTTPS"
  priority                    = 130
  direction                   = "Inbound"
  access                      = "Allow"
  protocol                    = "*"
  source_port_range           = "*"
  destination_port_range      = "443"
  source_address_prefix       = "*"
  destination_address_prefix  = "*"
  resource_group_name         = "${var.cbox_resource_group_name}"
  network_security_group_name = "${azurerm_network_security_group.consul-sg.name}"
}

resource "azurerm_network_security_rule" "httpsRule2" {
  name                        = "HTTPS2"
  priority                    = 140
  direction                   = "Inbound"
  access                      = "Allow"
  protocol                    = "*"
  source_port_range           = "*"
  destination_port_range      = "8080"
  source_address_prefix       = "*"
  destination_address_prefix  = "*"
  resource_group_name         = "${var.cbox_resource_group_name}"
  network_security_group_name = "${azurerm_network_security_group.consul-sg.name}"
}

resource "azurerm_network_security_rule" "consulrule1" {
  name                        = "HTTP-HTTPS-Consul"
  priority                    = 150
  direction                   = "Inbound"
  access                      = "Allow"
  protocol                    = "*"
  source_port_range           = "*"
  destination_port_range      = "8300-8600"
  source_address_prefix       = "*"
  destination_address_prefix  = "*"
  resource_group_name         = "${var.cbox_resource_group_name}"
  network_security_group_name = "${azurerm_network_security_group.consul-sg.name}"
}

resource "azurerm_network_security_rule" "denyRule" {
  name                        = "deny-all"
  priority                    = 1000
  direction                   = "Inbound"
  access                      = "Deny"
  protocol                    = "*"
  source_port_range           = "*"
  destination_port_range      = "*"
  source_address_prefix       = "*"
  destination_address_prefix  = "*"
  resource_group_name         = "${var.cbox_resource_group_name}"
  network_security_group_name = "${azurerm_network_security_group.consul-sg.name}"
}

Expected Behavior

As I make sure the resource name sshRule, httpRule, httpsRule ...etc should be unique which I made sure it is, regardless the name of each rule is unique or not as I use it as a tag to classify all related rules with the same name. So the expected behavior is to create all the mentioned rules in order with no issues

Actual Behavior

Terraform basically creates only one of the rules have same name for example httpRule resource has name of "HTTP" and consulRule resource has also the same name of "HTTP". Also "httpsrule" which allows inboud for 443 has same value of "httpsrule2" which allows inbound for 8080 and both rules had same name value "HTTPS", what happens is terraform only creates one of them and when running
terrafrom plan is shows that it needs to add some more resources and when terraform apply it deletes for example the rule of 443 and adds the rule for 8080 or vice versa

It took me some time till I tried to make everything unique which made it succeed, I guess this needs to be added clearly to the documentation (https://www.terraform.io/docs/providers/azurerm/r/network_security_rule.html#name) in addition it is REQUIRED it also needs to be unique value for each rule we add into out hcl code.
@hashibot hashibot added the bug label Jun 13, 2017
@tombuildsstuff tombuildsstuff mentioned this issue Jun 27, 2017
Merged
@tombuildsstuff
Copy link
Contributor

Fixed via #138

@ghost
Copy link

ghost commented Apr 1, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 1, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@tombuildsstuff tombuildsstuff

Labels
bug documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tombuildsstuff @hashibot