You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Terraform throws an error when trying to create a database firewall with multiple rules:
resource "digitalocean_database_firewall" "fw" {
depends_on = [digitalocean_vpc.app_vpc]
cluster_id = digitalocean_database_cluster.app.id
rule {
type = "ip_addr"
value = digitalocean_vpc.app_vpc.ip_range
}
dynamic "rule" {
for_each = toset(var.db_allowed_ips)
content {
type = "ip_addr"
value = each.value
}
}
}
Terraform error:
│ Error: Provider produced inconsistent final plan
│
│ When expanding the plan for
│ module.public_api.digitalocean_database_firewall.fw to include new values
│ learned so far during apply, provider
│ "registry.terraform.io/digitalocean/digitalocean" produced an invalid new
│ value for .rule: planned set element
│ cty.ObjectVal(map[string]cty.Value{"created_at":cty.UnknownVal(cty.String),
│ "type":cty.StringVal("ip_addr"), "uuid":cty.UnknownVal(cty.String),
│ "value":cty.StringVal("10.10.10.0/20")}) does not correlate with any
│ element in actual.
│
│ This is a bug in the provider, which should be reported in the provider's
│ own issue tracker.
I've also tried creating multiple firewall resources for the same cluster, but this results in only the last rule being applied.
Affected Resource(s)
digitalocean_database_firewall
Expected Behavior
Firewall is created
Actual Behavior
Error: Provider produced inconsistent final plan
Steps to Reproduce
terraform apply
Terraform Configuration Files
resource "digitalocean_vpc" "app_vpc" {
name = "${var.env}-vpc"
region = var.srv_region
ip_range = lookup(var.vpc_ip_range, var.env)
}
# Postgres database
resource "digitalocean_database_cluster" "app" {
name = "${var.env}-${var.app_slug}-postgres"
engine = "pg"
version = "12"
size = "db-s-1vcpu-1gb"
region = var.srv_region
private_network_uuid = digitalocean_vpc.app_vpc.id
node_count = 1
}
# Postgres firewall (only allow connection inside VPC)
resource "digitalocean_database_firewall" "fw" {
cluster_id = digitalocean_database_cluster.app.id
rule {
type = "ip_addr"
value = digitalocean_vpc.app_vpc.ip_range
}
dynamic "rule" {
for_each = toset(var.db_allowed_ips)
content {
type = "ip_addr"
value = each.value
}
}
}
The text was updated successfully, but these errors were encountered:
I haven't been able to reproduce this problem and can successfully create dynamic rules.
One thing that jumped out to me in your config is each being used as the temporary variable. By default, it should match the label for the dynamic bock, in this case rule. You can also set something custom using iterator. Though this doesn't seem like it would lead to your error.
What type is the db_allowed_ips variable? Is there any other relevant info you could share?
I am going to go ahead and close this issue as there has not been any response. Feel free to reopen if you are still experiencing a problem and can provide the requested information.
Bug Report
Describe the bug
Terraform throws an error when trying to create a database firewall with multiple rules:
Terraform error:
I've also tried creating multiple firewall resources for the same cluster, but this results in only the last rule being applied.
Affected Resource(s)
Expected Behavior
Firewall is created
Actual Behavior
Error: Provider produced inconsistent final plan
Steps to Reproduce
terraform apply
Terraform Configuration Files
The text was updated successfully, but these errors were encountered: