Incorrect handling of directives in resource aci_contract_subject_filter #1315

dirkf98 · 2025-02-12T17:34:36Z

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

$ terraform -v
Terraform v1.9.0
on linux_386
+ provider registry.terraform.io/ciscodevnet/aci v2.15.0
+ provider registry.terraform.io/hashicorp/assert v0.15.0

Your version of Terraform is out of date! The latest version
is 1.10.5. You can update by downloading from https://www.terraform.io/downloads.html

I know it is an older terraform version but it seems to me like a problem with the terraform resource.

APIC version and APIC Platform

V 5.2(7f) and on-prem (APIC simulator)

Affected Resource(s)

aci_contract_subject_filter

Terraform Configuration Files

resource "aci_contract_subject_filter" "ipv6-tsm-prov_cont_ipv6-tsm-prov_subj_flt-icmp_fltr" {
  contract_subject_dn = aci_contract_subject.ipv6-tsm-prov_cont_ipv6-tsm-prov_subj.id
  filter_dn           = "uni/tn-common/flt-icmp_fltr"
  action              = "permit"
  directives          = ["none"]
  priority_override   = "default"
}

Debug Output

Panic Output

Expected Behavior

Initial terraform apply works good. In a second attempt with the same terraform config I expect that no changes are needed.

Actual Behavior

Terraform attempts to modify the resource, specifically updating the attribute directives:

Terraform will perform the following actions:

  # aci_contract_subject_filter.ipv6-tsm-prov_cont_ipv6-tsm-prov_subj_flt-icmp_fltr will be updated in-place
  ~ resource "aci_contract_subject_filter" "ipv6-tsm-prov_cont_ipv6-tsm-prov_subj_flt-icmp_fltr" {
      ~ directives          = [
          ~ null -> "none",
        ]
        id                  = "uni/tn-z_sich_ten/brc-ipv6-tsm-prov_cont/subj-ipv6-tsm-prov_subj/rssubjFiltAtt-icmp_fltr"
        # (5 unchanged attributes hidden)
    }

Steps to Reproduce

terraform apply for initial deployment
terraform apply without config change

Important Factoids

I'm using APIC simulator for this test.

This is the output from the state file:

$ terraform state show aci_contract_subject_filter.ipv6-tsm-prov_cont_ipv6-tsm-prov_subj_flt-icmp_fltr
# aci_contract_subject_filter.ipv6-tsm-prov_cont_ipv6-tsm-prov_subj_flt-icmp_fltr:
resource "aci_contract_subject_filter" "ipv6-tsm-prov_cont_ipv6-tsm-prov_subj_flt-icmp_fltr" {
    action              = "permit"
    annotation          = null
    contract_subject_dn = "uni/tn-z_sich_ten/brc-ipv6-tsm-prov_cont/subj-ipv6-tsm-prov_subj"
    directives          = [
        null,
    ]
    filter_dn           = "uni/tn-common/flt-icmp_fltr"
    id                  = "uni/tn-z_sich_ten/brc-ipv6-tsm-prov_cont/subj-ipv6-tsm-prov_subj/rssubjFiltAtt-icmp_fltr"
    priority_override   = "default"
}

References

The text was updated successfully, but these errors were encountered:

akinross added bug jira-sync Sync this issue to Jira labels Feb 13, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Incorrect handling of directives in resource aci_contract_subject_filter #1315

Incorrect handling of directives in resource aci_contract_subject_filter #1315

dirkf98 commented Feb 12, 2025

Incorrect handling of directives in resource aci_contract_subject_filter #1315

Incorrect handling of directives in resource aci_contract_subject_filter #1315

Comments

dirkf98 commented Feb 12, 2025

Community Note

Terraform Version

APIC version and APIC Platform

Affected Resource(s)

Terraform Configuration Files

Debug Output

Panic Output

Expected Behavior

Actual Behavior

Steps to Reproduce

Important Factoids

References