CiscoDevNet/terraform-provider-nxos

Error when updating `nxos_ipv4_access_list_entry` resource

Opened this issue · 0 comments

jgomezve commented

Initially I run the following Terraform Execution plan

resource "nxos_ipv4_access_list" "acl" {
  name = "TEST"
}

resource "nxos_ipv4_access_list_entry" "acl_entry" {
  name                      = "TEST"
  sequence_number           = 10
  protocol                  = "ip"
  action                    = "permit"
  source_prefix             = "10.0.0.0"
  source_prefix_length      = "8"
  destination_prefix        = "192.168.0.0"
  destination_prefix_length = "16"

  depends_on = [nxos_ipv4_access_list.acl]
}

Then I logged into the switch and performed and out-of-band change with the following lines:

configure terminal
ip access-list TEST
no 10
10 permit ip 10.0.0.0/8 192.168.0.0/24

Then after running terraform apply, out-of-band changes were detected on that resource

$ terraform apply
nxos_ipv4_access_list.acl: Refreshing state... [id=sys/acl/ipv4/name-[TEST]]
nxos_ipv4_access_list_entry.acl_entry: Refreshing state... [id=sys/acl/ipv4/name-[TEST]/seq-[10]]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # nxos_ipv4_access_list_entry.acl_entry will be updated in-place
  ~ resource "nxos_ipv4_access_list_entry" "acl_entry" {
      ~ destination_prefix_length = "24" -> "16"
        id                        = "sys/acl/ipv4/name-[TEST]/seq-[10]"
        name                      = "TEST"
        # (19 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value:

But at the configuration time Terraform failed

  Enter a value: yes

nxos_ipv4_access_list_entry.acl_entry: Modifying... [id=sys/acl/ipv4/name-[TEST]/seq-[10]]

│ Error: Client Error

│   with nxos_ipv4_access_list_entry.acl_entry,
│   on main.tf line 21, in resource "nxos_ipv4_access_list_entry" "acl_entry":
│   21: resource "nxos_ipv4_access_list_entry" "acl_entry" {

│ Failed to update object, got error: JSON error: {"imdata":[{"error": {"attributes": {"code": "1","text": "Duplicate sequence
│ number\nfaulty_dn=sys\/acl\/ipv4\/name-TEST\/seq-10"}}}]}