certain fields should be nullable
Opened this issue · 1 comments
poroping commented
The provider doesn't default fields that are set and then unset. Instead choosing to ignore the attribute. However some fields need to be either explicitly nullable or to be set to null of not set at all.
Any example is UTM profiles in a policy:
resource "fortios_firewall_policy" "example" {
vdomparam = "BUTT"
name = "test"
srcintf {
name = "any"
}
dstintf {
name = "any"
}
srcaddr {
name = "all"
}
dstaddr {
name = "all"
}
service {
name = "ALL"
}
action = "accept"
schedule = "always"
utm_status = "enable"
av_profile = "g-default"
inspection_mode = "flow"
logtraffic = "utm"
status = "enable"
}Into
resource "fortios_firewall_policy" "example" {
vdomparam = "BUTT"
name = "test"
srcintf {
name = "any"
}
dstintf {
name = "any"
}
srcaddr {
name = "all"
}
dstaddr {
name = "all"
}
service {
name = "ALL"
}
action = "accept"
schedule = "always"
utm_status = "enable"
#av_profile = "g-default"
inspection_mode = "flow"
logtraffic = "utm"
status = "enable"
}Results in a no-op however is clearly a large difference as AV profile has been disabled.
poroping commented
Similar to issue with redist blocks being 'read only'. These need to be nulled/set to default upon 'delete'.