Skip to content

Updating aviatrix_firewall_instance tags forces a resource replacement  #1842

New issue
New issue
Open
Open
Updating aviatrix_firewall_instance tags forces a resource replacement #1842
@rick-ha

Description

@rick-ha
rick-ha
opened on Jul 5, 2023

Describe the problem

Updating the tags under aviatrix_firewall_instance causes the instance to be replaced.

Please describe the issue you observed, and any steps we can take to reproduce it:

To Reproduce

  1. Create a Firewall instance via Terraform in Azure
  2. Update the tags parameter to include a tag
  3. Terraform wants to replace the firewall instance

What did you do? Describe in your own words.

I updated the tags block with an additional tag and terraform plan shows that the resource must be replaced

If possible, provide steps to reproduce the behavior:

  1. Create a Firewall instance via Terraform in Azure
  2. Update the tags parameter to include a tag
  3. Terraform wants to replace the firewall instance

Expected behavior
A clear and concise description of what you expected to happen.

The tags should be updated without replacing the resource.

Additional data / screenshots
Include any relevant tf files.

If applicable, add screenshots to help explain your problem.

Environment:

  • Provider version: 3.0.1
  • Terraform version: 1.4.0
  • Aviatrix Controller version: 7.0.1400

Additional context
What was the impact?

A production NGFW will be taken down should an apply go through.

Add any other context about the problem here.

TF Plan output

  # aviatrix_firewall_instance.firewall_instance_1 must be replaced
-/+ resource "aviatrix_firewall_instance" "firewall_instance_1" {
      + availability_domain    = (known after apply)
      ~ cloud_type             = x -> (known after apply)
      ~ egress_interface       = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" -> (known after apply)
      + fault_domain           = (known after apply)
      ~ firewall_image_id      = "x" -> (known after apply)
      ~ firewall_image_version = "x" -> (known after apply)
      + gcp_vpc_id             = (known after apply)
      ~ id                     = "x" -> (known after apply)
      ~ instance_id            = "x" -> (known after apply)
      ~ lan_interface          = "x" -> (known after apply)
      ~ management_interface   = "x" -> (known after apply)
      ~ public_ip              = "x" -> (known after apply)
      ~ tags                   = { # forces replacement
            "avx-controller"    = "do-not-delete"
          + "sdlc_environment"  = "chaos"
        }
        # (9 unchanged attributes hidden)
    }

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions