Authorized Networks Error

mdebianchi · July 29, 2019, 1:37pm

Good Morning everyone.

I’m Marco and I’m here because I’ve a issue with terraform.

The error that the CLI returnes to me when I do terraform plan is:
"An argument named “authorized_networks” is not expected here. Did you mean to define a block of type “authorized_networks”?

I wrote the name of the block as wrote in Terraform documentation and I really don’t understand how I can have this error…

apparentlymart · July 29, 2019, 5:11pm

Hi @mdebianchi,

This error is reporting that it found an argument declaration like the following in your configuration:

authorized_networks = <any expression>

The error is trying to tell you that authorized_networks is a nested configuration block rather than an argument itself, and thus needs use syntax like this:

authorized_networks {
  # nested arguments
}

mdebianchi · July 30, 2019, 9:57am

Thank you Martin for reply.

I’m referring to this documentation which don’t have the arguments for

authorized_networks

, assuming it has a list as argument.

How you suggest to solve it?

https://www.terraform.io/docs/providers/google/r/sql_database_instance.html

apparentlymart · July 30, 2019, 5:12pm

It looks like that example is showing some tricks to work around limitations of Terraform 0.11, but it’s doing so using some invalid syntax that Terraform 0.12 and later don’t accept.

That is an unusually complicated example for a resource type documentation page, but I think the following would be an equivalent way to write it using valid Terraform 0.12 syntax:

resource "google_compute_instance" "apps" {
  count        = 8
  name         = "apps-${count.index + 1}"
  machine_type = "f1-micro"

  boot_disk {
    initialize_params {
      image = "ubuntu-os-cloud/ubuntu-1804-lts"
    }
  }

  network_interface {
    network = "default"

    access_config {
      // Ephemeral IP
    }
  }
}

locals {
  auth_netw_postgres_allowed_1 = [
    for i, inst in google_compute_instance.apps : {
      name  = "apps-${i + 1}"
      value = inst.network_interface[0].access_config[0].nat_ip
    }
  ]

  auth_netw_postgres_allowed_2 = [
    for i, addr in ["192.168.1.2", "192.168.2.3"] : {
      name  = "onprem-${i + 1}"
      value = addr
    }
  ]
}

resource "random_id" "db_name_suffix" {
  byte_length = 4
}

resource "google_sql_database_instance" "postgres" {
  name = "postgres-instance-${random_id.db_name_suffix.hex}"
  database_version = "POSTGRES_9_6"

  settings {
    tier = "db-f1-micro"

    ip_configuration {
      dynamic "authorized_networks" {
        for_each = concat(
          local.auth_netw_postgres_allowed_1,
          local.auth_netw_postgres_allowed_2,
        )
        iterator = "net"
        content {
          name  = net.value.name
          value = net.value.value
        }
      }
    }
  }
}

mdebianchi · July 31, 2019, 4:34pm

Hi!

Following your suggestion I resolve some problem.
But Terraform return me this error while I’m using the net iterator.

Any suggestion?

apparentlymart · August 1, 2019, 6:50pm

Hi @mdebianchi!

Sorry, it looks like I made an error. The correct syntax for that argument is to give the name without quotes, like this:

  iterator = net