Terrafrom - ACI automation

aia293 · April 10, 2023, 8:35pm

Hi
i am facing an issue, i am using the code below to configure aaep the to associate a doamin called physical-domain to that aaep and everything works fine so far…

resource "aci_attachable_access_entity_profile" "aaep1" {
  description = "AAEP physical-servers"
  name        = "aaep1"
}


resource "aci_aaep_to_domain" "aaep-to-domain" {
  description = "from Terraform"
  attachable_access_entity_profile_dn = aci_attachable_access_entity_profile.aaep1.id
  #from domains.tf
  domain_dn                           = aci_physical_domain.physical-domain.id
}

As i said I apply once and everything works fine, however when i do terrafrom plan the code no longer think that everyting match, instead the code just suggest that changes need to be made !
and once I apply again …then the code suggest to do the following changes

Terraform will perform the following actions:

  # aci_attachable_access_entity_profile.aaep1 will be updated in-place
  ~ resource "aci_attachable_access_entity_profile" "aaep1" {
        id                      = "uni/infra/attentp-aaep1"
        name                    = "aaep1"
      ~ relation_infra_rs_dom_p = [
          - "uni/phys-physical-domain",

the code simply removes the domain from the aaep even though no changes is made to the code that was running fine once.

Why terrafrom is doing that ?

Regards

this causing me an issue, do you have any suggestion ?

apparentlymart · April 11, 2023, 6:40pm

Hi @aia293,

What you’ve described seems like it’s a bug or quirk in the provider you are using. Specifically, the provider is proposing to create an object with one set of attributes but then after the object has been created it suddenly had a different set of attributes.

You may be able to work around the bug by changing your configuration to match what the provider apparently created. For example, you could add the relation_infra_rs_dom_p argument with the same value shown in the plan:

  relation_infra_rs_dom_p = [
    "uni/phys-physical-domain",
  ]

The real solution though would be for the provider to produce a more accurate plan and final state so that after the first apply the provider will consider the configuration and real infrastructure to match. Therefore I suggest reporting this as an issue in the provider’s GitHub repository, which you can find by lookup up the provider in Terraform Registry.

aia293 · April 12, 2023, 10:23pm

Great answer apparentlymart ! much appreciated, the code is working after I submitted your change.
I also thought that the must be a bug, I am considering reporting it.

Regards

Mike2912 · May 16, 2023, 12:22pm

Hey @aia293 ,
did you already open an issue for the bug?
I’m facing the same problem since ACI provider version 2.6.0.

Regards
Mike

Mike2912 · May 17, 2023, 8:49am

I opened an issue: aci_aaep_to_domain doesn't create relation between aaep and domain since version 2.6.0 · Issue #1047 · CiscoDevNet/terraform-provider-aci · GitHub

aia293 · May 19, 2023, 4:28pm

Dear,
I didn’t create a case for the issue, no.
However I used the workaround that is mentioned by apparentlymart and it worked for me.

Regards