Fix -add support to allow attaching security lists in the subnet module - #128
Conversation
oracle-contributor-agreement
bot
added
the
OCA Verified
terraform.tfvars.example
Outdated
| @@ -102,4 +102,6 @@ attached_drg_id = null | |||
| #subnets = { | |||
| # sub1 = {name = "subnet1",cidr_block = "10.0.4.0/24"} | |||
| # sub2 = {cidr_block="10.0.5.0/24",type="private"} | |||
| # sub3 = {cidr_block="10.0.6.0/24",availability_domain="Uocm:PHX-AD-1"} | |||
There was a problem hiding this comment.
see my comment about looking these values up in your other PR
There was a problem hiding this comment.
This has been fixed via other PR.
| @@ -23,7 +25,8 @@ resource "oci_core_subnet" "vcn_subnet" { | |||
| #prohibit_internet_ingress = var.enable_ipv6 && lookup(each.value,"type","public") == "public" ? each.value.prohibit_internet_ingress : false | |||
| prohibit_public_ip_on_vnic = lookup(each.value, "type", "public") == "public" ? false : true | |||
| route_table_id = lookup(each.value, "type", "public") == "public" ? var.ig_route_id : var.nat_route_id | |||
| security_list_ids = null | |||
| security_list_ids = lookup(each.value, "security_list_ids", null) | |||
There was a problem hiding this comment.
The module creates a VCN and optionally some subnets. In these subnets, you want to attach security lists which can only be created after the VCN is created.
But I don't see any security lists being created. Am I missing something?
There was a problem hiding this comment.
Yes , the interpretation of this request from my side was , the security lists will be added if a VCN exists . If a VCN does not exist, the user will not be able to add the security list . In terraform.tfvars.example line 106 will be relevant to the user's specific implementation if a VCN exists . Please let me know what you think
There was a problem hiding this comment.
We are not checking if a VCN exists here. This module is for creating a VCN. The ocids will only be available after the VCN is created
There was a problem hiding this comment.
@hyder - As this module is for creating VCN and the security lists do not exist before VCN creation is done, so it cannot handle attaching security lists to subnet that just got created as part of VCN creation. So, i think, this request can be rejected. Please comment if this issue /request can be rejected
syedthameem85
changed the title
syedthameem85
changed the title
syedthameem85
changed the title
syedthameem85
changed the title
|
Can this get merged into the main repo? Folks ought to be able to first create the module using the default security list. Then they can create security lists outside of the module and attach them in a second update. |
Resolves - [https://github.com//issues/106]
Proposed change
How has these changes been tested?
Automated testing
If you're running automated testing for this module, we would love to hear from you, and potentially integrate it to the module standard workflow.
Manual testing
If no automated testing is run, please ensure that at least the three steps below are passing without any error.
terraform applyon each example provided with this module provisions the intended resource(s) without any errors.terraform destroyon each example provided with this module destroys all the resources created by this module and only the resources created by this module.Checklist before submitting your PR
Note: If you are not an Oracle employee, to contribute to an Oracle-sponsored open-source project, you need to sign the Oracle Contributor Agreement (OCA).