Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cloudflare_notification_policy resource always deleting and recreating some entries in policy #1302

Open
2 tasks done
mogthesprog opened this issue Nov 7, 2021 · 12 comments
Open
2 tasks done

cloudflare_notification_policy resource always deleting and recreating some entries in policy #1302

mogthesprog opened this issue Nov 7, 2021 · 12 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. service/notifications Categorizes issue or PR as related to the notification service.

Comments

@mogthesprog
Copy link

Confirmation

  • My issue isn't already found on the issue tracker.
  • I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

Terraform v1.0.8
Provider version v3.4.0

Affected resource(s)

  • cloudflare_notification_policy

Terraform configuration files

resource "cloudflare_notification_policy" "magic_layer3_4_attach_notification_test" {
  provider = cloudflare.prod-magic-transit

  account_id = local.account_ids["prod-magic-transit"]
  name = "Layer 3/4 Attack Notifications Test"
  description = "Notification policy for Layer 3/4 Attack Notifications"
  enabled     =  true
  alert_type  = "dos_attack_l4"

  email_integration {
    id   =  "email1@company.com"
  }
  email_integration {
    id   =  "email2@compay.com"
  }
}

Debug output

2021-11-07T19:57:07.505Z [DEBUG] Adding temp file log sink: /var/folders/t3/z674kjln3c31lrpv383rh9d00000gn/T/terraform-log809288838
2021-11-07T19:57:07.505Z [INFO] Terraform version: 1.0.8
2021-11-07T19:57:07.505Z [INFO] Go runtime version: go1.16.4
2021-11-07T19:57:07.505Z [INFO] CLI args: []string{"/usr/local/bin/terraform", "plan", "-target", "cloudflare_notification_policy.magic_layer3_4_attach_notification_test"}
2021-11-07T19:57:07.505Z [DEBUG] Attempting to open CLI config file: /Users/morganj/.terraformrc
2021-11-07T19:57:07.505Z [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2021-11-07T19:57:07.506Z [DEBUG] ignoring non-existing provider search directory terraform.d/plugins
2021-11-07T19:57:07.506Z [DEBUG] ignoring non-existing provider search directory /Users/morganj/.terraform.d/plugins
2021-11-07T19:57:07.506Z [DEBUG] ignoring non-existing provider search directory /Users/morganj/Library/Application Support/io.terraform/plugins
2021-11-07T19:57:07.506Z [DEBUG] ignoring non-existing provider search directory /Library/Application Support/io.terraform/plugins
2021-11-07T19:57:07.506Z [INFO] CLI command args: []string{"plan", "-target", "cloudflare_notification_policy.magic_layer3_4_attach_notification_test"}
2021-11-07T19:57:07.596Z [DEBUG] checking for provisioner in "."
2021-11-07T19:57:07.599Z [DEBUG] checking for provisioner in "/usr/local/bin"
2021-11-07T19:57:07.599Z [INFO] Failed to read plugin lock file .terraform/plugins/darwin_amd64/lock.json: open .terraform/plugins/darwin_amd64/lock.json: no such file or directory
2021-11-07T19:57:07.600Z [INFO] backend/local: starting Plan operation
2021-11-07T19:57:08.179Z [DEBUG] created provider logger: level=debug
2021-11-07T19:57:08.180Z [INFO] provider: configuring client automatic mTLS
2021-11-07T19:57:08.210Z [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0]
2021-11-07T19:57:08.214Z [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0 pid=4357
2021-11-07T19:57:08.214Z [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0
2021-11-07T19:57:08.226Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: configuring server automatic mTLS: timestamp=2021-11-07T19:57:08.226Z
2021-11-07T19:57:08.234Z [DEBUG] provider.terraform-provider-cloudflare_v3.4.0: plugin address: address=/var/folders/t3/z674kjln3c31lrpv383rh9d00000gn/T/plugin3260601775 network=unix timestamp=2021-11-07T19:57:08.233Z
2021-11-07T19:57:08.234Z [DEBUG] provider: using plugin: version=5
2021-11-07T19:57:08.264Z [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2021-11-07T19:57:08.265Z [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0 pid=4357
2021-11-07T19:57:08.265Z [DEBUG] provider: plugin exited
2021-11-07T19:57:08.265Z [DEBUG] created provider logger: level=debug
2021-11-07T19:57:08.265Z [INFO] provider: configuring client automatic mTLS
2021-11-07T19:57:08.293Z [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/hashicorp/random/3.1.0/darwin_amd64/terraform-provider-random_v3.1.0_x5 args=[.terraform/providers/registry.terraform.io/hashicorp/random/3.1.0/darwin_amd64/terraform-provider-random_v3.1.0_x5]
2021-11-07T19:57:08.296Z [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/hashicorp/random/3.1.0/darwin_amd64/terraform-provider-random_v3.1.0_x5 pid=4358
2021-11-07T19:57:08.296Z [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/hashicorp/random/3.1.0/darwin_amd64/terraform-provider-random_v3.1.0_x5
2021-11-07T19:57:08.303Z [INFO] provider.terraform-provider-random_v3.1.0_x5: configuring server automatic mTLS: timestamp=2021-11-07T19:57:08.303Z
2021-11-07T19:57:08.333Z [DEBUG] provider: using plugin: version=5
2021-11-07T19:57:08.333Z [DEBUG] provider.terraform-provider-random_v3.1.0_x5: plugin address: address=/var/folders/t3/z674kjln3c31lrpv383rh9d00000gn/T/plugin237258421 network=unix timestamp=2021-11-07T19:57:08.333Z
2021-11-07T19:57:08.370Z [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2021-11-07T19:57:08.371Z [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/hashicorp/random/3.1.0/darwin_amd64/terraform-provider-random_v3.1.0_x5 pid=4358
2021-11-07T19:57:08.371Z [DEBUG] provider: plugin exited
2021-11-07T19:57:08.372Z [INFO] terraform: building graph: GraphTypeValidate
2021-11-07T19:57:08.372Z [DEBUG] adding implicit provider configuration provider["registry.terraform.io/hashicorp/random"], implied first by random_id.issites_com_epm_tunnel_secret
2021-11-07T19:57:08.372Z [DEBUG] ProviderTransformer: "cloudflare_zone.issites_com" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.372Z [DEBUG] ProviderTransformer: "cloudflare_waf_override.demo_issites_exception" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.372Z [DEBUG] ProviderTransformer: "cloudflare_notification_policy.magic_layer3_4_attach_notification_test" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-magic-transit
2021-11-07T19:57:08.373Z [DEBUG] ProviderTransformer: "cloudflare_argo_tunnel.issites_com_epm_tunnel" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.373Z [DEBUG] ProviderTransformer: "random_id.issites_com_epm_tunnel_secret" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/hashicorp/random"]
2021-11-07T19:57:08.373Z [DEBUG] ProviderTransformer: "cloudflare_notification_policy.magic_layer3_4_attach_notification" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-magic-transit
2021-11-07T19:57:08.373Z [DEBUG] ProviderTransformer: "cloudflare_logpush_job.issites_com" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.373Z [DEBUG] ProviderTransformer: "cloudflare_zone_settings_override.issites_com_settings" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.373Z [DEBUG] ProviderTransformer: "cloudflare_zone_dnssec.issites_com" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2021-11-07T19:57:08.373Z [DEBUG] ReferenceTransformer: "cloudflare_logpush_job.issites_com" references: [local.splunk_hec_endpoint (expand) local.splunk_channel_id (expand) local.splunk_insecure_skip_verify (expand) local.splunk_source_type (expand) local.splunk_auth_token (expand) local.logpush_fields (expand) cloudflare_zone.issites_com]
2021-11-07T19:57:08.373Z [DEBUG] ReferenceTransformer: "local.splunk_hec_endpoint (expand)" references: []
2021-11-07T19:57:08.373Z [DEBUG] ReferenceTransformer: "local.splunk_insecure_skip_verify (expand)" references: []
2021-11-07T19:57:08.373Z [DEBUG] ReferenceTransformer: "provider["registry.terraform.io/cloudflare/cloudflare"].prod-magic-transit" references: [local.account_ids (expand)]
2021-11-07T19:57:08.373Z [DEBUG] ReferenceTransformer: "provider["registry.terraform.io/hashicorp/random"]" references: []
2021-11-07T19:57:08.373Z [DEBUG] ReferenceTransformer: "provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress" references: [local.account_ids (expand)]
2021-11-07T19:57:08.373Z [DEBUG] ReferenceTransformer: "cloudflare_notification_policy.magic_layer3_4_attach_notification_test" references: [local.account_ids (expand)]
2021-11-07T19:57:08.373Z [DEBUG] ReferenceTransformer: "cloudflare_argo_tunnel.issites_com_epm_tunnel" references: [random_id.issites_com_epm_tunnel_secret local.account_ids (expand)]
2021-11-07T19:57:08.373Z [DEBUG] ReferenceTransformer: "cloudflare_zone_settings_override.issites_com_settings" references: [cloudflare_zone.issites_com]
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "random_id.issites_com_epm_tunnel_secret" references: []
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "local.logpush_fields (expand)" references: []
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "local.splunk_channel_id (expand)" references: []
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "cloudflare_notification_policy.magic_layer3_4_attach_notification" references: [local.account_ids (expand)]
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "cloudflare_zone.issites_com" references: []
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "local.account_ids (expand)" references: []
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "provider["registry.terraform.io/cloudflare/cloudflare"]" references: []
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "cloudflare_waf_override.demo_issites_exception" references: [cloudflare_zone.issites_com]
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "cloudflare_zone_dnssec.issites_com" references: [cloudflare_zone.issites_com]
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "local.splunk_auth_token (expand)" references: []
2021-11-07T19:57:08.374Z [DEBUG] ReferenceTransformer: "local.splunk_source_type (expand)" references: []
2021-11-07T19:57:08.374Z [DEBUG] Removing "random_id.issites_com_epm_tunnel_secret", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "local.logpush_fields (expand)", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "local.splunk_channel_id (expand)", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "cloudflare_argo_tunnel.issites_com_epm_tunnel", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "cloudflare_zone_settings_override.issites_com_settings", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "provider["registry.terraform.io/cloudflare/cloudflare"]", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "cloudflare_notification_policy.magic_layer3_4_attach_notification", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "cloudflare_zone.issites_com", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "local.splunk_source_type (expand)", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "cloudflare_waf_override.demo_issites_exception", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "cloudflare_zone_dnssec.issites_com", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "local.splunk_auth_token (expand)", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "provider["registry.terraform.io/hashicorp/random"]", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "cloudflare_logpush_job.issites_com", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "local.splunk_hec_endpoint (expand)", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Removing "local.splunk_insecure_skip_verify (expand)", filtered by targeting.
2021-11-07T19:57:08.374Z [DEBUG] Starting graph walk: walkValidate
2021-11-07T19:57:08.375Z [DEBUG] created provider logger: level=debug
2021-11-07T19:57:08.375Z [INFO] provider: configuring client automatic mTLS
2021-11-07T19:57:08.403Z [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0]
2021-11-07T19:57:08.406Z [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0 pid=4359
2021-11-07T19:57:08.406Z [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0
2021-11-07T19:57:08.417Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: configuring server automatic mTLS: timestamp=2021-11-07T19:57:08.417Z
2021-11-07T19:57:08.425Z [DEBUG] provider.terraform-provider-cloudflare_v3.4.0: plugin address: address=/var/folders/t3/z674kjln3c31lrpv383rh9d00000gn/T/plugin3278634750 network=unix timestamp=2021-11-07T19:57:08.425Z
2021-11-07T19:57:08.426Z [DEBUG] provider: using plugin: version=5
2021-11-07T19:57:08.461Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: 2021/11/07 19:57:08 [WARN] Truncating attribute path of 0 diagnostics for TypeSet: timestamp=2021-11-07T19:57:08.461Z
2021-11-07T19:57:08.462Z [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2021-11-07T19:57:08.463Z [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0 pid=4359
2021-11-07T19:57:08.463Z [DEBUG] provider: plugin exited
2021-11-07T19:57:08.463Z [INFO] backend/local: plan calling Plan
2021-11-07T19:57:08.463Z [INFO] terraform: building graph: GraphTypePlan
2021-11-07T19:57:08.464Z [DEBUG] adding implicit provider configuration provider["registry.terraform.io/hashicorp/random"], implied first by random_id.issites_com_epm_tunnel_secret (expand)
2021-11-07T19:57:08.464Z [DEBUG] ProviderTransformer: "cloudflare_zone_settings_override.issites_com_settings (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.464Z [DEBUG] ProviderTransformer: "cloudflare_notification_policy.magic_layer3_4_attach_notification_test (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-magic-transit
2021-11-07T19:57:08.464Z [DEBUG] ProviderTransformer: "cloudflare_zone.issites_com (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.464Z [DEBUG] ProviderTransformer: "cloudflare_logpush_job.issites_com (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.464Z [DEBUG] ProviderTransformer: "cloudflare_notification_policy.magic_layer3_4_attach_notification (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-magic-transit
2021-11-07T19:57:08.464Z [DEBUG] ProviderTransformer: "cloudflare_argo_tunnel.issites_com_epm_tunnel (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.464Z [DEBUG] ProviderTransformer: "random_id.issites_com_epm_tunnel_secret (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/hashicorp/random"]
2021-11-07T19:57:08.465Z [DEBUG] ProviderTransformer: "cloudflare_waf_override.demo_issites_exception (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress
2021-11-07T19:57:08.465Z [DEBUG] ProviderTransformer: "cloudflare_zone_dnssec.issites_com (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "local.splunk_hec_endpoint (expand)" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "provider["registry.terraform.io/cloudflare/cloudflare"].prod-magic-transit" references: [local.account_ids (expand)]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress" references: [local.account_ids (expand)]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "cloudflare_notification_policy.magic_layer3_4_attach_notification_test (expand)" references: [local.account_ids (expand)]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "random_id.issites_com_epm_tunnel_secret (expand)" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "cloudflare_zone.issites_com (expand)" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "local.splunk_insecure_skip_verify (expand)" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "cloudflare_logpush_job.issites_com (expand)" references: [local.splunk_hec_endpoint (expand) local.splunk_channel_id (expand) local.splunk_insecure_skip_verify (expand) local.splunk_source_type (expand) local.splunk_auth_token (expand) local.logpush_fields (expand) cloudflare_zone.issites_com (expand)]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "cloudflare_waf_override.demo_issites_exception (expand)" references: [cloudflare_zone.issites_com (expand)]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "local.splunk_channel_id (expand)" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "local.splunk_auth_token (expand)" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "provider["registry.terraform.io/cloudflare/cloudflare"]" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "cloudflare_notification_policy.magic_layer3_4_attach_notification (expand)" references: [local.account_ids (expand)]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "cloudflare_argo_tunnel.issites_com_epm_tunnel (expand)" references: [random_id.issites_com_epm_tunnel_secret (expand) local.account_ids (expand)]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "local.account_ids (expand)" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "local.splunk_source_type (expand)" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "provider["registry.terraform.io/hashicorp/random"]" references: []
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "cloudflare_zone_settings_override.issites_com_settings (expand)" references: [cloudflare_zone.issites_com (expand)]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "cloudflare_zone_dnssec.issites_com (expand)" references: [cloudflare_zone.issites_com (expand)]
2021-11-07T19:57:08.465Z [DEBUG] ReferenceTransformer: "local.logpush_fields (expand)" references: []
2021-11-07T19:57:08.466Z [DEBUG] Removing "cloudflare_zone_settings_override.issites_com_settings (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "cloudflare_zone_dnssec.issites_com (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "local.logpush_fields (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "local.splunk_source_type (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "provider["registry.terraform.io/hashicorp/random"]", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "provider["registry.terraform.io/cloudflare/cloudflare"].prod-global-ingress", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "random_id.issites_com_epm_tunnel_secret (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "cloudflare_zone.issites_com (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "local.splunk_hec_endpoint (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "cloudflare_logpush_job.issites_com (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "cloudflare_waf_override.demo_issites_exception (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "local.splunk_channel_id (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "local.splunk_insecure_skip_verify (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "cloudflare_notification_policy.magic_layer3_4_attach_notification (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "cloudflare_argo_tunnel.issites_com_epm_tunnel (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "local.splunk_auth_token (expand)", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Removing "provider["registry.terraform.io/cloudflare/cloudflare"]", filtered by targeting.
2021-11-07T19:57:08.466Z [DEBUG] Starting graph walk: walkPlan
2021-11-07T19:57:08.467Z [DEBUG] created provider logger: level=debug
2021-11-07T19:57:08.467Z [INFO] provider: configuring client automatic mTLS
2021-11-07T19:57:08.496Z [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0]
2021-11-07T19:57:08.500Z [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0 pid=4360
2021-11-07T19:57:08.500Z [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0
2021-11-07T19:57:08.512Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: configuring server automatic mTLS: timestamp=2021-11-07T19:57:08.512Z
2021-11-07T19:57:08.520Z [DEBUG] provider.terraform-provider-cloudflare_v3.4.0: plugin address: network=unix address=/var/folders/t3/z674kjln3c31lrpv383rh9d00000gn/T/plugin646124986 timestamp=2021-11-07T19:57:08.520Z
2021-11-07T19:57:08.520Z [DEBUG] provider: using plugin: version=5
2021-11-07T19:57:08.556Z [WARN] ValidateProviderConfig from "provider["registry.terraform.io/cloudflare/cloudflare"].prod-magic-transit" changed the config value, but that value is unused
2021-11-07T19:57:08.556Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: 2021/11/07 19:57:08 [INFO] Cloudflare Client configured for user: morgan.jones@company.com: timestamp=2021-11-07T19:57:08.556Z
2021-11-07T19:57:08.556Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: 2021/11/07 19:57:08 [INFO] Using specified account id ####################### in Cloudflare provider: timestamp=2021-11-07T19:57:08.556Z
2021-11-07T19:57:08.556Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: 2021/11/07 19:57:08 [INFO] Cloudflare Client configured for user: morgan.jones@company.com: timestamp=2021-11-07T19:57:08.556Z
2021-11-07T19:57:08.557Z [INFO] ReferenceTransformer: reference not found: "local.account_ids"
2021-11-07T19:57:08.557Z [DEBUG] ReferenceTransformer: "cloudflare_notification_policy.magic_layer3_4_attach_notification_test" references: []
cloudflare_notification_policy.magic_layer3_4_attach_notification_test: Refreshing state... [id=73963991b15242aab4bfa7d0143200c8]
2021-11-07T19:57:08.560Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: 2021/11/07 19:57:08 [DEBUG] Cloudflare API Request Details:
---[ REQUEST ]---------------------------------------
GET /client/v4/accounts/#######################/alerting/v3/policies/73963991b15242aab4bfa7d0143200c8 HTTP/1.1
Host: api.cloudflare.com
User-Agent: terraform/1.0.8 terraform-plugin-sdk/2.8.0 terraform-provider-cloudflare/3.4.0
Content-Type: application/json
X-Auth-Email: morgan.jones@company.com
X-Auth-Key: aaed7b9eb7963e9f2c1194706f241e31e99a8
Accept-Encoding: gzip

-----------------------------------------------------: timestamp=2021-11-07T19:57:08.560Z
2021-11-07T19:57:09.387Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: 2021/11/07 19:57:09 [DEBUG] Cloudflare API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/2.0 200 OK
Cf-Cache-Status: DYNAMIC
Cf-Ray: 6aa921029e107515-LHR
Content-Type: application/json; charset=UTF-8
Date: Sun, 07 Nov 2021 19:57:09 GMT
Expect-Ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
Set-Cookie: __cflb=0H28vgHxwvgAQtjUGU56Rb8iNWZVUvXhjZvogY7n4dj; SameSite=Lax; path=/; expires=Sun, 07-Nov-21 22:27:10 GMT; HttpOnly
Set-Cookie: __cfruid=840a504cb03121b1c605b299649ed525d9a78fd9-1636315029; path=/; domain=.api.cloudflare.com; HttpOnly; Secure; SameSite=None
Vary: Accept-Encoding
X-Envoy-Upstream-Service-Time: 359

{
"result": {
"id": "73963991b15242aab4bfa7d0143200c8",
"name": "Layer 3/4 Attack Notifications Test",
"description": "Notification policy for Layer 3/4 Attack Notifications",
"enabled": true,
"alert_type": "dos_attack_l4",
"mechanisms": {
"email": [
{
"id": "email1@company.com"
},
{
"id": "email2@compay.com"
}
]
},
"created": "2021-11-05T15:40:23.376148Z",
"modified": "2021-11-05T21:38:12.512871Z",
"conditions": {},
"filters": {}
},
"success": true,
"errors": [],
"messages": []
}

-----------------------------------------------------: timestamp=2021-11-07T19:57:09.387Z
2021-11-07T19:57:09.388Z [WARN] Provider "registry.terraform.io/cloudflare/cloudflare" produced an unexpected new value for cloudflare_notification_policy.magic_layer3_4_attach_notification_test during refresh.
- .email_integration: planned set element cty.ObjectVal(map[string]cty.Value{"id":cty.StringVal("email1@company.com"), "name":cty.StringVal("")}) does not correlate with any element in actual
- .email_integration: planned set element cty.ObjectVal(map[string]cty.Value{"id":cty.StringVal("email2@compay.com"), "name":cty.NullVal(cty.String)}) does not correlate with any element in actual
2021-11-07T19:57:09.389Z [INFO] provider.terraform-provider-cloudflare_v3.4.0: 2021/11/07 19:57:09 [WARN] Truncating attribute path of 0 diagnostics for TypeSet: timestamp=2021-11-07T19:57:09.389Z
2021-11-07T19:57:09.392Z [WARN] Provider "registry.terraform.io/cloudflare/cloudflare" produced an invalid plan for cloudflare_notification_policy.magic_layer3_4_attach_notification_test, but we are tolerating it because it is using the legacy plugin SDK.
The following problems may be the cause of any confusing errors from downstream operations:
- .filters: planned value cty.MapValEmpty(cty.List(cty.String)) for a non-computed attribute
- .conditions: planned value cty.MapValEmpty(cty.String) for a non-computed attribute
2021-11-07T19:57:09.393Z [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2021-11-07T19:57:09.394Z [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.4.0/darwin_amd64/terraform-provider-cloudflare_v3.4.0 pid=4360
2021-11-07T19:57:09.394Z [DEBUG] provider: plugin exited
2021-11-07T19:57:09.395Z [INFO] backend/local: plan operation completed

Note: Objects have changed outside of Terraform

Terraform detected the following changes made outside of Terraform since the last "terraform apply":

cloudflare_notification_policy.magic_layer3_4_attach_notification_test has been changed

~ resource "cloudflare_notification_policy" "magic_layer3_4_attach_notification_test" {
id = "73963991b15242aab4bfa7d0143200c8"
name = "Layer 3/4 Attack Notifications Test"
# (8 unchanged attributes hidden)

  - email_integration {
      - id = "email1@company.com" -> null
    }
  + email_integration {
      + id = "email2@compay.com"
    }
  - email_integration {
      - id = "email2@compay.com" -> null
    }
}

Unless you have made equivalent changes to your configuration, or ignored the relevant attributes using
ignore_changes, the following plan may include actions to undo or respond to these changes.

────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with
the following symbols:
~ update in-place

Terraform will perform the following actions:

cloudflare_notification_policy.magic_layer3_4_attach_notification_test will be updated in-place

~ resource "cloudflare_notification_policy" "magic_layer3_4_attach_notification_test" {
id = "73963991b15242aab4bfa7d0143200c8"
name = "Layer 3/4 Attack Notifications Test"
# (8 unchanged attributes hidden)

  + email_integration {
      + id = "email1@company.com"
    }
  - email_integration {
      - id = "email2@compay.com" -> null
    }
  + email_integration {
      + id = "email2@compay.com"
    }
}

Plan: 0 to add, 1 to change, 0 to destroy.

│ Warning: Resource targeting is in effect

│ You are creating a plan with the -target option, which means that the result of this plan may not represent all of
│ the changes requested by the current configuration.

│ The -target option is not for routine use, and is provided only for exceptional situations such as recovering from
│ errors or mistakes, or when Terraform specifically suggests to use it as part of an error message.

─────────────────────────────────────────────────────────────────────────────────────────────────────────���──────────

Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions
if you run "terraform apply" now.

Panic output

No response

Expected output

This plan should be a no-op, as the resource already exists in the desired state.

Actual output

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with
the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # cloudflare_notification_policy.magic_layer3_4_attach_notification_test will be updated in-place
  ~ resource "cloudflare_notification_policy" "magic_layer3_4_attach_notification_test" {
        id          = "73963991b15242aab4bfa7d0143200c8"
        name        = "Layer 3/4 Attack Notifications Test"
        # (8 unchanged attributes hidden)

      + email_integration {
          + id = "email1@company.com"
        }
      - email_integration {
          - id = "email2@compay.com" -> null
        }
      + email_integration {
          + id = "email2@compay.com"
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Steps to reproduce

  1. create notification policy with at least 2 emailIDs
  2. apply the change
  3. run a plan after the apply, and the issue will occur - you'll see a terraform plan wanting to update the last (i think) email in the list

Additional factoids

No response

References

No response
@mogthesprog mogthesprog added kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Nov 7, 2021
@github-actions
Copy link
Contributor

github-actions bot commented Feb 6, 2022

Marking this issue as stale due to 90 days of inactivity. This helps our maintainers find and focus on the active issues. If this issue receives no comments in the next 7 days it will automatically be closed. Maintainers can also remove the lifecycle/stale label.
If this issue was automatically closed and you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thank you!

@mogthesprog
Copy link
Author

mogthesprog commented Feb 6, 2022 via email

@jcolfej
Copy link

jcolfej commented May 18, 2022
edited

I confirm, I've the same problem...

  # cloudflare_notification_policy.zone_aop_custom_certificate_expiration_type will be updated in-place
  ~ resource "cloudflare_notification_policy" "zone_aop_custom_certificate_expiration_type" {
        id          = "46067d97f07e49c193661d8d281ed7dd"
        name        = "Zone-level Authenticated Origin Pulls Certificate Expiration Alert"
        # (6 unchanged attributes hidden)

      + pagerduty_integration {
          + id = "PagerDutyCloudflareIntegrationId"
        }
      - pagerduty_integration {
          - id   = "PagerDutyCloudflareIntegrationId" -> null
          - name = "PagerDutyEnterpriseName: PagerDutyServiceName" -> null
        }
    }

(I just anonymized sensible values...)

@pfunkmallone
Copy link

Confirmed issue here too...

@sifrah
Copy link

sifrah commented Aug 23, 2022

Confirmed issue also too

@robert-put
Copy link

Also ran into this issue. Terraform v1.1.9 and Cloudflare provider v3.22.0

@MAN98
Copy link

MAN98 commented Sep 9, 2022

I can also confirm that we are getting this issue as well

@jacobbednarz jacobbednarz added the service/notifications Categorizes issue or PR as related to the notification service. label Sep 25, 2022
@victor10x
Copy link

I also have this issue, basically what's described in #1553.

@victor10x
Copy link

I'll just note the similar churn I was seeing before is now resolved with these versions:

$ terraform version
Terraform v1.3.6
on linux_amd64
+ provider registry.terraform.io/cloudflare/cloudflare v3.31.0

@snahelou
Copy link

No. Still relevant...

Terraform v1.3.6
on darwin_amd64
+ provider registry.terraform.io/cloudflare/cloudflare v3.31.0

  ~ resource "cloudflare_notification_policy" "default-rate-limit" {
        id          = "xxxxxxx"
        name        = "Default notification"
        # (6 unchanged attributes hidden)

      + email_integration {
          + id = "zzz@xxx.com"
        }
      + email_integration {
          + id = "yyy@xxx.com"
        }
      - email_integration {
          - id = "xxx@xxx.com" -> null
        }
      + email_integration {
          + id = "xxx@xxx.com"
        }

        # (1 unchanged block hidden)
    }

@hazmei
Copy link

hazmei commented Jan 20, 2023

Getting the same issues as well with cloudflare_notification_policy resource when using multiple email_integration blocks. Any plans to fix this bug?

@Qantas94Heavy
Copy link
Contributor

Is this the same issue as #1917?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. service/notifications Categorizes issue or PR as related to the notification service.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests