-
Notifications
You must be signed in to change notification settings - Fork 1.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bug while adding new ACLs #2885
Comments
This doesn’t seem related at all to sarama here, which is merely the Golang interface with Kafka. Rather you’re looking for help with terraform code. I have seen this sort of issue before, though, and I think it’s a fairly common sort of issue with terraform sometimes: hashicorp/terraform#19974 Common situations are when you change the ordering of a list, terraform cannot just mutate into that state, so it deletes and replaces rather than in-place updates. |
@puellanivis Don't we need to have a check here |
I’m still confused. Are you creating those ACLs by calling |
We are calling it via terraform provider which internally calls sarama package to create ACL. |
Yes, but sarama’s I strongly think you need to be reporting this to either |
Description
When we are trying to add new ACLs, its deleting old ones and replacing with new ones.
Versions
We are using mongey kafka provider.
https://registry.terraform.io/providers/Mongey/kafka/latest
github.com/IBM/sarama v1.43.0
Configuration
provider "kafka" {
bootstrap_servers = ["localhost:9092"]
ca_cert = file("../secrets/ca.crt")
client_cert = file("../secrets/terraform-cert.pem")
client_key = file("../secrets/terraform.pem")
}
resource "kafka_acl" "test" {
resource_name = "syslog"
resource_type = "Topic"
acl_principal = "User:Alice"
acl_host = "*"
acl_operation = "Write"
acl_permission_type = "Deny"
}
im using 0.6.0 version, using Amazon Managed Kafka. running terraform in an EC2
Terraform v1.5.7
on linux_amd64
output:
build 11-Apr-2024 09:45:06 �[1m # kafka_acl.acl[61]�[0m will be created
build 11-Apr-2024 09:45:06 �[0m �[32m+�[0m�[0m resource "kafka_acl" "acl" {
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m acl_host = ""
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m acl_operation = "Read"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m acl_permission_type = "Allow"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m acl_principal = "User:CN=test.user"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m id = (known after apply)
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m resource_name = "test_dev"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m resource_pattern_type_filter = "Literal"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m resource_type = "Group"
build 11-Apr-2024 09:45:06 }
build 11-Apr-2024 09:45:06
build 11-Apr-2024 09:45:06 �[1m # kafka_acl.acl[62]�[0m will be created
build 11-Apr-2024 09:45:06 �[0m �[32m+�[0m�[0m resource "kafka_acl" "acl" {
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m acl_host = ""
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m acl_operation = "Read"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m acl_permission_type = "Allow"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m acl_principal = "User:CN=test.user"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m id = (known after apply)
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m resource_name = "kafka_topic"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m resource_pattern_type_filter = "Prefixed"
build 11-Apr-2024 09:45:06 �[32m+�[0m�[0m resource_type = "Topic"
build 11-Apr-2024 09:45:06 }
build 11-Apr-2024 09:45:06
build 11-Apr-2024 09:45:06 �[1mPlan:�[0m 58 to add, 0 to change, 55 to destroy.
The text was updated successfully, but these errors were encountered: