Describe the bug
When adding the resource
resource "nsxt_policy_intrusion_service_profile" "idpsProf-SevCritHigh-All" {
display_name = "idpsProf-SevCritHigh-All"
description = "All signatures with critical or high severity"
severities = ["CRITICAL", "HIGH"]
criteria {}
tag {
scope = local.tags.nsxtTagsTfScope
tag = local.tags.gitHubRepoName
}
}
the TF provider crashes when trying to apply this change:
userXXX@serverYYY ~/some-path/terraform (main) $ tf init -upgrade
[…]
Terraform v1.8.5
Initializing the backend...
Upgrading modules...
[…]
Initializing provider plugins...
[…]
- Using previously-installed vmware/nsxt v3.8.0
[…]
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
userXXX@serverYYY ~/some-path//terraform (main) $ tf apply
[…]
Terraform v1.8.5
[…]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# nsxt_policy_intrusion_service_profile.idpsProf-SevCritHigh-All will be created
+ resource "nsxt_policy_intrusion_service_profile" "idpsProf-SevCritHigh-All" {
+ description = "All signatures with critical or high severity"
+ display_name = "idpsProf-SevCritHigh-All"
+ id = (known after apply)
+ nsx_id = (known after apply)
+ path = (known after apply)
+ revision = (known after apply)
+ severities = [
+ "CRITICAL",
+ "HIGH",
]
+ criteria {}
+ tag {
+ scope = "tf"
+ tag = "tf-nsxt-vpc-dev"
}
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
nsxt_policy_intrusion_service_profile.idpsProf-SevCritHigh-All: Creating...
╷
│ Error: Plugin did not respond
│
│ with nsxt_policy_intrusion_service_profile.idpsProf-SevCritHigh-All,
│ on 090_sharedObjects_IDPSProfiles.tf line 36, in resource "nsxt_policy_intrusion_service_profile" "idpsProf-SevCritHigh-All":
│ 36: resource "nsxt_policy_intrusion_service_profile" "idpsProf-SevCritHigh-All" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ApplyResourceChange call. The plugin logs may contain more details.
╵
Stack trace from the terraform-provider-nsxt_v3.8.0 plugin:
panic: interface conversion: interface {} is nil, not map[string]interface {}
goroutine 57 [running]:
github.com/vmware/terraform-provider-nsxt/nsxt.getIdsProfileCriteriaFromSchema(0xc0005ebc80?)
github.com/vmware/terraform-provider-nsxt/nsxt/resource_nsxt_policy_intrusion_service_profile.go:189 +0xc91
github.com/vmware/terraform-provider-nsxt/nsxt.resourceNsxtPolicyIntrusionServiceProfileCreate(0xc0005ebc80, {0x1bfd980, 0xc0000aa9c0})
github.com/vmware/terraform-provider-nsxt/nsxt/resource_nsxt_policy_intrusion_service_profile.go:361 +0x1aa
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).create(0x1f53df8?, {0x1f53df8?, 0xc000648270?}, 0xd?, {0x1bfd980?, 0xc0000aa9c0?})
github.com/hashicorp/terraform-plugin-sdk/v2@v2.29.0/helper/schema/resource.go:766 +0x15f
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).Apply(0xc0001d47e0, {0x1f53df8, 0xc000648270}, 0xc0006560d0, 0xc0005ebb00, {0x1bfd980, 0xc0000aa9c0})
github.com/hashicorp/terraform-plugin-sdk/v2@v2.29.0/helper/schema/resource.go:909 +0xa89
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ApplyResourceChange(0xc000373d88, {0x1f53df8?, 0xc0006481b0?}, 0xc000628d70)
github.com/hashicorp/terraform-plugin-sdk/v2@v2.29.0/helper/schema/grpc_provider.go:1060 +0xd5c
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ApplyResourceChange(0xc000240d20, {0x1f53df8?, 0xc000635770?}, 0xc000195b90)
github.com/hashicorp/terraform-plugin-go@v0.19.0/tfprotov5/tf5server/server.go:859 +0x56f
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ApplyResourceChange_Handler({0x1c20600, 0xc000240d20}, {0x1f53df8, 0xc000635770}, 0xc000195b20, 0x0)
github.com/hashicorp/terraform-plugin-go@v0.19.0/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:467 +0x1a6
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0002381e0, {0x1f58b80, 0xc0005ac000}, 0xc000638b40, 0xc000188690, 0x28949b8, 0x0)
google.golang.org/grpc@v1.57.1/server.go:1358 +0xde3
google.golang.org/grpc.(*Server).handleStream(0xc0002381e0, {0x1f58b80, 0xc0005ac000}, 0xc000638b40, 0x0)
google.golang.org/grpc@v1.57.1/server.go:1735 +0x9da
google.golang.org/grpc.(*Server).serveStreams.func1.1()
google.golang.org/grpc@v1.57.1/server.go:970 +0xbb
created by google.golang.org/grpc.(*Server).serveStreams.func1 in goroutine 35
google.golang.org/grpc@v1.57.1/server.go:981 +0x136
Error: The terraform-provider-nsxt_v3.8.0 plugin crashed!
This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.
userXXX@serverYYY ~/some-path/terraform (main) $
Other profiles are created without crashing, e.g.:
resource "nsxt_policy_intrusion_service_profile" "idpsProf-SevCRITICAL-All" {
display_name = "idpsProf-SevCRITICAL-All"
description = "All signatures with critical severity"
severities = ["CRITICAL"]
criteria {}
tag {
scope = local.tags.nsxtTagsTfScope
tag = local.tags.gitHubRepoName
}
}
resource "nsxt_policy_intrusion_service_profile" "idpsProf-CvssCRITICAL-All" {
display_name = "idpsProf-CvssCRITICAL-All"
description = "All signatures with critical CVSS"
severities = ["CRITICAL", "HIGH", "MEDIUM", "LOW"]
criteria {
cvss = ["CRITICAL"]
}
tag {
scope = local.tags.nsxtTagsTfScope
tag = local.tags.gitHubRepoName
}
}
resource "nsxt_policy_intrusion_service_profile" "idpsProf-SevCritHigh-Windows" {
display_name = "idpsProf-SevCritHigh-Windows"
description = "All signatures with critical or high severity and any Windows affected product"
severities = ["CRITICAL", "HIGH"]
criteria {
products_affected = [
"Microsoft_Windows_11_23H2", "Microsoft_Windows_10",
"Windows_XP_Vista_7_8_10_11_Server_32_64_Bit", "Windows_DNS_server",
"affected_product Microsoft_Windows_10_11_Server_32_64_Bit",
"Microsoft_Windows_Xp", "Windows_Server_2019", "Microsoft_Windows_7_Server_2008_R2",
"Windows_Cryptoapi", "Windows_RDL_Service", "Microsoft_Windows_Server_2016", "Windows_Server_2016",
"affected_product Windows_XP_Vista_7_8_10_11_Server_32_64_Bit", "Microsoft_Windows_Messenger",
"Microsoft_Windows_10_11_Server_32_64_Bit", "Windows_Client_Apps",
"Windows_XP_Vista_7_8_10_Server_32_64_Bit", "Windows_11", "Windows_8"
]
}
tag {
scope = local.tags.nsxtTagsTfScope
tag = local.tags.gitHubRepoName
}
}
Reproduction steps
- Configure resource resource "nsxt_policy_intrusion_service_profile" "idpsProf-SevCritHigh-All" as stated in the description.
- Run "terrafrom init -upgrade"
- Run terraform apply
Expected behavior
The Terraform provider should not crash but create the Intrusion service profile as configured.
Additional context
No response
Describe the bug
When adding the resource
the TF provider crashes when trying to apply this change:
Other profiles are created without crashing, e.g.:
Reproduction steps
Expected behavior
The Terraform provider should not crash but create the Intrusion service profile as configured.
Additional context
No response