Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feature request for ability to make access control list and security groups the default for VPC #2203

Closed
kroc353 opened this issue Jan 25, 2021 · 3 comments
Closed

feature request for ability to make access control list and security groups the default for VPC #2203

kroc353 opened this issue Jan 25, 2021 · 3 comments
Labels
service/VPC Infrastructure Issues related to the VPC Infrastructure

Comments

@kroc353
Copy link

kroc353 commented Jan 25, 2021

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

kevin1@kevin1-osx vpc % terraform -v
Terraform v0.12.30
+ provider.ibm v1.19.0

Affected Resource(s)

Please list the resources as a list, for example:

  • ibm_is_vpc
  • ibm_is_security_group
  • ibm_is_network_acl

If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.
This is not an issue, but either a feature that exists and is not documented (or that I cannot find) or a feature I'd like to exist.

Terraform Configuration Files

The below is an example of what I'd expect to see, to be able to define the default sg and act for a VPC

resource "ibm_is_vpc" "vpc" {
  name                   = "${local.BASENAME}-vpc"
  default_security_group = ibm_is_security_group.sg1.id
  default_network_acl = ibm_is_network_acl.acl1.id
}

The other option would be a bool option called default in the actual ibm_is_security_group or ibm_is_network_acl resources (example below):

is_default_sg = True
is_default_acl = True

Debug Output

NA

Panic Output

NA

Expected Behavior

Define which SG / ACL is the default at the VPC level or at the SG/ACL resource levels.

Actual Behavior

Not currently a supported behavior (I believe)

Steps to Reproduce

NA

Important Factoids

NA

References

NA
@sean-freeman sean-freeman mentioned this issue Jan 30, 2021
Closed
@powellquiring
Copy link

When creating a kubernetes cluster the security group for the worker nodes is the ibmcloud_is_vpc.vpc.default_security_group. More pressure to allow the careful crafting of the default_security_group.

@powellquiring
Copy link

security group and network acl are contained by vpc. It probably isn't possible to create these resources before the vpc. Here is a proposal for creating a default security group with no rules: #2262

@kavya498 kavya498 added the service/VPC Infrastructure Issues related to the VPC Infrastructure label Apr 16, 2021
@kavya498
Copy link
Collaborator

https://registry.terraform.io/providers/IBM-Cloud/ibm/latest/docs/resources/is_vpc
Available in recent releases(>=1.25.0),
Closing this issue..
Thanks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
service/VPC Infrastructure Issues related to the VPC Infrastructure
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@powellquiring @kroc353 @kavya498