Error 400: Invalid value for field resource.rateLimitOptions When setting rate_limit_options.exceed_action to redirect in google_compute_security_policy

[imrannayer]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to a user, that user is claiming responsibility for the issue.
• Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version & Provider Version(s)

Terraform v1.9.6
on linux_amd64

• provider registry.terraform.io/hashicorp/google v6.18
• provider registry.terraform.io/hashicorp/google-beta v6.18

Affected Resource(s)

google_compute_security_policy

Terraform Configuration

{
  + action                   = "rate_based_ban"
  + description              = "Rate based ban for address from project dropten as soon as they cross rate limit threshold"
  + header_action            = []
  + match                    = [
      + {
          + config         = [
              + {
                  + src_ip_ranges = [
                      + "190.217.68.213/32",
                      + "45.116.227.70",
                    ]
                },
            ]
          + expr           = []
          + expr_options   = []
          + versioned_expr = "SRC_IPS_V1"
        },
    ]
  + preconfigured_waf_config = []
  + preview                  = false
  + priority                 = 13
  + rate_limit_options       = [
      + {
          + ban_duration_sec        = 120
          + ban_threshold           = []
          + conform_action          = "allow"
          + enforce_on_key          = "HTTP_HEADER"
          + enforce_on_key_configs  = []
          + enforce_on_key_name     = "X-API-KEY"
          + exceed_action           = "redirect"
          + exceed_redirect_options = []
          + rate_limit_threshold    = [
              + {
                  + count        = 10
                  + interval_sec = 60
                },
            ]
        },
    ]
  + redirect_options         = []
}

Debug Output

No response

Expected Behavior

No response

Actual Behavior

getting following error when setting rate_limit_options.exceed_action to redirect

Error 400: Invalid value for field 'resource.rules[18].rateLimitOptions': '{  "conformAction": "allow",  "exceedAction": "redirect",  "enforceOnKey": "HTTP_HEADER",  "rateLimi...'. Exceed redirect options must be specified if the exceed action is 'redirect'. It cannot be specified for any other exceed actions., invalid

Steps to reproduce

1. terraform apply

Important Factoids

No response

References

No response