Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ibm_cos_bucket created with endpoint_type = "public" regardless of the actual setting #5935

Open
baal-lgln opened this issue Jan 22, 2025 · 3 comments
Open

ibm_cos_bucket created with endpoint_type = "public" regardless of the actual setting #5935

baal-lgln opened this issue Jan 22, 2025 · 3 comments
Assignees
@IBM-diksha
Labels
service/Object Storage Issues related to Cloud Object Storage

Comments

@baal-lgln
Copy link

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform CLI and Terraform IBM Provider Version

Terraform v1.9.2
on darwin_arm64

  • provider registry.terraform.io/ibm-cloud/ibm v1.74.0

Affected Resource(s)

  • ibm_cos_bucket

Terraform Configuration Files

I am provisioning a ibm_cos_bucket and want to use direct or private endpoint option.

resource "ibm_cos_bucket" "test_bucket" {
  bucket_name          = "test-bucket"
  resource_instance_id = ibm_resource_instance.my_instance.id
  region_location      = "eu-de"
  storage_class        = "smart"
  force_delete         = false
  endpoint_type        = "private"
}

Debug Output

Panic Output

Expected Behavior

A ibm_cos_bucket with endpoint_type = "private".

Actual Behavior

A ibm_cos_bucket with endpoint_type = "public":

resource "ibm_cos_bucket" "test_bucket" {
    allowed_ip           = []
    bucket_name          = "test-bucket"
    crn                  = "crn:v1:bluemix:public:cloud-object-storage:[...]"
    endpoint_type        = "public"
    hard_quota           = 0
    id                   = "crn:v1:bluemix:public:cloud-object-storage:[...]"
    region_location      = "eu-de"
    resource_instance_id = "crn:v1:bluemix:public:cloud-object-storage:[...]"
    s3_endpoint_direct   = "s3.direct.eu-de.cloud-object-storage.appdomain.cloud"
    s3_endpoint_private  = "s3.private.eu-de.cloud-object-storage.appdomain.cloud"
    s3_endpoint_public   = "s3.eu-de.cloud-object-storage.appdomain.cloud"
    storage_class        = "smart"
}

Steps to Reproduce

terraform apply the above configuration with endpoint type private

Important Factoids

References

I was able find some solved issues with similar problems:
@github-actions github-actions bot added the service/Object Storage Issues related to Cloud Object Storage label Jan 22, 2025
@IBM-diksha
Copy link
Collaborator

Hi @baal-lgln , we are looking into this issue and will get back to you.
Thank you.

@IBM-diksha
Copy link
Collaborator

Hi @baal-lgln, thanks for reaching out.
As of now we're unable to reproduce this issue.
Could you please share the following details: the created bucket id, your provider.tf config and endpoints.json config (if present) and also any environment variables that you might have set.
Thank you.

@baal-lgln
Copy link
Author

baal-lgln commented Feb 4, 2025
edited
Loading

I made some more tests.
Our provider.tf is pretty simple:

provider "ibm" {
  ibmcloud_api_key = "***"
  region           = "eu-de"
}

We don't use a endpoints.json config file or any other environment variables.

I didn't mention that the buckets were already created successfully in the past.

It seems I'm able to create a bucket with endpoint_type= "public":

resource "ibm_cos_bucket" "test-bucket-endpoint-type" {
  bucket_name          = "test-bucket-endpoint-type"
  resource_instance_id = ibm_resource_instance.cos_instance.id
  region_location      = "eu-de"
  storage_class        = "smart"
  force_delete         = false
  endpoint_type        = "public"
}

But after successful creation I can't change the endpoint_type anymore, or rather terraform will not detect any changes when I run terraform plan:

resource "ibm_cos_bucket" "test-bucket-endpoint-type" {
  bucket_name          = "test-bucket-endpoint-type"
  resource_instance_id = ibm_resource_instance.cos_instance.id
  region_location      = "eu-de"
  storage_class        = "smart"
  force_delete         = false
  endpoint_type        = "private"
}

terraform plan
> No changes. Your infrastructure matches the configuration.

terraform show lists the bucket with the public endpoint regardless of the endpoint_type parameter change after creation:

# ibm_cos_bucket.test-bucket-endpoint-type:
resource "ibm_cos_bucket" "test-bucket-endpoint-type" {
    bucket_name          = "test-bucket-endpoint-type"
    crn                  = "crn:v1:bluemix:public:cloud-object-storage:global:[***]:bucket:test-bucket-endpoint-type"
    endpoint_type        = "public"
    force_delete         = false
    hard_quota           = 0
    id                   = "crn:v1:bluemix:public:cloud-object-storage:global:[***]:bucket:test-bucket-endpoint-type:meta:rl:eu-de:public"
    region_location      = "eu-de"
    resource_instance_id = "crn:v1:bluemix:public:cloud-object-storage:global:[***]::"
    s3_endpoint_direct   = "s3.direct.eu-de.cloud-object-storage.appdomain.cloud"
    s3_endpoint_private  = "s3.private.eu-de.cloud-object-storage.appdomain.cloud"
    s3_endpoint_public   = "s3.eu-de.cloud-object-storage.appdomain.cloud"
    storage_class        = "smart"
}

Is this intentional? The docs don't say anything about changing the endpoint_type after creation.

When I want to create a new bucket with a private endpoint_type I get an error even though i'm connected to a IBM VPN or my IP adress is added to the correct Context Based Restriction Rule:

│ Error: RequestError: send request failed
│ caused by: Put "https://s3.direct.eu-de.cloud-object-storage.appdomain.cloud/test-bucket-endpoint-type": dial tcp 161.26.145.24:443: connect: network is unreachable
│ 
│   with ibm_cos_bucket.test-bucket-endpoint-type,
│   on buckets.tf line 12, in resource "ibm_cos_bucket" "test-bucket-endpoint-type":
│   12: resource "ibm_cos_bucket" "test-bucket-endpoint-type" {
│ 
│ ---
│ id: terraform-d2853781
│ summary: |-
│   RequestError: send request failed
│   caused by: Put "https://s3.direct.eu-de.cloud-object-storage.appdomain.cloud/test-bucket-endpoint-type": dial tcp 161.26.145.24:443: connect: network is unreachable
│ severity: error
│ resource: ibm_cos_bucket
│ operation: create
│ component:
│   name: github.com/IBM-Cloud/terraform-provider-ibm
│   version: 1.75.0
│ ---

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@IBM-diksha IBM-diksha

Labels
service/Object Storage Issues related to Cloud Object Storage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@baal-lgln @IBM-diksha