google_alloydb_cluster throws error when psc_config or network_config values are passed using dynamic block about terraform-provider-google HOT 9 OPEN

Hi @imrannayer!

I noticed that in your code for the variable network_self_link you are assigning a default value of null and this is not supported according to terraform registry and Google Cloud API. This argument requires this specific nomenclature projects/{projectNumber}/global/networks/{network_id}.

You could follow this example to test the resource and the go to implement changes on your variables and dynamic code.

from terraform-provider-google.

@ggtisc for PSC setup network_self_link has to be null otherwise you will get an error. You can only specify value psc_config or network_config. If you provide values as network_config {} then you will get an error on next execution of the code. See this issue

from terraform-provider-google.

Both issues are different, the issue you are sharing looks like a permadiff, but to confirm that we need the full code. And this one is just a mistake in the configuration, besides the invalid value on the network_self_link = null I noticed other bad configurations:

The problem you are facing is related to how you are using the dynamic blocks in Terraform to configure the network (network_config) and Private Service Connect (psc_config) options within the google_alloydb_cluster resource.
The specific error indicates that the network value is not being correctly specified within network_config, even though it appears to be set to a default value in the network_self_link variable.

You need to have something like this:

variable "network_self_link" {
  description = "Network ID where the AlloyDb cluster will be deployed. If network_self_link is set then psc_enabled should be set to false"
  type        = string
  default     = "projects/ci-alloy-db-1-859a/global/networks/deleteme-network"
}

variable "psc_enabled" {
  type        = bool
  description = "Create an instance that allows connections from Private Service Connect endpoints to the instance. If psc_enabled is set to true, then network_self_link should be set to null"
  default     = false
}

resource "google_alloydb_cluster" "default" {
  cluster_id   = "cluster-us-central1-psc"
  cluster_type = "PRIMARY"
  location     = "us-central1"
  project      = "ci-alloy-db-1-859a"

  dynamic "network_config" {
    for_each = var.network_self_link != null ? [1] : []
    content {
      network = var.network_self_link
    }
  }

  dynamic "psc_config" {
    for_each = var.psc_enabled ? [1] : []
    content {
      psc_enabled = var.psc_enabled
    }
  }
}

Explanation of the changes:

1. Dynamic Blocks:

• In the dynamic network_config block, for_each is used to determine if var.network_self_link is not null (var.network_self_link != null). If so, a single item is created in the list [1], which activates this network_config block.

• Within content, network = var.network_self_link is assigned. This ensures that the network will be set to the default value of var.network_self_link when defined.

2. psc_config:

• In the dynamic psc_config block, for_each is set to enable if var.psc_enabled is true. In that case, a single element is created in the list [1], thus activating this psc_config block.

• Within content, psc_enabled = var.psc_enabled is assigned, which correctly sets this option if psc_enabled is true.

3. Observations:

• Make sure var.network_self_link contains the correct value for the network you want to configure. If you need it to be optional, you can adjust the logic in the fore_each to handle cases where var.network_self_link is null.

• Verify that the dynamic block activation logic matches your configuration requirements for the google_alloydb_cluster cluster.

With these changes, the bug related to invalid combination of arguments should be resolved, as at least one of the required values ​ ​(network, psc_enabled) is now guaranteed to be properly specified.

I suggest you to try first the basic example configuration without using variables and dynamic blocks and then when you are completely sure it works fine you could implement the dynamic blocks.

from terraform-provider-google.

@ggtisc I dont see any difference in your code and mine. You just changed logic for executing once by putting "1" instead of a string. They both will produce same result. I executed your code and here is the error:

 Error: Invalid combination of arguments
│
│   with google_alloydb_cluster.default,
│   on updated.tf line 13, in resource "google_alloydb_cluster" "default":
│   13: resource "google_alloydb_cluster" "default" {
│
│ "network": one of `network,network_config.0.network,psc_config.0.psc_enabled` must be specified

from terraform-provider-google.

If this is the same issue as the one you shared maybe it could be better to share the simplified code to confirm the permadiff on network_config {}, because the user is just sharing the output but not the terraform code to replicate the issue according to his configuration

from terraform-provider-google.

@ggtisc user is executing example provided with the module. In order to resolve that issue I need to make both network_config and psc_config blocks dynamic so we dont face the issue. But making both of them dynamic is throwing error. Thats why I provided simple example in this issue to show whats happening.

from terraform-provider-google.