[BUG] Failed to Create the security group rules

[molecule-z]

Hi there,

Thank you for opening an issue. Please note that we try to keep the Terraform issue tracker reserved for bug reports and feature requests. For general usage questions, please see: https://www.terraform.io/community.html.

Terraform Version

Terraform v0.12.28
terraform-provider-alicloud_v1.102.0

Affected Resource(s)

• alicloud_security_group_rule.jb_external-ssh[21]

Terraform Configuration Files

resource "alicloud_security_group_rule" "jb_external-ssh" {
  count             = "${length(compact(var.jumpbox_whitelist))}"
  security_group_id = "${var.sg_jumpbox_id}"
  type              = "ingress"
  port_range        = "22/22"
  ip_protocol       = "tcp"
  cidr_ip           = "${element(compact(var.jumpbox_whitelist), count.index)}"
}

jumpbox_whitelist = [
  "18.#.#.#/32",
  "58.#.#.#/28",
  "62.#.#.#/29",
  "101.#.#.#/28",
  "103.#.#.#/29",
  "103.#.#.#/29",
  "103.#.#.#/29",
  "103.#.#.#/29",
  "103.#.#.#/32",
  "116.#.#.#/30",
  "116.#.#.#/28",
  "116.#.#.#/27",
  "116.#.#.#/28",
  "116.#.#.#/28",
  "117.#.#.#/28",
  "155.#.#.#/16",
  "169.#.#.#/26",
  "169.#.#.#/31",
  "169.#.#.#/30",
  "169.#.#.#/22",
  "169.#.#.#/30",
  "180.#.#.#/28",
  "180.#.#.#/30",
  "180.#.#.#/29",
  "193.#.#.#/25",
  "193.#.#.#/29",
  "193.#.#.#/29",
  "193.#.#.#/29",
  "193.#.#.#/29",
  "194.#.#.#/24",
  "195.#.#.#/25",
  "202.#.#.#/29",
  "203.#.#.#/28",
  "203.#.#.#/29",
  "203.#.#.#/29",
  "204.#.#.#/25",
  "204.#.#.#/29",
  "212.#.#.#/29",
  "213.#.#.#/29",
  "213.#.#.#/29"
]

We have around 40 whitelist IP ranges with the pattern x.x.x.x/x

Debug Output

Please provider a link to a GitHub Gist containing the complete debug output: https://www.terraform.io/docs/internals/debugging.html. Please do NOT paste the debug output in the issue; just paste a link to the Gist.

Panic Output

Error: Provider produced inconsistent result after apply

When applying changes to alicloud_security_group_rule.jb_external-ssh[21],
provider "registry.terraform.io/-/alicloud" produced an unexpected new value
for was present, but now absent.

to templates that consist entirely of a single interpolation sequence.

(and 46 more similar warnings elsewhere)

This is a bug in the provider, which should be reported in the provider's own
issue tracker.

It doesn't stick to one IP range, sometimes the error pops up for several rules, sometimes there's just one rule getting the error and sometimes it passes.

Expected Behavior

The security group rules are created successfully

Actual Behavior

It returns the error " Provider produced inconsistent result after apply".

References

It should be similar to this issue.
hashicorp/terraform-provider-aws#12449
Another related issue
hashicorp/terraform#20688

[molecule-z]

PR of AWS' fix.
hashicorp/terraform-provider-aws#16200
The introduction from terraform of the error.
https://www.terraform.io/docs/extend/terraform-0.12-compatibility.html

[liuri1205]

This bug has been fixed in v1.107.0, thanks for your feedback.

[molecule-z]

@liuri1205

Tested with alicloud provider v1.108.0, the issue still exists.

terraform provider version: terraform-provider-alicloud_v1.108.0

Error: Provider produced inconsistent result after apply

When applying changes to alicloud_security_group_rule.jb_external-ssh[6],
provider "registry.terraform.io/-/alicloud" produced an unexpected new value
for was present, but now absent.

This is a bug in the provider, which should be reported in the provider's own
issue tracker.