I'm trying to add a new security rule group, and when I do, I'm getting an error "destination is invalid".
Looking at Objects > Addresses, I see the address that I want to use. I've copied the text directly from panorama and pasted it in terraform. I'm trying to create the security rule group in the same device group as the address object.
I don't know what I'm missing here, and I'm not quite sure where else to go to look for help.
I'm using terraform v0.14.5 and my provider is registry.terraform.io/paloaltonetworks/panos v1.8.0
Here is the sanitized terraform resource:
resource "panos_panorama_security_rule_group" "test" {
device_group = "NON-Production_Environment"
rule {
name = "test-${var.env}"
tags = ["Terraform"]
source_zones = ["DMZ"]
source_addresses = ["any"]
source_users = ["any"]
hip_profiles = ["any"]
destination_zones = ["SVC"]
destination_addresses = ["xxxxxx"]
applications = ["any"]
services = [
"tcp-12443",
"tcp-13443"
]
categories = ["any"]
action = "allow"
log_setting = "Panorama"
}
}
Here is my error
Error: NON-Production_Environment -> pre-rulebase -> security -> rules -> test -> destination is invalid
on firewall_sec_rules.tf line 21, in resource "panos_panorama_security_rule_group" "test":
21: resource "panos_panorama_security_rule_group" "test" {
destination_addresses = ["xxxxxx"]