Terraform Core Version

1.13.4

ONTAP Provider Version

2.3.0

Affected Resource(s)

• netapp-ontap_security_account

Expected Behavior

I should be able to create a security account on FSx Ontap - in this case we want to create a read only role for Harvest to scrape metrics

Actual Behavior

It errors because the provider always sends the locked property in the request body, regardless of whether it is specified in terraform config.
The fsxadmin role cannot be changed to allow this in my testing. So sending the locked property will always get an error.

Relevant Error/Panic Output Snippet

│ error on create security/account: REST reported error
│ restclient.RestError{Code:"1", Message:"duplicate entry", Target:"name"},
│ statusCode: 409, statusCode: 409, response {NumRecords:0 Records:[]
│ RestError:{Code: Message: Target:} StatusCode:0 HTTPError: ErrorType:
│ Job:map[] Jobs:[] Links:map[]}

Terraform Configuration Files

resource "netapp-ontap_security_account" "harvest" {
  cx_profile_name = var.fsx_cx_profile_name
  name            = "harvest"
  applications = [
    {
      application            = "ontapi"
      authentication_methods = ["password"]
    }
  ]
  password = var.harvest_password
  role = {
    name = "fsxadmin-readonly"
  }
}

Steps to Reproduce

Create a security account on FSx - the account will be created but the terraform apply will error and the account won't be added to state.

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

Yes