[Bug Report] Static public IP not attached to Panorama instance when public_static_ip is null #83
Description
Describe the bug
Summary
The Panorama module creates a static IP reservation (google_compute_address.public) but fails to attach it to the instance. Instead, the instance receives an ephemeral public IP.
Affected File
modules/panorama/main.tf - line 66 (access_config block)
Root Cause
The try() function is used incorrectly for null-coalescing:
nat_ip = try(var.public_static_ip, google_compute_address.public[0].address)When var.public_static_ip is null, try() returns null because accessing a null variable doesn't throw an error. The fallback value is never used.
Expected Behavior
When attach_public_ip = true and public_static_ip is not specified, the instance should use the auto-created static IP from google_compute_address.public[0].
Actual Behavior
The instance receives an ephemeral public IP. The reserved static IP exists but remains unassigned.
Fix
Replace try() with a proper null check:
nat_ip = var.public_static_ip != null ? var.public_static_ip : google_compute_address.public[0].addressSteps to Reproduce
- Deploy Panorama with
attach_public_ip = trueand nopublic_static_ipspecified - Check GCP Console → VPC Network → IP addresses
- Observe: Static IP is reserved but "In use by" is empty
- Check instance network interface: Shows ephemeral IP, not the reserved static IP
Additional Notes
The same pattern with try() appears in other places and may have similar issues:
- Line 14:
address = try(var.private_static_ip, null) - Line 25:
address = try(var.public_static_ip, null)
These usages are harmless (setting optional attributes to null is valid), but the pattern is misleading.
Module Version
v2.0.11
Terraform version
Terraform v1.14.4
Expected behavior
No response
Current behavior
No response
Anything else to add?
No response