AWS Network ACL Error when creating IPv6 ICMP rule

[ghost]

This issue was originally opened by @Redw0od as hashicorp/terraform#19188. It was migrated here as a result of the provider split. The original body of the issue is below.

---

Terraform Version

Terraform v0.11.9
+ provider.aws v1.35.0
+ provider.null v1.0.0

Terraform Configuration Files

resource "aws_network_acl" "private" {
  count      = "${var.enabled == "true" && var.type == "private" && signum(length(var.private_network_acl_id)) == 0 ? 1 : 0}"
  vpc_id     = "${data.aws_vpc.default.id}"
  subnet_ids = ["${aws_subnet.private.*.id}"]
  egress     = "${var.egress_acl}"
  ingress    = {
    rule_no    = 1001
    action     = "allow"
    ipv6_cidr_block = "::/0"
    icmp_code  = "-1"
    icmp_type  = "-1"
    from_port  = -1
    to_port    = -1
    protocol   = "58"
  }
}

Debug Output

Error: Error applying plan:

2 error(s)2018-10-24T11:48:09.705-0700 [DEBUG] plugin: plugin process exited: path=C:\Users\mike\mgmt\.terraform\plugins\windows_amd64\terraform-provider-aws_v1.35.0_x4.exe
 occurred:

* module.pub_subnet.aws_network_acl.public: 1 error(s) occurred:

* aws_network_acl.public: Error creating ingress entry: MissingParameter: The request must contain the parameter icmpTypeCode.type
        status code: 400, request id: acb3d7c0-9207-4227-b862-f892c3b72d56
* module.priv_subnet.aws_network_acl.private: 1 error(s) occurred:

* aws_network_acl.private: Error creating ingress entry: MissingParameter: The request must contain the parameter icmpTypeCode.type
        status code: 400, request id: 08bc85e6-20e8-415f-9c6f-8c664884575a

Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

Crash Output

No Crash

Expected Behavior

Creation of proper IPv6 ICMP all types allow rule

Actual Behavior

Error from AWS

Steps to Reproduce

1. terraform init
2. terraform apply

[bflad]

This relates to #4737 however this issue is for the aws_network_acl resource while #4737 is for the aws_network_acl_rule resource.

[bflad]

Pull request submitted: #6264

[bflad]

This has been released in version 1.42.0 of the AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

[Redw0od]

It works! thanks!

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!