- Stuck on deploying a new SIP trunk configuration in the au-1 region using the Genesys Cloud Terraform provider v1.68.4.
- The deployment fails consistently during the
terraform apply phase with a generic 400 Bad Request error.
- The HCL syntax validates correctly via
terraform validate and terragrunt validate.
- The issue appears isolated to the
tls_config block within the genesyscloud_sip_trunk resource.
- Specifically, the API rejects the
certificate and private_key fields when passed as multi-line strings inside the HCL block.
- Attempted to pass these values via
file() function and via var from Terraform Cloud variables, but the result is identical.
- The error message from the provider is unhelpful:
Error: 400 Bad Request
on main.tf line 12, in resource "genesyscloud_sip_trunk" "main":
12: resource "genesyscloud_sip_trunk" "main" {
- Debugging logs (
TF_LOG=DEBUG) show the POST request to /api/v2/sip/trunks contains the payload, but the body parser seems to choke on the nested object structure for TLS.
- Manual creation via the Genesys Cloud UI works perfectly with the same certificate and key data.
- CLI deployment using
genesyscloud-sip-trunk commands also succeeds, suggesting the issue is specific to how the Terraform provider serializes the TLS configuration object.
- Environment details:
- Provider: hashicorp/genesyscloud v1.68.4
- Region: au-1
- Terraform Version: 1.5.7
- Target: Production Org
- HCL snippet causing the failure:
resource "genesyscloud_sip_trunk" "main" {
name = "Test-TLS-Trunk"
trunk_type = "outbound"
tls_config {
certificate = file("./certs/server.crt")
private_key = file("./certs/server.key")
}
}
- Has anyone encountered serialization issues with TLS blocks in recent provider versions?
- Is there a known workaround to bypass the nested object validation in the API?